book

Mastering Bitcoin, 3rd Edition

by Andreas M. Antonopoulos, David A. Harding

November 2023

Beginner

402 pages

11h 51m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Quizzes

Preface
Writing the Bitcoin BookIntended AudienceWhy Are There Bugs on the Cover?Conventions Used in This BookCode ExamplesUsing Code ExamplesChanges Since the Previous EditionBitcoin Addresses and Transactions in This BookO’Reilly Online LearningHow to Contact UsContacting the AuthorsAcknowledgments for the First and Second EditionsAcknowledgments for the Third EditionEarly Release Draft (GitHub Contributions)
1. Introduction
History of BitcoinGetting StartedChoosing a Bitcoin WalletQuick StartRecovery CodesBitcoin AddressesReceiving BitcoinGetting Your First BitcoinFinding the Current Price of BitcoinSending and Receiving Bitcoin
2. How Bitcoin Works
Bitcoin OverviewBuying from an Online StoreBitcoin TransactionsTransaction Inputs and OutputsTransaction ChainsMaking ChangeCoin SelectionCommon Transaction FormsConstructing a TransactionGetting the Right InputsCreating the OutputsAdding the Transaction to the BlockchainBitcoin MiningSpending the Transaction
3. Bitcoin Core: The Reference Implementation
From Bitcoin to Bitcoin CoreBitcoin Development EnvironmentCompiling Bitcoin Core from the Source CodeSelecting a Bitcoin Core ReleaseConfiguring the Bitcoin Core BuildBuilding the Bitcoin Core ExecutablesRunning a Bitcoin Core NodeConfiguring the Bitcoin Core NodeBitcoin Core APIGetting Information on Bitcoin Core’s StatusExploring and Decoding TransactionsExploring BlocksUsing Bitcoin Core’s Programmatic InterfaceAlternative Clients, Libraries, and ToolkitsC/C++JavaScriptJavaPythonGoRustScalaC#
4. Keys and Addresses
Public Key CryptographyPrivate KeysElliptic Curve Cryptography ExplainedPublic KeysOutput and Input ScriptsIP Addresses: The Original Address for Bitcoin (P2PK)Legacy Addresses for P2PKHBase58check EncodingCompressed Public KeysLegacy Pay to Script Hash (P2SH)Bech32 AddressesProblems with Bech32 AddressesBech32mPrivate Key FormatsCompressed Private KeysAdvanced Keys and AddressesVanity AddressesPaper Wallets
5. Wallet Recovery
Independent Key GenerationDeterministic Key GenerationPublic Child Key DerivationHierarchical Deterministic (HD) Key Generation (BIP32)Seeds and Recovery CodesBacking Up Nonkey DataBacking Up Key Derivation PathsA Wallet Technology Stack in DetailBIP39 Recovery CodesCreating an HD Wallet from the SeedUsing an Extended Public Key on a Web Store
6. Transactions
A Serialized Bitcoin TransactionVersionExtended Marker and FlagInputsLength of Transaction Input ListOutpointInput ScriptSequenceOutputsOutputs CountAmountOutput ScriptsWitness StructureCircular DependenciesThird-Party Transaction MalleabilitySecond-Party Transaction MalleabilitySegregated WitnessWitness Structure SerializationLock TimeCoinbase TransactionsWeight and VbytesLegacy Serialization
7. Authorization and Authentication
Transaction Scripts and Script LanguageTuring IncompletenessStateless VerificationScript ConstructionPay to Public Key HashScripted MultisignaturesAn Oddity in CHECKMULTISIG ExecutionPay to Script HashP2SH AddressesBenefits of P2SHRedeem Script and ValidationData Recording Output (OP_RETURN)Transaction Lock Time LimitationsCheck Lock Time Verify (OP_CLTV)Relative TimelocksRelative Timelocks with OP_CSVScripts with Flow Control (Conditional Clauses)Conditional Clauses with VERIFY OpcodesUsing Flow Control in ScriptsComplex Script ExampleSegregated Witness Output and Transaction ExamplesUpgrading to Segregated WitnessMerklized Alternative Script Trees (MAST)Pay to Contract (P2C)Scriptless Multisignatures and Threshold SignaturesTaprootTapscript
8. Digital Signatures
How Digital Signatures WorkCreating a Digital SignatureVerifying the SignatureSignature Hash Types (SIGHASH)Schnorr SignaturesSerialization of Schnorr SignaturesSchnorr-based Scriptless MultisignaturesSchnorr-based Scriptless Threshold SignaturesECDSA SignaturesECDSA AlgorithmSerialization of ECDSA Signatures (DER)The Importance of Randomness in SignaturesSegregated Witness’s New Signing Algorithm
9. Transaction Fees
Who Pays the Transaction Fee?Fees and Fee RatesEstimating Appropriate Fee RatesReplace By Fee (RBF) Fee BumpingChild Pays for Parent (CPFP) Fee BumpingPackage RelayTransaction PinningCPFP Carve Out and Anchor OutputsAdding Fees to TransactionsTimelock Defense Against Fee Sniping

