book

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

November 2023

Beginner

402 pages

11h 51m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Includes Quizzes

Writing the Bitcoin BookIntended AudienceWhy Are There Bugs on the Cover?Conventions Used in This BookCode ExamplesUsing Code ExamplesChanges Since the Previous EditionBitcoin Addresses and Transactions in This BookO’Reilly Online LearningHow to Contact UsContacting the AuthorsAcknowledgments for the First and Second EditionsAcknowledgments for the Third EditionEarly Release Draft (GitHub Contributions)
History of BitcoinGetting StartedChoosing a Bitcoin WalletQuick StartRecovery CodesBitcoin AddressesReceiving BitcoinGetting Your First BitcoinFinding the Current Price of BitcoinSending and Receiving Bitcoin
Bitcoin OverviewBuying from an Online StoreBitcoin TransactionsTransaction Inputs and OutputsTransaction ChainsMaking ChangeCoin SelectionCommon Transaction FormsConstructing a TransactionGetting the Right InputsCreating the OutputsAdding the Transaction to the BlockchainBitcoin MiningSpending the Transaction
From Bitcoin to Bitcoin CoreBitcoin Development EnvironmentCompiling Bitcoin Core from the Source CodeSelecting a Bitcoin Core ReleaseConfiguring the Bitcoin Core BuildBuilding the Bitcoin Core ExecutablesRunning a Bitcoin Core NodeConfiguring the Bitcoin Core NodeBitcoin Core APIGetting Information on Bitcoin Core’s StatusExploring and Decoding TransactionsExploring BlocksUsing Bitcoin Core’s Programmatic InterfaceAlternative Clients, Libraries, and ToolkitsC/C++JavaScriptJavaPythonGoRustScalaC#
Public Key CryptographyPrivate KeysElliptic Curve Cryptography ExplainedPublic KeysOutput and Input ScriptsIP Addresses: The Original Address for Bitcoin (P2PK)Legacy Addresses for P2PKHBase58check EncodingCompressed Public KeysLegacy Pay to Script Hash (P2SH)Bech32 AddressesProblems with Bech32 AddressesBech32mPrivate Key FormatsCompressed Private KeysAdvanced Keys and AddressesVanity AddressesPaper Wallets
Independent Key GenerationDeterministic Key GenerationPublic Child Key DerivationHierarchical Deterministic (HD) Key Generation (BIP32)Seeds and Recovery CodesBacking Up Nonkey DataBacking Up Key Derivation PathsA Wallet Technology Stack in DetailBIP39 Recovery CodesCreating an HD Wallet from the SeedUsing an Extended Public Key on a Web Store
A Serialized Bitcoin TransactionVersionExtended Marker and FlagInputsLength of Transaction Input ListOutpointInput ScriptSequenceOutputsOutputs CountAmountOutput ScriptsWitness StructureCircular DependenciesThird-Party Transaction MalleabilitySecond-Party Transaction MalleabilitySegregated WitnessWitness Structure SerializationLock TimeCoinbase TransactionsWeight and VbytesLegacy Serialization
Transaction Scripts and Script LanguageTuring IncompletenessStateless VerificationScript ConstructionPay to Public Key HashScripted MultisignaturesAn Oddity in CHECKMULTISIG ExecutionPay to Script HashP2SH AddressesBenefits of P2SHRedeem Script and ValidationData Recording Output (OP_RETURN)Transaction Lock Time LimitationsCheck Lock Time Verify (OP_CLTV)Relative TimelocksRelative Timelocks with OP_CSVScripts with Flow Control (Conditional Clauses)Conditional Clauses with VERIFY OpcodesUsing Flow Control in ScriptsComplex Script ExampleSegregated Witness Output and Transaction ExamplesUpgrading to Segregated WitnessMerklized Alternative Script Trees (MAST)Pay to Contract (P2C)Scriptless Multisignatures and Threshold SignaturesTaprootTapscript
How Digital Signatures WorkCreating a Digital SignatureVerifying the SignatureSignature Hash Types (SIGHASH)Schnorr SignaturesSerialization of Schnorr SignaturesSchnorr-based Scriptless MultisignaturesSchnorr-based Scriptless Threshold SignaturesECDSA SignaturesECDSA AlgorithmSerialization of ECDSA Signatures (DER)The Importance of Randomness in SignaturesSegregated Witness’s New Signing Algorithm
Who Pays the Transaction Fee?Fees and Fee RatesEstimating Appropriate Fee RatesReplace By Fee (RBF) Fee BumpingChild Pays for Parent (CPFP) Fee BumpingPackage RelayTransaction PinningCPFP Carve Out and Anchor OutputsAdding Fees to TransactionsTimelock Defense Against Fee Sniping

