Transactions and Scripting Language

Bitcoin wallet
● Each Bitcoin wallet comes with a private key and a corresponding public address by
default (as well as a public key).
● Bitcoin wallet is designed to be able to store multiple key pairs.
● BTC is never actually stored in a Bitcoin wallet.
● a bitcoin wallet manages your keys and addresses so that you can send and
receive bitcoins.
● Bitcoin is an open-source program, so anyone can create their own wallet.
○ Desktop: Electrum
○ Android: Samourai
○ iOS: Green or Mycelium
● Seed:
○ is a randomly generated list of 12-24 words
○ seed is unique, and it is used to create every address in your wallet
● Bitcoin wallet address (also known as a public address) to

receive BTC transactions.

● A public address is created from a corresponding public key

using two hashing algorithms: the Secure Hash Algorithm 256

(SHA-256) and the RACE Integrity Primitives Evaluation

Message Digest 160 (RIPEMD-160).

 Bitcoin Address

• A Bitcoin address is a
160-bit hash of the public
portion of a
public/private ECDSA keypai
r. Using public-key
cryptography, you can
"sign" data with
your private key and anyone
who knows your public key
can verify that the signature
is valid.

6 *
 Encoding Schemes
● Base58 is a group of encoding/decoding schemes used to switch data
between binary format (hexdecimal) and alphanumeric text format (ASCII).
Base58 enables data compressing, is easy to identify, and is suitable for
constructing encoding mechanism of transmission system that is
anti-auto-monitoring.
● An encoding method that converts cryptocurrency addresses into ASCII
text that can be manually copied without making mistakes.
● Base 58 is an arithmetic base using 62 alphanumeric characters (26 lowercase
letters + 26 uppercase letters + 10 digits) but removing 0 (zero), O (uppercase
letter o), I (letter i uppercase) and l (lowercase letter L) in order to limit potential
reading errors (by a human or a machine).
● it avoids similar looking letters

● it does not use non-alphanumeric characters

 BIP 58

https://bitcoinpaperwallet.io/bitcoinpaperwallet/generate-wallet.html
BIP 58 DEMO:https://learnmeabitcoin.com/technical/base58
BIP 38 DEMO: https://themoneymongers.com/bip-38-encryption/
(https://www.bitaddress.org/bitaddress.org-v3.3.0-SHA256-dec17c07685e18
70960903d8f58090475b25af946fe95a734f88408cef4aa194.html)
 UTXO
● A transaction is a fundamental entity in the blockchain ledger.
● The UTXO model is an account model used in Bitcoin and many other cryptocurrencies.
● UTXOs define where each blockchain transaction starts and finishes.
● It is defined as transferring the ownership of a coin from one party to the other through
digital signatures (ECDSA).
● Destinations of ownership transfer are called outputs, and the sources of ownership are
called inputs.
● A subset of previous outputs is spent as inputs of the NEW transaction.
● The transactions contain multiple inputs and outputs.
● The set of the Unspent Transaction Outputs (UTXO) is called the state of a blockchain.
● A UTXO is the amount of digital currency remaining after cryptocurrency transaction is
executed.
● UTXO model makes bitcoin more secure, immutable, auditable and transparent than
traditional financial systems, which rely on a/c’s, balances and 3rd parties.
UTXO

● An unspent transaction output (UTXO) refers to a transaction output that can be used
as input in a new transaction.
● The state changes dynamically as a subset of previous outputs (or inputs) are being
spent, and create new outputs.
● The set of all UTXO’s at any given point is called UTXO set.
● Bitcoin node keep track of UTXO in order to determines where coins are at any given
point and who can spend them.
● Utxo MODEL is used in many cryptocurrency becoz it allows users to track ownership
of all portions of cryptocurrencies.
ALICE BOB

P Z
 Transactions
● Unlocking and Locking of wallets model is called UTXO model.

UNLOCK
ALICE, 2BTC

o/p
5 BTC=2+1
+1.5+3

LOCK
i/p

BOB, 3BTC
o/p
 Transactions
● Unlocking and Locking of wallets model is called UTXO model.

