Open in app

Sign in

Write

Sign in

Bitcoin Transactions Made Easy

Creating a bitcoin transaction from scratch!

Manjeet Thandani
deqode
12 min readNov 21, 2018

--

Written by Manjeet Thandani and Aditya Rout

We have all heard about the term cryptocurrency. As the name suggests, it works on the concept of cryptography and another revolutionary technology going by the name of “Blockchain”. Now this means a couple of things. First, this type of currency is completely digital (is exchanged over the internet) and second, it works on a completely decentralized peer-to-peer network. How does that help you ask? This system enables payments to be sent between users without passing through a central authority, such as a bank or payment gateway. It is created and held electronically. Crypto-currencies aren’t printed like dollars or euros, they’re produced by computers all around the world, using free software. Cool! Isn’t it?

With all these new digital currencies taking the crypto world by storm, Bitcoin is believed to be the father of all. It was created in the year 2008 by a pseudonymous person or people going by the name of Satoshi Nakamoto who proposed an electronic payment system based on mathematical proof. It was the first proper implementation of the crypto-currency which is independent of any central authority, that could be transferred electronically in a secure, verifiable and immutable way. Bitcoin has been called “digital gold,” and for justified reasons. To date, the total value of the currency is close to $112 billion USD.

The aim of this blog is to help you go through all those nitty-gritty details about a Bitcoin transaction, the underlying protocols that made it so popular and trustworthy.

Bitcoin overview

Let’s start with a brief overview of how Bitcoin works before getting into the details. As discussed earlier, Bitcoin is a digital currency being exchanged over the internet in a secure manner. You can buy Bitcoins in exchange of dollars, exchange it with one another, buy services or products and obviously get back your dollars in exchange for those Bitcoins. Let’s have a look at the things that make it work.

Blockchain

Bitcoin was probably the first innovation that properly implemented the concept of the blockchain. We won’t deep dive into blockchain technology but only some key facts about it will do. As revolutionary as it sounds, Blockchain is a mechanism to bring everyone to the highest degree of accountability. That means, no more missed transactions, human or machine errors, or even an exchange that was done with the dissent of the parties involved. Above anything else, the most critical area where Blockchain helps in case of Bitcoin is to guarantee the validity of a transaction by recording it not only on the main secured register but a connected distributed system of registers, all of which are connected through a secure validation mechanism (consensus).

The distributed system is a network that consists of autonomous computers that are connected using a distribution middleware. Bitcoin runs on such a peer-to-peer network, therefore, there is no single point of failure. All the Bitcoin transactions being done are stored in this trustable blockchain database.

Cryptography

Cryptography is the science of using mathematics to encrypt and decrypt data. It enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. Since Bitcoin is something based on the internet, it uses the concept of digital signatures to ensure that only the owner of Bitcoins can spend them. This also makes the system secure and immutable (no other person can hack in and use your Bitcoins). Signatures involve simple encryption and decryption of messages using keys which we will discuss in the section- Signing the transaction message.

Bitcoin Wallet

Unlike a bank, Bitcoins are not tied to users or accounts. Instead, Bitcoins are owned by a Bitcoin address, for example, 1KKKK6N21XKo48zWKuQKXdvSsCf95ibHFa. The owner of a Bitcoin address has the public and private keys associated with the address which is stored in Bitcoin Wallet. It is called a wallet because the number of Bitcoins you hold is mapped to your address (derived from your public key) and you can only spend them using the associated private key.

To spend Bitcoins, the owner signs the transaction with the private key, which proves the ownership of the Bitcoins being spent. (It’s somewhat like signing a physical check to make it valid). A public key is associated with each Bitcoin address, and anyone can use it to verify the digital signature.

Transactions

A transaction is a mechanism for spending Bitcoins. In a transaction, the owner of some Bitcoins transfers ownership to a new address.

Transactions are grouped into blocks and about every 10 minutes, a new block of transactions is sent out, becoming part of the transaction log (Blockchain), which indicates the transaction has been made (more-or-less) official. Once a transaction has been successfully mined in the blockchain, you can say that you transferred a certain amount of BTC to another address.

The UTXO model

In Bitcoin, each transaction spends output from prior transactions and generates new outputs that can be spent by transactions in the future. All of the unspent transactions are kept in the Bitcoin blockchain network, and therefore this model is named “UTXO” (Unspent Transaction Output). The user wallet keeps a track of the list of unspent transactions associated with all addresses owned by the user, and the balance of the wallet is calculated as the sum of those unspent transactions.

