Bitcoin Forum
January 20, 2020, 08:31:07 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Is the OP_RETURN for contracts and smart properties?  (Read 3383 times)
mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 24, 2014, 10:39:58 AM
Last edit: July 24, 2014, 10:37:30 PM by mtomcdev
 #1

There are lots of hypes around Ethereum's smart contracts, but I read somewhere that it is already possible to create contract using bitcoin's OP_RETURN. I am very inexperienced in this field and I was just wondering is it possible to implement contracts and smart properties with the OP_RETURN 40 bytes in the transaction? Is there any sample applications or white papers that describe such use case? If not, do you think would it be a good idea to put together a UML based design document that describes how contracts and smart properties work using OP_RETURN 40 bytes field? I would be happy to start working on a UML document if the experienced members of the community think it is a good idea, and more importantly if I could get some help or pointers because I have no idea how OP_RETURN works.
1579552267
Hero Member
*
Offline Offline

Posts: 1579552267

View Profile Personal Message (Offline)

Ignore
1579552267
Reply with quote  #2

1579552267
Report to moderator
1579552267
Hero Member
*
Offline Offline

Posts: 1579552267

View Profile Personal Message (Offline)

Ignore
1579552267
Reply with quote  #2

1579552267
Report to moderator
1579552267
Hero Member
*
Offline Offline

Posts: 1579552267

View Profile Personal Message (Offline)

Ignore
1579552267
Reply with quote  #2

1579552267
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
altcoinUK
Hero Member
*****
Offline Offline

Activity: 784
Merit: 1000


View Profile
July 24, 2014, 11:44:54 AM
 #2

There are lot of hype around Ethereum's smart contracts, but I read somewhere that it is already possible to create contract using bitcoin's OP_RETURN. I am very inexperienced in this field and I was just wondering is it possible to implement contracts and smart properties with the OP_RETURN 40 bytes in the transaction? Is there any sample applications or white papers that describe such use case? If not, do you think would it be a good idea to put together a UML based design document that describes how contracts and smart properties work using OP_RETURN 40 bytes field? I would be happy to start working on a UML document if the experienced members of the community think it is a good idea, and more importantly if I could get some help or pointers because I have no idea how OP_RETURN works.

I am happy to help you with the UML document. I think lots of IT and software literate people will find that such docs are very useful. The problem is I don't know either how OP_RETURN works LoL

I am checking the source code and will try to post a UML sequence diagram that describes the operation.
oleganza
Full Member
***
Offline Offline

Activity: 200
Merit: 100


Software design and user experience.


View Profile WWW
July 24, 2014, 02:45:13 PM
 #3

Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts


Bitcoin analytics: blog.oleganza.com / 1TipsuQ7CSqfQsjA9KU5jarSB1AnrVLLo
mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 24, 2014, 09:26:46 PM
 #4

Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts



Thanks for your help!

I have gone through a few times on the wiki page that you have pointed out before I posted here, it is very interesting material, but there is not much there that would help implement the actual solution. At least I couldn't find it in the wiki article.

The transaction_tests.cpp test_IsStandard test gives me some idea how to create an OP_RETURN  output, I guess this is how to create the transaction
// 40-byte TX_NULL_DATA (standard)
t.vout[0].scriptPubKey = CScript() << OP_RETURN << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef3 8");

To experiment with OP_RETURN output do I need to create a new app based on the bitcoin source  by putting my own code to create the transaction or is it possible to create an OP_RETURN output using the bitcoind app?

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1006


Gerald Davis


View Profile
July 24, 2014, 09:54:08 PM
 #5

To create OP_RETURN outputs in bitcoind you need to create rawtransactions.  Remember you can lose money using raw transactions.  Always test on testnet first.
mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 24, 2014, 10:16:12 PM
 #6

To create OP_RETURN outputs in bitcoind you need to create rawtransactions.  Remember you can lose money using raw transactions.  Always test on testnet first.

Thanks!

I was going to use testnet for that and I have been checking the wiki at https://en.bitcoin.it/wiki/Raw_Transactions but could not find there how to use bitcoind. However I found this tutorial, do you think this is a good starting point to perform a raw transaction?


