Author

Topic: Is the OP_RETURN for contracts and smart properties? (Read 3500 times)

sr. member
Activity: 310
Merit: 250
Actually it is relatively easy, but definitely not impossible to use the OP_RETURN output. Thanks again for the help!
sr. member
Activity: 310
Merit: 250
Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts



Thanks for your help!

I have gone through a few times on the wiki page that you have pointed out before I posted here, it is very interesting material, but there is not much there that would help implement the actual solution. At least I couldn't find it in the wiki article.

The transaction_tests.cpp test_IsStandard test gives me some idea how to create an OP_RETURN  output, I guess this is how to create the transaction
// 40-byte TX_NULL_DATA (standard)
t.vout[0].scriptPubKey = CScript() << OP_RETURN << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef3 8");

To experiment with OP_RETURN output do I need to create a new app based on the bitcoin source  by putting my own code to create the transaction or is it possible to create an OP_RETURN output using the bitcoind app?



Proof of existence is a pretty slick new service that automates OP_RETURN transactions for you.

http://www.proofofexistence.com/about

Thanks for the info. That's a really good and smart service that utilizes the OP_RETURN output. As the description of the service says that could be very useful in IP ownership disputes. The source there helps me to understand better how OP_RETURN output works.
newbie
Activity: 1
Merit: 0
Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts



Thanks for your help!

I have gone through a few times on the wiki page that you have pointed out before I posted here, it is very interesting material, but there is not much there that would help implement the actual solution. At least I couldn't find it in the wiki article.

The transaction_tests.cpp test_IsStandard test gives me some idea how to create an OP_RETURN  output, I guess this is how to create the transaction
// 40-byte TX_NULL_DATA (standard)
t.vout[0].scriptPubKey = CScript() << OP_RETURN << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef3 8");

To experiment with OP_RETURN output do I need to create a new app based on the bitcoin source  by putting my own code to create the transaction or is it possible to create an OP_RETURN output using the bitcoind app?



Proof of existence is a pretty slick new service that automates OP_RETURN transactions for you.

http://www.proofofexistence.com/about
sr. member
Activity: 310
Merit: 250
then I would have to use bitcoind to perfotm the sign and send the transaction using signrawtransaction and sendrawtransaction respectively. Is that correct?

You got 'er!  You don't necessarily need to use bitcoind to sign & send the transactions, but all considering, probably easiest to do that.  Just create the raw transaction by hand, which actually isn't very difficult once the get the hang of the format.  From there, fire it off to the bitcoind RPC API to sign & send it.

Actually, I'm not sure...  will bitcoind sign OP_RETURN transactions?  There's a chance it may throw an error saying the transaction is non-canonical.  If that happens, you're stuck signing your own transactions.  The StackExchange link above explains how, but it's a bit of a pain.  Just Google around and there's lots of blogs & code examples out there in all languages showing how to do it.  Creating transactions is easy, signing them is a bit of a pain though.  If you read through the blogs from others who've already jumped the hurdle, when it comes to signing transactions, you don't hear any of them saying, "geez, that was easy".



Thanks Envrin, I really appreciate your help! I will have to do more reading, researching and digging in the relevant blogs, but thanks for your help I start to understand how to use the OP_RETURN  output. I plan to build a smart contract handler app top on the BTC blockchain so I think it is absolutely necessary that I be familiar with the concept.

I was just wondering without understanding the complexity of such change, wouldn't make sense that the experienced bitcoin core developers would build the OP_RETURN output transaction handling (include the create) into the bitcoind app? I think there is a real need for smart contracts/properties no wonder Ethereum is getting such an attention, there are a lots of developers like myself that would prefer to use bitcoin instead of the untested and who knows when available Ethereum so such functionality would be quite useful.
sr. member
Activity: 318
Merit: 251
then I would have to use bitcoind to perfotm the sign and send the transaction using signrawtransaction and sendrawtransaction respectively. Is that correct?