UNLOCK
ALICE, 2BTC

o/p
TOM, 6
BTC=2+1
+1.5+.5+1

LOCK
i/p

BOB, 3BTC
o/p

o/p TOM,1 BTC

 Alice transactions to BOB
Previous transactions

O/P 0.5 BTC I/P 0.5 BTC O/P 0.7 BTC BOB UTXO

Alice

O/P 1.7BTC I/P 1.7 BTC O/P 1.199 BTC Alice UTXO

● A transaction consumes previously recorded unspent transaction

outputs and creates new transaction outputs that can be consumed
by a future transaction.
● The set of all UTXO’s at any given point are stored in UTXO
database maintained in a wallet.
● New UTXO’s created destroying old UTXO’s.
● Owners information is also locked along with information of unspent
transactions. Hence maintains records of ownership.
● Memory pool: Temporary storage for transactions that have been
received by a node.
● When a new transaction is received by a node, it will hold it in its
memory pool with all the other latest transactions it has received.
From here the transaction will be hoping to get selected for inclusion
in the candidate block.
● Candidate Block: A candidate block is a temporary block created
using transactions selected from the memory pool.
● Miners can choose which transactions to include in their candidate
block.
● Each node has the opportunity to try and add the transactions from
their memory pool on to their blockchain. This process is known as
mining.
● To add transactions on to the blockchain, a miner gathers
transactions from their memory pool in to a container called a
candidate block. From here, the node uses energy to try and “mine”
this block on to the top of the blockchain.
1. After roughly 10 minutes, one of the nodes on the network will add the
latest transactions from their memory pool on to their blockchain, and share
this new block of transactions with the other nodes.
2. transactions will only stay in a node’s memory pool for 72 hours.
3. Each node can set how long they hold on to memory pool
transactions for with the -mempoolexpiry option (default is 72
hours).
4. A block used to only be able to hold 1MB of data(650 transactions in a full
block ), but the method for working out the amount of data a block
can hold changed in July 2017 thanks to Segregated Witness. As a
result blocks can now hold around 1.7MB of transaction
data(around 2700 transactions).
5. Each node can set the maximum size of their memory pools with
the -maxmempool option (default is 300MB).
 Coinbase Transactions
● Special type of transactions, creates new coins as reward to miners.
● Coins have no inputs and have one or two outputs, o/p of a coinbase transaction is new UTXO.
● Confirmation: 0, 1, 2….. As blocks gets added.
● The bitcoin network is jointly maintained by three different nodes -miners, bitcoin nodes, and wallets.
○ bitcoin nodes: acts as miners,wallet ,storage of blockchain, verifier.
○ Miners:only mining protocol
● Coinbase transaction:special transaction at the top of the block. This is called

the coinbase transaction, and it allows MINERS to send HIMSELF a fixed

amount of bitcoins (6.25BTC transaction fee of all transactions in a block) that

did not previously exist.

● A coinbase transaction is only slightly different to normal transaction data. The

main difference is its single “blank” input, which we call the coinbase.
● A satoshi is the smallest denomination of bitcoin, equivalent to 100 millionth

of a bitcoin. 1 BTC = 10^8 Satoshi

● Currently, the smallest amount of Bitcoin you can send or receive in a

transaction is 5460 Satoshis, which is equivalent to 0.0000546 BTC.

● Satoshi per byte is a unit for measuring transaction priority, defined by the

transaction's fee in satoshi divided by the size of the transaction in bytes.

● The cheapest and fastest transaction fee amounts to 6–12 satoshis per byte
A TXID (Transaction ID) is basically an identification number for a bitcoin
transaction.
TXID by hashing transaction data through SHA256 twice.
A TXID is always 32 bytes (64 characters), represented in hexadecimal.

Examples:
● f4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831e9e16 - First ever
Bitcoin transaction to Hal Finney in 2010.
● a1075db55d416d3ca199f55b6084e2115b9345e16c5cf302fc80e9d5fbf5d48d - Pizza
transaction for 10,000 BTC in 2010.
● RBF ( Replace-by-Fee) AND SEGWIT TRANSACTIONS

BITCOIN EXPLORER: https://bitaps.com/

https://learnmeabitcoin.com/technical/txid
https://developer.bitcoin.org/reference/transactions.html
https://learn.saylor.org/mod/book/view.php?id=36375&chapterid=19427
ALICE BOB

P Z
Each transaction is prefixed by a four-byte transaction version number which tells Bitcoin peers and
miners which set of rules to use to validate it.
ScriptSig: It encodes the public key and the signature of the current owner of the Bitcoin
(payer)

ScriptPubKey: This is a sequence of instructions (like a function) that takes

ScriptSig as input and returns true if a legitimate owner tries to unlock that
Bitcoin. Otherwise, it returns false. The format of a ScriptPubKey is as
follows:
 A locking script is a spending condition placed on an output: it specifies the
conditions that must be met to spend the output in the future.

https://learnmeabitcoin.com/technic
al/input
Bitcoin transactions use locking and unlocking scripts, which are
executed together to verify a transaction. A locking script is a spending
condition specified in the transaction output, and an unlocking script
satisfies this condition when the two scripts are executed together.
 Scripting language
• Bitcoin software (also known as Bitcoin Core) The original implementation
of the Bitcoin software was written in C++. additional implementations have
been written in Python, Java, and Go .
• Bitcoin Script is a simple programming language used to interact with the
Bitcoin software. In particular, Script gives the Bitcoin software instructions
on how coins in a UTXO (Unspent Transaction Output) can be spent.
• for the version of the Bitcoin software written in Go, the Bitcoin Script inside
it is also implemented using Go. The same applies for the other
implementations, as well.
• Wallets and other Bitcoin applications complete all the processing behind
the scenes automatically.
*
• Script was implemented by Satoshi Nakamoto
32
in the release of Bitcoin Core
 Bitcoin Script
Forth-Like, stack-based, Reverse-polish, Turing incomplete
programming language
● Forth-Like Script: It resembles Forth, a programming language that
first appeared in 1970. Forth is used in the Open Firmware
Bootloader, space applications (including the Philae spacecraft), and
a variety of other embedded systems involving interactions with
hardware.Forth is a procedural, stack-oriented programming
language.

● stack-based:
Bitcoin Script uses a data structure (linear structure represented
by a physical stack or pile), “Last In, First Out (LIFO)” queue.
33 *
• Reverse-polish:
RPN is a method of placing the operation function at the end of a
sentence.
• Turing incomplete programming language
Script for Bitcoin and other cryptocurrencies does not allow infinite
loops.
advantages: inability to run malformed scripts, regardless if they are
intentional malicious attacks or unintentional programming errors.
Essentially, Script is able to prevent the halting problem.
Other blockchains developed since Bitcoin have mainly chosen to be
Turing Complete, or at least have a high degree of Turing
completeness. Although this potentially brings the halting problem
into play, and also provides better support for the complex logic
required for developing smart contracts.
 SIMPLE SCRIPT

OP_1 2 3 OP_ADD 5 OP_EQUAL

OP_1
OP_ADD
op_2
op_equalverify

BITCOIN IDE:
https://siminchen.github.io/bitcoinIDE/build/editor.html

https://learn.saylor.org/mod/book/view.php?id=36364&chapterid=18950
2 7 OP_ADD 3 OP_SUB 1 OP_ADD 7 OP_EQUAL
● Bitcoin Script uses a system of operation codes (better known as Opcodes)
● opcodes are commands which tell nodes in the Bitcoin network how to
process any transaction request.
● standard transaction or create a custom transaction script
● Bitcoin Script and opcodes are required components of this process.
● One main advantage of Legacy addresses is their compatibility with almost
all wallets and exchanges available in the market.
Bitcoin PAYMENTS/type of Bitcoin address format
● All Bitcoin transactions use Script to define how outputs can be spent
● The Bitcoin protocol allows users to send different types of payments using Bitcoin
Script. Three popular examples include

1. Pay To Pubkey (P2PK)

2. Pay To Pubkey Hash (P2PKH), original Bitcoin address format
3. Pay To Script Hash (P2SH), multi-signature (limited to 15 keys)
 Pay To Pubkey (P2PK):

When the Bitcoin protocol launched in 2009, Pay To Pubkey (P2PK) was an important payment type.
Pay-to-Public-Key (P2PK) is a type of ScriptPubKey which locks bitcoin to a public key. This means that the
bitcoin can only be spent by the owner of the private key corresponding to the public key provided in the
script.https://learnmeabitcoin.com/technical/block-hash

X SENDS btc TO Y PUBLIC KEY, Recipient Y Wants to spend those funds (spend the corresponding
UTXO) at any point in the future, they only need to prove they own the public key to which the funds
were sent.
ScriptSig (unlockingscript): It encodes the public key and the signature of
the current owner of the Bitcoin (payer)

ScriptPubKey (locking script): This is a sequence of instructions (like a

function) that takes ScriptSig as input and returns true if a legitimate owner
tries to unlock that Bitcoin. Otherwise, it returns false. The format of a
ScriptPubKey is as follows:

EX: OP_CHECKSIG is used as a mechanism for verifying that the sender of a

transaction applies the correct digital signature.
For example, l
let's look at Alice's payment to Bob's Cafe again. Alice made
a payment of 0.015 bitcoin to the cafe's bitcoin address.
transaction output would have a locking script of the form:

OP_DUP OP_HASH160 OP_EQUALVERIFY

OP_CHECKSIG

The Cafe Public Key Hash is equivalent to the bitcoin

address of the cafe

locking script can be satisfied with an unlocking script of the

form:

<Cafe Signature> <Cafe Public Key>

OP_DUP OP_HASH160 OP_EQUALVERIFY OP_CHECKSIG

<Cafe Signature> <Cafe Public Key>

The two scripts combined (validation script):

<Cafe Signature> <Cafe Public Key> OP_DUP OP_HASH160

<Cafe Public Key Hash> OP_EQUALVERIFY OP_CHECKSIG

It involves verifying the sender's wallet balance and the recipient's address
and ensuring the transaction is secure and tamper-proof.
https://drive.google.com/drive/u/0/my-drive
● OP_DUP: Duplicate the top item on the stack (place a copy of it on

the stack)

● OP_HASH160: Pop the top item off the stack, calculate it’s

HASH160, i.e. the RIPEMD160(SHA256()), and place that on the

stack

● OP_EQUALVERIFY: Pop the top 2 items off the stack, and if they are

not equal, it will exit immediately and fail, otherwise nothing

● OP_CHECKSIG: Pop the top 2 items off the stack, and use the top as

the public key, the second as the signature, and verify the transaction

signature
● Users holding BTC in P2PK format wallets have the ability to easily send
these funds to wallets that use newer, more secure address formats.

● Public Key Length: public key is inconvenient for sending and receiving BTC
payments.public keys are longer at 64 characters in comparison to public
addresses which are long alphanumeric strings of 26-34 characters,. They
also don’t have built-in error checks. This may slightly increase the
possibility of errors when typing or copy/pasting public keys on computers or
mobile devices.

● P2PK transactions were used for the coinbase transaction in Bitcoin’s

genesis block as well as the first P2P payment of BTC from Satoshi
Nakamoto to Hal Finney.

● According to research from Deloitte, more than 4 Million BTC (around 19%
of the total supply) is currently sitting in P2PK format wallets.According to
txstats.com, over 10.2 million BTC (more than 56 percent of the existing
BTC supply) is currently held in P2PKH wallets. The total number of P2PKH
unspent transaction outputs (UXTOs) has surpassed 52.2 million.
 keys is created securely using the elliptic curve digital signature algorithm (ECDSA) with the curve
secp256k1. Then the generated public key is transformed using the functions SHA-256 and
RIPEMD-160.

P2PKH or Legacy address (old address format) is the first version of a Bitcoin address that starts with the number
“1” and has 26 to 36 characters.

The most important difference is that P2PKH transactions are sent to the hash of the recipient's public
key. P2PKH,Pay-to-Public-Key-Hash (P2PKH)

First, compared to a public key, a public key hash is a shorter and more manageable alphanumeric
string. Second, P2PKH enables error detection through a checksum feature, helping users to
drastically reduce the odds of sending BTC to an invalid address.

