Combination of Ubuntu 16/18, Docker and UFW poses a bit of a security issue. Docker, by default, directly manipulates iptables. The UFW rules you specified will not apply to docker containers.

Setup UFW firewall:

sudo ufw allow ssh
sudo ufw default deny incoming
sudo ufw allow 443
sudo ufw enable
sudo ufw status verbose

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22                         ALLOW IN    Anywhere
22 (v6)                    ALLOW IN    Anywhere (v6)

Start docker container with exposed port:

docker run -p 5432:5432 -it postgres

2019-02-18 11:52:56.601 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2019-02-18 11:52:56.602 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2019-02-18 11:52:56.606 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2019-02-18 11:52:56.631 UTC [50] LOG:  database system was shut down at 2019-02-18 11:52:56 UTC
2019-02-18 11:52:56.640 UTC [1] LOG:  database system is ready to accept connections

Try to connect:

Success!

How to fix problem?

First way: do not expose ports, use --net=host options for containers

Second way: disable this Docker behaviour by creating or modifying /etc/docker/daemon.json

sudo nano /etc/docker/daemon.json

{ "iptables": false }

sudo service docker restart

Try to connect:

Connection failed. Problem fixed.

Bitcoin is a revolutionary economic invention. It combines a number of key differences that make it the most modern and honest form of money.

Limited emission

Through the centuries, mankind was trying to find the ideal form of money. One that could store the value over the time and be suitable for use as a medium of exchange and measurement of value.

One of the key problem that has been faced during the search of ideal money is that any commodity used for the accumulation of wealth is subject to depreciation due to a significant increase in the production of this commodity. The only commodity that turned out to be the most suitable for relatively safe storage of wealth turned out to be gold.

Gold was chosen by trial and error. It turned out to be a quite rare substance with unique physical properties that doesn’t allow it to be synthesized on an industrial scale. These properties are a physical barrier that protects gold from a significant increase in its production. The average annual increase in the volume of gold mined in the world is no more than 2.5%, despite the increase in its supply, technical progress and the development of technology. For comparison, silver has many times higher rates of annual increase in total supply, which led to a significant depreciation of it relative to gold over time. These properties are natural restrictions that protect accumulated wealth from depreciation.

Throughout history, rulers exacerbated store of value problem by trying to control money and its emission. They practiced minting coins with a lower content of precious metal, while maintaining the denomination of the coin, thereby profiting from the citizens of their state. After the onset of paper money, banknote printing is practiced, and with the development of computer technology it is sufficient to regulate the banking multiplier parameter in the banking system to increase the money supply. These processes no longer belong to the natural, but are artificially created by those who control the money. There have been periods in history when the monetary value was strictly tied to the weight of gold. During these periods of accumulation were subject to inflation only for natural reasons.Nowadays, all states have switched to totalitarian monetary policy, using paper cash and non-cash money in the form of records in banks’ databases. Central banks fully control the money supply, where the cost of increasing the money supply is about zero. Inflationary monetary policy has become the backbone of the economy.

Bitcoin, in contrast to the previously existing forms of money, has completely limited emissions. The rate of emission is set by the algorithm and decreases every 4 years by 2 times. By 2020, the bitcoin emission rate will correspond to the average gold production rate and will gradually continue to decrease. The total number of bitcoins is limited to twenty one million, on which achievement bitcoin mining will stop altogether. This property protects Bitcoin from depreciation due to increased production and makes it more efficient than gold to save value. Emission stretched in time, allows to obtain a relatively even distribution of money than the concentration of large volumes of a small number of persons.

The high volatility of the price, which we are now seeing, is associated with the stage of the formation of Bitcoin as money. Over time and the growth of capitalization, these price fluctuations will become insignificant.

Decentralization

The emergence of a democratic form of government, the destruction of monarchies and dictatorial regimes, is associated with the economic transformations that have taken place in our history.A huge role was played by the development of international trade and the development of banking and trading houses. The ancestor of paper money, is a hierarchical system of promissory notes, invented by bankers and traders of the Middle Ages, who were persecuted by rulers, pursuing only their own interests, ambitions and desire to retain power. To solve financial problems, such as financing wars and the safe transportation of large sums of money when collecting church taxes, one had to resort to services of joint trading and bank houses. What ultimately led to the merger of states with bank houses. As an example of such a merger, the appearance of the Bank of England and the issuance of the first banknotes on behalf of the king can be cited. This event in history is revolutionary, because, contrary to the wishes of the rulers, had to share power.