[online]$ bitcoind sendtoaddress n1gqLjZbRH1biT5o4qiVMiNig8wcCPQeB9 50
a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c
Now, grab the transaction that was paying it. We'll need the txid, and the
scriptpubkey paying our offline wallet.
[online]$ bitcoind getrawtransaction a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c 1
{
    "hex" : "0100000001344630cbff61fbc362f7e1ff2f11a344c29326e4ee96e787dc0d4e5cc02fd06900000 0004a493046022100ef89701f460e8660c80808a162bbf2d676f40a331a243592c36d6bd1f81d6b df022100d29c072f1b18e59caba6e1f0b8cadeb373fd33a25feded746832ec179880c23901fffff fff0100f2052a010000001976a914dd40dedd8f7e37466624c4dacc6362d8e7be23dd88ac000000 00",
    "txid" : "a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c",
    "version" : 1,
    "locktime" : 0,
    "vin" : [
        {
            "txid" : "69d02fc05c4e0ddc87e796eee42693c244a3112fffe1f762c3fb61ffcb304634",
            "vout" : 0,
            "scriptSig" : {
                "asm" : "3046022100ef89701f460e8660c80808a162bbf2d676f40a331a243592c36d6bd1f81d6bdf02210 0d29c072f1b18e59caba6e1f0b8cadeb373fd33a25feded746832ec179880c23901",
                "hex" : "493046022100ef89701f460e8660c80808a162bbf2d676f40a331a243592c36d6bd1f81d6bdf022 100d29c072f1b18e59caba6e1f0b8cadeb373fd33a25feded746832ec179880c23901"
            },
            "sequence" : 4294967295
        }
    ],
    "vout" : [
        {
            "value" : 50.00000000,
            "n" : 0,
            "scriptPubKey" : {
                "asm" : "OP_DUP OP_HASH160 dd40dedd8f7e37466624c4dacc6362d8e7be23dd OP_EQUALVERIFY OP_CHECKSIG",
                "hex" : "76a914dd40dedd8f7e37466624c4dacc6362d8e7be23dd88ac",
                "reqSigs" : 1,
                "type" : "pubkeyhash",
                "addresses" : [
                    "n1gqLjZbRH1biT5o4qiVMiNig8wcCPQeB9"
                ]
            }
        }
    ]
}
And lets get an address to return those coins to:
[online]$ bitcoind getnewaddress
mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT
Now, from our online node we're going to draft the transaction to
return the coin from the offline wallet to the online one:
[online]$ bitcoind createrawtransaction '[{"txid":"a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c","vout":0}]' '{"mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT":50}'
01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 00000ffffffff0100f2052a010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc71 88ac00000000
One the offline wallet we decode the transaction to validate that its doing
what we expect. Note: Since we don't have the input transaction we don't
know the input value and this txn could be paying a ton of change out
to fees.
[offline]$ bitcoind decoderawtransaction 01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 00000ffffffff0100f2052a010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc71 88ac00000000
{
    "txid" : "d9f33ed2740eef77e40e72b692c4cf1feb6ab10d8adaaf27eb394fa5064b1160",
    "version" : 1,
    "locktime" : 0,
    "vin" : [
        {
            "txid" : "a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c",
            "vout" : 0,
            "scriptSig" : {
                "asm" : "",
                "hex" : ""
            },
            "sequence" : 4294967295
        }
    ],
    "vout" : [
        {
            "value" : 50.00000000,
            "n" : 0,
            "scriptPubKey" : {
                "asm" : "OP_DUP OP_HASH160 3744841e13b90b4aca16fe793a7f88da3a23cc71 OP_EQUALVERIFY OP_CHECKSIG",
                "hex" : "76a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac",
                "reqSigs" : 1,
                "type" : "pubkeyhash",
                "addresses" : [
                    "mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT"
                ]
            }
        }
    ]
}
If we're happy, we'll sign. We need to provide the scriptpubkey of the
inputs we're signing so our offline wallet knows which of its keys
to use.
[offline]$ bitcoind signrawtransaction 01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 00000ffffffff0100f2052a010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc71 88ac00000000 '[{"txid":"a9d4599e15b53f3eb531608ddb31f48c695c3d0b3538a6bda871e8b34f2f430c","vout":0,"scriptPubKey":"76a914dd40dedd8f7e37466624c4dacc6362d8e7be23dd88ac"}]'
{
    "hex" : "01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000",
    "complete" : true
}
Then we'll carry the transaction over to the online wallet and
announce it:
[online]$ bitcoind sendrawtransaction 01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000
7822dda72d9bf421d2f3eedc678bf58c6e4c10cdd047b9e137559ad384933ef5
And we can see the online wallet has been paid:
[online]$ bitcoind listtransactions "" 1
[
    {
        "account" : "",
        "address" : "mkZBYBiq6DNoQEKakpMJegyDbw2YiNQnHT",
        "category" : "receive",
        "amount" : 50.00000000,
        "confirmations" : 0,
        "txid" : "7822dda72d9bf421d2f3eedc678bf58c6e4c10cdd047b9e137559ad384933ef5",
        "time" : 1344221517
    }
]


If that's the way to do the raw transaction then at which point should I include the OP_RETURN output and what would be the syntax to do that?







mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 24, 2014, 11:30:26 PM
 #7

I also found this topic at https://bitcointalk.org/index.php?topic=453086.new#new, it helps a lot to understand how to create a raw transaction with OP_RETURN.
kolinko
Full Member
***
Offline Offline

Activity: 518
Merit: 101



View Profile
July 25, 2014, 07:13:45 AM
 #8

Speaking of smart contracts - you might want to read a bit about oracles as well - https://github.com/orisi/wiki/wiki/Orisi-White-Paper . Right now our oracles don't use OP_RETURN, but they will..

