LogoLogo
LogoLogo
  • Intro
    • Welcome
    • The Benefits of BSV Blockchain
    • What Can I Do?
    • Overview of GitHub repositories
    • Quick Start
  • Protocol
    • Introduction
    • BSV Blockchain
      • Blocks
      • Transactions
      • Proof of Work
      • Capabilities
      • Economic Model of Governance
      • Digital Asset Recovery
    • Network Policies
      • High-Level Architecture
      • Mining
      • Standard and Local Policies
      • Consensus Rules
      • Local Policies
    • Node Operations
      • Node Software
      • Bitcoin Server Network (BSN)
      • ChainTracker
      • Transaction Validation
      • UTXO Storage
      • Mempool
      • Block Assembler
      • Block Validation
      • Mining Software
      • Pruning transactions
      • Responsibilities of a Node
    • SPV Wallets, Overlays and SPV Processes
      • Simplified Payment Verification (SPV)
      • Instant Payments
      • Integrity Checks
      • SPV Wallets & Overlays
    • Transaction Lifecycle
      • Transaction Inputs and Outputs
      • Script
      • Transaction Flow
      • Constructing a transaction
      • Sequence Number and Time Locking
      • Transaction Templates
      • Transaction Processing
      • Opcodes used in Script
    • Privacy
      • Keys and Identity
      • Private vs Anonymous
      • Digital Signatures
      • Privacy on the Public Blockchain
  • Network Access Rules
    • Rules
      • Table of Contents
      • Background to the Rules
      • PART I - MASTER RULES
      • PART II - GENERAL RULES
      • PART III - ENFORCEMENT RULES
      • PART IV - DISPUTE RESOLUTION RULES
      • PART V - INTERPRETIVE RULES
    • FAQs
      • Miners
      • Professionals
      • Users
  • Important Concepts
    • High Level
      • Web3
      • Timestamping
      • SPV
      • UTXO vs Account Based
      • Linked Keys
      • Smart Contracts
    • Details
      • Hash Functions
      • Merkle Trees
      • Sighash Flags
      • Script
      • SPV
        • Deep Dive
        • Payments Flow
        • Data Models
        • Broadcasting
  • Network Topology
    • Mandala Upgrade
    • Nodes
      • SV Node
        • Architecture
        • System Requirements
        • Installation
          • SV Node
            • Configuration
            • AWS Volumes Setup
            • DDOS Mitigation
            • Docker
            • Genesis Settings
            • GetMiningCandidate
            • GKE
            • Network Environments
              • Regtest
              • STN
              • Testnet
        • Alert System
          • Alert Messages
          • Running the Alert System
            • Startup Script
          • Webhooks
        • RPC Interface
          • RPC Methods
        • Frequently Asked Questions
          • Blocks
          • Initial Block Download
          • Transactions
          • Log File Warnings
          • Safe Mode
          • Bug Bounty
        • Chronicle Release
      • Teranode
    • Overlay Services
      • Overlay Example
    • SPV Wallet
      • Quickstart
      • Key Concepts
      • AWS Deployment
        • Installation
        • Manage & Maintain
        • Update
        • Delete
      • Components
        • SPV Wallet Server
        • Storage
        • Web Admin
        • Block Headers Service
        • Web App & API
      • Who is it for?
      • Functionality & Roadmap
      • Contribute
      • Developers Guide
        • SPV Wallet
          • Authentication
          • Configuration
          • Notification
        • Go Client
          • Authentication
        • JS Client
          • Authentication
        • Admin
        • Keygen
        • Block Headers Service
          • Authentication
          • Configuration
      • Additional Components
  • paymail
    • Overview
    • BRFC Specifications
      • Specification Documents
      • BRFC ID Assignment
    • Service Discovery
      • Host Discovery
      • Capability Discovery
    • Public Key Infrastructure
    • Payment Addressing
      • Basic Address Resolution
      • Sender Validation
      • Receiver Approvals
      • PayTo Protocol Prefix
    • Verify Public Key Owner
    • Recommendations
  • Guides
    • Local Blockchain Stack
      • Mockchain Stack
    • Business Use Cases
      • Creating a Tranche of Event Tickets
    • SDKs
      • Concepts
        • BEEF
        • Fees
        • SPV
        • Transactions
        • Op Codes
        • Script Templates
        • Signatures
        • Verification
      • TypeScript
        • Node, CommonJS
        • React
        • Low Level
          • Verification
          • ECDH
          • Numbers & Points
          • Signatures
          • 42
          • ECDSA
          • Hmacs
          • Keys
          • Scripts
        • Examples
          • Creating a Simple Transaction
          • Verifying a BEEF Structure
          • Creating Transactions with Inputs, Outputs and Templates
          • Creating the R-puzzle Script Template
          • Message Encryption and Decryption
          • Message Signing
          • Building a Custom Transaction Broadcast Client
          • Verifying Spends with Script Intrepreter
          • BIP32 Key Derivation with HD Wallets
          • Using Type 42 Key Derivation for Bitcoin Wallet Management
          • Creating a Custom Transaction Fee Model
          • Building a Pulse Block Headers Client
          • Using ECIES Encryption
