Script is a mini programming language used as a locking mechanism for outputs.
- A locking script is placed on every output.
- An unlocking script must be provided to unlock an output (i.e. when you're using it as an input).
If a full script (unlocking + locking) is valid, the output is "unlocked" and can be spent.
What is the Script language?
Script is a very basic programming language. It consists of two types of things:
- Data - For example; public keys and signatures.
OPCODES- Simple functions that operate on the data.
Here's a simple diagram of a typical P2PKH script used in Bitcoin:
How do you run Script?
The complete script is run from left-to-right. As it runs, it makes use of a data structure called a "stack".
- Data is always pushed on to the stack.
OPCODEScan pop elements off the stack, do something with them, then optionally "push" new elements on to the stack.
What makes a Script valid?
A script is valid if the top element left on the stack is a
1 (or greater).
The script is invalid if:
- The final stack is empty
- The top element is on the stack is
- The script exits prematurely (e.g. as with
Where can you find Script in Bitcoin?
A locking script is placed on every output you create in a transaction:
An unlocking script must be provided for every input you want to spend in a transaction:
Every node will then combine and run these two scripts to make sure they validate.
The Unlocking Script goes first!
Even though the
unlocking script is provided after the initial
locking script, we actually put it first when we run the both scripts together.
Why do we use Script?
- Question: Why not just use a simple public key and signature comparison and do away with all this
OPCODEand stack business?
- Answer: Because you can create different types of locks with different combinations of
For example, here are some cool locking scripts you can create:
1. Math Puzzle
To spend this output, you need to provide two numbers that add up to 8.
2. Hash Puzzle
Here you just need something that hashes to the same result as what's inside the locking script.
3. Hash Collision Puzzle
This is a cool one. You can unlock it by providing two different strings of data that produce the same hash result.
In other words, it's acts an incentive to find a "hash collision".
These locking scripts are non-standard.1 Whilst these scripts are valid (and can be mined on to the blockchain), typical Bitcoin Core nodes will not relay them from their memory pools, which makes it difficult for them to get mined in the first place.
Despite being able to create a variety of different locking scripts with various combinations of
OPCODES, most nodes will only relay a handful of "standard scripts":
- Pay To Pubkey (P2PK)
- Pay To Pubkey Hash (P2PKH)
- Pay To Multisig (P2MS)
- Pay To Script Hash (P2SH)
Why don't nodes relay non-standard scripts?
I know, it's a shame.
However, not every combination of
OPCODE has been tested. So if nodes relayed every non-standard script they received, it would introduce the risk of an attack from someone spamming the network with scripts that take a long time to verify2. This could "clog up" nodes and bring the network to a halt.
On the other hand, the standard scripts have been thoroughly tested and can be validated quickly. So the whole non-relaying of non-standard transactions is just a safety measure.
Non-standard scripts are valid, they are just not actively relayed.
Even though a non-standard transaction does not get relayed between memory pools, it can still be mined in to a block. Nodes do not relay non-standard transactions because a memory pool can receive a large number of transactions in a short period of time, whereas a block can only hold a limited number of transactions.
So if you want a transaction with a non-standard script to be added to the blockchain, you either need to send it directly to a miner who will mine it for you, or mine it on to the blockchain yourself.
Script is just a mini programming language used in Bitcoin to provide the locking mechanism for outputs.
- Every output is given a "locking script".
- You must then provide an "unlocking script" in the transaction that wants to spend that output.
When a node receives the spending transaction, it will combine both of these scripts together and run them. If a
1 is left on the top of the stack after the script has completed, then the script is valid and the output can be spent.