Transaction's contents

[b99999]

Hi, I have a question about a transaction's content.

From https://en.bitcoin.it/wiki/Transactions a transaction will have two important parts:

TxIn: scriptSig
TxOut: scriptPubKey

Now, scriptSig contains a signature and a public key. My first question: this is the recepient's public key, right?

The scriptPubKey has this: OP_DUP OP_HASH160 404371705fa9bd789a2fcd52d2c580b65d35549d
OP_EQUALVERIFY OP_CHECKSIG

Second question: the hash there (4043...) is recepient's address, which is simply SHA256^2(recipient's pub key). Is that correct?

What I don't get is how the signature is checked? How does the client retrieve the sender's public key? Does it has to go and find the previous transaction (from TxIn) to retrieve the sender's public key in order to verify the signature?

[jackjack]

I'm on my mobile right now so I can't answer for about half an hour
Until then if nobody answers you, check the thread of etotheipi where he posted clear images about that

[willphase]

EDIT: was going to reply but jackjack will give a far better answer than I could

Will

[jackjack]

Now, scriptSig contains a signature and a public key. My first question: this is the recepient's public key, right?

To be clear, let's take an example:

You own the address 1Q2GpwLudfcNi9agitQPYa4y1rNZgnrC1d
Yesterday you receive 1BTC: http://blockexplorer.com/tx/4f6f864d3047bf441317fc0f5d1586325c9e740e923c7949cc28333ff74d19df#o1

If you want to use that BTC, for example if you want to send me it, your new transaction will be:
1TxIn: hash=4f6f864d, index=1, scriptSig= Sig + your pubkey(0457d7d7af586aaad529b5770bb43295051e7090e2bc884181d608dae2517c7812b25e326753cbe 0b767f579bbcb5cffe492d22b93f2ff5501074eb9e8f8547c4a)
1TxOut: OP_DUP OP_HASH160 5c3f294acb5059a968c4a35700b5432a7397002b(ie the Hash160 of my pubkey) OP_EQUALVERIFY OP_CHECKSIG

Second question: the hash there (4043...) is recepient's address, which is simply SHA256^2(recipient's pub key). Is that correct?

No, it's ripemd160(sha256(recipient's pubkey))

What I don't get is how the signature is checked? How does the client retrieve the sender's public key?

It retrieves when the recipient claim the coins: in the exemple below, when you sent me the coin you had to put your pubkey in scriptSig

EDIT: was going to reply but jackjack will give a far better answer than I could

Will

Not necessarily, if I missed something please post

[b99999]

To be clear, let's take an example:

You own the address 1Q2GpwLudfcNi9agitQPYa4y1rNZgnrC1d
Yesterday you receive 1BTC: http://blockexplorer.com/tx/4f6f864d3047bf441317fc0f5d1586325c9e740e923c7949cc28333ff74d19df#o1

If you want to use that BTC, for example if you want to send me it, your new transaction will be:
1TxIn: hash=4f6f864d, index=1, scriptSig= Sig + your pubkey(0457d7d7af586aaad529b5770bb43295051e7090e2bc884181d608dae2517c7812b25e326753cbe 0b767f579bbcb5cffe492d22b93f2ff5501074eb9e8f8547c4a)
1TxOut: OP_DUP OP_HASH160 5c3f294acb5059a968c4a35700b5432a7397002b(ie the Hash160 of my pubkey) OP_EQUALVERIFY OP_CHECKSIG


It retrieves when the recipient claim the coins: in the exemple below, when you sent me the coin you had to put your pubkey in scriptSig

Hmm, but how does the OP_EQUALVERIFY work then?

According to https://en.bitcoin.it/wiki/Transactions and what you wrote above on the stack the following gets pushed:

sig mypubkey

Then OP_DUP duplicates mypubkey:

sig mypubkey mypubkey

Then OP_HASH160 does this on mypubkey:

sig mypubkey hash160(mypubkey)

Then hash160(yourpubkey) gets pushed onto stack:

sig mypubkey hash160(mypubkey) hash160(yourpubkey)

And now OP_EQUALVERIFY checks if the last two hashes are the same. They won't be (unless I'm missing something)?
This means that in the TxIn I have to put your pubkey and not mine?

Cheers for answers so far!

[jackjack]

You're making a HUGE error
A script is: the scriptSig of your tx + the scriptPubkey of the tx you spent

In the same example:
The scriptSig of your tx is: Sig + your pubkey
The scriptPubkey of the tx you spent is (according to blockexplorer): OP_DUP OP_HASH160 fc88853163ab2a9646908a82e8a87b6f185c2047 OP_EQUALVERIFY OP_CHECKSIG

I hope ripemd160(sha256('0x0457d7d7af586aaad529b5770bb43295051e7090e2bc884181d608dae2517c7812b25e326753c be0b767f579bbcb5cffe492d22b93f2ff5501074eb9e8f8547c4a'))  =fc88853163ab2a9646908a82e8a87b6f185c2047...