You got 'er!  You don't necessarily need to use bitcoind to sign & send the transactions, but all considering, probably easiest to do that.  Just create the raw transaction by hand, which actually isn't very difficult once the get the hang of the format.  From there, fire it off to the bitcoind RPC API to sign & send it.

Actually, I'm not sure...  will bitcoind sign OP_RETURN transactions?  There's a chance it may throw an error saying the transaction is non-canonical.  If that happens, you're stuck signing your own transactions.  The StackExchange link above explains how, but it's a bit of a pain.  Just Google around and there's lots of blogs & code examples out there in all languages showing how to do it.  Creating transactions is easy, signing them is a bit of a pain though.  If you read through the blogs from others who've already jumped the hurdle, when it comes to signing transactions, you don't hear any of them saying, "geez, that was easy".

sr. member
Activity: 310
Merit: 250

No, you can't create OP_RETURN transactions with bitcoind.  You'll need to create the raw transactions from scratch yourself.  From your example above, here's a raw transaction in hex format:

----------------------------
01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000
----------------------------

To use OP_RETURN, you need to recreate the above, but by hand without using bitcoind or anything.  Here's a couple links to get you going:

http://bitcoin.stackexchange.com/questions/3374/how-to-redeem-a-basic-tx

https://en.bitcoin.it/wiki/Protocol_specification#tx




Thanks for pointing that out, that saved me time to not try something that doesn't make sense.
Once I have the OP_RETURN output transaction constructed like the one at this web site OP_RETURN https://bitcointalk.org/index.php?topic=453086.new#new which transaction is

01000000015d475fab463fee15d6d32b33151748cbc4eb7c8f06166f50ad77224ddc07bbc800000 0006b483045022100fd8c5227976363b79c6c2c72592e98148090ca26d89707f60dfaa19d5c5951 9f02207a34c47f2a55b9513d152520dd035fb9842d689c0c3350f4c0145e827e61604d01210391b 373843e77f5ac1f05db4afb5151190e67cfee5a48f7925d71da7c5e919422ffffffff0100000000 000000004e6a4c4b6f64617920697320466562203232203230313420616e6420746869732069732 06465785820402062697477617463682e636f2e2043686565727320616e64207374617920666c75 6666792100000000

then I would have to use bitcoind to perfotm the sign and send the transaction using signrawtransaction and sendrawtransaction respectively. Is that correct?


sr. member
Activity: 310
Merit: 250
Speaking of smart contracts - you might want to read a bit about oracles as well - https://github.com/orisi/wiki/wiki/Orisi-White-Paper . Right now our oracles don't use OP_RETURN, but they will..

There's also:
https://bitcoin.stackexchange.com/questions/tagged/contracts
https://en.bitcoin.it/wiki/Contracts

Not about OP_RETURN per se, but closely related to it Smiley

That's a very interesting concept and solution. I will contact you with questions once I read the material.
sr. member
Activity: 318
Merit: 251

No, you can't create OP_RETURN transactions with bitcoind.  You'll need to create the raw transactions from scratch yourself.  From your example above, here's a raw transaction in hex format:

----------------------------
01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000
----------------------------

To use OP_RETURN, you need to recreate the above, but by hand without using bitcoind or anything.  Here's a couple links to get you going:

http://bitcoin.stackexchange.com/questions/3374/how-to-redeem-a-basic-tx

https://en.bitcoin.it/wiki/Protocol_specification#tx



full member
Activity: 518
Merit: 101
Speaking of smart contracts - you might want to read a bit about oracles as well - https://github.com/orisi/wiki/wiki/Orisi-White-Paper . Right now our oracles don't use OP_RETURN, but they will..

There's also:
https://bitcoin.stackexchange.com/questions/tagged/contracts
https://en.bitcoin.it/wiki/Contracts

Not about OP_RETURN per se, but closely related to it Smiley
sr. member
Activity: 310
Merit: 250
I also found this topic at https://bitcointalk.org/index.php?topic=453086.new#new, it helps a lot to understand how to create a raw transaction with OP_RETURN.
sr. member
Activity: 310
Merit: 250
To create OP_RETURN outputs in bitcoind you need to create rawtransactions.  Remember you can lose money using raw transactions.  Always test on testnet first.

