The Locking Script (scriptPubKey): The Anchor Guide to Programmable Money
The Locking Script (scriptPubKey): The Anchor Guide to Programmable Money
Executive Summary: Every Bitcoin output is secured by a computer program called a scriptPubKey. This "Locking Script" defines the specific conditions that must be met to spend the unspent output (UTXO) in the future. By using Bitcoin's native, stack-based language (Script), these locks can range from simple single-key signatures to complex multi-signature escrows and time-delayed smart contracts.
🔍 Why This Module Matters
In the traditional banking system, "ownership" is determined by a legal name on a database. In Bitcoin, "ownership" is determined by a Mathematical Challenge. Every piece of bitcoin you own is actually just a UTXO locked with a scriptPubKey challenge that only you can solve. Understanding the structure of these locks is essential for understanding how addresses work, how multisig security is implemented, and how Layer 2 protocols like the Lightning Network function.
🏛️ The Architecture of Bitcoin Script
Bitcoin Script is a specialized, assembly-like language designed for one purpose: Non-Turing Complete Financial Contracts.
1. The Stack-Based Execution
Script works like a stack of plates.
-
Data: Pushed onto the stack.
-
Opcodes (Operations): Perform math, hashing, or logic on the top plates of the stack.
-
Safety: Because it lacks "loops" (Turing Incompleteness), it is impossible to write a script that crashes the Bitcoin network with an infinite loop. Every script has a predictable execution time.
2. The Components of a Lock
A scriptPubKey consists of:
-
Opcodes: Instructions like
OP_DUP,OP_HASH160,OP_CHECKSIG. -
Data: Cryptographic hashes or public keys.
⚙️ Standard Locking Patterns: Decoding the Addresses
Depending on which "Address Type" you use, the scriptPubKey lock changes its internal logic.
| Address Type | Technical Name | Typical Lock Pattern |
|---|---|---|
| Legacy (1...) | P2PKH | OP_DUP OP_HASH160 <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG |
| Nested (3...) | P2SH | OP_HASH160 <ScriptHash> OP_EQUAL |
| SegWit (bc1q..) | P2WPKH | 0 <PubKeyHash> (Version 0 Witness) |
| Taproot (bc1p..) | P2TR | 1 <32-Byte-PubKey> (Version 1 Witness) |
Deep Dive: The P2PKH "Legacy" Lock
This is the most famous script in Bitcoin history:
-
OP_DUP: Copy the public key provided by the spender. -
OP_HASH160: Hash it. -
<PubKeyHash>: Check if the hash matches the one in the lock. -
OP_EQUALVERIFY: If no match, stop immediately (invalid). -
OP_CHECKSIG: Check if the digital signature provided matches the public key.
graph TD
A[Stack Start] --> B[Push PubKey]
B --> C[Push Signature]
C --> D[OP_DUP]
D --> E[OP_HASH160]
E --> F{Match Hash in Lock?}
F -- Yes --> G[OP_CHECKSIG]
G --> H[Final: TRUE/FALSE]
🛠️ Programmable Sovereignty: Beyond Simple Keys
Because scriptPubKey is a language, we can create advanced conditions for spending:
-
Multisig (M-of-N): Requires $M$ signatures from a pool of $N$ possible keys (e.g., 2-of-3 for a corporate treasury).
-
Timelocks (CLTV): Requires that the coins cannot be spent until a specific block height or date has passed.
-
Hashlocks: Requires the spender to reveal a secret (pre-image) that hashes to a specific value.
[!TIP] Smart Contracts: People often think Bitcoin doesn't have smart contracts. In reality, every single transaction is a small, secure smart contract executed by the
scriptPubKey.
🛡️ The Validation Process: Combining ScriptSig and ScriptPubKey
When a node validates a transaction, it performs a Concatenation:
It takes the
scriptSig(Unlocking Script) from the current transaction input.It appends the
scriptPubKey(Locking Script) from the previous output.It runs the combined script.
The Result: If the stack ends with a value of
TRUE(non-zero), the transaction is valid and the coins are "unlocked."
🎯 Learning Objectives for this Module
By the end of this module, you will be able to:
Define
scriptPubKeyand its role in securing Bitcoin outputs.Describe the stack-based execution model of Bitcoin Script.
Recognize the standard locking patterns for Legacy and SegWit addresses.
Explain why Bitcoin Script is not Turing Complete and why this is a safety feature.
Understand the difference between a Locking Script (output) and an Unlocking Script (input).
🗺️ Module Roadmap: What's Next?
We will now explore the specific functional components of Bitcoin's programmable layer:
Unlocking Script (scriptSig): How signatures provide the keys to the locks.
Bitcoin Script Language Reference: A deep dive into Opcodes and Math.
Multisig Locking Mechanics: How groups secure shared funds.
Pay-to-Script-Hash (P2SH): The foundation for complex escrow and smart contracts.
🎓 Summary
The
scriptPubKeyis the definitive "No" in the Bitcoin network. It is the wall that prevents anyone from moving your funds unless they can solve the mathematical puzzle you have set. By understanding how to write and read these locks, you gain the ability to build sophisticated, trustless financial tools on top of the world's most secure ledger.
TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation: