If you want to create a transaction on Ethereum mainnet, you need a private key to sign your transaction and get a valid signed transaction. However, do we really need that?

The answer is No. Let’s have a quick view at the mechanics of the transaction.

Ethereum transaction

An Ethereum transaction refers to an action initiated by an externally-owned account, in other words an account managed by a human, not a contract. For example, if Bob sends Alice 1 ETH, Bob's account must be debited and Alice's must be credited. This state-changing action takes place within a transaction.

And here is a transaction object.

{
    "raw": "0xf88380018203339407a565b7ed7d7a678680a4c162885bedbb695fe080a44401a6e4000000000000000000000000000000000000000000000000000000000000001226a0223a7c9bcf5531c99be5ea7082183816eb20cfe0bbc322e97cc5c7f71ab8b20ea02aadee6b34b45bb15bc42d9c09de4a6754e7000908da72d48cc7704971491663",
    "tx": {
      "nonce": "0x0",
      "maxFeePerGas": "0x1234",
      "maxPriorityFeePerGas": "0x1234",
      "gas": "0x55555",
      "to": "0x07a565b7ed7d7a678680a4c162885bedbb695fe0",
      "value": "0x1234",
      "input": "0xabcd",
      "v": "0x26",
      "r": "0x223a7c9bcf5531c99be5ea7082183816eb20cfe0bbc322e97cc5c7f71ab8b20e",
      "s": "0x2aadee6b34b45bb15bc42d9c09de4a6754e7000908da72d48cc7704971491663",
      "hash": "0xeba2df809e7a612a0a0d444ccfa5c839624bdc00dd29e3340d46df3870f8a30e"
	  }
}

the raw is the signed transaction in Recursive Length Prefix (RLP) encoded form

the tx is the signed transaction in JSON form

the v,r,s ******are three components of an ECDSA digital signature of the originating EOA

It’s important that you need to have the signature hash, then the transaction can be cryptographically proven that it came from the sender and submitted to the network.

To sign a transaction in Ethereum, the originator must:

  1. Create a transaction data structure, containing nine fields: nonce, gasPrice, gasLimit, to, value, data, chainID, 0, 0. (before eip 1559)
  2. Produce an RLP-encoded serialized message of the transaction data structure.
  3. Compute the Keccak-256 hash of this serialized message.
  4. Compute the ECDSA signature, signing the hash with the originating EOA’s private key.
  5. Append the ECDSA signature’s computed v, r, and s values to the transaction.

Obviously, all you need is transaction data and your signature. What happens if we just use a random signature? We need to know how ethereum resolve signature.

EC recover

There is a function called ‘ecrecover’ in ethereum which is used to validate signatures. It takes transaction data and signature as input, and returns a public key. You’re able to get address easily by taking the last 20 bytes of the Keccak-256 hash of the public key and adding 0x to the beginning. In most cases, a random signature is valid and it can be used to recover public key. But we have no control on this address because there is no private key at all. It’s just like we are sending a created transaction from random address. The raw data of this transaction is known and clearly, which means all of us could be sure that the transaction we sent from random address will only process the opcode from their raw data. And It’s hard to find another signature that recovers a same public key as before, the difficulty of which is not more difficult than find the private key of that random address.

Advantage