Btw here's the thread I was talking about: https://bitcointalk.org/index.php?topic=29416.0

[b99999]

You're making a HUGE error
A script is: the scriptSig of your tx + the scriptPubkey of the tx you spent

In the same example:
The scriptSig of your tx is: Sig + your pubkey
The scriptPubkey of the tx you spent is (according to blockexplorer): OP_DUP OP_HASH160 fc88853163ab2a9646908a82e8a87b6f185c2047 OP_EQUALVERIFY OP_CHECKSIG

I hope ripemd160(sha256('0x0457d7d7af586aaad529b5770bb43295051e7090e2bc884181d608dae2517c7812b25e326753c be0b767f579bbcb5cffe492d22b93f2ff5501074eb9e8f8547c4a'))  =fc88853163ab2a9646908a82e8a87b6f185c2047...


Btw here's the thread I was talking about: https://bitcointalk.org/index.php?topic=29416.0

Hmm, I'm not sure I understand it completely yet ... Thanks for posting that link, it made some things more clear.

The one thing I don't understand is how the OP_EQUALVERIFY operation passes. This operation just verifies if the last two items on the stack are the same.

Now, the question is - who calls all this? The receiving side? Miners?

When I create a new transaction, I will put in TxIn:

scriptSig:
 - Sig of the whole transaction with my privatekey
 - My pubkey (I don't know anyone else's anyway)

TxOut:
scriptPubKey:
OP_DUP OP_HASH160 <receiver's address> OP_EQUALVERIFY OP_CHECKSIG


Now, who does the verification? From the graph you sent I understand how OP_CHECKSIG works.

What I don't understand is how OP_EQUALVERIFY passes because in the original transaction there is my pubkey and receiver's address.
So OP_DUP and OP_HASH160 will perform this on *my* pubkey so the result will not be the receiver's address??

I hope I'm clear trying to explain what I don't understand, it's the verification process and OP_EQUALVERIFY.

Thanks!

[Edit]
After checking the transaction jackjack posted http://blockexplorer.com/tx/4f6f864d3047bf441317fc0f5d1586325c9e740e923c7949cc28333ff74d19df#o1, it is clear that in the scriptSig is the Sig of the whole transaction and pubkey of the sender (TxIn). Now I don't get how it passes OP_EQUALVERIFY because it has the sender's pubkey in scriptSig and recipients address in scriptPubKey -- this makes sense that it is that way, but I don't see how it passes OP_EQUALVERIFY

[Realpra]

Can someone explain to me quickly the purpose of this line (from the wiki/as above):
"scriptPubKey: OP_DUP OP_HASH160 404371705fa9bd789a2fcd52d2c580b65d35549d"

I can probably figure out the syntax on my own, but what does it DO and WHY?

EC-pupkey-crypto is already used to sign the sha256 hash of the tx, so why this 3rd algo?

[Zanetti]

You're making a HUGE error
A script is: the scriptSig of your tx + the scriptPubkey of the tx you spent

In the same example:
The scriptSig of your tx is: Sig + your pubkey
The scriptPubkey of the tx you spent is (according to blockexplorer): OP_DUP OP_HASH160 fc88853163ab2a9646908a82e8a87b6f185c2047 OP_EQUALVERIFY OP_CHECKSIG

I hope ripemd160(sha256('0x0457d7d7af586aaad529b5770bb43295051e7090e2bc884181d608dae2517c7812b25e326753c be0b767f579bbcb5cffe492d22b93f2ff5501074eb9e8f8547c4a'))  =fc88853163ab2a9646908a82e8a87b6f185c2047...


Btw here's the thread I was talking about: https://bitcointalk.org/index.php?topic=29416.0

Sorry but I don't understand that. You say that if you take the public key of the scriptSig and hash it, you have the same hash that the receiver's public key (is this the hash where is located in ScriptPbKey no?)hash?

This is my question, because the process of the scriptPubKey I don't understand. I'm looking in many websites and forums but I can't understand it.

Please I need an answer for that question.

Thank You.

[jackjack]

Nice necroing

This is pretty simple actually, look at that link, under "Transfer to Bitcoin address"

When you create a transaction, Bitcoin checks if you can spend the transaction you're using as the income
It takes the scriptPubkey of the incoming tx and the scriptSig of the new one, which gives:
<sig> <pubKey that wants to spend the tx> | OP_DUP OP_HASH160 <pubKeyHash target of incoming tx> OP_EQUALVERIFY OP_CHECKSIG (sig + pubkey from scriptSig, and the others things from the scriptPubkey)
To see how that is processed, look at the table in the link

[Zanetti]

Thanks jackjack