Author

Topic: Question about ScriptPubKey and Scriptsig (Read 139 times)

member
Activity: 79
Merit: 28
January 13, 2021, 03:50:24 PM
#5
I got it now. Thank you all, it helped a lot!
legendary
Activity: 3472
Merit: 4801
January 13, 2021, 08:44:47 AM
#4
Note that a P2PKH script is only 1 type of "locking script".

There are many script command codes that can also be used. The data that must be provided (both in the "locking script" and the "unlocking script") will depend on exactly what the script commands are doing.

Other common "locking script" examples are:
P2PK
P2SH
P2WPKH
OP_RETURN

It is also possible to create non-standard scripts if you understand what the OP codes do.

So, when you see scripts in transactions, be aware that they may not always be something you can interpret as:
OP_DUP OP_HASH160 pubKeyHash OP_EQUALVERIFY OP_CHECKSIG
legendary
Activity: 2114
Merit: 1293
There is trouble abrewing
January 13, 2021, 07:32:40 AM
#3
First I thought in the bold marked area is always the address of the receiver
in a way the whole script is the "address of the receiver". an address is the same as these scripts but in a user friendly way. you take the hash and encode it with a version to indicate type of the script. the OP codes are the same if you know the type.

Quote
but know after analyzing some blockchain transactions I found out that the public key is provided (I guess it is).
the public key (and the signature) are provided in the script signature part (or the witness in SegWit transactions).

Quote
When someone sends me his address, how is it possible to get the public key since hashes are irreversible? Is it the hex of the address?
you don't need their public key and it is impossible to get it from the hash. (address only contains that hash).

Quote
The unlocking script is clear to me. But what is acctually signed? The txid?
the receiver signs the transaction not you so they provide the public key and since they have the private key they can provide the public key too.
what is being signed is the transaction itself but with some modifications. for example for a simple P2PKH that you posted above the script pub is placed inside scriptsig and the rest of the inputs (if present) are set to empty scriptsigs. then the sighash byte is added at the end as 4 bytes and the whole thing is hashed twice with SHA256 and then that hash is signed.

see https://bitcoin.stackexchange.com/questions/32628/redeeming-a-raw-transaction-step-by-step-example-required
but there are a lot more details about signing transactions based on the type of the input being spent.
legendary
Activity: 2268
Merit: 18711
January 13, 2021, 07:30:16 AM
#2
First I thought in the bold marked area is always the address of the receiver but know after analyzing some blockchain transactions I found out that the public key is provided (I guess it is).
It is actually neither. It is what is known as the public key hash, hence the term P2PKH (Pay to pubkey hash). This is calculated as RIPEMD160(SHA256(pubkey)) - that is to say, first we hash the pubkey using SHA256, then we hash the result using RIPEMD160. These are the first steps in calculating an address, and from this pubkey hash you would prepend a network byte and then append a checksum, before encoding in Base58Check. Therefore, by converting back to hex and then stripping away the network byte and the checksum, you can convert an address back in to a pubkey hash, all without ever knowing the pubkey, which as you say would be impossible since hash functions are not reversible.
member
Activity: 79
Merit: 28
January 13, 2021, 07:16:46 AM
#1
A locking script: OP_DUP OP_HASH160 fde0a08625e327ba400644ad62d5c571d2eec3de OP_EQUALVERIFY OP_CHECKSIG

First I thought in the bold marked area is always the address of the receiver but know after analyzing some blockchain transactions I found out that the public key is provided (I guess it is).
When someone sends me his address, how is it possible to get the public key since hashes are irreversible? Is it the hex of the address?

A unlocking script:

The unlocking script is clear to me. But what is acctually signed? The txid?
Jump to: