P2SH Bitcoin Script puzzle explained.
When sending bitcoins to someone, you actually lock funds using that other person’s key. But this is not the only way of locking funds on a block chain. Funds can be locked according to the rules of any Smart Contract. A very basic form of such a contract is a Script Puzzle. This article explains how such a puzzle works and how you can create one yourself.
Prior to bitcoin 0.6 it was very hard to send funds to a script instead of an address. With the introduction of P2SH it got way easier. Now you can create your puzzle, generate an address of it and let other people send money to your puzzle address from within their favourite wallet. Such a puzzle address starts with a 3 instead of a 1 on the bitcoin blockchain, but can be used just like any other address.
Great, let’s make our hands dirty and generate such a puzzle address! To avoid going through the entire process of building the transaction from scratch, we’ll use a tool that let’s us specify the puzzle, test it and generate the address to pay to. PeerScript labs does exactly what we need!
Important note: The scripts described in this article do not require signing of transaction outputs, making it possible for an attacker to redirect the outputs to his own address. This article assumes that the reader is aware of the risks of locking funds using simple scripts. For the sake of simplicity, transaction malleability is not covered in this article.
Building the Script Puzzle
PeerScript labs has one solved and many yet to solve puzzles specified. Let’s take the solved one for the sake of simplicity: x+5=6. Paying to the address generated from this puzzle would mean that anyone knowing that 1+5=6 is able to claim the funds sent to that address. To generate the address we first need to translate the puzzle into bitcoin’s Script language. When opening PeerScript labs’ puzzle definition file you’ll find the translation:
A bitcoin script is executed from left to right. The script’s solution (“unlock” script) is always evaluated before the script it solves (“lock” script). So in this case the solved script would result in the execution of:
OP_1 OP_5 OP_ADD OP_6 OP_EQUALLet’s execute this in our head, it goes as follows: memorize number 1 (OP_1), memorize number 5 (OP_5), add the last two values we memorized and memorize the result being 6 (OP_ADD), now memorize another number 6 (OP_6) and check if last two memorized values are equal (OP_EQUAL) which is the case, the puzzle is solved!
Generating the puzzle address
Great, we solved the puzzle so we are sure we can claim the funds being locked by it. Let’s now generate the address that we can send funds to be locked by this puzzle.
Open the debug console in you browser (CTRL+SHIFT+I for firefox, chrome and opera). This console shows the P2SH address that you can pay to on Peercoin’s testnet with a standard testnet client.
It is advised to perform your experiments on testnet to avoid the risk of losing your funds. In the config file, you can change the behavior to generate mainnet addresses by setting testnet to false (not recommended).
For Peercoin’s mainnet the puzzle address becomes “p9Ni2UKCdFruRbHo8unUJoqSNqTV4T7CSj” starting with a lower case ‘p’ indicating it is a P2SH address.
When looking up that address on a block explorer, we find the very first script puzzle transactions on Peercoin’s blockchain. We see an incoming transaction, but also an outgoing transaction! Such an outgoing transaction is also known as a “Redeem transaction”, a transaction that redeems the funds locked by a script puzzle.
Generating the redeem transaction
Now that we learned how to lock funds using a script puzzle, the only thing left to do is spending the funds using the solution script. PeerScript labs has fully automated this for us, we only need to provide it the address we want to send the funds to and the raw transaction that locked the funds.
When opening the config file again, we find two properties that we haven’t used yet: “redeemAddress” and “redeemTransaction”. Like the comments suggest, we should just fill in our address into the “redeemAddress” property. Retrieving the “redeemTransaction” is a bit more tricky, as we need to retrieve it using the “getrawtransaction” rpc command. In the peercoin client, open the debug window (Help > Debug window) and type “getrawtransaction” followed by the transaction id locking funds by a puzzle you just solved. This should return you the “redeemTransaction” to be copied into the config file.
Claiming the reward
After pasting the entire raw transaction into the config file, PeerScript labs automatically detects which puzzle you solved and prints the raw redeem transaction into the javascript console next to the P2SH address we used earlier. Sending the raw transaction using the “sendrawtransaction” rpc command results in a payment from the script puzzle to the “redeemAddress” you specified in the config file.
Congratulations, you reached the end of this article! Hopefully you understand the Script system a little better now. And don’t forget that a script puzzle is a very basic smart contract! It’s a smart contract that locks funds under the condition that the spender knows the solution to your puzzle. To find out more about the possibilities, you can read more about the Script operations here.
If you like this article or want to support PeerScript labs, please consider donating to: 1PSL24dCfmy3qTExQuaWCpSSRVmVgj2SsA or PScript9dhNxV5xHGwwcjknh9sxe6s4tVX
