bitcoin transactions
play

Bitcoin Transactions Saravanan Vijayakumaran sarva@ee.iitb.ac.in - PowerPoint PPT Presentation

Jun 03, 2023 •839 likes •1.17k views

Bitcoin Transactions Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical Engineering Indian Institute of Technology Bombay August 5, 2019 1 / 32 Bitcoin Transactions Bitcoin Payment Workflow 1. Request Bobs address 2.

  1. Bitcoin Transactions Saravanan Vijayakumaran sarva@ee.iitb.ac.in Department of Electrical Engineering Indian Institute of Technology Bombay August 5, 2019 1 / 32

  2. Bitcoin Transactions

  3. Bitcoin Payment Workflow 1. Request Bob’s address 2. Generate address 3. Send Bob’s address 4. Construct Alice Bob t 5. Transmit 6. Query for t t Bitcoin network • Merchant Bob shares address out of band (not using Bitcoin P2P) • Customer Alice broadcasts transaction t which pays the address • Miners collect broadcasted transactions into a candidate block • One of the candidate blocks containing t is mined • Merchant waits for confirmations on t before providing goods 3 / 32

  4. Coinbase Transaction Format Block Format Coinbase Transaction Output Format Block Header nValue Amount x 1 Number of Output 0 scriptPubkeyLen Challenge Script C 1 Transactions n scriptPubkey Coinbase Transaction Amount x 2 Regular Output 1 Challenge Script C 2 Transaction 1 Regular Transaction 2 . . . Regular Transaction n − 1 • nValue contains number of satoshis locked in output • 1 Bitcoin = 10 8 satoshis • scriptPubkey contains the challenge script • scriptPubkeyLen contains byte length of challenge script 4 / 32

  5. Regular Transaction Format Input Format Previous Regular Tx Regular Transaction with Tx ID = I 1 hash n Tx ID = I 1 scriptSigLen Input 0 Output Index = 0 One or more scriptSig Response Script R 1 inputs nSequence Tx ID = I 1 Amount x 1 Output 0 Input 1 Output Index = 1 Challenge Script C 1 Response Script R 2 Amount x 2 Output 1 Tx ID = I 2 Challenge Script C 2 Input 2 Output Index = 0 Output Format Response Script R 3 nValue Previous Coinbase Tx Amount y 1 scriptPubkeyLen with Tx ID = I 2 Output 0 Challenge Script C 4 scriptPubkey Amount x 3 Output 0 Amount y 2 Challenge Script C 3 Output 1 Challenge Script C 5 • hash and n identify output being unlocked • scriptSig contains the response script 5 / 32

  6. Transaction ID Regular Transaction nVersion Number of Inputs N hash n scriptSigLen Input 0 scriptSig nSequence . . . hash n Double Input N − 1 scriptSigLen SHA-256 Tx ID scriptSig Hash nSequence Number of Outputs M nValue Output 0 scriptPubkeyLen scriptPubkey . . . nValue Output M − 1 scriptPubkeyLen scriptPubkey nLockTime 6 / 32

  7. Bitcoin Scripting Language

  8. Script • Forth-like stack-based language • One-byte opcodes Remaining Script Stack State OP_2 OP_3 OP_ADD 2 OP_3 OP_ADD 3 OP_ADD 2 5 8 / 32

  9. Challenge/Response Script Execution Remaining Script Stack State <Response Script> <Challenge Script> x 1 x 2 . . <Challenge Script> . x n y 1 y 2 . . . y m Response is valid if top element y 1 evaluates to True 9 / 32

  10. Challenge Script Example OP_HASH256 0x20 <256-bit string> OP_EQUAL � �� � S Remaining Script Stack State x OP_HASH256 0x20 S OP_EQUAL H ( x ) 0x20 S OP_EQUAL S OP_EQUAL H ( x ) 0 or 1 Unsafe challenge script! Guess why? 10 / 32

  11. Pay to Public Key • Challenge script: 0x21 <Public Key> OP_CHECKSIG • Response script: <Signature> Remaining Script Stack State <Signature> <Public Key> OP_CHECKSIG <Signature> <Public Key> OP_CHECKSIG <Public Key> OP_CHECKSIG <Signature> True/False 11 / 32

  12. Signatures Protect Transactions Message for Input 0 signatures Regular Transaction nVersion nVersion 0x02 0x02 hash0 hash0 n0 n0 Input 0 Input 0 scriptSigLen0 prevScriptPubkeyLen0 Fields scriptSig0 prevScriptPubkey0 nSequence0 nSequence0 hash1 hash1 n1 n1 Input 1 Input 1 scriptSigLen1 0x00 Fields scriptSig1 nSequence1 nSequence1 0x02 0x02 nValue0 Output 0 nValue0 scriptPubkeyLen0 Fields scriptPubkeyLen0 scriptPubkey0 Output 0 scriptPubkey0 nValue1 Output 1 nValue1 scriptPubkeyLen1 Fields scriptPubkeyLen1 scriptPubkey1 Output 1 scriptPubkey1 nLockTime nLockTime nHashType 12 / 32

  13. Transaction Merkle Root Block Header nVersion hashPrevBlock Number of hashMerkleRoot Transactions n nTime Coinbase nBits Transaction nNonce Regular Transaction 1 Regular Transaction 2 . . . Regular Transaction n − 1 • hashMerkleRoot contains root hash of transaction Merkle tree • Modifying any transaction will modify the block header h = H ( h 0 � h 1 ) h 0 = H ( h 00 � h 01 ) h 1 = H ( h 10 � h 10 ) h 00 = H ( t 0 ) h 01 = H ( t 1 ) h 10 = H ( t 2 ) h 10 t 0 t 1 t 2 13 / 32

  14. Key Takeaways • Coinbase transactions have no inputs; outputs have challenge scripts • Regular transaction inputs unlock previous outputs; outputs again have challenge scripts • Scripts are expressed in a stack-based language • Signatures prevent tampering of unconfirmed transactions 14 / 32

  15. Bitcoin Addresses

  16. Bitcoin Addresses • To receive bitcoins, a challenge script needs to be specified • Bitcoin addresses encode challenge scripts • Example: 1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm • Bitcoin payment workflow (recap) • Merchant shares address out of band (not using Bitcoin P2P network) • Customer transmits transaction which pays the address • Merchant waits for transaction confirmations before providing goods/service 16 / 32

  17. Base58 Encoding 1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm � 0091B24BF9F5288532960AC687ABB035127B1D28A50074FFE0 • Alphanumeric representation of bytestrings • From 62 alphanumeric characters 0, O, I, l are excluded Ch Int Ch Int Ch Int Ch Int Ch Int Ch Int Ch Int 1 0 A 9 K 18 U 27 d 36 n 45 w 54 2 1 B 10 L 19 V 28 e 37 o 46 x 55 3 2 C 11 M 20 W 29 f 38 p 47 y 56 4 3 D 12 N 21 X 30 g 39 q 48 z 57 5 4 E 13 P 22 Y 31 h 40 r 49 6 5 F 14 Q 23 Z 32 i 41 s 50 7 6 G 15 R 24 a 33 j 42 t 51 8 7 H 16 S 25 b 34 k 43 u 52 9 8 J 17 T 26 c 35 m 44 v 53 • Given a bytestring b n b n − 1 · · · b 0 • Encode each leading zero byte as a 1 • Get integer N = � n − m i = 0 b i 256 i • Get a k a k − 1 · · · a 0 where N = � k i = 0 a i 58 i • Map each integer a i to a Base58 character 17 / 32

  18. Pay to Public Key Hash Address Public Key SHA-256 S RIPEMD-160 R Prefix address version byte B � R Double SHA-256 C C 4 Extract first � four bytes B � R � C 4 Base58 P2PKH Address Encoding 18 / 32

  19. Why Hash the Public Key? Point Addition Private Key Public Key ECDLP • ECDLP = Elliptic Curve Discrete Logarithm Problem • ECDLP currently hard but no future guarantees • Hashing the public key gives extra protection P2PK Solve Private key Address ECDLP Find Find P2PKH Solve RIPEMD-160 SHA-256 Private key Address ECDLP preimage preimage 19 / 32

  20. P2PKH Transaction • Challenge script OP_DUP OP_HASH160 <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG Base58 P2PKH Address Decoding B � R � C 4 Discard last four bytes B � R Discard address R PubKeyHash version prefix byte • Response script: <Signature> <Public Key> 20 / 32

  21. P2PKH Script Execution (1/2) Remaining Script Stack State <Signature> <Public Key> OP_DUP OP_HASH160 <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG <Public Key> OP_DUP OP_HASH160 <Signature> <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG <Public Key> OP_DUP OP_HASH160 <Signature> <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG <Public Key> OP_HASH160 <Public Key> <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG <Signature> 21 / 32

  22. P2PKH Script Execution (2/2) Remaining Script Stack State <PubKeyHashCalc> <Public Key> <Signature> <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG <PubKeyHash> <PubKeyHashCalc> <Public Key> OP_EQUALVERIFY OP_CHECKSIG <Signature> <Public Key> <Signature> OP_CHECKSIG True/False 22 / 32

  23. m -of- n Multi-Signature Scripts • m -of- n multisig challenge script specifies n public keys m <Public Key 1> · · · <Public Key n> n OP_CHECKMULTISIG • Response script provides signatures created using any m out of the n private keys OP_0 <Signature 1> · · · <Signature m> . • Example: m = 2 and n = 3 • Challenge script OP_2 <PubKey1> <PubKey2> <PubKey3> OP_3 OP_CHECKMULTISIG • Response script OP_0 <Sig1> <Sig2> 23 / 32

  24. 2-of-3 Multisig Script Execution Remaining Script Stack State OP_0 <Sig1> <Sig2> OP_2 <PubKey1> <PubKey2> <PubKey3> OP_3 OP_CHECKMULTISIG <Sig2> OP_2 <PubKey1> <Sig1> <PubKey2> <PubKey3> OP_3 OP_CHECKMULTISIG <Empty Array> 3 <PubKey3> <PubKey2> <PubKey1> 2 OP_CHECKMULTISIG <Sig2> <Sig1> <Empty Array> True/False 24 / 32

  25. Pay to Script Hash Script • Specify arbitrary scripts as payment destinations • Challenge script OP_HASH160 <RedeemScriptHash> OP_EQUAL • Response script <Response To Redeem Script> <Redeem Script> • Example • 1-of-2 Multisig Challenge Script OP_1 <PubKey1> <PubKey2> OP_2 OP_CHECKMULTISIG • 1-of-2 Multisig Response Script OP_0 <Sig1> or OP_0 <Sig2> • P2SH Multisig challenge script OP_HASH160 <RedeemScriptHash> OP_EQUAL • P2SH Multisig response script OP_0 <Sig1> OP_1 <PubKey1> <PubKey2> OP_2 OP_CHECKMULTISIG � �� � � �� � Response to Redeem Script Redeem Script 25 / 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin

Cryptocurrency Technologies Mechanics of Bitcoin Mechanics of Bitcoin Bitcoin Transactions Bitcoin Scripts Applications of Bitcoin Scripts Bitcoin Blocks The Bitcoin Network Limitations and Improvements Mechanics of

695 views • 33 slides
Bitcoin Transactions, High-level Prof. Tom Austin San Jos State University Lab Review

Bitcoin Transactions, High-level Prof. Tom Austin San Jos State University Lab Review

Cryptocurrencies &amp; Security on the Blockchain Bitcoin Transactions, High-level Prof. Tom Austin San Jos State University Lab Review Bitcoin Blocks Collections of transactions Fixed size Collectively, form a blockchain

456 views • 22 slides
Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers

Bitcoin Tom Anderson Bitcoin Network of bitcoin peers (servers) run by volunteers Peers are not trusted: may be greedy or corrupt Each peer knows about all bitcoins and transactions Transaction (sender -&gt; receiver): sender

958 views • 23 slides
Fast and Secure Transactions Presenter: Dae Kwang Lee Adviser: Matthew Anderson What is Bitcoin?

Fast and Secure Transactions Presenter: Dae Kwang Lee Adviser: Matthew Anderson What is Bitcoin?

Bitcoin Blockchain: Fast and Secure Transactions Presenter: Dae Kwang Lee Adviser: Matthew Anderson What is Bitcoin? B C Decentralized peer-to-peer electronic payment system A Each node stores a copy of the public transaction history

263 views • 15 slides
Bitcoin What We Know So Far Consensus Cryptographic Primitives Today Putting It All

Bitcoin What We Know So Far Consensus Cryptographic Primitives Today Putting It All

Bitcoin What We Know So Far Consensus Cryptographic Primitives Today Putting It All Together The Bitcoin System The First Primitive Data Structure Reference Reference Header Header Header Transactions Transactions

1k views • 57 slides
Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin

Introduc)on to Bitcoin CONTENTS What is Bitcoin Who created it? Who prints it? How does Bitcoin work? The characteris5cs of Bitcoin WHAT IS BITCOIN Bitcoin is a form of digital currency, created and held electronically. No one controls it.

839 views • 17 slides
Lecture 3: Scaling Bitcoin Andrew Miller SJTU 2017 Winter School on Cryptocurrency and

Lecture 3: Scaling Bitcoin Andrew Miller SJTU 2017 Winter School on Cryptocurrency and

Lecture 3: Scaling Bitcoin Andrew Miller SJTU 2017 Winter School on Cryptocurrency and Blockchain Technologies - Jan 14, 2017 3.2 transactions per second VISA: 2000 transactions/sec on average, (2015) peak rate of 56,000 transactions/sec

1k views • 79 slides
A Suite of Tools for the Forensic Analysis of Bitcoin Transactions: Preliminary Report Stefano

A Suite of Tools for the Forensic Analysis of Bitcoin Transactions: Preliminary Report Stefano

A Suite of Tools for the Forensic Analysis of Bitcoin Transactions: Preliminary Report Stefano Bistarelli, Ivan Mercanti and Francesco Santini UNIVERSIT DEGLI STUDI DI PERUGIA Dipartimento di Matematica e Informatica EURO-PAR 2018 WS FPDAPP

501 views • 46 slides
Incentives in cryptocurrencies Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to:

Incentives in cryptocurrencies Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to:

ECRYPT Workshop on Cryptocurrencies Incentives in cryptocurrencies Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store and broadcast the block chain Validate new transactions Vote (by hash power) on consensus

939 views • 68 slides
On Blockchain Commit Times An analysis of how miners choose Bitcoin transactions Johnnatan

On Blockchain Commit Times An analysis of how miners choose Bitcoin transactions Johnnatan

On Blockchain Commit Times An analysis of how miners choose Bitcoin transactions Johnnatan Messias http://johnnatan.me SDBD'20 Joint w/ Mohamed Alzayat, Balakrishnan Chandrasekaran, and Krishna P. Gummadi 1 1 The Current Status of the Top-2

2.84k views • 26 slides
Bitcoin &amp; RAFT Distributed Systems Nikita Borisov Topics for Today Finish Bitcoin

Bitcoin &amp; RAFT Distributed Systems Nikita Borisov Topics for Today Finish Bitcoin

Bitcoin &amp; RAFT Distributed Systems Nikita Borisov Topics for Today Finish Bitcoin Broadcast mechanism Overview of MP2 Raft consensus Bitcoin broadcast Need to broadcast: Transactions to all nodes, so they can be

453 views • 33 slides
All about mining Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store

All about mining Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store

Lecture 4 All about mining Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store and broadcast the block chain Validate new transactions Vote (by hash power) on consensus Who are the miners? Lecture 4.1: The

1.16k views • 99 slides
Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous =

Anonymity in Bitcoin Tumbler/Mixer Oct 9, 2019 Anonymity and Pseudonymity anonymous = Nameless, unidentifiable pseudonymous = Fake name, still traceable Tracing Bitcoin transactions Normal redeem script: Provide public key pk and proof

438 views • 33 slides
Mining, network, economics Joseph Bonneau Recap: Bitcoin miners

Mining, network, economics Joseph Bonneau Recap: Bitcoin miners

Lecture 2 Mining, network, economics Joseph Bonneau Recap: Bitcoin miners Bitcoin depends on miners to: Store and broadcast the block chain Validate new transactions Vote (by hash

1.1k views • 98 slides
Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim

Bitcoin vs. Bitcoin Cash: Coexistence or Downfall of Bitcoin Cash? Yujin Kwon* , Hyoungshick Kim , Jinwoo Shin*, Yongdae Kim* *KAIST, Sungkyunkwan University 1 Governance conflict The number of Bitcoin transaction per month Bad scala bility

731 views • 46 slides
Bitcoin II &amp; Introduction to Elliptic Curve Cryptography Sep. 11, 2019 Overview

