比特币交易构成(二)
梦的衣裳323
发表于 2023-1-6 15:55:36
184
0
0
上篇介绍了交易结构、签名等,为了更直观的认识比特币,借助bitcoind演示手动构造并广播交易的完整过程。+ ?4 r" u( m3 K3 T$ L7 A/ j
普通交易
1. 找出未花费的币(unspent output): A* o& T/ d$ K$ n- z+ _% E
通过命令:listunspent [minconf=1] [maxconf=9999999] ["address",...]列出某个地址未花费的币(交易),minconf/maxconf表示该笔收入交易的确认数范围,如果需要列出还未确认的交易,需将minconf设置为0。
执行:% W6 Y) e% ]6 C) h% L6 r
bitcoind listunspent 0 100 '["1Lab618UuWjLmVA1Q64tHZXcLoc4397ZX3"]' k0 }, T$ H% y* M* H
输出:" a- v5 ~( T g& M
[# a# R6 {+ o- Y$ J0 \) _1 ]
{
"txid" : "296ea7bf981b44999d689853d17fe0ceb852a8a34e68fcd19f0a41e589132156",* j; M! E" z# {
"vout" : 0,# z; u1 M* T ^
"address" : "1Lab618UuWjLmVA1Q64tHZXcLoc4397ZX3",
"account" : "",
"scriptPubKey" : "76a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac",! z3 I2 f/ X6 }3 h
"amount" : 0.19900000,3 e, C D$ |. U! K6 t0 @8 J- _- D
"confirmations" : 1" S0 B; f- f! _. c6 ^
}0 C3 n3 C' S' y& D
]
我们找到该地址的一个未花费交易,位于交易296ea7bf981b4499…9f0a41e589132156的第0个位置。% T/ `% O$ O: c( w _ K! S
2. 创建待发送交易0 ^- t: b6 O% J; T' I3 {$ K6 j
创建待发送交易,由命令:createrawtransaction [{"txid":txid,"vout":n},...] {address:amount,...}来完成。我们将 0.1 BTC发送至 1Q8s4qDRbCbFypG5AFNR9tFC57PStkPX1x ,并支付 0.0001 BTC做为矿工费。输入交易的额度为 0.199 ,输出为 0.1 + 0.0001 = 0.1001 ,那么还剩余: 0.199 - 0.1001 = 0.0989 ,将此作为找零发回给自己。7 l G. F% S+ y- W! X6 t
执行:
bitcoind createrawtransaction \1 k6 ~' h( a1 ~+ _- g
'[{"txid":"296ea7bf981b44999d689853d17fe0ceb852a8a34e68fcd19f0a41e589132156","vout":0}]' \
'{"1Q8s4qDRbCbFypG5AFNR9tFC57PStkPX1x":0.1, "1Lab618UuWjLmVA1Q64tHZXcLoc4397ZX3":0.0989}'
输出:
010000000156211389e5410a9fd1fc684ea3a852b8cee07fd15398689d99441b98bfa76e290000000000ffffffff0280969800000000001976a914fdc7990956642433ea75cabdcc0a9447c5d2b4ee88acd0e89600000000001976a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac00000000
通过命令:decoderawtransaction ,可以将此段十六进制字符串解码。! @5 n8 L: j1 K3 `. E9 C3 g( f
执行:1 I, w+ n5 Y, o0 o1 ]- t
bitcoind decoderawtransaction '010000000156211389e5410a9fd1fc684ea3a852b8cee07fd15398689d99441b98bfa76e290000000000ffffffff0280969800000000001976a914fdc7990956642433ea75cabdcc0a9447c5d2b4ee88acd0e89600000000001976a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac00000000'
输出:
{1 `* H+ ^1 T$ X$ Q- M
"txid" : "54f773a3fdf7cb3292fc76b46c97e536348b3a0715886dbfd2f60e115fb3a8f0",
"version" : 1,; Z) {' X% H( \9 h- v3 M
"locktime" : 0,
"vin" : [
{5 }/ Y0 J4 }% J; O8 z; D, C; }3 R
"txid" : "296ea7bf981b44999d689853d17fe0ceb852a8a34e68fcd19f0a41e589132156",
"vout" : 0,
"scriptSig" : {; {0 A2 j. \$ \1 U8 q
"asm" : "",, O/ Q3 ?' y9 H: l
"hex" : ""
},
"sequence" : 4294967295
}
], L$ X& H8 z" v: f! Q
"vout" : [ Z2 F2 y X4 h/ u1 @3 n; E U: |
{( }4 ~' a$ {9 } r" |7 k/ Z2 y
"value" : 0.10000000,1 [' O2 R! h7 z. `$ ]
"n" : 0,
"scriptPubKey" : {
"asm" : "OP_DUP OP_HASH160 fdc7990956642433ea75cabdcc0a9447c5d2b4ee OP_EQUALVERIFY OP_CHECKSIG",& D' x, @1 f5 f2 Q9 X1 D) b
"hex" : "76a914fdc7990956642433ea75cabdcc0a9447c5d2b4ee88ac",8 Z& ^- T7 d' d/ q
"reqSigs" : 1,* n+ A8 y& [1 r; k/ J
"type" : "pubkeyhash",
"addresses" : [
"1Q8s4qDRbCbFypG5AFNR9tFC57PStkPX1x"
]2 K9 `$ Z. }' [4 b) `% c: F
}( R7 ^: L& d) r ^$ v
},
{
"value" : 0.09890000,. a4 f( }9 Z N# p+ U! d
"n" : 1,1 _& X, ?9 H7 R
"scriptPubKey" : {6 _ S$ c0 A# K4 Z
"asm" : "OP_DUP OP_HASH160 d6c492056f3f99692b56967a42b8ad44ce76b67a OP_EQUALVERIFY OP_CHECKSIG",: E5 U" I. S% Z# B4 \; H; j
"hex" : "76a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac",4 u; `; e4 |8 g' ~. g* E* J' K8 _9 h
"reqSigs" : 1,
"type" : "pubkeyhash",
"addresses" : [6 Y4 F! k; k- T1 M8 u/ I) m
"1Lab618UuWjLmVA1Q64tHZXcLoc4397ZX3"8 z8 C$ }: I, q. P" ~; Q" Z/ \3 q
]
}# l+ h/ X. k6 k) g
}
]2 ^( b" L6 W# |% ^3 D% w4 `
}& |2 G1 _* M" B2 K5 j
至此,一个“空白交易”就构造好了,尚未使用私钥对交易进行签名,字段scriptSig是留空的,无签名的交易是无效的。此时的Tx ID并不是最终的Tx ID,填入签名后Tx ID会发生变化。
在手动创建交易时,务必注意输入、输出的值,非常容易犯错的是忘记构造找零输出(如非必要勿手动构造交易)。曾经有人构造交易时忘记找零,发生了支付 200 BTC 的矿工费的人间惨剧,所幸的是收录该笔交易的Block由著名挖矿团队“烤猫(Friedcat)”挖得,该团队非常厚道的退回了多余费用。* D; `7 z. @3 @0 V: u _
3. 签名
交易签名使用命令:. \7 I- k( L, ?! t3 w; f
signrawtransaction \
[{"txid":txid,"vout":n,"scriptPubKey":hex,"redeemScript":hex},...] [,...] \6 c* V4 H" r, q- ]/ E7 @# D
[sighashtype="ALL"]
第一个参数是创建的待签名交易的十六进制字符串;第二个参数有点类似创建交易时的参数,不过需要多出一个公钥字段scriptPubKey,其他节点验证交易时是通过公钥和签名来完成的,所以要提供公钥;如果是合成地址,则需要提供redeemScript;
第三个参数是即将花费的币所在地址的私钥,用来对交易进行签名,如果该地址私钥已经导入至bitcoind中,则无需显式提供;最后一个参数表示签名类型,在上一篇里,介绍了三种交易签名类型;' q2 @( q( s1 `: L5 I6 k/ K; n, H
签名之前需要找到scriptPubKey,提取输入交易信息即可获取(也可以根据其公钥自行计算),由命令:getrawtransaction [verbose=0]完成。
执行:
bitcoind getrawtransaction 296ea7bf981b44999d689853d17fe0ceb852a8a34e68fcd19f0a41e589132156 1