There's also:
https://bitcoin.stackexchange.com/questions/tagged/contracts
https://en.bitcoin.it/wiki/Contracts

Not about OP_RETURN per se, but closely related to it Smiley
Envrin
Sr. Member
****
Offline Offline

Activity: 318
Merit: 250



View Profile
July 25, 2014, 11:00:28 AM
 #9


No, you can't create OP_RETURN transactions with bitcoind.  You'll need to create the raw transactions from scratch yourself.  From your example above, here's a raw transaction in hex format:

----------------------------
01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000
----------------------------

To use OP_RETURN, you need to recreate the above, but by hand without using bitcoind or anything.  Here's a couple links to get you going:

http://bitcoin.stackexchange.com/questions/3374/how-to-redeem-a-basic-tx

https://en.bitcoin.it/wiki/Protocol_specification#tx



mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 25, 2014, 02:58:04 PM
 #10

Speaking of smart contracts - you might want to read a bit about oracles as well - https://github.com/orisi/wiki/wiki/Orisi-White-Paper . Right now our oracles don't use OP_RETURN, but they will..

There's also:
https://bitcoin.stackexchange.com/questions/tagged/contracts
https://en.bitcoin.it/wiki/Contracts

Not about OP_RETURN per se, but closely related to it Smiley

That's a very interesting concept and solution. I will contact you with questions once I read the material.
mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 25, 2014, 03:04:55 PM
 #11


No, you can't create OP_RETURN transactions with bitcoind.  You'll need to create the raw transactions from scratch yourself.  From your example above, here's a raw transaction in hex format:

----------------------------
01000000010c432f4fb3e871a8bda638350b3d5c698cf431db8d6031b53e3fb5159e59d4a900000 0006b48304502201123d735229382f75496e84ae5831871796ef78726805adc2c6edd36d23e7210 022100faceab822a4943309c4b6b61240ae3a9e18ed90a75117c5dc4bfd8f7e17a21d301210367c e0a1c3b3e84cece6dad1a181d989d8e490b84f5431a1f778a88b284c935e6ffffffff0100f2052a 010000001976a9143744841e13b90b4aca16fe793a7f88da3a23cc7188ac00000000
----------------------------

To use OP_RETURN, you need to recreate the above, but by hand without using bitcoind or anything.  Here's a couple links to get you going:

http://bitcoin.stackexchange.com/questions/3374/how-to-redeem-a-basic-tx

https://en.bitcoin.it/wiki/Protocol_specification#tx




Thanks for pointing that out, that saved me time to not try something that doesn't make sense.
Once I have the OP_RETURN output transaction constructed like the one at this web site OP_RETURN https://bitcointalk.org/index.php?topic=453086.new#new which transaction is

01000000015d475fab463fee15d6d32b33151748cbc4eb7c8f06166f50ad77224ddc07bbc800000 0006b483045022100fd8c5227976363b79c6c2c72592e98148090ca26d89707f60dfaa19d5c5951 9f02207a34c47f2a55b9513d152520dd035fb9842d689c0c3350f4c0145e827e61604d01210391b 373843e77f5ac1f05db4afb5151190e67cfee5a48f7925d71da7c5e919422ffffffff0100000000 000000004e6a4c4b6f64617920697320466562203232203230313420616e6420746869732069732 06465785820402062697477617463682e636f2e2043686565727320616e64207374617920666c75 6666792100000000

then I would have to use bitcoind to perfotm the sign and send the transaction using signrawtransaction and sendrawtransaction respectively. Is that correct?


Envrin
Sr. Member
****
Offline Offline

Activity: 318
Merit: 250



View Profile
July 25, 2014, 03:22:55 PM
 #12

then I would have to use bitcoind to perfotm the sign and send the transaction using signrawtransaction and sendrawtransaction respectively. Is that correct?

You got 'er!  You don't necessarily need to use bitcoind to sign & send the transactions, but all considering, probably easiest to do that.  Just create the raw transaction by hand, which actually isn't very difficult once the get the hang of the format.  From there, fire it off to the bitcoind RPC API to sign & send it.

