P2PK - Pay To Public Key
- We're starting a series of posts to teach you about Bitcoin development. We'll be sharing them here. Tell us how we can make it better!
- If you prefer reading on the website, check 👉 https://bitcoindevs.xyz/decoding/p2pk
The first payment on the Bitcoin network was a P2PK transaction in block 170, where Satoshi Nakamoto sent 10 BTC to Hal Finney.
We will explore this transaction in detail to understand how P2PK works, from its creation to its validation.
Understanding P2PK z as an ideal foundation for more complex scripts.
TL;DR: P2PK allows bitcoins to be sent directly to a public key. To spend the bitcoins, the recipient must provide a valid signature.
NOTE: Despite being simple, P2PK is not as widely used as P2PKH. We'll cover why this is the case later on.
How Does It Work?
The ability to lock and unlock coins is the mechanism by which we transfer bitcoin.
-
Locking: Giving bitcoins to someone.
-
Unlocking: Spending bitcoins you have received.
1. Locking (ScriptPubKey)
When creating this P2PK transaction, Satoshi specifies Finney's public key in the ScriptPubKey.
This script specifies the conditions that must be met to spend the bitcoins in the future, and it's placed within the output of a transaction.
This script specifies the conditions that must be met to spend the bitcoins in the future, and it's placed within the output of a transaction.
ScriptPubKey: A P2PK locking script looks like this:
<Public key Finney> OP_CHECKSIG- OP_PUSHBYTES_65: (41 in Hex) Length of the uncompressed public key (65 bytes).
- 04ae1a...6cd84c: Represents Hal Finney's uncompressed public key.
- OP_CHECKSIG: (0xac in Hex) Verifies the signature for the provided public key. It returns TRUE (1) if valid, otherwise FALSE (0).
Why Did Satoshi Use an Uncompressed Public Key (65 Bytes)?
Some have speculated that Satoshi was unaware of public key compression.
Compressed public keys are smaller, leading to smaller transactions and saving block space.
2. Unlocking (ScriptSig)
To spend the bitcoins Satoshi sent, Finney must provide a valid signature corresponding to the public key.
This signature proves that Finney has the private key corresponding to the public key specified in the ScriptPubKey.
This signature proves that Finney has the private key corresponding to the public key specified in the ScriptPubKey.
ScriptSig: A P2PK unlocking script looks like this:
<Signature Finney>- ** OP_PUSHBYTES_71:** (47 in Hex) Length of the signature (71 bytes).
- 30442 ... 914f01: Signature followed by SigHash byte
3. Validation
Bitcoin uses Script, a stack-based scripting language, to validate transactions.
It processes commands from left to right and is intentionally designed to be non-Turing complete, lacking features like loops.
It processes commands from left to right and is intentionally designed to be non-Turing complete, lacking features like loops.
When validating a transaction, the ScriptSig and ScriptPubKey are combined. This concatenated script looks something like this:
<signature Finney> <public key Finney> OP_CHECKSIGThe combined script will validate if the signature is valid, but fail if the signature is invalid.
NOTE: For the script to be valid, the top element of the stack must be non-zero after evaluation.
You can play with this tool below to see step by step how we evaluate P2PK the stack by visiting https://bitcoindevs.xyz/decoding/p2pk