输出:" ]* [/ T D% q: Q
{- Q- ]4 U4 Z/ U5 ?2 D' {
"hex" : "01000000010511331f639e974283d3909496787a660583dc88f41598d177e225b5f352314a000000006c493046022100be8c796122ec598295e6dfd6664a20a7e20704a17f76d3d925c9ec421ca60bc1022100cf9f2d7b9f24285f7c119c91f24521e5483f6b141de6ee55658fa70116ee04d4012103cad07f6de0b181891b5291a5bc82b228fe6509699648b0b53556dc0057eeb5a4ffffffff0160a62f01000000001976a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac00000000",
"txid" : "296ea7bf981b44999d689853d17fe0ceb852a8a34e68fcd19f0a41e589132156",
"version" : 1,
"locktime" : 0,, a0 H) g- T5 f$ D
"vin" : [
{
"txid" : "4a3152f3b525e277d19815f488dc8305667a78969490d38342979e631f331105",
"vout" : 0,
"scriptSig" : {3 g9 X: x5 h9 o3 M$ e
"asm" : "3046022100be8c796122ec598295e6dfd6664a20a7e20704a17f76d3d925c9ec421ca60bc1022100cf9f2d7b9f24285f7c119c91f24521e5483f6b141de6ee55658fa70116ee04d401 03cad07f6de0b181891b5291a5bc82b228fe6509699648b0b53556dc0057eeb5a4",+ C S! j' s) A; D- W# `
"hex" : "493046022100be8c796122ec598295e6dfd6664a20a7e20704a17f76d3d925c9ec421ca60bc1022100cf9f2d7b9f24285f7c119c91f24521e5483f6b141de6ee55658fa70116ee04d4012103cad07f6de0b181891b5291a5bc82b228fe6509699648b0b53556dc0057eeb5a4"- A/ O4 ~2 V% x/ h& ]$ |$ p
},
"sequence" : 42949672957 ^2 Y) }+ [5 m$ j3 @# M
}
],3 E. ~7 ?0 X0 B( E! x( e
"vout" : [
{
"value" : 0.19900000,
"n" : 0,
"scriptPubKey" : {
"asm" : "OP_DUP OP_HASH160 d6c492056f3f99692b56967a42b8ad44ce76b67a OP_EQUALVERIFY OP_CHECKSIG",3 U8 i: Q0 v4 b5 z' P9 f0 u! m3 T
"hex" : "76a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac",' Q& B. u% z. y, g$ e
"reqSigs" : 1,, E6 |! \7 k2 F
"type" : "pubkeyhash",. r' D3 m% l. ]3 f
"addresses" : [
"1Lab618UuWjLmVA1Q64tHZXcLoc4397ZX3"
]9 f8 K4 t. O( }& G7 n
}
}
],! I2 }, \+ ?5 @% a. M
"blockhash" : "000000000000000488f18f7659acd85b2bd06a5ed2c4439eea74a8b968d16656",
"confirmations" : 19,& V$ u/ L6 J! G x- c* ~) M
"time" : 1383235737,6 ^" \# h+ J2 h. W; J2 g
"blocktime" : 1383235737
}5 t8 I" b6 ^0 k5 I- a& n( L
scriptPubKey位于”vout”[0]->”scriptPubKey”->”hex”,即: 76a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac 。
签名使用ECDSA算法,对其,“空白交易”签名之,执行:! U7 ~( ]" Y" l1 p. K5 F4 v- _1 G
bitcoind signrawtransaction \7 e5 @5 G- d+ R m+ B
