Bitcoin Scripting
Bitcoin Script defines the conditions required to spend transaction outputs.
Script explains addresses, signatures, multisig, timelocks, hashlocks, SegWit, and Taproot.
The Intuition
A Bitcoin output is locked by a small program. Spending it requires providing data that makes the program succeed.
See it concretely
A safe can have rules: one key, two-of-three keys, wait until a date, or reveal a secret. Bitcoin Script is the rule card attached to the safe.
Tempting — but wrong
The precise version
Bitcoin Script is stack-based and non-Turing-complete. Outputs contain locking conditions, while inputs provide unlocking data or witness data. Validation checks whether the spending transaction satisfies the previous output's conditions. Standard scripts include pay-to-public-key-hash, multisig, timelocks, hashlocks, SegWit witness programs, and Taproot key/script paths.
spendValid \iff script(unlockingData, lockingCondition) = trueCheck your understanding
What does a locking script specify?
Click to reveal answer
Why is Bitcoin Script limited?
Click to reveal answer
- Define locking script and unlocking data.
- Explain multisig, timelock, and hashlock.
- Distinguish Bitcoin Script from Ethereum contracts.
- Explain why limited scripting is a security design choice.
What does a Bitcoin locking script define?