book

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

November 2023

Beginner

402 pages

11h 51m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Quizzes

Preface
Writing the Bitcoin BookIntended AudienceWhy Are There Bugs on the Cover?Conventions Used in This BookCode ExamplesUsing Code ExamplesChanges Since the Previous EditionBitcoin Addresses and Transactions in This BookO’Reilly Online LearningHow to Contact UsContacting the AuthorsAcknowledgments for the First and Second EditionsAcknowledgments for the Third EditionEarly Release Draft (GitHub Contributions)
1. Introduction
History of BitcoinGetting StartedChoosing a Bitcoin WalletQuick StartRecovery CodesBitcoin AddressesReceiving BitcoinGetting Your First BitcoinFinding the Current Price of BitcoinSending and Receiving Bitcoin
2. How Bitcoin Works
Bitcoin OverviewBuying from an Online StoreBitcoin TransactionsTransaction Inputs and OutputsTransaction ChainsMaking ChangeCoin SelectionCommon Transaction FormsConstructing a TransactionGetting the Right InputsCreating the OutputsAdding the Transaction to the BlockchainBitcoin MiningSpending the Transaction
3. Bitcoin Core: The Reference Implementation
From Bitcoin to Bitcoin CoreBitcoin Development EnvironmentCompiling Bitcoin Core from the Source CodeSelecting a Bitcoin Core ReleaseConfiguring the Bitcoin Core BuildBuilding the Bitcoin Core ExecutablesRunning a Bitcoin Core NodeConfiguring the Bitcoin Core NodeBitcoin Core APIGetting Information on Bitcoin Core’s StatusExploring and Decoding TransactionsExploring BlocksUsing Bitcoin Core’s Programmatic InterfaceAlternative Clients, Libraries, and ToolkitsC/C++JavaScriptJavaPythonGoRustScalaC#
4. Keys and Addresses
Public Key CryptographyPrivate KeysElliptic Curve Cryptography ExplainedPublic KeysOutput and Input ScriptsIP Addresses: The Original Address for Bitcoin (P2PK)Legacy Addresses for P2PKHBase58check EncodingCompressed Public KeysLegacy Pay to Script Hash (P2SH)Bech32 AddressesProblems with Bech32 AddressesBech32mPrivate Key FormatsCompressed Private KeysAdvanced Keys and AddressesVanity AddressesPaper Wallets
5. Wallet Recovery
Independent Key GenerationDeterministic Key GenerationPublic Child Key DerivationHierarchical Deterministic (HD) Key Generation (BIP32)Seeds and Recovery CodesBacking Up Nonkey DataBacking Up Key Derivation PathsA Wallet Technology Stack in DetailBIP39 Recovery CodesCreating an HD Wallet from the SeedUsing an Extended Public Key on a Web Store
6. Transactions
A Serialized Bitcoin TransactionVersionExtended Marker and FlagInputsLength of Transaction Input ListOutpointInput ScriptSequenceOutputsOutputs CountAmountOutput ScriptsWitness StructureCircular DependenciesThird-Party Transaction MalleabilitySecond-Party Transaction MalleabilitySegregated WitnessWitness Structure SerializationLock TimeCoinbase TransactionsWeight and VbytesLegacy Serialization
7. Authorization and Authentication
Transaction Scripts and Script LanguageTuring IncompletenessStateless VerificationScript ConstructionPay to Public Key HashScripted MultisignaturesAn Oddity in CHECKMULTISIG ExecutionPay to Script HashP2SH AddressesBenefits of P2SHRedeem Script and ValidationData Recording Output (OP_RETURN)Transaction Lock Time LimitationsCheck Lock Time Verify (OP_CLTV)Relative TimelocksRelative Timelocks with OP_CSVScripts with Flow Control (Conditional Clauses)Conditional Clauses with VERIFY OpcodesUsing Flow Control in ScriptsComplex Script ExampleSegregated Witness Output and Transaction ExamplesUpgrading to Segregated WitnessMerklized Alternative Script Trees (MAST)Pay to Contract (P2C)Scriptless Multisignatures and Threshold SignaturesTaprootTapscript
8. Digital Signatures
How Digital Signatures WorkCreating a Digital SignatureVerifying the SignatureSignature Hash Types (SIGHASH)Schnorr SignaturesSerialization of Schnorr SignaturesSchnorr-based Scriptless MultisignaturesSchnorr-based Scriptless Threshold SignaturesECDSA SignaturesECDSA AlgorithmSerialization of ECDSA Signatures (DER)The Importance of Randomness in SignaturesSegregated Witness’s New Signing Algorithm
9. Transaction Fees
Who Pays the Transaction Fee?Fees and Fee RatesEstimating Appropriate Fee RatesReplace By Fee (RBF) Fee BumpingChild Pays for Parent (CPFP) Fee BumpingPackage RelayTransaction PinningCPFP Carve Out and Anchor OutputsAdding Fees to TransactionsTimelock Defense Against Fee Sniping

10. The Bitcoin Network
Node Types and RolesThe NetworkCompact Block RelayPrivate Block Relay NetworksNetwork DiscoveryFull NodesExchanging “Inventory”Lightweight ClientsBloom FiltersHow Bloom Filters WorkHow Lightweight Clients Use Bloom FiltersCompact Block FiltersGolomb-Rice Coded Sets (GCS)What Data to Include in a Block FilterDownloading Block Filters from Multiple PeersReducing Bandwidth with Lossy EncodingUsing Compact Block FiltersLightweight Clients and PrivacyEncrypted and Authenticated ConnectionsMempools and Orphan Pools
11. The Blockchain
Structure of a BlockBlock HeaderBlock Identifiers: Block Header Hash and Block HeightThe Genesis BlockLinking Blocks in the BlockchainMerkle TreesMerkle Trees and Lightweight ClientsBitcoin’s Test BlockchainsTestnet: Bitcoin’s Testing PlaygroundSignet: The Proof of Authority TestnetRegtest: The Local BlockchainUsing Test Blockchains for Development
12. Mining and Consensus
Bitcoin Economics and Currency CreationDecentralized ConsensusIndependent Verification of TransactionsMining NodesThe Coinbase TransactionCoinbase Reward and FeesStructure of the Coinbase TransactionCoinbase DataConstructing the Block HeaderMining the BlockProof-of-Work AlgorithmTarget RepresentationRetargeting to Adjust DifficultyMedian Time Past (MTP)Successfully Mining the BlockValidating a New BlockAssembling and Selecting Chains of BlocksMining and the Hash LotteryThe Extra Nonce SolutionMining PoolsHashrate AttacksChanging the Consensus RulesHard ForksSoft ForksConsensus Software Development
13. Bitcoin Security
Security PrinciplesDeveloping Bitcoin Systems SecurelyThe Root of TrustUser Security Best PracticesPhysical Bitcoin StorageHardware Signing DevicesEnsuring Your AccessDiversifying RiskMultisig and GovernanceSurvivability
14. Second-Layer Applications
Building Blocks (Primitives)Applications from Building BlocksColored CoinsSingle-Use SealsPay to Contract (P2C)Client-Side ValidationRGBTaproot AssetsPayment Channels and State ChannelsState Channels—Basic Concepts and TerminologySimple Payment Channel ExampleMaking Trustless ChannelsAsymmetric Revocable CommitmentsHash Time Lock Contracts (HTLC)Routed Payment Channels (Lightning Network)Basic Lightning Network ExampleLightning Network Transport and PathfindingLightning Network Benefits
A. The Bitcoin Whitepaper by Satoshi Nakamoto
Bitcoin - A Peer-to-Peer Electronic Cash SystemIntroductionTransactionsTimestamp ServerProof-of-WorkNetworkIncentiveReclaiming Disk SpaceSimplified Payment VerificationCombining and Splitting ValuePrivacyCalculationsConclusionReferencesLicense
B. Errata to the Bitcoin Whitepaper
AbstractTransactionsProof of WorkReclaiming Disk SpaceSimplified Payment VerificationPrivacyCalculations
C. Bitcoin Improvement Proposals
Index
About the Authors

Content preview from Mastering Bitcoin, 3rd Edition

Chapter 4. Keys and Addresses

Alice wants to pay Bob, but the thousands of Bitcoin full nodes who will verify her transaction don’t know who Alice or Bob are—and we want to keep it that way to protect their privacy. Alice needs to communicate that Bob should receive some of her bitcoins without tying any aspect of that transaction to Bob’s real-world identity or to other Bitcoin payments that Bob receives. The method Alice uses must ensure that only Bob can further spend the bitcoins he receives.

The original Bitcoin paper describes a very simple scheme for achieving those goals, shown in Figure 4-1.

A receiver like Bob accepts bitcoins to a public key in a transaction that is signed by the spender (like Alice). The bitcoins that Alice is spending had been previously received to one of her public keys, and she uses the corresponding private key to generate her signature. Full nodes can verify that Alice’s signature commits to the output of a hash function that itself commits to Bob’s public key and other transaction details.

We’ll examine public keys, private keys, signatures, and hash functions in this chapter, and then use all of them together to describe the addresses used by modern Bitcoin software.

Public Key Cryptography

Public key cryptography was invented in the 1970s and is a mathematical foundation for modern ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781098150082Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

Chapter 4. Keys and Addresses

Figure 4-1. Transaction chain from original Bitcoin paper.

Public Key Cryptography

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.