How transaction becomes confirmed by miners if InputScript has only the Sig

1

Please help me to understand how bitcoind client verifying TX with Input Script which consist only from the Sig.

For example TX 6D5DF6C0D66CFFC25CC1ABA3655952D7B081ED4E9EA3B70FCD964FDBBA01E91E has one input from D9A9C88110775B196CDAF6FC8113B33547C8E33E68519F60D9C9FF306E096473 transaction (8 output) with Input Script 4730440220797681C6711BB3D97AE373FC5CFF47F06EEC928DD46B8A9892D92C30953C9DF3022079C36E9A4C32D4E36B9E3ACCED0D40D70D8F90890C0E9F8F4F9AC083AFFD21B301.

This script has only the Sig (r,s) and has no any representation of Public Key or Address.

As I understand the Sig creates with UnsignedTX doubleSHA256 hash, Random Number and Private Key.

Sig checking by using UnsignedTX doubleSHA256 hash and a Public Key, but here is no any of it.

Also the question is about "Where is stored UnsignedTX doubleSHA256 hash?". Because it is not the transaction hash, because TX hash is for the signed transaction.

D L

Posted 2017-09-28T00:15:29.593

Reputation: 478

Answers

2

Transaction verification requires the previous transaction outputs that the transaction spends from. The output script of the previous transaction outputs is retrieved for each input. The input script is first run through the script interpreter. It's resulting stack is then used as an initial state for the previous transaction output's output script's pass through the script interpreter.

For the particular transaction that you have chosen, then previous transaction output script is of the form

<pubkey> OP_CHECKSIG

and the input is of the form

<sig>

This means that the signature is first pushed to the stack. Then the public key is pushed to the stack and then OP_CHECKSIG is performed on the two stack items. The public key resides in the output script. For other output types, the public key is provided in the input script as part of the spend.

The hash that is signed as the message is produced from the spending transaction itself. It contains data that is provided in the spending transaction and the previous transaction output script so it can be generated on-the-fly. You can check out this question and answer How to tell which part of the previous tx I need to make the hash to sign for an old given tx? which breaks down how that hash is generated for non-segwit inputs.

Andrew Chow

Posted 2017-09-28T00:15:29.593

Reputation: 40 910

as I understand from your answer, the unsigned transaction generates on-the-fly and then makes double sha256 Hash for Sig checking?D L 2017-09-28T00:57:12.673

Yes. The sighash preimage is created (modified version of the unsigned transaction) and that is hashed with SHA256d. That hash is either signed or verified, depending on what you want to do.Andrew Chow 2017-09-28T00:58:19.127

Asked: 2017-09-28T00:15:29.593

Viewed: 168 times

Active: 2017-10-20T06:57:06.450