What prevents an attacker from using this address with this public key
as input of another transaction with different outputs ?
then the script wouldn't return true on the stack. You would have:
signature
pubkey for original address
Op_DUP
OP_HASH160
let's assume, this gets executed, we'd have this on stack:
signature
pubkey hash of original address
now the miner changes the output part. So the stack is with this on top:
signature
pubkey hash of original address
pubkey hash with miner's new address
OP_EQUALVERIFY
OP_CHECKSIG
And this script would break at the point, where OP_EQUALVERIFY finds a mismatch between both pubkey hashes.
@murch and chytric: is the sig somehow checked before this script runs? I was always of the assumption, that the sig is checked as last item?
OP_CHECKSIG: The entire transaction's outputs, inputs, and script (from the most recently-executed OP_CODESEPARATOR to the end) are hashed. The signature used by OP_CHECKSIG must be a valid signature for this hash and public key.
So since there could be several input, is a "general" private key generated for all the inputs ? – Arthur Attout – 2017-11-30T20:29:17.833
@ArthurAttout: No, the transaction is signed with every private key corresponding to each input. – Murch – 2017-11-30T20:37:24.623