10. The Bitcoin Network
Node Types and RolesThe NetworkCompact Block RelayPrivate Block Relay NetworksNetwork DiscoveryFull NodesExchanging “Inventory”Lightweight ClientsBloom FiltersHow Bloom Filters WorkHow Lightweight Clients Use Bloom FiltersCompact Block FiltersGolomb-Rice Coded Sets (GCS)What Data to Include in a Block FilterDownloading Block Filters from Multiple PeersReducing Bandwidth with Lossy EncodingUsing Compact Block FiltersLightweight Clients and PrivacyEncrypted and Authenticated ConnectionsMempools and Orphan Pools
11. The Blockchain
Structure of a BlockBlock HeaderBlock Identifiers: Block Header Hash and Block HeightThe Genesis BlockLinking Blocks in the BlockchainMerkle TreesMerkle Trees and Lightweight ClientsBitcoin’s Test BlockchainsTestnet: Bitcoin’s Testing PlaygroundSignet: The Proof of Authority TestnetRegtest: The Local BlockchainUsing Test Blockchains for Development
12. Mining and Consensus
Bitcoin Economics and Currency CreationDecentralized ConsensusIndependent Verification of TransactionsMining NodesThe Coinbase TransactionCoinbase Reward and FeesStructure of the Coinbase TransactionCoinbase DataConstructing the Block HeaderMining the BlockProof-of-Work AlgorithmTarget RepresentationRetargeting to Adjust DifficultyMedian Time Past (MTP)Successfully Mining the BlockValidating a New BlockAssembling and Selecting Chains of BlocksMining and the Hash LotteryThe Extra Nonce SolutionMining PoolsHashrate AttacksChanging the Consensus RulesHard ForksSoft ForksConsensus Software Development
13. Bitcoin Security
Security PrinciplesDeveloping Bitcoin Systems SecurelyThe Root of TrustUser Security Best PracticesPhysical Bitcoin StorageHardware Signing DevicesEnsuring Your AccessDiversifying RiskMultisig and GovernanceSurvivability
14. Second-Layer Applications
Building Blocks (Primitives)Applications from Building BlocksColored CoinsSingle-Use SealsPay to Contract (P2C)Client-Side ValidationRGBTaproot AssetsPayment Channels and State ChannelsState Channels—Basic Concepts and TerminologySimple Payment Channel ExampleMaking Trustless ChannelsAsymmetric Revocable CommitmentsHash Time Lock Contracts (HTLC)Routed Payment Channels (Lightning Network)Basic Lightning Network ExampleLightning Network Transport and PathfindingLightning Network Benefits
A. The Bitcoin Whitepaper by Satoshi Nakamoto
Bitcoin - A Peer-to-Peer Electronic Cash SystemIntroductionTransactionsTimestamp ServerProof-of-WorkNetworkIncentiveReclaiming Disk SpaceSimplified Payment VerificationCombining and Splitting ValuePrivacyCalculationsConclusionReferencesLicense
B. Errata to the Bitcoin Whitepaper
AbstractTransactionsProof of WorkReclaiming Disk SpaceSimplified Payment VerificationPrivacyCalculations
C. Bitcoin Improvement Proposals
Index
About the Authors

Content preview from Mastering Bitcoin, 3rd Edition

Chapter 8. Digital Signatures

Two signature algorithms are currently used in Bitcoin, the schnorr signature algorithm and the Elliptic Curve Digital Signature Algorithm (ECDSA). These algorithms are used for digital signatures based on elliptic curve private/public key pairs, as described in “Elliptic Curve Cryptography Explained”. They are used for spending segwit v0 P2WPKH outputs, segwit v1 P2TR keypath spending, and by the script functions OP_CHECKSIG, OP_CHECKSIGVERIFY, OP_CHECKMULTISIG, OP_CHECKMULTISIGVERIFY, and OP_CHECKSIGADD. Any time one of those is executed, a signature must be provided.

A digital signature serves three purposes in Bitcoin. First, the signature proves that the controller of a private key, who is by implication the owner of the funds, has authorized the spending of those funds. Secondly, the proof of authorization is undeniable (nonrepudiation). Thirdly, that the authorized transaction cannot be changed by unauthenticated third parties—that its integrity is intact.

Note

Each transaction input and any signatures it may contain is completely independent of any other input or signature. Multiple parties can collaborate to construct transactions and sign only one input each. Several protocols use this fact to create multiparty transactions for privacy.

In this chapter we look at how digital signatures work and how they can present proof of control of a private key without revealing that private key.

How Digital Signatures Work

A digital signature consists ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781098150082Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design