Pay to public key hash (aka P2PKH), is the most popular type of script, it’s the evolution of pay to public key (aka P2PK), this evolution was necessary to increase the security of transactions, by masking the public key of the receiver with a hash.

We explained here the basics about input and output, in this article we’ll go deeper in the subject with P2PKH as an example

Ok to make it clear let’s suppose I’m Alice, and I want to send Bitcoins to bob, how do I do it? Do I have to use P2PKH?

No! you don’t HAVE TO, you CAN, and maybe you SHOULD, but you don’t HAVE TO

Then why SHOULD I?

Let’s go a little bit deeper to answer the question

We talked about the execution of the script, we said the output is executed before the input.

This is because the input contains the information necessary to unlock the transaction, and the output contains the instructions necessary to verify the information in the input

In the example of Alice and Bob, the output and input look like this

Alice output: VERIFY_THIS_IS_BOB

Bob input: I_AM_BOB

So the executed script will look like this:


this will result in TRUE, VERIFY_THIS_IS_BOB will check if on the stack there is bob, since we put I_AM_BOB on the stack before the verification, the result will be TRUE

What if someone who is not bob tries to spend the transaction and just writes I_AM_BOB?

This not possible with the current technology, the ownership of THIS_IS_BOB is verified using ECDSA, so only bob con say I_AM_BOB

How do we write this script with the correct Bitcoin syntax?

using the P2PKH:

Bob input: <bobSig> <bobPubKey>

So the executed script will look like this:

 <bobSig> <bobPubKey> OP_DUP OP_HASH160 <bobPubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

What is the content of the stack during execution?

1: <bobSig>

Bob’s signature is pushed on the stack

2: <bobSig> <bobPubKey>

Bob’s public key is pushed on the stack

3: <bobSig> <bobPubKey> OP_DUP

OP_DUP is pushed on the stack, OP_DUP is one of the commands of Bitcoin script, what it does is: push on the stack a copy of the top element on the stack, so the next step will look like this

4: <bobSig> <bobPubKey> <bobPubKey>
5: <bobSig> <bobPubKey> <bobPubKey> OP_HASH160

OP_HASH160 is pushed on the stack, what it does is: hash the top element on the stack twice, the first time with SHA256 end then with RIPMD160, this is the same process used to produce a public key hash (Bitcoin address), so the next step will look like this

6: <bobSig> <bobPubKey> <bobPubKeyHash>
7: <bobSig> <bobPubKey> <bobPubKeyHash> <bobPubKeyHash>

Bob’s public key hash is pushed on the stack

8: <bobSig> <bobPubKey> <bobPubKeyHash> <bobPubKeyHash> OP_EQUALVERIFY 

OP_EQUALVERIFY is pushed on the stack, what it does is: check whether the two elements on top of the stack are equal, if true the script execution continues, if not, the execution fails.

So, at this point, if Bob did not provide the right public key the execution fails right?

Yes, exactly! if the result is true, the stack will look like this

9: <bobSig> <bobPubKey>

But the public key is…public, it is not enough, right?

True, but the script still has one command to be executed, let’s see what it does

10: <bobSig> <bobPubKey> OP_CHECKSIG

OP_CHECKSIG is pushed on the stack, what it does is: take the two elements on top of the stack, and verify that the top element on the stack is the public key corresponding to the private key used to sign the whole transaction, the signature is the second element on top in the stack

In other words?

It verifies that the signature provided in the script, is a valid signature for the transaction and that it’s generated from the private key of the provided public key

Ok, so one to pass this last step of the script, MUST have provided the right signature generated by the right private key?


Wow! show me some more script!

They will come soon!, this online IDE is great to play around with bitcoin script while you wait for the next article

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.