Node Types and RolesThe NetworkCompact Block RelayPrivate Block Relay NetworksNetwork DiscoveryFull NodesExchanging “Inventory”Lightweight ClientsBloom FiltersHow Bloom Filters WorkHow Lightweight Clients Use Bloom FiltersCompact Block FiltersGolomb-Rice Coded Sets (GCS)What Data to Include in a Block FilterDownloading Block Filters from Multiple PeersReducing Bandwidth with Lossy EncodingUsing Compact Block FiltersLightweight Clients and PrivacyEncrypted and Authenticated ConnectionsMempools and Orphan Pools
Structure of a BlockBlock HeaderBlock Identifiers: Block Header Hash and Block HeightThe Genesis BlockLinking Blocks in the BlockchainMerkle TreesMerkle Trees and Lightweight ClientsBitcoin’s Test BlockchainsTestnet: Bitcoin’s Testing PlaygroundSignet: The Proof of Authority TestnetRegtest: The Local BlockchainUsing Test Blockchains for Development
Bitcoin Economics and Currency CreationDecentralized ConsensusIndependent Verification of TransactionsMining NodesThe Coinbase TransactionCoinbase Reward and FeesStructure of the Coinbase TransactionCoinbase DataConstructing the Block HeaderMining the BlockProof-of-Work AlgorithmTarget RepresentationRetargeting to Adjust DifficultyMedian Time Past (MTP)Successfully Mining the BlockValidating a New BlockAssembling and Selecting Chains of BlocksMining and the Hash LotteryThe Extra Nonce SolutionMining PoolsHashrate AttacksChanging the Consensus RulesHard ForksSoft ForksConsensus Software Development
Security PrinciplesDeveloping Bitcoin Systems SecurelyThe Root of TrustUser Security Best PracticesPhysical Bitcoin StorageHardware Signing DevicesEnsuring Your AccessDiversifying RiskMultisig and GovernanceSurvivability
Building Blocks (Primitives)Applications from Building BlocksColored CoinsSingle-Use SealsPay to Contract (P2C)Client-Side ValidationRGBTaproot AssetsPayment Channels and State ChannelsState Channels—Basic Concepts and TerminologySimple Payment Channel ExampleMaking Trustless ChannelsAsymmetric Revocable CommitmentsHash Time Lock Contracts (HTLC)Routed Payment Channels (Lightning Network)Basic Lightning Network ExampleLightning Network Transport and PathfindingLightning Network Benefits
Bitcoin - A Peer-to-Peer Electronic Cash SystemIntroductionTransactionsTimestamp ServerProof-of-WorkNetworkIncentiveReclaiming Disk SpaceSimplified Payment VerificationCombining and Splitting ValuePrivacyCalculationsConclusionReferencesLicense
AbstractTransactionsProof of WorkReclaiming Disk SpaceSimplified Payment VerificationPrivacyCalculations

Content preview from Mastering Bitcoin, 3rd Edition

Chapter 4. Keys and Addresses

Alice wants to pay Bob, but the thousands of Bitcoin full nodes who will verify her transaction don’t know who Alice or Bob are—and we want to keep it that way to protect their privacy. Alice needs to communicate that Bob should receive some of her bitcoins without tying any aspect of that transaction to Bob’s real-world identity or to other Bitcoin payments that Bob receives. The method Alice uses must ensure that only Bob can further spend the bitcoins he receives.

The original Bitcoin paper describes a very simple scheme for achieving those goals, shown in Figure 4-1.

A receiver like Bob accepts bitcoins to a public key in a transaction that is signed by the spender (like Alice). The bitcoins that Alice is spending had been previously received to one of her public keys, and she uses the corresponding private key to generate her signature. Full nodes can verify that Alice’s signature commits to the output of a hash function that itself commits to Bob’s public key and other transaction details.

We’ll examine public keys, private keys, signatures, and hash functions in this chapter, and then use all of them together to describe the addresses used by modern Bitcoin software.

Public Key Cryptography

Public key cryptography was invented in the 1970s and is a mathematical foundation for modern ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Mastering Blockchain, Fourth Edition - Fourth Edition

Publisher Resources

ISBN: 9781098150082Errata Page

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

Chapter 4. Keys and Addresses

Figure 4-1. Transaction chain from original Bitcoin paper.

Public Key Cryptography

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Mastering Blockchain, Fourth Edition - Fourth Edition

The Bitcoin Standard

Mastering Ethereum, 2nd Edition

Zero Trust Networks, 2nd Edition

Publisher Resources

Chapter 4. Keys and Addresses

Figure 4-1. Transaction chain from original Bitcoin paper.

Public Key Cryptography

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Mastering Blockchain, Fourth Edition - Fourth Edition

The Bitcoin Standard

Mastering Ethereum, 2nd Edition

Zero Trust Networks, 2nd Edition

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.