The load to lightning - 1. Transaction

Transcript

1. The load to lightning - 1. Transaction - AtsukiTak

2. 1.1. Transaction Structure Transaction Structure Basis version u32 The protocol

   version number of this transaction, should always be 0. lock_time u32 The earliest time this transaction can be added the block chain. inputs Array of TxIn Array of transactions inputs. outputs Array of TxOut Array of transaction outputs.

3. version u32 lock_time u32 inputs Array of TxIn outputs Array

   of TxOut TxOut value u64 The value of the output, in satoshis. script_pubkey
 (a.k.a. lock_script) Script The script which must satisfy for the output to be spent. 1.1. Transaction Structure Transaction Structure

4. version u32 lock_time u32 inputs Array of TxIn outputs Array

   of TxOut Transaction Structure TxIn prev_hash u256 The hash of the transaction whose output is being used as an input. prev_index u32 The index of the output int the previous transaction. script_sig
 (a.k.a. unlock_script) Script The script being used to unlock script_pubkey of previous transaction. sequence u32 The sequence number which was used but not currently. 1.1. Transaction Structure

5. Operation examples Data examples •OP_1 •OP_PUSHBYTES_1 •OP_CHECKSIG •OP_RETURN •Public key

   •Signature •Arbitrary bytes data 1.1. Transaction Structure Script structure Array of Operation or Data. Encoded into hex string.

6. Script examples ɾOP_DUP OP_HASH160 OP_PUSHBYTES_20 <PubkeyHash> OP_EQUALVERIFY OP_CHECKSIG ɾOP_PUSHBYTES_72 <Signature>

   OP_PUSHBYTES_33 <Pubkey> 1.1. Transaction Structure ɾ0x48 <0xCA 0x32 …> 0x21 <0x42 0xCF …> encoded into Script structure Array of Operation or Data. Encoded into hex string.

7. 1.2. Transaction Verification OP_CHECKSIG <Signature> <Pubkey> OP_CHECKSIG ɾHow it works

   ɾ1 if signature is valid ɾ0 if signature is invalid ɾQuestion ɾHow to verify the signature? ɾHow is the structure of “signature”?
 ɾSignature for what?

8. 1.2. Transaction Verification Generic Signature Functions bool is_signature_valid( signature, message,

   public_key ) Signature sign_to_message( message, private_key ) The signature could be calculated from the message and the private_key. In other words, we sign to the message using the private_key. We can verify the signature to the message using the public_key.
 Note that we don’t need the private_key to verify. -> What is the message in OP_CHECKSIG process? Bitcoin uses ECDSA signature algorithm but basic architecture is same.

9. 1.2. Transaction Verification The message in OP_CHECKSIG process is chosen

   by signer from below ɾAll TxIn and all TxOut ɾAll TxIn (but not TxOut) ɾAll TxIn and the single TxOut ɾThis TxIn and all TxOut ɾThis TxIn (but not TxOut) ɾThis TxIn and the single TxOut * Remember that OP_CHECKSIG is used in script_sig in TxIn. (which has same index with this TxIn) -> Anyone can change TxOuts without changing the signature. -> Anyone can change TxIns without changing the signature.

10. 1.2. Transaction Verification The various options for what to sign

    are called SIGHASH types. There are three base SIGHASH types and one applicable type. SIGHASH_ALL SIGHASH_NONE SIGHASH_SINGLE SIGHASH_ALL + SIGHASH_ANYONECANPAY ɾAll TxIn and all TxOut ɾAll TxIn (but not TxOut) ɾAll TxIn and the single TxOut ɾThis TxIn and all TxOut ɾThis TxIn (but not TxOut) ɾThis TxIn and the single TxOut SIGHASH_NONE + SIGHASH_ANYONECANPAY SIGHASH_SINGLE + SIGHASH_ANYONECANPAY

11. 1.2. Transaction Verification Q, How to specify SIGHASH types? A,

    SIGHASH type is specified in signature structure. Bitcoin transaction’s signature = ECDSA signature + SIGHASH flag 304402206e3729f021476102a06ea453cea0a26cb9c096cca641efc4229c1111ed3a9
 6fd022037dce1456a93f53d3e868c789b1b750a48a4c1110cd5b7049779b5f4f3c8b62001 = 304402206e3729f021476102a06ea453cea0a26cb9c096cca641efc4229c1111ed3a9
 6fd022037dce1456a93f53d3e868c789b1b750a48a4c1110cd5b7049779b5f4f3c8b620 01 (SIGHASH_ALL) +