      • Go
        • Examples
          • Simple Tx
          • Keys
          • Encryption
          • Broadcasting
          • Inscribing
          • Data Markers
          • Linked Keys
          • ECIES
          • Fees
          • HD Keys
          • Headers
          • Secure Messages
          • Merkle Path Verification
      • Python
        • Examples
          • Simple Tx
          • Verifying BEEF
          • Complex Tx
          • Script Templates
          • Encryption
          • Message Signing
          • Building A Custom Broadcaster
          • HD Wallets
          • Linked Keys
          • Fees
          • Merkle Path Verification
          • ECIES
  • BSV Academy
    • Getting Started
    • BSV Basics: Protocol and Design
      • Introduction
        • Bit-Coin
      • The BSV Ledger
        • The Ledger
        • Triple Entry Accounting
        • Example
      • Coins and Transactions
        • Coins
        • Transactions
        • Transaction Fees
      • Theory
      • Conclusion
    • BSV Enterprise
      • Introduction
      • About BSV Blockchain
        • Introduction
        • Safe, Instant Transactions at a Predictably Low Cost
          • Reliably Low Fees
          • Comparison to Legacy Transaction Systems
          • Payment Channels
        • Scalability to Accommodate Global Demand
          • Big Blocks Show Big Potential
        • A Plan for Regulatory Acceptance
          • Ready-made Compliance
          • The Open BSV License
        • Protocol Stability
          • Building Foundations on a Bedrock of Stone
      • Technical Details
        • The Network
          • The Small World Network
          • Robust In Its Unstructured Simplicity
        • The Bitcoin SV Node Client
          • Teranode - The Future of BSV
        • The Protocol - Simple, Robust and Unbounded
          • What is the BSV Protocol?
        • Proof of Work
          • The Algorithm
          • Efficiency of Proof of Work
        • Privacy and Identity
        • Permissions and Privacy
      • Resources and Tools
        • The Technical Standards Comittee
          • TSC Principles
          • Standard Development Process
          • Status of Current and In-progress Standards
        • The Working Blockchain
          • Pruning to Create a Working Blockchain
          • Building a Working Blockchain from a List of Block Headers
          • A World View Backed by Proof of Work
    • Hash Functions
      • What are Hash Functions?
        • The Differences Between Hashing and Encryption
        • The Three Important Properties of Hash Functions
        • The Hash Functions Found in BSV
      • Base58 and Base58Check
        • What is Base58 and Why Does Bitcoin use it?
        • What is Base58 and How Does BSV use it?
      • SHA256
        • BSV Transactions and SHA-256
        • BSV Blocks and SHA-256
        • Proof-of-Work and HASH-256
      • Walkthrough Implementation of SHA-256 in Golang
        • Overview of SHA-256
        • SHA-256 Input and Processing
        • SHA-256 Compression
        • SHA-256 Final Value Construction and Output
      • RIPEMD-160
        • BSV Addresses & WIFs
      • Walkthrough Implementation of RIPEMD-160 in Golang
        • Overview of RIPEMD-160
        • RIPEMD-160 Input and Processing
        • RIPEMD-160 Compression
        • RIPEMD-160 Final Value Construction and Output
      • Doubla Hashing and BSV's Security
        • Why is Double Hashing Used in BSV
        • Hash Functions and BSV's Security Model
    • Merkle Trees
      • The Merkle Tree
        • What is a Merkle Tree?
        • Why use a Merkle Tree?
        • Merkle Trees in Action
      • Merkles Trees in BSV
        • The Data Elements
        • Transaction Merkle Trees
        • Transaction Merkle Trees in Action
      • Merkle Trees and the Block Header
        • What is the Block Header
        • The Hash Puzzle
        • Proof-of-Work in Action
      • Merkle trees and Verifying Proof of Work
        • Broadcasting the Block
        • The Coinbase Transaction
        • Data Integrity of the Block
        • Saving Disk Space
      • Standarised Merkle Proof
        • What is a Merkle Proof?
        • The BSV Unified Merkle Path (BUMP) Standard
        • Simple and Composite Proofs
      • Merkle Trees and Simplified Payment Verification
        • SPV
        • Offline Payments
    • Digital Signatures
      • What are Digital Signatures
        • Background
        • Introduction
        • Digital Signatures Protocol
        • Properties of Digital Signatures
      • ECDSA Prerequisites
        • Disclaimer
        • Modular Arithmetic
        • Groups, Rings and Finite Fields
        • Discrete Logarithm Problem
        • Elliptic Curve Cryptography (ECC)
        • Discrete Logarithm Problem with Elliptic Curves
      • ECDSA
        • Introduction
        • ECDSA
        • Further Discussion
      • BSV and Digital Signatures
        • Introduction
        • BSV Transaction
        • ECDSA (secp256k1) for BSV Transaction
        • Summary
        • Signed Messages
        • Miner Identification and Digital Signatures
    • BSV Theory
      • Abstract
        • Peer-to-Peer Cash
        • Digital Signatures and Trusted Third Parties
        • Peer-to-Peer Network
        • Timechain and Proof-of-Work
        • CPU Power
        • Cooperation in the Network
        • Network Structure