Thanks!

I was going to use testnet for that and I have been checking the wiki at https://en.bitcoin.it/wiki/Raw_Transactions but could not find there how to use bitcoind. However I found this tutorial, do you think this is a good starting point to perform a raw transaction?


[online]$ bitcoind sendtoaddress n1gqLjZbRH1biT5o4qiVMiNig8wcCPQeB9 50
a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c
Now, grab the transaction that was paying it. We'll need the txid, and the
scriptpubkey paying our offline wallet.
[online]$ bitcoind getrawtransaction a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c 1
{
    "hex" : "0100000001344630cbff61fbc362f7e1ff2f11a344c29326e4ee96e787dc0d4e5cc02fd06900000 0004a493046022100ef89701f460e8660c80808a162bbf2d676f40a331a243592c36d6bd1f81d6b df022100d29c072f1b18e59caba6e1f0b8cadeb373fd33a25feded746832ec179880c23901fffff fff0100f2052a010000001976a914dd40dedd8f7e37466624c4dacc6362d8e7be23dd88ac000000 00",
    "txid" : "a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c",
    "version" : 1,
    "locktime" : 0,
    "vin" : [
        {
            "txid" : "69d02fc05c4e0ddc87e796eee42693c244a3112fffe1f762c3fb61ffcb304634",
            "vout" : 0,
            "scriptSig" : {
                "asm" : "3046022100ef89701f460e8660c80808a162bbf2d676f40a331a243592c36d6bd1f81d6bdf02210 0d29c072f1b18e59caba6e1f0b8cadeb373fd33a25feded746832ec179880c23901",
                "hex" : "493046022100ef89701f460e8660c80808a162bbf2d676f40a331a243592c36d6bd1f81d6bdf022 100d29c072f1b18e59caba6e1f0b8cadeb373fd33a25feded746832ec179880c23901"
            },
            "sequence" : 4294967295
        }
    ],
    "vout" : [
        {
            "value" : 50.00000000,
            "n" : 0,
            "scriptPubKey" : {
                "asm" : "OP_DUP OP_HASH160 dd40dedd8f7e37466624c4dacc6362d8e7be23dd OP_EQUALVERIFY OP_CHECKSIG",
                "hex" : "76a914dd40dedd8f7e37466624c4dacc6362d8e7be23dd88ac",
                "reqSigs" : 1,
                "type" : "pubkeyhash",
                "addresses" : [
                    "n1gqLjZbRH1biT5o4qiVMiNig8wcCPQeB9"
                ]
            }
        }
    ]
}
And lets get an address to return those coins to:
[online]$ bitcoind getnewaddress
mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT
Now, from our online node we're going to draft the transaction to
return the coin from the offline wallet to the online one:
[online]$ bitcoind createrawtransaction '[{"txid":"a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c","vout":0}]' '{"mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT":50}'
01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 00000ffffffff0100f2052a010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc71 88ac00000000
One the offline wallet we decode the transaction to validate that its doing
what we expect. Note: Since we don't have the input transaction we don't
know the input value and this txn could be paying a ton of change out
to fees.
[offline]$ bitcoind decoderawtransaction 01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 00000ffffffff0100f2052a010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc71 88ac00000000
{
    "txid" : "d9f33ed2740eef77e40e72b692c4cf1feb6ab10d8adaaf27eb394fa5064b1160",
    "version" : 1,
    "locktime" : 0,
    "vin" : [
        {
            "txid" : "a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c",
            "vout" : 0,
            "scriptSig" : {
                "asm" : "",
                "hex" : ""
            },
            "sequence" : 4294967295
        }
    ],
    "vout" : [
        {
            "value" : 50.00000000,
            "n" : 0,
            "scriptPubKey" : {
                "asm" : "OP_DUP OP_HASH160 3744841e13b90b4aca16fe793a7f88da3a23cc71 OP_EQUALVERIFY OP_CHECKSIG",
                "hex" : "76a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac",
                "reqSigs" : 1,
                "type" : "pubkeyhash",
                "addresses" : [
                    "mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT"
                ]
            }
        }
    ]
}
If we're happy, we'll sign. We need to provide the scriptpubkey of the
inputs we're signing so our offline wallet knows which of its keys
to use.
[offline]$ bitcoind signrawtransaction 01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 00000ffffffff0100f2052a010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc71 88ac00000000 '[{"txid":"a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c","vout":0,"scriptPubKey":"76a914dd40dedd8f7e37466624c4dacc6362d8e7be23dd88ac"}]'
{
    "hex" : "01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000",
    "complete" : true
}
Then we'll carry the transaction over to the online wallet and
announce it:
[online]$ bitcoind sendrawtransaction 01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000
7822dda72d9bf421d2f3eedc678bf58c6e4c10cdd047b9e137559ad384933ef5
And we can see the online wallet has been paid:
[online]$ bitcoind listtransactions "" 1
[
    {
        "account" : "",
        "address" : "mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT",
        "category" : "receive",
        "amount" : 50.00000000,
        "confirmations" : 0,
        "txid" : "7822dda72d9bf421d2f3eedc678bf58c6e4c10cdd047b9e137559ad384933ef5",
        "time" : 1344221517
    }
]