"010000000156211389e5410a9fd1fc684ea3a852b8cee07fd15398689d99441b98bfa76e290000000000ffffffff0280969800000000001976a914fdc7990956642433ea75cabdcc0a9447c5d2b4ee88acd0e89600000000001976a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac00000000" \
'[{"txid":"296ea7bf981b44999d689853d17fe0ceb852a8a34e68fcd19f0a41e589132156","vout":0,"scriptPubKey":"76a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac"}]'3 W, R5 |+ t- @9 U3 W5 Q
输出:" P6 A- d& [, } C# h
{: {$ _6 Y9 J5 W0 k. K: y+ }
"hex" : "010000000156211389e5410a9fd1fc684ea3a852b8cee07fd15398689d99441b98bfa76e29000000008c493046022100f9da4f53a6a4a8317f6e7e9cd9a7b76e0f5e95dcdf70f1b1e2b3548eaa3a6975022100858d48aed79da8873e09b0e41691f7f3e518ce9a88ea3d03f7b32eb818f6068801410477c075474b6798c6e2254d3d06c1ae3b91318ca5cc62d18398697208549f798e28efb6c55971a1de68cca81215dd53686c31ad8155cdc03563bf3f73ce87b4aaffffffff0280969800000000001976a914fdc7990956642433ea75cabdcc0a9447c5d2b4ee88acd0e89600000000001976a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac00000000",$ R% D% |; r$ x) D& @
"complete" : true
}" y5 |/ [% ?3 Y. V. v
签名后,签名值会填入上文所述的空字段中,从而得到一个完整的交易。可通过上文介绍的命令decoderawtransaction 解码查看之。
最后一步,就是将其广播出去,等待网络传播至所有节点,约10~60秒广播至全球节点,取决与你的节点的网络连接状况。稍后一些时刻,就会进入Block中。广播由命令sendrawtransaction 来完成。如果没有运行节点,可以通过公共节点的API进行广播,例如:blockchain.info/pushtx。
执行:
bitcoind sendrawtransaction \0 _3 S) v, _8 j `
"010000000156211389e5410a9fd1fc684ea3a852b8cee07fd15398689d99441b98bfa76e29000000008c493046022100f9da4f53a6a4a8317f6e7e9cd9a7b76e0f5e95dcdf70f1b1e2b3548eaa3a6975022100858d48aed79da8873e09b0e41691f7f3e518ce9a88ea3d03f7b32eb818f6068801410477c075474b6798c6e2254d3d06c1ae3b91318ca5cc62d18398697208549f798e28efb6c55971a1de68cca81215dd53686c31ad8155cdc03563bf3f73ce87b4aaffffffff0280969800000000001976a914fdc7990956642433ea75cabdcc0a9447c5d2b4ee88acd0e89600000000001976a914d6c492056f3f99692b56967a42b8ad44ce76b67a88ac00000000"
输出:
b5f8da1ea9e02ec3cc0765f9600f49945e94ed4b0c88ed0648896bf3e213205d
返回的是Transaction Hash值,即该交易的ID。至此,交易构造、签名、发送的完整过程完成了。
合成地址交易
合成地址以3开头,可以实现多方管理资产,极大提高安全性,也可以轻松实现基于比特币原生的三方交易担保支付。一个M-of-N的模式:* Z) O/ C! q/ |0 `
m {pubkey}...{pubkey} n OP_CHECKMULTISIG% h9 M/ k' x& R( `# n. Y. I8 F
M和N需满足:+ I9 Z' K/ F" ?) Z# a0 C- [
1
1 of 3,最大程度私钥冗余。防丢私钥损失,3把私钥中任意一把即可签名发币,即使丢失2把都可以保障不受损失;, _( z" m- T% n
