I understand the above image is dated–I posted here just for reference.
Assume the first tx is for Alice (Owner 1) and the second is for Bob (Owner 2). My previous question (Confused About Hash In Satoshi Nakamoto Diagram) covered that the signature that ends up in the second transaction uses ECDSA and takes the Owner 1’s private key and a message as input. The message is the hash of the transaction 1 (less the sig). The sig that gets stored in transaction 2, if verified with Alice’s public key, proves that Alice released funds to Bob.
But how does the network know that Alice meant to give these funds to Bob? When Alice “sends” coins to Bob, she first get’s Bob’s address (let’s just keep it simple for now and say that Alice has Bob’s public key). After that, it seems to me that the network would encrypt the Alice’s signature with Bob’s public key so that when Bob wants to verify the sig with the ECDSA verification algorithm, he first would need to successfully decrypt the sig with his private key. Is that correct? The other way I can see it working is if the network creates transaction 2 with Bob’s public id in it, and that only Bob can use the funds in that transaction record because to spend those funds, Bob will need the private key.
If neither assumption above is correct, is there anything about the protocol that ensures Alice’s transfer of ownership reaches the intended recipient? If she makes a mistake in the recipient public key, is there any way for her to correct her mistake if Bob never receives the coins?