03 - Pay to Public Key Hash (P2PKH)
Last updated
Was this helpful?
Last updated
Was this helpful?
Pay to Public Key Hash (P2PKH) is the most widely used locking script on the blockchain today. It combines the security of elliptic curve signatures with a hash function. The major benefit over the use of a P2PK script is that the user's public key is kept private from the network until the output is spent, providing an additional layer of cryptographic security for the user. The major benefit over the use of a Pay to Hash output is the use of Elliptic curve signatures, which are more secure than hash functions alone.
A pay to public key hash script is defined as follows:
OP_DUP OP_HASH160 <public_key_hash> OP_EQUALVERIFY OP_CHECKSIG
To spend an output that is locked with a P2PKH script, the following solution is provided:
<signature> <public_key>
The validation engine will evaluate the full script as follows:
<signature> <public_key> OP_DUP OP_HASH160 <public_key_hash> OP_EQUALVERIFY OP_CHECKSIG
A breakdown of the script evaluation process is shown below:
Empty.
<sig> <pubKey> | |
OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
scriptSig and scriptPubKey are combined.
<sig> <pubKey>
OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
Signature and public key are added to the stack
<sig> <pubKey> <pubKey>
OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
Public key is duplicated.
<sig> <pubKey> <pubKeyHash>
<pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
Duplication of public key is hashed.
<sig> <pubKey> <pubKeyHash> <pubKeyHash>
OP_EQUALVERIFY OP_CHECKSIG
Expected public key hash is added to the stack
<sig> <pubKey>
OP_CHECKSIG
Equality is checked between the script generated public key hash and expected public key hash.
true
Empty.
The signature is checked against the public key
As shown above, the signature and public key are both provided by the spending party. The public key is hashed, and the hash is checked against an expected value stored in the output. The check uses OP_EQUALVERIFY, automatically failing the script if the check is not equal. Once it is established that the public key hashes to the expected value, OP_CHECKSIG checks the signature and leaves the result of the check on the stack. If the signature is valid, the input can be spent in the transaction.