9.6 KiB
title | description |
---|---|
Transaction | A robust interface to create, parse and validate bitcoin transactions. |
Transaction
Description
Bitcore provides a very simple API for creating transactions. We expect this API to be accessible for developers without knowing the working internals of bitcoin in deep detail. What follows is a small introduction to transactions with some basic knowledge required to use this API.
A Transaction contains a set of inputs and a set of outputs. Each input contains a reference to another transaction's output, and a signature that allows the value referenced in that output to be used in this transaction.
Note also that an output can be used only once. That's why there's a concept of "change address" in the bitcoin ecosystem: if an output of 10 BTC is available for me to spend, but I only need to transmit 1 BTC, I'll create a transaction with two outputs, one with 1 BTC that I want to spend, and the other with 9 BTC to a change address, so I can spend this 9 BTC with another private key that I own.
So, in order to transmit a valid transaction, you must know what other transactions on the network store outputs that have not been spent and that are available for you to spend (meaning that you have the set of keys that can validate you own those funds). The unspent outputs are usually referred to as "utxo"s.
Let's take a look at some very simple transactions:
var transaction = new Transaction()
.from(utxos) // Feed information about what unspent outputs one can use
.to(address, amount) // Add an output with the given amount of satoshis
.change(address) // Sets up a change address where the rest of the funds will go
.sign(privkeySet) // Signs all the inputs it can
Now, this could just be serialized to hexadecimal ASCII values (transaction.serialize()
) and sent over to the bitcoind reference client.
bitcoin-cli sendrawtransaction <serialized transaction>
You can also override the fee estimation with another amount, specified in satoshis:
var transaction = new Transaction().fee(5430); // Minimum non-dust amount
var transaction = new Transaction().fee(1e8); // Generous fee of 1 BTC
Adding inputs
Transaction inputs are instances of either Input or its subclasses. Input
has some abstract methods, as there is no actual concept of a "signed input" in the bitcoin scripting system (just valid signatures for OP_CHECKSIG and similar opcodes). They are stored in the input
property of Transaction
instances.
Bitcore contains two implementations of Input
, one for spending Pay to Public Key Hash outputs (called PublicKeyHashInput
) and another to spend Pay to Script Hash outputs for which the redeem script is a Multisig script (called MultisigScriptHashInput
).
All inputs have the following five properties:
prevTxId
: aBuffer
with the id of the transaction with the output this input is spendingoutputIndex
: anumber
the index of the output in the previous transactionsequenceNumber
: anumber
, the sequence number, see bitcoin's developer guide on nLockTime and the sequence number.script
: theScript
instance for this input. Usually calledscriptSig
in the bitcoin community.output
: if available, aOutput
instance of the output associated with this input.
Both PublicKeyHashInput
and MultisigScriptHashInput
cache the information about signatures, even though this information could somehow be encoded in the script. Both need to have the output
property set in order to calculate the sighash
so signatures can be created.
Some methods related to adding inputs are:
from
: A high level interface to add an input from a UTXO. It has a series of variants:from(utxo)
: add an input from an Unspent Transaction Output. Currently, only P2PKH outputs are supported.from(utxos)
: same as above, but passing in an array of Unspent Outputs.from(utxo, publicKeys, threshold)
: add an input that spends a UTXO with a P2SH output for a Multisig script. ThepublicKeys
argument is an array of public keys, andthreshold
is the number of required signatures in the Multisig script.
addInput
: Performs a series of checks on an input and appends it to the end of theinput
vector and updates the amount of incoming bitcoins of the transaction.uncheckedAddInput
: adds an input to the end of theinput
vector and updates the_inputAmount
without performing any checks.
PublicKeyHashInput
This input uses the script
property to mark the input as unsigned if the script is empty.
MultisigScriptHashInput
This input contains a set of signatures in a signatures
property, and each time a signature is added, a potentially partial and/or invalid script is created. The isFullySigned
method will only return true if all needed signatures are already added and valid. If addSignature
is added after all need signatures are already set, an exception will be thrown.
Signing a Transaction
The following methods are used to manage signatures for a transaction:
getSignatures
: takes an array ofPrivateKey
or strings from which aPrivateKey
can be instantiated; the transaction to be signed; the kind of signature hash to use. Returns an array of objects with the following properties:signature
: an instance of SignatureprevTxId
: this input'sprevTxId
,outputIndex
: this input'soutputIndex
,inputIndex
: this input's index in the transactionsigtype
: the "sighash", the type of transaction hash used to calculate the signaturepublicKey
: aPublicKey
of thePrivateKey
used to create the signature
addSignature
: takes an element outputed bygetSignatures
and applies the signature to this input (modifies the script to include the new signature).clearSignatures
: removes all signatures for this inputisFullySigned
: returns true if the input is fully signed
Adding outputs
Outputs can be added by:
- The
addOutput(output)
method, which pushes anOutput
to the end of theoutputs
property and updates the_outputAmount
. It also clears signatures (as the hash of the transaction may have changed) and updates the change output. - The
to(address, amount)
method, that adds an output with the script that corresponds to the given address. Builds an output and calls theaddOutput
method. - Specifying a change address
Serialization
There are a series of methods used for serialization:
toObject
: Returns a plain javascript object with no methods and enough information to fully restore the state of this transaction. Using other serialization methods (except fortoJSON
) will cause a some information to be lost.toJSON
: Returns a string with a JSON-encoded version of the output fortoObject
.toString
oruncheckedSerialize
: Returns an hexadecimal serialization of the transaction, in the serialization format for bitcoin.serialize
: Does a series of checks before serializing the transaction:- Check that the fee to be used is not very small or very large
- Check for dust outputs
inspect
: Returns a string with some information about the transaction (currently a string formated as<Transaction 000...000>
, that only shows the serialized value of the transaction.toBuffer
: Serializes the transaction for sending over the wire in the bitcoin networktoBufferWriter
: Uses an already existing BufferWriter to copy over the serialized transaction
Fee calculation
When outputs' value don't sum up to the same amount that inputs, the difference in bitcoins goes to the miner of the block that includes this transaction. The concept of a "change address" usually is associated with this: an output with an address that can be spent by the creator of the transaction.
For this reason, some methods in the Transaction class are provided:
change(address)
: Set up the change address. This will set an internal_change
property that will store the change address.fee(amount)
: Sets up the exact amount of fee to pay. If no change address is provided, this will raise an exception.getFee()
: returns the estimated fee amount to be paid, based on the size of the transaction, but disregarding the priority of the outputs.
Internally, a _changeOutput
property stores the index of the change output (so it can get updated when a new input or output is added).
Multisig Transactions
To send a transaction to a multisig address, the API is the same as in the above example. To spend outputs that require multiple signatures, the process needs extra information: the public keys of the signers that can unlock that output.
var multiSigTx = new Transaction()
.from(utxo, publicKeys, threshold)
.change(address)
.sign(myKeys);
var serialized = multiSigTx.toObject();
This can be serialized and sent to another party, to complete with the needed signatures:
var multiSigTx = new Transaction(serialized)
.sign(anotherSetOfKeys);
assert(multiSigTx.isFullySigned());
Upcoming changes
We're debating an API for Merge Avoidance, CoinJoin, Smart contracts, CoinSwap, and Stealth Addresses. We're expecting to have all of them by some time in 2015. Payment channel creation is avaliable in the bitcore-channel module.