        • Messaging Between Nodes
      • Introduction
        • Commerce on the Internet
        • Non Reversible Transactions
        • Privacy in Commerce
        • The Paradigm of Fraud Acceptance
        • What is Needed...
        • Protecting Sellers From Fraud
        • Proposed Solution
        • Security and Honesty
      • Transactions
        • Electronic Coins
        • Spending a Coin
        • Payee Verification
        • Existing Solutions
        • First Seen Rule
        • Broadcasting Transactions
        • Achieving Consensus
        • Proof of Acceptance
      • Timestamp Server
        • Timestamped Hashes
        • A Chain of Timestamped Hashes
      • Proof of Work
        • Hashcash
        • Scanning Random Space
        • Nonce
        • Immutable Work
        • Chain Effort
        • One CPU, One Vote
        • The Majority Decision
        • The Honest Chain
        • Attacking the Longest Chain
        • Controlling the Block Discovery Rate
      • Network
        • Running the Network
        • The Longest Chain
        • Simultaneous Blocks
        • Breaking the Tie
        • Missed Messages
      • Incentive
        • The Coinbase Transaction
        • Coin Distribution
        • Mining Analogy
        • Transaction Fees
        • The End of Inflation
        • Encouraging Honesty
        • The Attacker's Dilemma
      • Reclaiming Disk Space
        • Spent Transactions
        • The Merkle Tree
        • Compacting Blocks
        • Block Headers
      • Simplified Payment Verification
        • Full Network Nodes
        • Merkle Branches
        • Transaction Acceptance
        • Verification During Attack Situations
        • Maintaining an Attack
        • Invalid Block Relay System
        • Businesses Running Nodes
      • Combining and Splitting Value
        • Dynamically Sized Coins
        • Inputs and Outputs
        • A Typical Example
        • Fan Out
      • Privacy
        • Traditional Models
        • Privacy in Bitcoin
        • Public Records
        • Stock Exchange Comparison
        • Key Re-Use
        • Privacy - Assessment 2
        • Linking Inputs
        • Linking the Owner
      • Calculations
        • Attacking the Chain
        • Things the Attacker Cannot Achieve
        • The Only Thing an Attacker Can Achieve
        • The Binomial Random Walk
        • The Gambler's Ruin
        • Exponential Odds
        • Waiting For Confirmation
        • Attack Via Proof of Work
        • Vanishing Probabilities
      • Conclusion
        • Conclusion Explained
    • Introduction to Bitcoin Script
      • Chapter 1: About Bitcoin Script
        • 01 - Introduction
        • 02 - FORTH: A Precursor to Bitcoin Script
        • 03 - From FORTH to Bitcoin Script
        • 04 - Bitcoin's Transaction Protocol
        • 05 - Transaction Breakdown
        • 06 - nLockTime
        • 07 - The Script Evaluator
      • Chapter 2: Basic Script Syntax
        • 01 - Introduction
        • 02 - Rules Around Data and Scripting Grammar
        • 03 - The Stacks
      • Chapter 3: The Opcodes
        • 01 - Introduction
        • 02 - Constant Value and PUSHDATA Opcodes
        • 03 - IF Loops
        • 04 - OP_NOP, OP_VERIFY and its Derivatives
        • 05 - OP_RETURN
        • 06 - Stack Operations
        • 07 - Data transformation
        • 08 - Stack Data Queries
        • 09 - Bitwise transformations and Arithmetic
        • 10 - Cryptographic Functions
        • 11 - Disabled and Removed Opcodes
      • Chapter 4: Simple Scripts
        • 01 - Introduction
        • 01 - Pay to Public Key (P2PK)
        • 02 - Pay to Hash Puzzle
        • 03 - Pay to Public Key Hash (P2PKH)
        • 04 - Pay to MultiSig (P2MS)
        • 05 - Pay to MultiSignature Hash (P2MSH)
        • 06 - R-Puzzles
      • Chapter 5: OP_PUSH_TX
        • 01 - Turing Machines
        • 02 - Elliptic Curve Signatures in Bitcoin
        • 03 - OP_PUSH_TX
        • 04 - Signing and Checking the Pre-Image
        • 05 - nVersion
        • 06 - hashPrevouts
        • 07 - hashSequence
        • 08 - Outpoint
        • 09 - scriptLen and scriptPubKey
        • 10 - value
        • 11 - nSequence
        • 12 - hashOutputs
        • 13 - nLocktime
        • 14 - SIGHASH flags
      • Chapter 6: Conclusion
        • Conclusion
    • BSV Infrastructure
      • The Instructions
        • The Whitepaper
        • Steps to Run the Network
        • Step 1
        • Step 2
        • Step 3
        • Step 4
        • Step 5
        • Step 6
      • Rules and their Enforcement
        • Introduction
        • Consensus Rules
        • Block Consensus Rules
        • Transaction Consensus Rules
        • Script Language Rules
        • Standard Local Policies
      • Transactions, Payment Channels and Mempools
      • Block Assembly
      • The Small World Network
        • The Decentralisation of Power
        • Incentive Driven Behaviour
        • Lightspeed Propagation of Transactions
        • Ensuring Rapid Receipt and Propagation of New Blocks
        • Hardware Developments to Meet User Demand
        • Novel Service Delivery Methods
        • MinerID
      • Conclusion
  • Research and Development
    • BRCs
    • Technical Standards
  • Support & Contribution
    • Join Our Discord
    • GitHub
Powered by GitBook
On this page
  • Stack Duplicators
  • Stack Eliminators
  • Stack Relocators
  • Alt Stack Operators

Was this helpful?

Edit on GitHub
Export as PDF
  1. BSV Academy
  2. Introduction to Bitcoin Script
  3. Chapter 3: The Opcodes

06 - Stack Operations

Previous05 - OP_RETURNNext07 - Data transformation

Last updated 3 months ago

Was this helpful?

Stack operations include opcodes who's primary purpose is to process modifications to the stack, without creating any new or modified values.

Stack Duplicators

Stack duplicators are opcodes that duplicate items at one or more locations on the stack. The Duplicators are as follows:

Word
Input
Output
Description

OP_DUP

x

x x

Duplicates the top stack item.

OP_2DUP

x1 x2

x1 x2 x1 x2

Duplicates the top two stack items.

OP_3DUP

x1 x2 x3

x1 x2 x3 x1 x2 x3

Duplicates the top three stack items.

OP_IFDUP

x

x / x x

If the top stack value is not 0, duplicate it.

OP_OVER

x1 x2

x1 x2 x1

Copies the second-to-top stack item to the top.

OP_2OVER

x1 x2 x3 x4

x1 x2 x3 x4 x1 x2

Copies the pair of items two spaces back in the stack to the front.

OP_PICK

xn ... x2 x1 x0 <n>

xn ... x2 x1 x0 xn

The item n back in the stack is copied to the top.

OP_TUCK

x1 x2

x2 x1 x2

The item at the top of the stack is copied and inserted before the second-to-top item.

Stack Eliminators

Stack eliminators are opcodes that eliminate one or more items from the stack. The eliminators are as follows:

Word
Input
Output
Description

OP_DROP

x

Nothing

Removes the top stack item.

OP_2DROP

x1 x2

Nothing

Removes the top two stack items.

OP_NIP

x1 x2

x2

Removes the second-to-top stack item.

Stack Relocators

Stack relocators are opcodes that move one or more items from their locations on the stack to a new location on the stack. The relocators are as follows:

Word
Input
Output
Description

OP_SWAP

x1 x2

x2 x1

The top two items on the stack are swapped.

OP_2SWAP

x1 x2 x3 x4

x3 x4 x1 x2

Swaps the top two pairs of items.

OP_ROT

x1 x2 x3

x2 x3 x1

The top three items on the stack are rotated to the left.

OP_2ROT

x1 x2 x3 x4 x5 x6

x3 x4 x5 x6 x1 x2

The fifth and sixth items back are moved to the top of the stack.