2 of 3,提高私钥冗余度的同时解决单点信任问题。3把私钥任意2把私钥可签名发币,三方不完全信任的情形,即中介交易中,非常适用;
3 of 3,最大程度解决资金信任问题,无私钥冗余。必须3把私钥全部签名才能发币,适用多方共同管理重要资产,但任何一方遗失私钥均造成严重损失;
合成地址的交易构造、签名、发送过程与普通交易类似,这里只介绍如何创建一个合成地址。大神Gavin Andresen已经演示过,下面内容摘自其gist.9 R2 n5 M$ G* i/ Y
首先,需要三对公钥、私钥。公钥创建地址、私钥用于签名。0 D% f5 |5 W: x, O- o( _
# No.1
0491bba2510912a5bd37da1fb5b1673010e43d2c6d812c514e91bfa9f2eb129e1c183329db55bd868e209aac2fbc02cb33d98fe74bf23f0c235d6126b1d8334f86 / 5JaTXbAUmfPYZFRwrYaALK48fN6sFJp4rHqq2QSXs8ucfpE4yQU
# No.2 7 A n1 L3 F& k7 Q9 z& ^
04865c40293a680cb9c020e7b1e106d8c1916d3cef99aa431a56d253e69256dac09ef122b1a986818a7cb624532f062c1d1f8722084861c5c3291ccffef4ec6874 / 5Jb7fCeh1Wtm4yBBg3q3XbT6B525i17kVhy3vMC9AqfR6FH2qGk; s: W" l7 N/ A; }
# No.3
048d2455d2403e08708fc1f556002f1b6cd83f992d085097f9974ab08a28838f07896fbab08f39495e15fa6fad6edbfb1e754e35fa1c7844c41f322a1863d46213 / 5JFjmGo5Fww9p8gvx48qBYDJNAzR9pmH5S389axMtDyPT8ddqmw
使用命令:createmultisig 来合成,其中key为公钥,创建地址时仅需公钥。创建类型是2 of 3.
输入:) n8 b( g" ~. M
bitcoind createmultisig 2 \
'["0491bba2510912a5bd37da1fb5b1673010e43d2c6d812c514e91bfa9f2eb129e1c183329db55bd868e209aac2fbc02cb33d98fe74bf23f0c235d6126b1d8334f86","04865c40293a680cb9c020e7b1e106d8c1916d3cef99aa431a56d253e69256dac09ef122b1a986818a7cb624532f062c1d1f8722084861c5c3291ccffef4ec6874","048d2455d2403e08708fc1f556002f1b6cd83f992d085097f9974ab08a28838f07896fbab08f39495e15fa6fad6edbfb1e754e35fa1c7844c41f322a1863d46213"]'# s' H3 z/ O1 {7 W
输出:' b* ~% a4 O1 N" n2 q5 ?/ z! Y
{
"address" : "3QJmV3qfvL9SuYo34YihAf3sRCW3qSinyC",+ ?+ J1 I! w$ P
"redeemScript" : "52410491bba2510912a5bd37da1fb5b1673010e43d2c6d812c514e91bfa9f2eb129e1c183329db55bd868e209aac2fbc02cb33d98fe74bf23f0c235d6126b1d8334f864104865c40293a680cb9c020e7b1e106d8c1916d3cef99aa431a56d253e69256dac09ef122b1a986818a7cb624532f062c1d1f8722084861c5c3291ccffef4ec687441048d2455d2403e08708fc1f556002f1b6cd83f992d085097f9974ab08a28838f07896fbab08f39495e15fa6fad6edbfb1e754e35fa1c7844c41f322a1863d4621353ae"
}( }4 b5 h8 P( c P" }8 W
得到的合成地址是:3QJmV3qfvL9SuYo34YihAf3sRCW3qSinyC,该地址没有公钥,仅有redeemScript,作用与公钥相同。后续的构造、签名、发送过程与上文普通地址交易类似,略去。 e' [) h& ~7 {6 {: y2 e
转自比特币实验室
BitMere.com 比特池塘系信息发布平台,比特池塘仅提供信息存储空间服务。
声明:该文观点仅代表作者本人,本文不代表比特池塘立场,且不构成建议,请谨慎对待。
声明:该文观点仅代表作者本人,本文不代表比特池塘立场,且不构成建议,请谨慎对待。
成为第一个吐槽的人