Pay To Script Hash (P2SH)

 ● Pay-to-Script-Hash (P2SH) is a type of transaction which allows for the spending of bitcoin
based on the satisfaction of any script provided by the sender. P2SH is used for multisig and
SegWit transactions.
● How long is a P2SH address? 26–35 alphanumeric characters,, and the address usually
starts with the numbers 1 or 3.
● Script addresses are commonly used for multisig addresses, which can specify that
signatures from several keys are required to authorize the transaction.
● P2SH is extremely flexible because it allows users to construct arbitrary scripts. P2SH is
used to enable backwards compatibility with new transaction types, including SegWit.
● Pay to Script Hash (P2SH) is another type of address format that allows more complex transactions involving
multiple signatories or programmable conditions.
● P2SH can also be used to create multi-signature wallets where several parties must approve a transaction before
it’s processed.

Multisignature

Multisignature scripts set a condition where N public keys are recorded in the script and at least
M of those must provide signatures to unlock the funds. This is also known as an M-of-N
scheme, where N is the total number of keys and M is the threshold of signatures required for
validation. For example, a 2-of-3 multisignature is one where three public keys are listed as
potential signers and at least two of those must be used to create signatures for a valid
 https://learnmeabitcoin.com/technical/block-hash

https://komodoplatform.com/en/academy/bitcoin-script/#:~:text=BTC%2
0Script%20%2D%20Basic%20P2PKH%20Transaction%20Example&text=In%
20a%20P2PKH%20transaction%2C%20Alice,to%20his%20%E2%80%9Cpub
key%20hash.%E2%80%9D
https://siminchen.github.io/bitcoinIDE/build/editor.html
https://scrypt.studio/
https://learnmeabitcoin.com/technical/address
A custodial wallet service (like Coinbase or Kraken) holds on to the private key, so it is responsible for safeguarding a
user's funds. A non-custodial wallet, on the other hand, gives users full control over their private key, and with it sole
responsibility for protecting their holdings
Examples of software non-custodial wallets include Metamask and Trust Wallet. Hardware Wallets: Hardware wallets
are crypto wallets that store your private keys offline in a secure physical (hardware) device isolated from internet
connection.MetaMask Institutional is the only multi-custodial institutional Web3 wallet.Binance Chain Wallet are
examples of non-custodial wallets.Coinbase Wallet is a self-custody wallet that gives you complete control of your
digital assets. This means that the private keys (that represent ownership of the cryptocurrency) for your Wallet are
stored directly on your web browser or mobile device and not with a centralized exchange like Coinbase.com.
 Result Validation
• https://www.blockchain.com/
• https://bitinfocharts.com/top-100-richest-bitcoin-addresses.h
tml

Signed by Alice

Pay to Pkbob: H()

51 *
 How addresses are created?

52 *
How a transaction is verified cryptographically?

• Suppose Alice receives m, digital signature { m, sig=sign(m,KR) }

• Alice verifies m signed by Bob by applying Bob’s public key Ku to sig then checks
verify(m, sig, Ku) = true or false?
• If true, whoever signed m must have used Bob’s private key.

Alice thus verifies that:

ü Bob signed m.
ü No one else signed m.
ü Bob signed m and not m’.
Non-repudiation:
ü Alice can take (m, sig) to court and prove that Bob signed m.

*
53
 2.2 Block format in Bitcoin

Chain all blocks Guarantee the integrity

together of transactions in a block

• A block contains “block head” and “block body”,

• “block head” stores the previous hash of the last block header.
 Core ：Proof of Work --- solving a puzzle

◆
 Digital signature = signed message digest

Bob sends digitally signed Alice verifies signature and integrity of

message: digitally signed message:
large
message H: Hash
m function H(m) signed msg digest

Bob’s digital Sign(H(m), KR)

private signature large
key KR (encrypt) message
Bob’s digital
m
public
signature
key KU
Signed msg digest H: Hash (decrypt)
function
+ Sign(H(m), KR)
H(m) H(m)

equal
?

*
56
https://learnmeabitcoin.com/technical/address