Refer to this image below:

Image Source:- wtokensw.com

The flow above is pretty much self-explanatory but let’s go through it step by step:

  • Alice has gained 10 BTC through mining. Alice’s wallet is associated with one UTXO record of 10 BTC. Now Alice wants to send Bob 4 BTC and Steven 6 BTC.
  • Alice creates a new transaction TX0, where she uses the whole of her UTXO of 10 BTC as input in this transaction. She creates two outputs, one of 4BTC (output0) which is sent to Bob’s address and another of 6 BTC (output1) which is sent to Steven’s address.
  • Now, output0 becomes the UTXO of Bob which he can use for further transactions and similarly output1 becomes the UTXO of Steven.
  • Bob now wants to send 4 BTC to Kevin. So, he uses his UTXO (output0) from TX0 as input in transaction TX1. He creates an output of 4 BTC (output0) which is sent to Kevin’s address. This output0 of TX1 becomes the UTXO of Kevin who can then spend it for future transactions. Also, once TX1 is mined, the wallet of Kevin will show a balance of 4 BTC. The wallet balance is the sum of all UTXOs associated with a particular address.

Now, we believe that you can understand the rest of the flow. One analogy for the transactions in the UTXO model is paper bills (banknotes). Each account keeps track of how much money it has by adding up the number of bills (UTXOs) in the purse (associated with this address/wallet). When we want to spend money, we use one or more bills (existing UTXOs), enough to cover the cost and maybe receive some change back (new UTXO). Similarly, Bitcoin value moves from one owner (the person controlling the private key to the Bitcoin) to another owner in a chain of transactions where Output becomes Input to create new Output, and so on.

So, here we understood that a Transaction consists of Inputs and Outputs. The inputs include the UTXOs from previous transactions. Outputs are basically how much BTC we want to send to a particular address. We discuss it in more detail in the next section.

Building a transaction from scratch

In the previous section, we understood the components of a transaction (inputs and outputs). Well, there are two more very important components of a transaction- ScriptSig and ScriptPubKey and would be explained in detail in the next section.

The final Bitcoin transaction that we would be building will look like: -

It majorly constitutes two segments, the input and the output part as we discussed earlier.

  • The input segment consists of the previous UTXO (a combination of previous transaction hash and output index or Vout). It also consists of a ScriptSig, also known as the unlocking script.
  • The output segment consists of the value of BTC we want to send and also the ScriptPubKey, which contains the address of the user we want to send the amount to. We actually don’t send the Bitcoins, rather, we lock the amount of BTC to a particular address using the ScriptPubKey which becomes the UTXO of that address. Hence it is also known as locking script.

Building the transaction without ScriptSig

Input Segment -

Input part of the transaction is used to identify the output of the previous transaction (UTXO) that we want to spend. It also contains scriptSig (or unlocking script), which represents the ownership to UTXO being spent.

For this example, we would use the following transaction as a funding transaction and would spend its first yield to create our new transaction: -

Utilizing the above exchange, let’s prepare the input portion of our transaction: -

  • Number_Of_Inputs contains the total number of UTXOs being spent and is represented in one-byte hex-encoded format. Here we want to consume only one UTXO thereby, Number_Of_Inputs is “01
  • Previous_Tx_hash contains the hash of a transaction containing our UTXO. Notice hash is represented in reversed hash order as Bitcoin core RPCs accept and return the byte-wise reverse of computed SHA-256 values. Reversing the above displayed Transaction Id would result in “c033c70225a3c0b0c0e309083adc223be489a0176f871eb96990b81ac2362e1b
  • Previous_Output_Index is an index of the previous output. It is padded to 4 bytes and written in little-endian format. For example, we’ll be using the output at the 0th index. Representing “0” in 4-byte padded little-endian format would result in “00000000”

Filling out the above-generated data in the transaction would look like: -

Output Segment -

Each output is an address receiving Bitcoin and the number of Bitcoins being sent to that address. Also, the output value being created must be less than the inputs being consumed as the difference is considered as transaction fees. The amount being sent must be represented as hex encoded eight bytes padded little-endian value.

Let us clearly understand it -

Suppose we want to send 30000 Satoshis ( the smallest unit of the Bitcoin cryptocurrency) to mys1o8PBWz4VACbJYaNoPDJsgNPWms5vzw, 30000 in hex is represented as 7530, padded to eight bytes and reversing results (little endian format) will give us 3075000000000000.

ScriptPubKey (or locking script) is used to lock the UTXO to a particular address so that only the private key corresponding to that particular address can spend it for future transactions. We won’t go into the details of scripting now.

Basic Locking Script format:

Hex codes for the four opcodes in this locking script (OP_DUP is 0x76, OP_HASH160 is 0xa9, OP_EQUALVERIFY is 0x88, and OP_CHECKSIG is 0xac).

Using hex codes for above opcodes in locking script results in -

The “14” we see is the PUSHDATA that represents a hex encoded number of bytes to be pushed in the stack. Converting hex encoded “14” into decimal results in “20”, which is the length of the pubkey hash.

PUB-KEY HASH can be obtained by performing a base58 decode on the address we want to send the Satoshis to and converting the result into hex. Thereby, this form of Bitcoin transaction is called P2PKH (Pay to PubKey Hash).

Performing above mentioned operation on mys1o8PBWz4VACbJYaNoPDJsgNPWms5vzw results c93d818d55482ef520438ab69040d4a2e5cbf790.

The final ScriptPubKey becomes:

“76a914c93d818d55482ef520438ab69040d4a2e5cbf79088ac”

Script_Length is a hex encoded length of corresponding locking script.

Filling out output segment: -

Building the transaction message

Till now we have created a basic transaction template with inputs (except scriptSig) and outputs. ScriptSig (or Unlocking Script) is the most important part of the transaction. It ensures that you are the rightful owner of the UTXO that is being spent. ScriptSig is another Bitcoin script which is used to unlock the locking script present in UTXO. It majorly consists of a digital signature and public key of the spending user.

To produce digital signature, Bitcoin uses ECDSA implementation which requires private key along with a hash of a message to be signed.

This is where it gets a bit confusing, the transaction message consists of ScriptSig (digital signature) and to generate digital signature we require the transaction message.

Hmm… that seems weird, but it isn’t.

Actually, the transaction being signed is different than the transaction that would be sent across the Bitcoin network. In the transaction that is being signed, in place of ScriptSig (which we do not have yet for obvious reasons), we place the ScriptPubKey (or locking script) of the previous output which we want to spend. In short, we retrieve the ScriptPubKey from our funding transaction and add it to our transaction message.

Also, we include an additional field in our transaction message called SigHash Code, it is a type of flag that indicates what parts of our transaction are included in the signature. It is padded to 4 bytes and written in little-endian format.

SIGHASH_ALL (code=1) represents that signature includes all inputs and outputs of the transaction except the scriptSig. Representing “1” in 4-byte hex encoded little-endian format results in “01000000”

Now we have the transaction message which is ready to get signed.

Signing the transaction message

To sign the transaction message first, we need to double SHA-256 hash the hex of transaction message which will give us a hashed raw transaction. The easiest way of performing hash is by using python or any online tool. The result is then converted to bytes to get signed.

Python code to double hash transaction message: -

As explained earlier Bitcoin uses ECDSA to generate the digital signature. The signature proves ownership and integrity of the transaction. It permits the Bitcoin verification software to verify that no changes are created to the numerous elements of the transaction since it had been signed.

Using following python script we can obtain ECDSA digital signature for the hashed raw transaction (note that we are using our private key to generate the signature):-

The generated signature consists of DER encoded R and S parts of which can either of 32 or 33 bytes in length. The various elements of our signature:

Putting it all together

Now we have the DER encoded digital signature through which ScriptSig can be generated. Remember ScriptSig is an unlocking script with signature as one of its constituents.

Basic unlocking script format:

  • PUSHDATA represents a hex encoded number of bytes to be pushed in the stack. It includes the length of signature + 1 byte (for SIGHASH code)
  • SIGNATURE is ECDSA digital signature that we have already generated
  • PUBKEY is our public key. The compressed public key is of length 32 bytes with a one-byte prefix of 0x02 or 0x03, which makes it a total of 33 bytes. Uncompressed public keys are of length 64 bytes with a prefix of 0x04

The final ScriptSig in hex:-

47304402201413e8d3a18e6d5ae88b0dcccf329f68547a725f083abf7a7027a64315d3cb1902201dff0aa70a424699a8b7a336b63ba67bc237fa0ed36f062efacfd2525fc46a5801410418895208dbaac7622be18869a7fb16decc9ac36bd35310af8d3a5c156c04f79138435e1465ac635152354713fee2124abe47bb4ad93128b23e725cb9112fc70f

This ScriptSig can be now placed in our transaction. Our final transaction would look like :-

Finally, after all the hard work we have the transaction which can be serialized and broadcasted to bitcoin network. The serialized transaction would look like this:-

“0100000001c033c70225a3c0b0c0e309083adc223be489a0176f871eb96990b81ac2362e1b000000008a47304402201413e8d3a18e6d5ae88b0dcccf329f68547a725f083abf7a7027a64315d3cb1902201dff0aa70a424699a8b7a336b63ba67bc237fa0ed36f062efacfd2525fc46a5801410418895208dbaac7622be18869a7fb16decc9ac36bd35310af8d3a5c156c04f79138435e1465ac635152354713fee2124abe47bb4ad93128b23e725cb9112fc70fffffffff0130750000000000001976a914c93d818d55482ef520438ab69040d4a2e5cbf79088ac00000000”

Before broadcasting transaction hex directly to bitcoin network lets first decode it and verify its constituents. For decoding we can use blockcypher decoder.

Here we can cross-check all the parameters that we calculated to construct our signature. Now we can broadcast this transaction in the Bitcoin blockchain network using blockcypher. If everything is fine, our transaction will be mined and added to the Bitcoin network forever!

Final words

So that pretty much sums it up. First, we had an overview of how Bitcoin works and the underlying technologies like blockchain and cryptography that make it so secure. After that, we understood the creation of a Bitcoin transaction and how it is signed in as much detail as we could. In the end, we successfully broadcasted our transaction in the Bitcoin network to prove that the signed transaction we constructed from scratch was actually a valid Bitcoin transaction.

Bitcoin
Blockchain
Cryptocurrency
Development
Encryption

--

--

Manjeet Thandani
deqode

Written by Manjeet Thandani

3 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams