2

I'm trying to locate the public keys associated with a Bitcoin block's transaction inputs and outputs.

Can anyone tell me where those are encoded?

Thank you.

Padawan Learner
  • 65
  • 2
  • 9

1 Answers1

-1

Simply put, in general you can't.

Depending on the signature schema, all you could get would be a hash of that public key, or, even worse, a hash of a redeem script.

More specifically, you could get some public keys in some cases. This is a partial list of what you could get:

  1. Pay-to-pubkey-hash scripts (P2PKH): you get the public key from the scriptSig for the input BTC address
  2. Pay-to-pubkey (P2PK): you get the public key from scriptPubKey for the output BTC address
  3. Pay-to-script-hash scripts (P2SH): you get the public keys from the scriptSig for the input BTC address

There are other signature schemes and in standard transactions you should be able to get either the source public key or the destination public key.

What you could do is indexing the whole blockchain and fill the gaps in transactions where BTC addresses are not included together with their public key. But, for instance, if your BTC address appears only in P2PKH outputs, you have no means to find that public key.

fcracker79
  • 1,118
  • 13
  • 26
  • But how can the Bitcoin system track the balances in accounts if the public keys aren't available in the transactions? How do those sites work that allow you to query the balance in an account via its public key? (I googled for this one: https://bitref.com). TY for your previous kind reply and any further help with this. – Padawan Learner Dec 29 '18 at 16:20
  • Bitcoin as a network of `bitcoind` nodes does not track balances at all. All it does is enforce the _consensus_ rules_. There is no such association between: 1. accounts and public keys 2. accounts and BTC addresses 3. BTC addresses and balance The wallet support that you might have found in `bitcoind` just keeps track of all its relevant addresses. It requires specific indexing (e.g. if you import keys from external you have to reindex it). – fcracker79 Dec 29 '18 at 16:27
  • Try to think of bitcoin as a collection of outputs that can be redeemed by executing cryptographic scripts. The balance is thus the sum of unspent outputs associated to a specific address. Just to be clear, each private ECDSA key has a corresponding public key. A BTC address is a _hash_ of that public key. Thus, if you are implementing a wallet, you can easily track down all the outputs associated to that key and ultimately to your BTC address. – fcracker79 Dec 29 '18 at 16:32
  • Ok. Are these two statements true? 1) "Account" is an abstraction that wallet software provides. 2) A bitcoin address is a hash of a public key, and thus the system validates that transfers have sufficient balances by unhashing the public key when a transaction is submitted encoded with the corresponding private key. Does this mean that every address (every hashed public key) can only correspond to one public key? In other words, I guess this means that the hash is guaranteed to be unique for each public key, right? Ty – Padawan Learner Dec 29 '18 at 16:37
  • 1. Correct 2. More precisely, `bitcoind` verifies the _consensus rules_ (e.g. an output cannot be spent twice). A wallet normally creates a transaction provided that it has enough unspent outputs to send the specified amount of BTC. The user has typically the view of total balance, so he does not see what the wallet system does under the hood. Let's say that each public key has only one BTC address. This does not apply for every address type, but that's most of the case. – fcracker79 Dec 29 '18 at 17:02
  • So...Bitcoin nodes don't explicitly track the balances available to addresses. To validate a transaction, they simply verify that its inputs are comprised of unused outputs and those outputs are associated with the public key of the sending address. A "balance" can only be computed, by summing the unused outputs currently available to an address. Is that about right? Ty. Also, why even hash the public keys? Does it possibly reduce size? Or is there a bit of error checking added, after the fashion of a parity check? Ty once more kind sir. – Padawan Learner Dec 29 '18 at 19:27
  • Correct: most of the work of a wallet is to denormalize the blockchain. So, yes, the "balance" is a sum of the unspent outputs. Wallets also define the concept of unconfirmed balance and confirmed balance, depending of the inclusion height. Also, it is important to understand that BTC addresses have nothing to do with Bitcoin, or at least not directly: transactions do not contain addresses but hashes of public addresses. By knowing just the hash of a public key, anyone can send Bitcoin to the corresponding address. A BTC address is just a Base58 conversion of that hash. – fcracker79 Dec 29 '18 at 20:12
  • Let us [continue this discussion in chat](https://chat.stackoverflow.com/rooms/185917/discussion-between-fcracker79-and-padawan-learner). – fcracker79 Dec 29 '18 at 20:12