book

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

November 2023

Beginner

402 pages

11h 51m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Quizzes

Preface
Writing the Bitcoin BookIntended AudienceWhy Are There Bugs on the Cover?Conventions Used in This BookCode ExamplesUsing Code ExamplesChanges Since the Previous EditionBitcoin Addresses and Transactions in This BookO’Reilly Online LearningHow to Contact UsContacting the AuthorsAcknowledgments for the First and Second EditionsAcknowledgments for the Third EditionEarly Release Draft (GitHub Contributions)
1. Introduction
History of BitcoinGetting StartedChoosing a Bitcoin WalletQuick StartRecovery CodesBitcoin AddressesReceiving BitcoinGetting Your First BitcoinFinding the Current Price of BitcoinSending and Receiving Bitcoin
2. How Bitcoin Works
Bitcoin OverviewBuying from an Online StoreBitcoin TransactionsTransaction Inputs and OutputsTransaction ChainsMaking ChangeCoin SelectionCommon Transaction FormsConstructing a TransactionGetting the Right InputsCreating the OutputsAdding the Transaction to the BlockchainBitcoin MiningSpending the Transaction
3. Bitcoin Core: The Reference Implementation
From Bitcoin to Bitcoin CoreBitcoin Development EnvironmentCompiling Bitcoin Core from the Source CodeSelecting a Bitcoin Core ReleaseConfiguring the Bitcoin Core BuildBuilding the Bitcoin Core ExecutablesRunning a Bitcoin Core NodeConfiguring the Bitcoin Core NodeBitcoin Core APIGetting Information on Bitcoin Core’s StatusExploring and Decoding TransactionsExploring BlocksUsing Bitcoin Core’s Programmatic InterfaceAlternative Clients, Libraries, and ToolkitsC/C++JavaScriptJavaPythonGoRustScalaC#
4. Keys and Addresses
Public Key CryptographyPrivate KeysElliptic Curve Cryptography ExplainedPublic KeysOutput and Input ScriptsIP Addresses: The Original Address for Bitcoin (P2PK)Legacy Addresses for P2PKHBase58check EncodingCompressed Public KeysLegacy Pay to Script Hash (P2SH)Bech32 AddressesProblems with Bech32 AddressesBech32mPrivate Key FormatsCompressed Private KeysAdvanced Keys and AddressesVanity AddressesPaper Wallets
5. Wallet Recovery
Independent Key GenerationDeterministic Key GenerationPublic Child Key DerivationHierarchical Deterministic (HD) Key Generation (BIP32)Seeds and Recovery CodesBacking Up Nonkey DataBacking Up Key Derivation PathsA Wallet Technology Stack in DetailBIP39 Recovery CodesCreating an HD Wallet from the SeedUsing an Extended Public Key on a Web Store
6. Transactions
A Serialized Bitcoin TransactionVersionExtended Marker and FlagInputsLength of Transaction Input ListOutpointInput ScriptSequenceOutputsOutputs CountAmountOutput ScriptsWitness StructureCircular DependenciesThird-Party Transaction MalleabilitySecond-Party Transaction MalleabilitySegregated WitnessWitness Structure SerializationLock TimeCoinbase TransactionsWeight and VbytesLegacy Serialization
7. Authorization and Authentication
Transaction Scripts and Script LanguageTuring IncompletenessStateless VerificationScript ConstructionPay to Public Key HashScripted MultisignaturesAn Oddity in CHECKMULTISIG ExecutionPay to Script HashP2SH AddressesBenefits of P2SHRedeem Script and ValidationData Recording Output (OP_RETURN)Transaction Lock Time LimitationsCheck Lock Time Verify (OP_CLTV)Relative TimelocksRelative Timelocks with OP_CSVScripts with Flow Control (Conditional Clauses)Conditional Clauses with VERIFY OpcodesUsing Flow Control in ScriptsComplex Script ExampleSegregated Witness Output and Transaction ExamplesUpgrading to Segregated WitnessMerklized Alternative Script Trees (MAST)Pay to Contract (P2C)Scriptless Multisignatures and Threshold SignaturesTaprootTapscript
8. Digital Signatures
How Digital Signatures WorkCreating a Digital SignatureVerifying the SignatureSignature Hash Types (SIGHASH)Schnorr SignaturesSerialization of Schnorr SignaturesSchnorr-based Scriptless MultisignaturesSchnorr-based Scriptless Threshold SignaturesECDSA SignaturesECDSA AlgorithmSerialization of ECDSA Signatures (DER)The Importance of Randomness in SignaturesSegregated Witness’s New Signing Algorithm
9. Transaction Fees
Who Pays the Transaction Fee?Fees and Fee RatesEstimating Appropriate Fee RatesReplace By Fee (RBF) Fee BumpingChild Pays for Parent (CPFP) Fee BumpingPackage RelayTransaction PinningCPFP Carve Out and Anchor OutputsAdding Fees to TransactionsTimelock Defense Against Fee Sniping

10. The Bitcoin Network
Node Types and RolesThe NetworkCompact Block RelayPrivate Block Relay NetworksNetwork DiscoveryFull NodesExchanging “Inventory”Lightweight ClientsBloom FiltersHow Bloom Filters WorkHow Lightweight Clients Use Bloom FiltersCompact Block FiltersGolomb-Rice Coded Sets (GCS)What Data to Include in a Block FilterDownloading Block Filters from Multiple PeersReducing Bandwidth with Lossy EncodingUsing Compact Block FiltersLightweight Clients and PrivacyEncrypted and Authenticated ConnectionsMempools and Orphan Pools
11. The Blockchain
Structure of a BlockBlock HeaderBlock Identifiers: Block Header Hash and Block HeightThe Genesis BlockLinking Blocks in the BlockchainMerkle TreesMerkle Trees and Lightweight ClientsBitcoin’s Test BlockchainsTestnet: Bitcoin’s Testing PlaygroundSignet: The Proof of Authority TestnetRegtest: The Local BlockchainUsing Test Blockchains for Development
12. Mining and Consensus
Bitcoin Economics and Currency CreationDecentralized ConsensusIndependent Verification of TransactionsMining NodesThe Coinbase TransactionCoinbase Reward and FeesStructure of the Coinbase TransactionCoinbase DataConstructing the Block HeaderMining the BlockProof-of-Work AlgorithmTarget RepresentationRetargeting to Adjust DifficultyMedian Time Past (MTP)Successfully Mining the BlockValidating a New BlockAssembling and Selecting Chains of BlocksMining and the Hash LotteryThe Extra Nonce SolutionMining PoolsHashrate AttacksChanging the Consensus RulesHard ForksSoft ForksConsensus Software Development
13. Bitcoin Security
Security PrinciplesDeveloping Bitcoin Systems SecurelyThe Root of TrustUser Security Best PracticesPhysical Bitcoin StorageHardware Signing DevicesEnsuring Your AccessDiversifying RiskMultisig and GovernanceSurvivability
14. Second-Layer Applications
Building Blocks (Primitives)Applications from Building BlocksColored CoinsSingle-Use SealsPay to Contract (P2C)Client-Side ValidationRGBTaproot AssetsPayment Channels and State ChannelsState Channels—Basic Concepts and TerminologySimple Payment Channel ExampleMaking Trustless ChannelsAsymmetric Revocable CommitmentsHash Time Lock Contracts (HTLC)Routed Payment Channels (Lightning Network)Basic Lightning Network ExampleLightning Network Transport and PathfindingLightning Network Benefits
A. The Bitcoin Whitepaper by Satoshi Nakamoto
Bitcoin - A Peer-to-Peer Electronic Cash SystemIntroductionTransactionsTimestamp ServerProof-of-WorkNetworkIncentiveReclaiming Disk SpaceSimplified Payment VerificationCombining and Splitting ValuePrivacyCalculationsConclusionReferencesLicense
B. Errata to the Bitcoin Whitepaper
AbstractTransactionsProof of WorkReclaiming Disk SpaceSimplified Payment VerificationPrivacyCalculations
C. Bitcoin Improvement Proposals
Index
About the Authors

Content preview from Mastering Bitcoin, 3rd Edition

Chapter 7. Authorization and Authentication

When you receive bitcoins, you have to decide who will have permission to spend them, called authorization. You also have to decide how full nodes will distinguish the authorized spenders from everyone else, called authentication. Your authorization instructions and the spender proof of authentication will be checked by thousands of independent full nodes, which all need to come to the same conclusion that a spend was authorized and authenticated in order for the transaction containing it to be valid.

The original description of Bitcoin used a public key for authorization. Alice paid Bob by putting his public key in the output of a transaction. Authentication came from Bob in the form of a signature that committed to a spending transaction, such as from Bob to Carol.

The actual version of Bitcoin that was originally released provided a more flexible mechanism for both authorization and authentication. Improvements since then have only increased that flexibility. In this chapter, we’ll explore those features and see how they’re most commonly used.

Transaction Scripts and Script Language

The original version of Bitcoin introduced a new programming language called Script, a Forth-like stack-based language. Both the script placed in an output and the legacy input script used in a spending transaction are written in this scripting language.

Script is a very simple language. It requires minimal processing and cannot easily do many of the ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781098150082Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

Chapter 7. Authorization and Authentication

Transaction Scripts and Script Language

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.