Actually, I'm not sure...  will bitcoind sign OP_RETURN transactions?  There's a chance it may throw an error saying the transaction is non-canonical.  If that happens, you're stuck signing your own transactions.  The StackExchange link above explains how, but it's a bit of a pain.  Just Google around and there's lots of blogs & code examples out there in all languages showing how to do it.  Creating transactions is easy, signing them is a bit of a pain though.  If you read through the blogs from others who've already jumped the hurdle, when it comes to signing transactions, you don't hear any of them saying, "geez, that was easy".

mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 25, 2014, 03:43:27 PM
 #13

then I would have to use bitcoind to perfotm the sign and send the transaction using signrawtransaction and sendrawtransaction respectively. Is that correct?

You got 'er!  You don't necessarily need to use bitcoind to sign & send the transactions, but all considering, probably easiest to do that.  Just create the raw transaction by hand, which actually isn't very difficult once the get the hang of the format.  From there, fire it off to the bitcoind RPC API to sign & send it.

Actually, I'm not sure...  will bitcoind sign OP_RETURN transactions?  There's a chance it may throw an error saying the transaction is non-canonical.  If that happens, you're stuck signing your own transactions.  The StackExchange link above explains how, but it's a bit of a pain.  Just Google around and there's lots of blogs & code examples out there in all languages showing how to do it.  Creating transactions is easy, signing them is a bit of a pain though.  If you read through the blogs from others who've already jumped the hurdle, when it comes to signing transactions, you don't hear any of them saying, "geez, that was easy".



Thanks Envrin, I really appreciate your help! I will have to do more reading, researching and digging in the relevant blogs, but thanks for your help I start to understand how to use the OP_RETURN  output. I plan to build a smart contract handler app top on the BTC blockchain so I think it is absolutely necessary that I be familiar with the concept.

I was just wondering without understanding the complexity of such change, wouldn't make sense that the experienced bitcoin core developers would build the OP_RETURN output transaction handling (include the create) into the bitcoind app? I think there is a real need for smart contracts/properties no wonder Ethereum is getting such an attention, there are a lots of developers like myself that would prefer to use bitcoin instead of the untested and who knows when available Ethereum so such functionality would be quite useful.
Sangfroid
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
July 25, 2014, 11:11:18 PM
 #14

Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts



Thanks for your help!

I have gone through a few times on the wiki page that you have pointed out before I posted here, it is very interesting material, but there is not much there that would help implement the actual solution. At least I couldn't find it in the wiki article.

The transaction_tests.cpp test_IsStandard test gives me some idea how to create an OP_RETURN  output, I guess this is how to create the transaction
// 40-byte TX_NULL_DATA (standard)
t.vout[0].scriptPubKey = CScript() << OP_RETURN << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef3 8");

To experiment with OP_RETURN output do I need to create a new app based on the bitcoin source  by putting my own code to create the transaction or is it possible to create an OP_RETURN output using the bitcoind app?



Proof of existence is a pretty slick new service that automates OP_RETURN transactions for you.

http://www.proofofexistence.com/about
mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 26, 2014, 10:59:16 AM
 #15

Standard OP_RETURN output is for attaching arbitrary data (e.g. a hash of some document). How do you use it - it's your problem. But you are encouraged to add this data as OP_RETURN output instead of, say, a 1 satoshi fake address output. This way the index of unspent outputs will not be cluttered with provably unspent outputs (my opinion: that does not matter, UTXO will grow huge anyway; we need other ways to optimize it).

For smart contracts there is an entire scripting language built-in. And there are some wiki pages on how you can build cool contracts with it: https://en.bitcoin.it/wiki/Contracts



Thanks for your help!

I have gone through a few times on the wiki page that you have pointed out before I posted here, it is very interesting material, but there is not much there that would help implement the actual solution. At least I couldn't find it in the wiki article.

The transaction_tests.cpp test_IsStandard test gives me some idea how to create an OP_RETURN  output, I guess this is how to create the transaction
// 40-byte TX_NULL_DATA (standard)
t.vout[0].scriptPubKey = CScript() << OP_RETURN << ParseHex("04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef3 8");

To experiment with OP_RETURN output do I need to create a new app based on the bitcoin source  by putting my own code to create the transaction or is it possible to create an OP_RETURN output using the bitcoind app?



Proof of existence is a pretty slick new service that automates OP_RETURN transactions for you.

http://www.proofofexistence.com/about

Thanks for the info. That's a really good and smart service that utilizes the OP_RETURN output. As the description of the service says that could be very useful in IP ownership disputes. The source there helps me to understand better how OP_RETURN output works.
mtomcdev
Sr. Member
****
Offline Offline

Activity: 310
Merit: 250


View Profile
July 28, 2014, 01:55:10 PM
 #16

Actually it is relatively easy, but definitely not impossible to use the OP_RETURN output. Thanks again for the help!
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!