If that's the way to do the raw transaction then at which point should I include the OP_RETURN output and what would be the syntax to do that?







donator
Activity: 1218
Merit: 1079
Gerald Davis
To create OP_RETURN outputs in bitcoind you need to create rawtransactions.  Remember you can lose money using raw transactions.  Always test on testnet first.
sr. member
Activity: 310
Merit: 250
Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts



Thanks for your help!

I have gone through a few times on the wiki page that you have pointed out before I posted here, it is very interesting material, but there is not much there that would help implement the actual solution. At least I couldn't find it in the wiki article.

The transaction_tests.cpp test_IsStandard test gives me some idea how to create an OP_RETURN  output, I guess this is how to create the transaction
// 40-byte TX_NULL_DATA (standard)
t.vout[0].scriptPubKey = CScript() << OP_RETURN << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef3 8");

To experiment with OP_RETURN output do I need to create a new app based on the bitcoin source  by putting my own code to create the transaction or is it possible to create an OP_RETURN output using the bitcoind app?

full member
Activity: 200
Merit: 104
Software design and user experience.
Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts

hero member
Activity: 784
Merit: 1000
There are lot of hype around Ethereum's smart contracts, but I read somewhere that it is already possible to create contract using bitcoin's OP_RETURN. I am very inexperienced in this field and I was just wondering is it possible to implement contracts and smart properties with the OP_RETURN 40 bytes in the transaction? Is there any sample applications or white papers that describe such use case? If not, do you think would it be a good idea to put together a UML based design document that describes how contracts and smart properties work using OP_RETURN 40 bytes field? I would be happy to start working on a UML document if the experienced members of the community think it is a good idea, and more importantly if I could get some help or pointers because I have no idea how OP_RETURN works.

I am happy to help you with the UML document. I think lots of IT and software literate people will find that such docs are very useful. The problem is I don't know either how OP_RETURN works LoL

I am checking the source code and will try to post a UML sequence diagram that describes the operation.
sr. member
Activity: 310
Merit: 250
There are lots of hypes around Ethereum's smart contracts, but I read somewhere that it is already possible to create contract using bitcoin's OP_RETURN. I am very inexperienced in this field and I was just wondering is it possible to implement contracts and smart properties with the OP_RETURN 40 bytes in the transaction? Is there any sample applications or white papers that describe such use case? If not, do you think would it be a good idea to put together a UML based design document that describes how contracts and smart properties work using OP_RETURN 40 bytes field? I would be happy to start working on a UML document if the experienced members of the community think it is a good idea, and more importantly if I could get some help or pointers because I have no idea how OP_RETURN works.
Jump to: