Lock and Unlock
What are locking and unlocking script in a standard P2PKH transaction? How funds can be moved on the blockchain from an owner to another and what this really means.
First of all. Bitcoin addresses (for example the standard ones, which starts with 1) are double hashes of public key. So when you are sending an amount of bitcoin to an address, your wallet is creating a transaction on background and this transaction will have a special script. For example if i want to send bitcoin to the address 1XXX belonging to Bob, my wallet will create a transaction with an output with a locking script in it.
What is the locking script (scriptPubKey) ?
The locking script is a script in bitcoin scripting language which says: check that whoever wants to redeem this amount of bitcoin presents: 1) a public key that when double hashed matches the address i am going to send money to AND 2) a signature that can be validated against the public key which has been just double hashed. This is a Pay To Public Key Hash script (P2PKH).
The transaction it’s like to say: i am locking this amount of bitcoin to a P2PKH address locking script that would match this address. Therefore money will be locked against that script. if the recipient (the person who owns that address) wants to spend such an amount, he has to present an unlocking script that combined with the locking script, unlocks the amount (execution will return TRUE).
For the above mentioned reasons a transaction can be seen as a collection of inputs and outputs. Inputs refer to previously created UTXOs (in previous transactions), while outputs generate new ones. Therefore, when creating a transaction each input spends an UTXO and each outputs creates a new one.
The unlocking script (scriptSig or witness) is built by the public key he owns + the signature he can generate with his private key. Only one has the private key can therefore produce the correct unlocking script.
Together the locking and unlocking script allow to “send” money to someone who can show ownership of that bitcoin address. And the person who owns the corresponding private key is the only person who can construct the unlocking script that fits that locking script in order to release that money in their own transaction to pay someone else.
the simplest transaction is composed by just one input and one output and looks like:
- one input: unlock this amount
- one output: lock it to a different script
In reality bitcoin is never moved, never goes anywhere. Bitcoin is just locked and unlocked. The only change that we achieve when we make a transaction is who can spend that amount.
All transactions are validated by all bitcoin validating nodes, by the execution of locking and unlocking scripts together. Infact each input contains an unlocking script and refers to an existing UTXO. What will the node do then, for validation purposes?
- copy the unlocking script from transaction input
- retrieve the utxo referenced by the input
- copy the locking script in that utxo
- execute in sequence the unlocking and locking script
if all above matches, the input is validated and that utxo can be spent and therefore locked into the transaction. Only a valid transaction that satisfies the locking script conditions results in the output to be considered spent and so removed from the utxo set.
The script as a stack
We spoke about bitcoin scripting language. This scriping language is often referred as a stack, which can allow two operations: push which adds items on top of the stack and pull which removes items from the top. Operations are executed only on the top of the stack. If the final result of the script is TRUE, then the transaction will be valid.
Let’s imagine a payment from Alice to Bob (meaning a payment to a P2PKH address of Bob). Alice must create a transaction output where the locking script looks like:
OP_DUP OP_HASH160 <BOB pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
this script can be satisfied by BOB with an unlocking script of this form:
<BOB sig> <BOB pubKey>
so the validation would concatenate unlocking and locking script together (after a change in 2010 those script are executed separately but in sequence and the stack transferred between the two executions):
<BOB sig> <BOB pubKey> OP_DUP OP_HASH160 <BOB pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
this must finally return TRUE for the validation to be successful. This validation occurrs when Bob would use that output to create a new transaction to someone else and therefore unlock the funds for being spent.
bitcoin is never moved. is just locked and unlocked. the only change is who can spend that amount.
Follow us on social network to be updated about the last security and privacy tips.
Subscribe free resources
We provide many resources for free. To all our subscribers, free eBooks, howtos, tutorials and much more.
PREMIUM SECURITY & PRIVACY SERVICES
If you think that everything using a blockchain is decentralized, you are incurring a big mistake. While in bitcoin there is no way to recover funds...
The new electrum 4 is very different from the previous. The interface has changed and the features as well. This version infact supports also...
Protecting privacy is an increasingly important requirement in bitcoin. It is also important for holders of small quantities of bitcoins for example...