Bitcoin’s Opcodes
Introduction
Bitcoin Script is a stack-based scripting language that is used to create Bitcoin smart contracts. It encumbers the coins in that transaction and contains a list of instructions on how outputs can be unlocked to be spent.
This list of instructions is specified by operation codes (opcodes), which is the focus of this article.
This article will explore the role that opcodes play in scripts, the types of opcodes that exist, some commonly used opcodes, and opcodes that have been disabled in the past.
Role of Opcodes in Bitcoin Script
Bitcoin’s opcodes are used to carry out relevant operations on the operands within the stack-based Bitcoin Script. They are basically like commands that are carried out in a script. The commands are in the form of keywords and are usually prefixed with “OP_
”
In Bitcoin script, a locking script (scriptPubKey) is used to lock funds while an unlocking script is provided to spend the coin. When a new UTXO is created as part of a *previous* spend, it is sent to (or “locked by”) a `scriptPubKey`. To spend this UTXO in the future, the sender must provide an `unlocking script` that satisfies the `scriptPubKey`.
The full script(locking and unlocking) is then executed sequentially (starting with the unlocking script) by nodes to validate the transaction.
Opcodes in action
One basic example of a script is the one used in a Pay-to-Public-Key-Hash (P2PKH) transaction.
The Pay-to-Public-Key-Hash (P2PKH) locks a transaction’s output to the hash of the receiver’s public key. The receiver will only be able to spend that output as an input in another transaction if they can provide their public key and a digital signature with the corresponding private key.
In this case, the locking script would look like so:
OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
Where the unlocking script will be in the form:
<signature> <pubKey>
The locking and unlocking script are then combined(the unlocking script is executed first) and executed as illustrated in the figure below.
The opcodes in the script above are:
OP_DUP
: This function duplicates the topmost item on the stackOP_HASH160
: This function performs first aSHA256
hash and then aRIPEMD160
hash.OP_EQUALVERIFY
: This function compares the last two items on the stack and verifies that they are the same.OP_CHECKSIG
: This function verifies that the ECDSA signature matches the provided public key. If the check passes, it pushes true to the stack and false if it fails.
Types of opcodes
Opcodes are grouped based on the type of function they perform. According to bitcoinwiki, they are grouped into:
- Constants: This group of opcodes pushes a specific number of data to the stack. An example is the
OP_PUSHDATA1
- Flow control: This group of opcodes determines the flow of the script. An example is the
OP_IF
- Stack: This group of opcodes is responsible for working on items on the stack and moving them around as required. An example is the
OP_DROP
- Data manipulation: Opcodes in this group are responsible for specifying what sort of data manipulation to perform on the provided data. An example is
OP_SIZE
. - Bitwise logic: This group of opcodes executes on specified data input data. An example is
OP_EQUAL
- Arithmetic: This group of opcodes carries out arithmetic operations on the data. An example is the
OP_ADD
- Cryptography: Opcodes in this group are used to carry out cryptographic functions on provided data. An example is
OP_HASH256.
Frequently used opcodes in Bitcoin Script
Some of the commonly used opcodes in Bitcoin script include:
OP_DUP
OP_IF
OP_ENDIF
OP_EQUALVERIFY
OP_HASH160
OP_CHECKSIG
OP_VERIFY
OP_EQUAL
OP_CHECKLOCKTIMEVERIFY
OP_RETURN
A complete list of all opcodes used in Bitcoin is available here.
Disabled opcodes
Some opcodes have been disabled such that they are no longer valid in the Bitcoin protocol. OP_LSHIFT
was disabled because processing transactions that contained this opcode caused bitcoin to crash. Other opcodes were also disabled as a security measure. Read more here
Any script that has any of these disabled opcodes will abort and fail.
The disabled opcodes include:
OP_CAT
OP_SUBSTR
OP_LEFT
OP_RIGHT
OP_INVERT
OP_AND
OP_OR
OP_XOR
OP_2MUL
OP_2DIV
OP_MUL
OP_DIV
OP_MOD
OP_LSHIFT
OP_RSHIFT
Conclusion
Bitcoin’s opcodes are like functions that power Bitcoin Scripts. They aid in producing customizable locking conditions for bitcoin transactions. Various combinations of these opcodes can yield different locking conditions.
References
- https://en.bitcoin.it/wiki/Script
- https://btcinformation.org/en/developer-reference#opcodes
- https://learnmeabitcoin.com/technical/script
- https://github.com/bitcoin/bitcoin/blob/cacbdbaa95317b45cf2100702bca92410fb43b9a/src/script/interpreter.cpp#L471
- https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch06.asciidoc#separate-execution-of-unlocking-and-locking-scripts
- https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures#CVE-2010-5137