Blockchain Enthusiast (qq:53016353)
In the Ethereum development block chain, each chunk points to the previous block, and the chunk Hashiki computed by SHA256 is the basis on which the Ethereum development ledger cannot be tampered with.
In one chunk, the Ethereum development system uses trading (Transaction) to represent an Ethereum development transaction. A chunk contains at least one transaction. These transaction hashes calculate the Merkle hash of all trades by Merkle tree and are included in the chunk hash to make the transaction non-modifiable.
If we look closely at each transaction, we can see that, in addition to the first transaction, each transaction has one or more inputs (txin) and one or more outputs (txout), except for the miners ' mining proceeds:
The first miner's mining income transaction is often referred to as Coinbase, which has no input, so txin's hash is always labeled as 00000000 ... 0000.
For other transactions, any txin will only be traced back to a hash of a trade in the blockchain prior to this block, as well as the index:
By trading Hash and index (starting from 0), you can uniquely determine an unused trade output--utxo (unspent Transaction output). In this way, each TX input is associated with a previous TX output.
We assume that in the last transaction, Bob paid Alice 0.15 BTC.
Since Ethereum was not developed with an account concept, the output of this transaction did not write Alice's name, nor did Alice's public key be written.
So, Alice wants to spend the 0.15 BTC, how she should prove she owns the Utxo, and the others can't fake Alice to spend the Utxo.
The answer is that the output created by the Ethereum transaction is not a simple public key address, but a script. In this transaction where Bob pays Alice 0.15 BTC, Bob creates an output script similar to the following:
Op_dup op_hash160 abcd1234 ... 9876 op_equalverify Op_checksig
Among them, abcd1234 ... 9876 is Alice's public key hash. The whole script means, who can provide a signature and a public key, let this script run through, who can spend 0.15 BTC of this transaction.
Because creating a signature can only use Alice's private key, signatures created by non-Alice's private key cannot be validated by this script, so others cannot impersonate Alice to spend the output.
Once Alice has provided a signature and her own public key, she has actually created another transaction to spend this output.
Everyone can verify that the new transaction that Alice created is valid. If it works, the deal will be packaged by miners into new chunks, making it a part of the blockchain that cannot be changed.
We take the famous pizza transaction as an example to verify whether a transaction is valid.
In Trading cca75078 ... 4d79, the only txin input provided by the Sigscript is:
8b4830450221009908144ca6539e09512b9295c8
a27050d478fbb96f8addbc3d075544dc41328702
201aa528be2b907d316d2da068dd9eb1e23243d9
7e444d59290d2fddf25269ee0e0141042e930f39
ba62c6534ee98ed20ca98959d34aa9e057cda01c
Fd422c6bab3667b76426529382c23f42b9b08d78
32d4fee1d6b437a8526e59667ce9c4e9dcebcabb
The Sigscript is actually composed of two parts:
Signature: 30450221...ee0e01 (71 bytes + 1 byte signature type), the actual signature is the 30450221...ee0e with the last byte 01 removed, and the signature type is Sighash_all (0x01).
Public key: 042e930f...cabb (65 bytes)
To verify that the transaction is valid, we first find the output a1075db5...d48d of the previous transaction based on the previous output hash:a1075db5...d48d and index 0 declared by Txin.
The script for this trade output is:
1976a91446af3fb481837fadbb421727f9959c2d32a3682988ac
The Ethereum development script consists of a series of instructions and data, each of which occupies one byte, and the data is determined by the length of the data head. The following binary script-translated Ethereum development directives are as follows:
Op_dup op_hash160 46af3fb4 ... 6829 op_equalverify Op_checksig
Now we have the signature, the public key, and the script:
Sig:30450221...ee0e01
Pubkey:042e930f...cabb
Script:op_dup op_hash160 46af3fb4 ... 6829 op_equalverify Op_checksig
You can run this script to verify that the transaction is valid.
The Ethereum development script is designed to run as a stack of virtual machine instructions, it has only a limited number of instructions, and deliberately designed to have no loop, conditional jump, so the Ethereum development script is not a fully Turing language.
The implementation of the Ethereum development script is very simple. We first have to prepare an empty stack, and then put the signature and the public key into the stack:
Immediately after that, we can execute the txout script:
Op_dup op_hash160 46af3fb4 ... 6829 op_equalverify Op_checksig
First executes the op_dup, which copies the elements of the top of the stack, so the result becomes:
Immediately after executing op_hash160, it calculates sha256/ripemd160 on the top of the stack, actually computes the public key hash, so the result of the operation becomes:
The next instruction is actually a data, we directly put the data into the stack:
Then, execute op_equalverify, this instruction compares the top two elements of the stack is equal, if not, the entire script fails to execute, if equal, the script will continue to execute, so the result of the operation becomes:
Finally, execute the instruction Op_checksig, which verifies the signature. First, we validate the entire transaction based on the signature type Sighash_all (0x01). The authentication method is:
Remove all txin scriptsig (red) from the current transaction, and replace the current txin scriptsig with the Utxo script (Blue section), and adjust the Length field (Green section):
Finally plus the small-endian 4-byte signature type 0x01 (Gray section), calculated two times SHA256, we get:
C2d48f45 ... 2669
Now, the signature is validated using the ECDSA algorithm:
Boolean ecdsa_verify_signature (byte[] message, byte[] signature, byte[] pubkey)
Based on the verification result of the signature, we can confirm that the transaction is valid.
Because of the introduction of scripts, we can see that ethereum development actually implements a transfer mechanism of digital currency ownership strictly based on computer program verification through programming scripts. Due to the scalability of computer programs, Ethereum development payments are not limited to a public key address that must be paid. Using scripts, we can construct various payment conditions, for example, multiple signature verification conditions:
2 3 Op_checkmultisign
This provides multiple public key addresses and requires multiple signature scripts for signature verification, allowing at least n signatures to be used at the M signature species. The script above allows for any two valid signatures in 3 public key addresses.
When we have Ethereum development hosted in a third party's online wallet, we can use multiple signatures to ensure that only our own and third-party wallets are co-signed before the output can be used, so that hackers will not be able to spend the user's ethereum development after attacking a third-party wallet.
With op_checklocktimeverify, we can specify a lock time for a trade, before which the trade output cannot be spent. This directive actually realized Alipay's 7-day funds locked and then paid to the seller's function.
There are some transactions that do not specify a public key hash, for example, the script for this transaction is as follows:
op_hash256 6fe28c0ab6f1b372c1a6a246ae63f74f931e8365e15a089c68d6190000000000 op_equal
It means to say, who can provide a data, it's SHA256 is 6fe28c0a ... 0000, who can spend this deal.
(Note: The transaction has been spent and someone has found a qualifying data)
From the Ethereum development script, we can see that the digital currency payment based on blockchain is actually a safe transfer of digital currency ownership. If we register the financial assets or physical assets in the blockchain in the digital form, we can safely realize the transfer of ownership under various conditions through the script, which is the application of the intelligent contract in the blockchain.