This sentence in Part III sums up the core of the token implementation very well.
"Token spending is possible only if next UTXO has exactly the same locking-script as the UTXO being spent has, apart from new possessor update."
Let me try to explain how this is achieved through the code in Part IV.
This code is actually executing an ecdsa signing. The only input is TxPreimage you can think of it as a serialized rawtx. The format is specified by bip143.
The privatekey and k value and the sighash flag used in the signing are constants. Some calculations are performed in advance off-chain.
If the signature obtained after running can be verified by OP_CHECKSIGVERIFY, then we proved the TxPreimage we inputed is equal to the TxPreimage of the current transaction. Because the OP_CHECKSIG will always use the preimage of current TX as the msg.
This sentence in Part III sums up the core of the token implementation very well.
"Token spending is possible only if next UTXO has exactly the same locking-script as the UTXO being spent has, apart from new possessor update."
Let me try to explain how this is achieved through the code in Part IV.
This code is actually executing an ecdsa signing. The only input is TxPreimage you can think of it as a serialized rawtx. The format is specified by bip143.
The privatekey and k value and the sighash flag used in the signing are constants. Some calculations are performed in advance off-chain.
If the signature obtained after running can be verified by OP_CHECKSIGVERIFY, then we proved the TxPreimage we inputed is equal to the TxPreimage of the current transaction. Because the OP_CHECKSIG will always use the preimage of current TX as the msg.