Bitcoin Forum

There is scriptSig and scriptPubKey. And when you provide scriptPubKey — you provide your public key and some opcodes are added. But when you provide scriptSig — what do you sign? What data you sign when spending your bitcoins: all data for the locked output or all data in new input? Just a little confused about the principle of the algorithm and how it works technically

I generally recommend Learnmeabitcoin (https://learnmeabitcoin.com/technical/scriptPubKey) as a resource for introduction to more technical topics.

In the article I linked to, they explain how scriptPubKey is the locking script.
There are different possible script types, but the most common nowadays is P2PKH. It can be unlocked by providing the original public key and correct signature (this tuple is the scriptSig).


In short: The 'opcodes added' duplicate the public key, perform the hash160. The result lies on the stack. Then, the script pushes the (hardcoded into the transaction) public key hash to the stack and verify that these 2 public key hashes match. Finally, the signature is matched against the public key.

More information about P2PKH here (https://learnmeabitcoin.com/technical/p2pkh).

As you asked: 'What do you sign?' -- you sign the whole transaction.
More about transactions here (https://en.bitcoin.it/wiki/Transaction).

Technically you sign the modified transaction (eg. replacing all signature scripts with empty except the input being signed that is replaced by a modified spending script) and how much of it you sign depends on the SigHashType that is used in the signature (ALL/SINGLE/NONE+ANYONECANPAY).

I wrote it in 2019 so it's not up-to-date with taproot & co, but maybe it can someway help you, as far as you are starting from the bases:
https://github.com/baro77/btcUnlockingLockingScriptCS