Pages:
Author

Topic: Pubkey recovery from ECDSA signature (getting owner's public key from its tx) - page 2. (Read 529 times)

newbie
Activity: 10
Merit: 15
Thanks again!

I read the following: "UTXOs are created through the consumption of existing UTXOs. Every Bitcoin transaction is composed of inputs and outputs. Inputs consume an existing UTXO, while outputs create a new UTXO."

And also, there is something called coinbase which is where all root outputs come from.

I have more questions, can an address have spent outputs with a positive balance?

For example, this account has 17 BTC (balance), it has received 20 BTC and sent 3 BTC, then it is pubkey exposed? (I'm unsure if it works like this)

https://www.blockchain.com/btc/address/18yGdLieoWDBrkfFcU6mSJJzNMMfRztDUg
legendary
Activity: 3472
Merit: 10611
I have another question, then I cannot know any pubkey from any unspent address, if I understood it correctly it's called utxo?
As I mentioned above it depends on that output's script:
- Most of them (P2PKH, P2SH, P2MS, P2WPKH and P2WSH) only contain a hash and since hashes are not reversible you can't know the message that was hashed (pubkey or script in case of P2SH and P2WSH) without the owner spending from that address.
- But if it is one of the scripts that already contains the public key like P2PK you can easily see the pubkey in the output script. Taproot (P2TR) is slightly different as it contains a tweaked pubkey.

Quote
So, utxo which means unspent transaction output, now I can understand, but correct me if I'm wrong:

So if utxo belongs to output then it means there is a receiver, but if it's unspent it's because there isn't any sender.

But then, the following question assaults me, how is a utxo created, so if I only have a receiver who sent the money? You can create an address from real money? Or what is going on here?
Basically each bitcoin transaction contains 2 arrays: txins aka inputs and txouts aka outputs. If the output is not yet spent we call it a UTXO.
The inputs of a transaction and UTXOs from other previous transactions.
You can read more about raw transaction format here: https://developer.bitcoin.org/reference/transactions.html#raw-transaction-format
newbie
Activity: 10
Merit: 15
Thanks for your quick response!

I have another question, then I cannot know any pubkey from any unspent address, if I understood it correctly it's called utxo?

So, utxo which means unspent transaction output, now I can understand, but correct me if I'm wrong:

So if utxo belongs to output then it means there is a receiver, but if it's unspent it's because there isn't any sender.

But then, the following question assaults me, how is a utxo created, so if I only have a receiver who sent the money? You can create an address from real money? Or what is going on here?
legendary
Activity: 3472
Merit: 10611
You can recover possible candidate public keys by having ECDSA signature and the message [hash]. But in bitcoin transactions you don't need to because the public key is already included in any transaction that has a OP_CHECK(MULTI)SIG(VERIFY) op code.
When spending a P2PKH output, the public key is the top stack element when reaching OP_CHECKSIG.
When spending a P2WPKH output, the public key is the second witness item.
When spending a P2PK output, the public key is in the output.
When spending a P2TR output, the public key is a tweaked pubkey in the output (the witness program).
When spending other scripts such as P2SH when you reach any of the above op codes it should be the top stack element or in case of multi signatures there are multiple pubkeys.

then which pubkey is exposed, from the one that sends the money or the one who receives it?
It depends. P2PK outputs are not used anymore but P2TR outputs are new and are used and in both the receiver's public key is revealed (tweaked pubkey in taproot). In most other output scripts only the hash of the receiver's pubkey is used.
But in all cases, one way or another, you will know sender's public key.

Quote
And which is the difference between tx input and tx output. Input is who receives the money and output who emits it?
Inputs are the coins being spent and outputs are the new coins being created.
So inputs belong to the sender and outputs belong to receiver.
newbie
Activity: 10
Merit: 15
Hi,

following the next topic: https://bitcointalksearch.org/topic/ecdsa-signatures-allow-recovery-of-the-public-key-6430 and I have several newbie questions...

I would like to recover the public key from an address. I think the only way to do it is to check if there is any transaction done, but if a tx is done, then which pubkey is exposed, from the one that sends the money or the one who receives it?

And which is the difference between tx input and tx output. Input is who receives the money and output who emits it?

Also, I had check the bitcoin wiki, and I saw that there is a OP_CHECKSIG opcode: https://en.bitcoin.it/wiki/OP_CHECKSIG which states: "OP_CHECKSIG expects two values to be on the stack. These are, in order of stack depth, the public key and the signature of the script."

I think that the owner's pubkey is not exposed there, so, which pubkey does it refers to?

But I saw that with an ECDSA signature you can recover the original public key.

In that case, the ECDSA signature is from the person who emits the money?
Pages:
Jump to: