Mastering Bitcoin

At the level of the Bitcoin protocol, there is no difference between a change output (and the address it pays, called a change address) and a payment output. Importantly, the change address does not have to be the same address as that of the input and, for privacy reasons, is often a new address from the owner’s wallet. In ideal circumstances, the

Tapscript Taproot enables MAST but only with a slightly different version of the Bitcoin Script language than previously used, the new version being called tapscript. The major differences include: Scripted multisignature changes The old OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY opcodes are removed. Those opcodes don’t combine well with one of th

Note that BIP39 is one implementation of a recovery code standard. BIP39 was proposed by the company behind the Trezor hardware wallet and is compatible with many other wallets applications, although certainly not all.

Figure 7-1 is an example of the output and input scripts for the most common type of legacy Bitcoin transaction (a payment to a public key hash), showing the combined script resulting from the concatenation of the scripts prior to validation. Figure 7-1.…

Some highlights have been hidden or truncated due to export limits.

The Bitcoin transaction script language is stateless, in that there is no state prior to execution of the script or state saved after execution of the script. All the information needed to execute a script is contained within the script and the transaction executing the script. A script will predictably execute the same way on any system. If your s

Redeem Script and Validation You are not able to put a P2SH inside a P2SH redeem script because the P2SH specification is not recursive. Also, while it is technically possible to include OP_RETURN (see “Data Recording Output (OP_RETURN)”) in a redeem script, as nothing in the rules prevents you from doing so, it is of no practical use because execu

Transactions are added to the new block, prioritized by the highest fee rate transactions first and a few other criteria. Each miner starts the process of mining a new candidate block of transactions as soon as they receive the previous block from the network, knowing that some other miner won that iteration of the lottery. They immediately create

The general form of an output script setting a t-of-k multisignature condition is: t <Public Key 1> <Public Key 2> ... k OP_CHECKMULTISIG where k is the total number of listed public keys and t is the threshold of required signatures to spend the output. An output script setting a 2-of-3 multisignature condition looks like this: 2 3 OP_

Your keys, your coins. Not your keys, not your coins.

Different approaches to tracking previous outputs have been tried by different full node implementations at various times. Bitcoin Core currently uses the solution believed to be most effective at retaining all necessary information while minimizing disk space: it keeps a database that stores every UTXO and essential metadata about it (like its con