Bitcoin II &amp; Introduction to Elliptic Curve Cryptography Sep. 11, 2019 Overview

Bitcoin II &amp; Introduction to Elliptic Curve Cryptography Sep. 11, 2019 Overview Bitcoin Transactions Elliptic Curve Cryptography Introduction Arithmetics Signature Bitcoin, the protocol A blockchain Each

992 views • 52 slides
ethercattle Documentation Release 0.0.0 Austin Roberts Sep 20, 2018 CONTENTS: 1 Introduction

ethercattle Documentation Release 0.0.0 Austin Roberts Sep 20, 2018 CONTENTS: 1 Introduction

ethercattle Documentation Release 0.0.0 Austin Roberts Sep 20, 2018 CONTENTS: 1 Introduction 1 1.1 Publicly Hosted Ethereum RPC Nodes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 Design Goals 3 2.1 Health

375 views • 20 slides
Shipperless &amp; Unregistered Workgroup Monday 1st December 2014 Agenda Introduction

Shipperless &amp; Unregistered Workgroup Monday 1st December 2014 Agenda Introduction

Shipperless &amp; Unregistered Workgroup Monday 1st December 2014 Agenda Introduction Previous Actions Update on Mod 431 Statistical Information Update on S&amp;U Reports MPRN Creation GDN Response to Ofgems Open

658 views • 38 slides
Distributed Object Technologies Lecture 8 Chapter 4: Inter-process Communications 95-702

Distributed Object Technologies Lecture 8 Chapter 4: Inter-process Communications 95-702

Organizational Communications and Distributed Object Technologies Lecture 8 Chapter 4: Inter-process Communications 95-702 Distributed Systems Information 1 System Management Middleware layers Applications, services RMI and RPC Middleware

659 views • 49 slides
Computer Architecture Education Safwat Zaky Edward S. Rogers Sr. Department of Electrical and

Computer Architecture Education Safwat Zaky Edward S. Rogers Sr. Department of Electrical and

Computer Organization and Computer Architecture Education Safwat Zaky Edward S. Rogers Sr. Department of Electrical and Computer Engineering University of Toronto NAS 2011 July 28-30, 2011 A long and Fascinating Journey 1946: INIAC

1.12k views • 49 slides
Customer Challenge Group (CCG) Chairs meeting Jon Ashley, Chair Ofwat, Centre City Tower,

Customer Challenge Group (CCG) Chairs meeting Jon Ashley, Chair Ofwat, Centre City Tower,

Customer Challenge Group (CCG) Chairs meeting Jon Ashley, Chair Ofwat, Centre City Tower, Birmingham 8 November 2017 Trust in water 1 Agenda Time Agenda item Presenter 10.30 Welcome and introductions Jon Ashley Jon Ashley 10.35 CCG

485 views • 45 slides
A Transport Protocol for Multimedia Wireless Sensor Networks Duarte Meneses, Antnio Grilo, Paulo

A Transport Protocol for Multimedia Wireless Sensor Networks Duarte Meneses, Antnio Grilo, Paulo

technology from seed A Transport Protocol for Multimedia Wireless Sensor Networks Duarte Meneses, Antnio Grilo, Paulo Rogrio Pereira Instituto de Engenharia de Sistemas e Computadores Investigao e Desenvolvimento em Lisboa 1 NGI'2011:

420 views • 13 slides
A training exercise in Cyprus demonstration of services devel- International Assistance and the

A training exercise in Cyprus demonstration of services devel- International Assistance and the

simulated earthquake. The notional of Cyprus and causing major damage GMES Project (Land/Sea Integrated in the headquarters. The German Agency a joint exercise was carried out by the erating from its General Headquarters and mapping equipment.

461 views • 4 slides
Renewable Target (SMART) Program Hosted by Warren Leon, Executive Director, CESA April 12, 2017

Renewable Target (SMART) Program Hosted by Warren Leon, Executive Director, CESA April 12, 2017

RPS Collaborative Webinar The Solar Massachusetts Renewable Target (SMART) Program Hosted by Warren Leon, Executive Director, CESA April 12, 2017 Housekeeping Use the red arrow to open and close your control panel Join audio: Choose

891 views • 48 slides

More recommend