OP_ROLL

xn ... x2 x1 x0 <n>

... x2 x1 x0 xn

The item n back in the stack is moved to the top.

Alt Stack Operators

The Bitcoin Script evaluation engine has a secondary 'Altstack' available to store data as needed for calculations. There are just 2 opcodes used to interface with the altstack, one which pushes data items onto the top and one which pulls data items from the top. The Altstack operates as a LIFO (Last In First Out) buffer.

The altstack is useful for storing items for later processing that would otherwise have to be moved to the back of the stack and retrieved,

Word
Input
Output
Description

OP_TOALTSTACK

x1

(alt)x1

Puts the input onto the top of the alt stack. Removes it from the main stack.

OP_FROMALTSTACK

(alt)x1

x1

Puts the input onto the top of the main stack. Removes it from the alt stack.

Example 1:

OP_DUP OP_1 OP_EQUAL OP_IF

OP_DROP <pubkey1> OP_CHECKSIG

OP_ELSE

OP_2 OP_EQUAL OP_IF

<pubkey2> OP_CHECKSIG

OP_ELSE

OP_FALSE OP_RETURN

OP_ENDIF

OP_ENDIF

In this example, one of two parties can sign a transaction, and indicate which party is signing the script by appending a 1 or a 2 to their solution. This can be spent using one of the two following scriptSigs:

<signature1> <1>

<signature2> <2>

If any other value other than 1 or 2 is at the top of the stack, the script will fail.

This can be useful as it forces the signing party to indicate which key is being used within the script, allowing their identity to be captured without evaluating signatures.

Example 2:

OP_2DROP <pubkey> OP_CHECKSIG

In this example, the output being spent is used to capture data on the ledger which is not relevant to the spending of the token. This script can be validly spent using the following scriptSig:

<signature> <data_item1> <data_item2>

Example 3:

OP_IFDUP OP_IF

<pubkey1> <pubkey2> 2 OP_CHECKMULTISIG

OP_ELSE

<pubkey> OP_CHECKSIG

OP_ENDIF

In this example, the first loop can be entered if either 1, 2, or 3 of the signing parties required choose to sign using one of the following scriptSigs:

<x> <signature1> <1>

<x> <signature2> <1>

<x> <signature1> <signature2> <2>

In these solutions, the number of signatures to be checked is the last item on the stack, confirming the number of signatures needed.

To enter the second loop, the signing party would use the following scriptSig:

<signature> <0>

The 0 tells the script that the second entity wishes to sign using a single signature check, so there is no need to keep the value on the stack.

Example 4:

OP_OVER OP_SIZE OP_1SUB OP_SPLIT OP_NIP <sighash> OP_EQUAL OP_NOTIF

OP_FALSE OP_RETURN

OP_ENDIF

Example 5:

OP_1SUB OP_DUP OP_TOALTSTACK OP_NOTIF

2 <pubkey1> <pubkey2> 2 OP_CHECKMULTISIG

OP_FROMALTSTACK OP_DROP

OP_ELSE

OP_FROMALTSTACK OP_1SUB OP_NOTIF

<pubkey> OP_CHECKSIG

OP_ELSE

OP_FALSE OP_RETURN

OP_ENDIF

OP_ENDIF

In this example, the spending party is one of two entities. To spend the transaction they must indicate to the script using an integer value of 1 or 2 which path they wish to take. The first entity requires a 2of2 multisignature solution which they would solve with the following scriptSig:

<x> <signature1> <signature2> <1>

with the first element <x> being required due to a protocol bug (explained later), then the 2 signatures and the integer value <1> to show they wish to enter the first loop of the transaction.

By subtracting 1 from the value before duplicating it and storing the copy on the altstack, we can save space by performing a NOTIF check rather than comparing the value using OP_1 OP_EQUAL OP_IF. The value stored on the altstack is then pulled and dropped

If the second entity wishes to sign, they would use the following scriptSig:

<signature> <2>

After the loop identifier is pulled from the altstack, a second subtraction is performed before a NOTIF check is done. In the second loop a single signature check is performed before the nested IF loops are exited.

If the top value on the stack is neither 1 nor 2, the script will enter the nested OP_ELSE statement where OP_FALSE OP_RETURN will cause it to fail.

In this example OP_OVER is used to bring the signature to the top of the stack. It's size is queried and subtracted by 1 before it is split, and the main part nipped from the stack, leaving just the SIGHASH flag which is then checked against a particular mask. If the correct SIGHASH flag is not used, the script fails. Opcodes such as OP_SIZE, OP_EQUAL and OP_1SUB will be covered in later parts of this chapter. For further information on the structure of DER signatures in Bitcoin, please visit .

this page