###### tags: `blockchain` # 為什麼區塊鏈交易難以被竄改 需有ECDSA簽章與blockchain運作流程基礎知識 https://ethereum.org/en/developers/tutorials/how-to-mint-an-nft/#sign-txn STEP 8 sign ## 原先困擾是 為什麼交易在區塊鏈節點無法竄改交易 畢竟節點是有廣播交易的功能 為何不能更改交易value 傳輸錯誤金額? **因為使用者是在前端進行相關交易簽名的** 下圖的signTransaction 在該動作便已產生正確的簽名資訊 區塊節點只能去驗證簽名產出的是否為該地址公鑰 除非該節點擁有你的私鑰 不然沒有辦法自行製造交易 下圖中前端就已完成簽名相關動作 簽名交易訊息(signTransaction)->發送簽名(sendSignedTransaction) **所以節點是沒有簽名動作的** **只接收交易和簽名資訊** 要竄改只會在前端發生 例如一開始簽署的合約金額就在前端被更改等等 ``` javascript require("dotenv").config() const API_URL = process.env.API_URL const PUBLIC_KEY = process.env.PUBLIC_KEY const PRIVATE_KEY = process.env.PRIVATE_KEY const { createAlchemyWeb3 } = require("@alch/alchemy-web3") const web3 = createAlchemyWeb3(API_URL) const contract = require("../artifacts/contracts/MyNFT.sol/MyNFT.json") const contractAddress = "0x81c587EB0fE773404c42c1d2666b5f557C470eED" const nftContract = new web3.eth.Contract(contract.abi, contractAddress) async function mintNFT(tokenURI) { const nonce = await web3.eth.getTransactionCount(PUBLIC_KEY, "latest") //get latest nonce //the transaction const tx = { from: PUBLIC_KEY, to: contractAddress, nonce: nonce, gas: 500000, data: nftContract.methods.mintNFT(PUBLIC_KEY, tokenURI).encodeABI(), } const signPromise = web3.eth.accounts.signTransaction(tx, PRIVATE_KEY) signPromise .then((signedTx) => { web3.eth.sendSignedTransaction( signedTx.rawTransaction, function (err, hash) { if (!err) { console.log( "The hash of your transaction is: ", hash, "\nCheck Alchemy's Mempool to view the status of your transaction!" ) } else { console.log( "Something went wrong when submitting your transaction:", err ) } } ) }) .catch((err) => { console.log(" Promise failed:", err) }) } ```