flywithu/Learning-Bitcoin-from-the-Command-Line
1
1
Fork 0
mirror of https://github.com/ChristopherA/Learning-Bitcoin-from-the-Command-Line.git synced 2025-06-09 00:46:25 +00:00
Code Issues Releases Wiki Activity

Update 8_1_Understanding_the_Foundation_of_P2SH.md

Browse Source
This commit is contained in:
Shannon Appelcline 2017-05-31 10:38:24 -07:00 committed by GitHub
parent e63c397f34
commit 78625d824b
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
8_1_Understanding_the_Foundation_of_P2SH.md
View File

@ -10,7 +10,7 @@ Here's the gotcha for using Bitcoin Scripts: for security reasons, most Bitcoin
* __Pay to Public Key (P2PK)__ — An older, deprecated transaction (`<pubKey> OP_CHECKSIG`) that has been replaced by the better security of P2PKH.
* __Pay to Public Key Hash (P2PKH)__ — A standard transaction (`OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG`) that pays to the hash of a public key.
* __Multisig__ — A transaction for a group of keys, as explained more fully in [§8.3](8_3_Scripting_a_Multisig.md).
* __Multisig__ — A transaction for a group of keys, as explained more fully in [§8.4](8_4_Scripting_a_Multisig.md).
* __Null Data__ — An unspendable transaction (`OP_RETURN Data`).
* __Pay to Script Hash (P2SH)__ — A transaction that pays out to a specific script, as explained more fully here.
@ -20,7 +20,7 @@ So how do you write a more complex Bitcoin Script? The answer is in that last so
## Understand the P2SH Script
You already saw a P2SH transaction when you created a multisig in [§6.1: Sending a Transaction to a Multisig](6_1_Sending_a_Transaction_to_a_Multisig.md). Though multisig is one of the standard transaction types, `bitcoin-cli` simplifies the usage of its multisigs by embedding them into P2SH transactions, as described more fully in [§8.3: Scripting a Multisig](8_3_Scripting_a_Multisig.md).
You already saw a P2SH transaction when you created a multisig in [§6.1: Sending a Transaction to a Multisig](6_1_Sending_a_Transaction_to_a_Multisig.md). Though multisig is one of the standard transaction types, `bitcoin-cli` simplifies the usage of its multisigs by embedding them into P2SH transactions, as described more fully in [§8.4: Scripting a Multisig](8_4_Scripting_a_Multisig.md).
So, let's look one more time at the `scriptPubKey` of that P2SH multisig:
```
@ -34,7 +34,7 @@ So, let's look one more time at the `scriptPubKey` of that P2SH multisig:
]
}
```
The locking script is quite simple looking: `OP_HASH160 babf9063cee8ab6e9334f95f6d4e9148d0e551c2 OP_EQUAL`. As usual, there's a big chunk of data in the middle. This is a hash of another, hidden locking script (`redeemScript`) that's embedded _within_ the P2SH. In other words, the standard locking script for a P2SH address is: `OP_HASH160 <redeemScriptHash> OP_EQUAL`.
The locking script is quite simple looking: `OP_HASH160 babf9063cee8ab6e9334f95f6d4e9148d0e551c2 OP_EQUAL`. As usual, there's a big chunk of data in the middle. This is a hash of another, hidden locking script (`redeemScript`) that will only be revealed when the funds are redeemed. In other words, the standard locking script for a P2SH address is: `OP_HASH160 <redeemScriptHash> OP_EQUAL`.
_What is a redeemScript?_ Each P2SH transaction carries the fingerprint of a hidden locking script within it as a 20-byte hash. When a P2SH transaction is redeemed, the full (unhashed) `redeemScript` is included as part of the `scriptSig`. Bitcoin will make sure the `redeemScript` matches the hash; then it actually runs the `redeemScript` to see if the funds can be spent (or not).
@ -46,15 +46,15 @@ One of the interesting elements of P2SH transactions is that neither the sender
Since the visible locking script for a P2SH transaction is so simple, creating a transaction of this sort is quite simple too. In theory. All you need to do is create a transaction whose locking script includes a 20-byte hash of the `redeemScript`. That hashing is done with Bitcoin's standard `OP_HASH160`.
Overall, just four steps are required:
_What is OP_HASH160?_ The standard hash operation for Bitcoin performs a SHA-256 hash, then a RIPEMD-160 hash.
Overall, four steps are required:
1. Create an arbitrary locking script with Bitcoin Script.
2. Create a serialized version of that locking script.
3. Perform a SHA-256 hash on those serialized bytes.
4. Perform a RIPEMD-160 hash on the results of that SHA-256 hash.
_What is OP_HASH160?_ The standard hash operation for Bitcoin performs a SHA-256 hash, then a RIPEMD-160 hash.
Each of those steps of course takes some work on its own, and some of them can be pretty intricate. The good news is that you don't really have to worry about them, because they're sufficiently complex that you'll usually have an API take care of it all for you.
So for now, we'll just provide you with an overview, so that you understand the general methodology. In [§8.2: Building the Structure of P2SH](8_2_Building_the_Structure_of_P2SH.md) we'll provide a more in-depth look at script creation, in case you ever want to understand the guts of this process.
@ -83,12 +83,12 @@ When a UTXO is redeemed, it runs in two rounds of verification:
3. Second, the redeemScript is run using the prior data that was pushed on the stack.
4. If that second round of verification _also_ succeeds, the UTXO is unlocked.
Whereas you can't easily create a P2SH transaction, you should be able to easily redeem a P2SH transaction. In fact, you already have. The process is described in [§8.6: Spending a Transaction with a Bitcoin Script.md](8_6_Spending_a_Transaction_with_a_Bitcoin_Script.md) after we've finished all the intricacies of P2SH transaction creation.
Whereas you can't easily create a P2SH transaction without an API, you should be able to easily redeem a P2SH transaction with `bitcoin-cli`. In fact, you already have. The exact process is described in [§8.6: Spending a Transaction with a Bitcoin Script.md](8_6_Spending_a_Transaction_with_a_Bitcoin_Script.md), after we've finished with all the intricacies of P2SH transaction creation.
> **WARNING:** You can create a perfectly valid transaction with a hashed redeemScript, but if the redeemScript doesn't run, or doesn't run correctly, your funds are lost forever. So, test, test, test the script!
## Summary: Understanding the Foundation of P2SH
Arbitrary Bitcoin Scripts are non-standard in Bitcoin. However, you can incorporate them into standard transactions by using the P2SH address type. You just hash your script as part of the locking script, then you reveal and run it as part of the unlocking script. As long as you can also satisfy the script, the UTXO can be spent.
Arbitrary Bitcoin Scripts are non-standard in Bitcoin. However, you can incorporate them into standard transactions by using the P2SH address type. You just hash your script as part of the locking script, then you reveal and run it as part of the unlocking script. As long as you can also satisfy the `redeemScript`, the UTXO can be spent.
_What is the power of P2SH?_ You already know the power of Bitcoin Script, which allows you to create more complex Smart Contracts of all sorts. P2SH is what actually unleashes that power by letting you include arbitrary Bitcoin Script in standard Bitcoin transactions.