Bitcoin Forum>Bitcoin>Development & Technical Discussion
Author

Topic: Question on scriptSig and scriptPubKey (Read 1090 times)

Manfred Macx
full member
Activity: 205
Merit: 105
Question on scriptSig and scriptPubKey
March 23, 2016, 03:30:04 AM
#5
Quote from: DannyHamilton on March 22, 2016, 08:09:49 AM
Exactly.  This is why these types of outputs are called Pay-to-pubkey-hash (P2PKH) and not Pay-to-address.

Addresses, address version numbers, and address checksums do not exist in the actual transactions.  Those are just things that are added at the user interface level to make bitcoin easier for us humans to use.

Thank you Smiley
DannyHamilton
legendary
Activity: 3472
Merit: 4801
Re: Question on scriptSig and scriptPubKey
March 22, 2016, 08:09:49 AM
#4
Quote from: Manfred Macx on March 22, 2016, 03:39:49 AM
Great, thank you! So when I instruct my wallet to pay a certain amount to an address, the wallet first has to extract the hash160(sha256(pubkey)) and then uses that in the scriptPubKey part. Now the part makes sense.

Exactly.  This is why these types of outputs are called Pay-to-pubkey-hash (P2PKH) and not Pay-to-address.

Addresses, address version numbers, and address checksums do not exist in the actual transactions.  Those are just things that are added at the user interface level to make bitcoin easier for us humans to use.
Manfred Macx
full member
Activity: 205
Merit: 105
Re: Question on scriptSig and scriptPubKey
March 22, 2016, 03:39:49 AM
#3
Great, thank you! So when I instruct my wallet to pay a certain amount to an address, the wallet first has to extract the hash160(sha256(pubkey)) and then uses that in the scriptPubKey part. Now the part makes sense.
jl777
legendary
Activity: 1176
Merit: 1134
Re: Question on scriptSig and scriptPubKey
March 21, 2016, 12:32:07 PM
#2
Quote from: Manfred Macx on March 21, 2016, 12:13:42 PM
To redeem a particular transaction output, the spender needs to provide transaction signature and his pubkey:

DUP HASH160
EQUALVERIFY CHECKSIG

The provided pubkey will get (duplicated and) hashed HASH160(SHA56(pubkey)) and compared to the provided address. But how can this pubkey hash be equal to the address when the address also has checksum and network prefix? Does that mean the extra data gets removed from the script at some point? Also, is there any reason why provided address is in hex format instead of base58?
it isnt the address that goes into the output script, but the rmd160 20 bytes of binary

doing a base58 decode on the address, you can make sure the checksum is valid and you end up with an address type, followed by 20 bytes (160 bits) and it is these 20 bytes that goes where you have
in the above.

HASH160 EQUALVERIFY CHECKSIG

HASH160 -> that does the rmd160(sha256(pubkey)) and it should generate the identical 20 bytes:

EQUALVERIFY CHECKSIG

EQUALVERIFY -> verifies match or errors

which leaves us with:
  CHECKSIG

and the CHECKSIG makes sure the pubkey is from the privkey that did the signing

http://www.cs.princeton.edu/~tongbinw/bitcoinIDE/build/editor.html doesnt support all the script opcodes, but for most of the standard ones allows to single step and see things run and is a good way to learn the scripts
Manfred Macx
full member
Activity: 205
Merit: 105
Re: Question on scriptSig and scriptPubKey
March 21, 2016, 12:13:42 PM
#1
To redeem a particular transaction output, the spender needs to provide transaction signature and his pubkey:

DUP HASH160
EQUALVERIFY CHECKSIG

The provided pubkey will get (duplicated and) hashed HASH160(SHA56(pubkey)) and compared to the provided address. But how can this pubkey hash be equal to the address when the address also has checksum and network prefix? Does that mean the extra data gets removed from the script at some point? Also, is there any reason why provided address is in hex format instead of base58?
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: