Bitcoin Transaction Overview
- Basic Bitcoin Transaction Structure:
- [version] [inputs] [outputs] [locktime]
- 1) Version Field
- Mostly unused, any value can be applied
- Historically, default value of 1
- For relative timelocks, must be set to >= 2
- 2) Inputs
- Each input uniquely references an unspent output
- Each valid input script unlocks the referenced output
- 3) Outputs
- Output amount describes the amount spendable by output
- Output script defines conditions for spending
- Transaction fee is the difference between output and referenced input amounts. Fee must be positive amount.
- 4) Locktime
- Absolute time from which on the transaction can be broadcast
- See absolute transaction timelocks
Transaction Verification
- In general, spending a Bitcoin output means providing valid unlocking arguments in the input script of the spending transaction.
- Bitcoin Script Code
- Stack-based scripting operations.
- Input & Output scripts are both evaluated sequentially by the Bitcoin Script Machine.
- Output Script (Locking Script)
- Generally, output script can describe anything.
- Usually, the output script checks for valid endorsement/signatures in the input scripts.
- Input Script (Unlocking Script)
- Usually provides endorsement/signature of spending of output referenced in input.
P2PKH Output Scripts
- A basic wallet will send to a P2PKH(destination public key hash) output when it sends funds to a regular Bitcoin address.
- Output Script (Locking Script)
- Input script must provide valid public key preimage.
- Input script must provide valid endorsement.
- Next: P2PKH Script Verification
- Bitcoin script machine must run both input & previous output scripts and verify outcome.
- Top script machine stack element must be non-zero to be valid.
- If script runs are successful for all inputs, and the referenced output is unspent, the transaction is valid and can be broadcast.
P2PKH Script Evaluation
- [Data] push operator
- Represents data bytes to be pushed onto stack
- OP_DUP
- Duplicate top member of stack
- OP_HASH160
- Duplicate top member of stack
- OP_EQUALVERIFY
- Verifies if top 2 stack elements are equal.
- If positive, nothing is output to stack and script run continues.
- If negative, script run fails.
- OP_CHECKSIG
- Checks whether signature & public key are valid, returns 1 or 0 to stack.
Endorsement Check Operations
- Checksig opcodes validate that the transaction is signed by the private key corresponding to the public key on the stack.
- CheckSig/CheckVerify Operations
- Usually part of an ouput script.
- Checks endorsement(s) against public key(s).
- Checks that endorsement signs correct transaction data.
- Next: Transaction Endorsements
- An endorsement signs off on all or parts of a transaction.
- An endorsement is specific to each transaction input.
- Each input spends its referenced output individually, with a separate endorsement.
Building an Endorsement
- 1) Build TX w/o input script
- The transaction is populated with all elements which are signed by the endorsement.
- For Sighash ALL, this includes all the TX elements except for the input script, which is left empty.
- 2) Sign Signature Hash
- The serialized transaction is appended with the sighash marker, and hashed.
- The endorsement is a DER encoded signature thereof.
- 3) Complete Input Script & Broadcast
- With a endorsement constructed, the transaction can now be completed with the valid input script and broadcast on the network.