Can a Miner Change a Bitcoin Transaction?

3/5 - (2 votes)

You should always apply your own critical thinking when it comes to the crypto space. One question asked by many critical thinkers who know the overall idea of the Bitcoin protocol but not yet its technicalities is:

πŸ’¬ Question: What if a miner is not trustworthy and tries to change my transaction?

  • Can the miner replace the receiver address with its own?
  • Can the miner change the transaction amount?
  • Can the miner change the sender address?

The answer to all those questions is: No. Because if you want to issue a transaction, you need to broadcast the information

(sender_public_key, receiver_public_key, amount)

But here’s the trick: you sign the transaction using the private key of the sender:

sender_private_key --> sign(sender_public_key, receiver_public_key, amount)

Everybody knows the public key of the sender because it’s included in the transaction and therefore in the block.

Knowing the public key of the sender, anybody can verify that the whole transaction was signed by the owner of the private key.

If you changed one thing in the transaction (even by 1 SAT), the signature would not fit the transaction anymore and everybody would be able to know it!

πŸ’‘ Info: With public-key cryptography, robust authentication is possible. A sender can combine a message with a private key to create a short digital signature on the message. Anyone with the sender’s corresponding public key can combine that message with a claimed digital signature. If the signature matches the message, the origin of the message is verified because it must have been made by the owner of the corresponding private key. (Modified from Wikipedia)

Now, what would happen if the miner would change any of the following information?

  • sender_public_key,
  • receiver_public_key,
  • amount,

Well, the signature would not match the changed transaction, so there are two possibilities for a malicious miner:

  • The miner would now have to include the original signature in the block which would not match the changed data. Any other miner would quickly see that the transaction is invalid and reject the block from the malicious miner. Remember: the assumption is that a majority of the mining power behaves properly in the Bitcoin protocol!
  • The miner would have to calculate a new signature that fits to the changed transaction data. However, this is not possible as they don’t know the private key of the sender!

The following video does a great job explaining these details in Bitcoin:

How Bitcoin Works Under the Hood

There are some details to it that I abstracted away. For example, miners do not actually check if a transaction is valid—that’s what full nodes are here for:

ALL full nodes verify all transactions in all blocks that they receive (as well as transactions received outside of blocks). Just because a block has a valid proof of work does not mean that the block is valid. It must still build upon a valid block and must only contain valid transactions. Full nodes still verify that transactions contained within a block are valid.

Contrary to popular belief, miners do not say what transactions are valid. Their job is to determine the order of transactions, within certain constraints. It is the job of full nodes to verify transactions, and all miners (or the mining pools) should be running full nodes.