Bitcoin de facto is the only decentralized system, without any leader or group of people managing this system. All actions in Bitcoin occur according to a strictly defined algorithm, which is available to everyone for study and familiarization. Any changes in the algorithm are possible only if the majority of users come to a consensus on making these changes. At the moment, the Bitcoin network consists of approximately 10,000 nodes distributed throughout the planet. The need to reach general consensus protects Bitcoin from control and the lack of a single center protects against destruction. The more bitcoin is distributed the more protected it becomes.

After the invention of Bitcoin, various other cryptocurrencies began to appear, to a greater or lesser extent, copying Bitcoin, but all of them have individuals controlling the change in the algorithm or are completely controlled by a small group of individuals.

No censorship

Throughout history, the rulers somehow controlled the money. Since the introduction of government paper money, control only continued to intensify. In the history of America in 1933, a ban on possession was introduced and gold was confiscated from the population. The exchange of paper money for gold was available only to states.

With the development of technology and the Internet, this control moves to a new level. They are trying to deprive us of financial freedom completely, even in the use of government money. At the moment, there is an active campaign to eliminate cash paper money. Already, we exist in a world where a veiled cash tax is practiced. Banks offer loyalty programs for card payments, which de facto makes using cash payments more expensive than non-cash payments. As soon as this process of transition to completely non-cash payments is completed, we will find ourselves in total control of governments and banks. When making a purchase in a store using a bank card, or when making a transfer through a bank, we first ask the bank for permission to perform this operation, with the money that is stored in the bank account. The account can be blocked at any time or a direct withdrawal (confiscation) of funds in the account can be made.

Bitcoin, thanks to its decentralized architecture, asymmetric cryptography and a system of transaction fees, is protected from various types of censorship. The censorship of transactions in the Bitcoin network is possible only if all members of the Bitcoin network who verify the transactions and form the blocks of miner transactions are controlled. The more decentralized Bitcoin mining, the more difficult it becomes to gain control over all miners. Even in the case of short-term success in censoring transactions, an increase in transaction fees creates additional economic incentives for the emergence of new miners who will be interested in conducting censored transactions. Asymmetric cryptography used in Bitcoin provides protection against censoring when creating accounts, it is impossible to influence this process, just as it is impossible to confiscate or debit money from an account to anyone except the owner.

Double spend protection

Cash has one of the major drawbacks — the need to physically be present for both parties to the transaction in the same place.With the development of modern computer communication systems, non-cash payment systems were invented. Cashless payment systems up to Bitcoin, had a centralized architecture and were built with the participation of the central hub acting as an arbitrator. The arbiter is the central banks or the operator of payment systems. They in turn guarantee that the sender will not be able to send the same money several times, reducing the available balance on the sender’s account. Naturally, such an architecture allows an arbitrator to abuse trust in various ways. It is important to consider that in these systems all funds are fully stored and controlled on the side of the arbitrator, and other participants can only ask the arbitrator to perform operations hoping for his loyalty.

Bitcoin represents the first digital money system similar to cash, where an arbitrator is not required for a transaction and trust between participants in the transaction is not required. This is achieved through several components:

• transaction validation and double spend prevention is done by miners
• the algorithm of the proof of work ensures the randomness of the choice of the miner, which allows for fair operation even in a deliberately aggressive environment
• chain of verified transaction blocks protect transaction history from changes due to cryptographic fingerprints
• economic incentives in the form of transaction fees and emission rewards, gives the miners the initiative to come to a consensus

Together, these components protect against double spending, without the participation of the arbitrator and without the parties’ trust to each other. This innovative solution is a common case of solving the “problem of the Byzantine generals” from cryptology, which was formulated when Bitcoin was invented and is one of the most significant innovation.

The process of signing transaction input consists of 2 stages. The first stage is the formation of a message that will be signed by a private key, the second stage is the calculation of the signature itself. The message to be signed is a 32 byte hash (double sha256) from the transaction template generated in accordance with the signature type.

This article describes all types of signatures. Shows what part of the transaction structure is covered by this type of signature, and briefly describes how the transaction template for each type of signature is generated. For each type provided real example. All hash pre-image (transaction template) examples provided for non-segwit transaction:

0100000003ae8fe99eac2ced7681fdd2aedd25a83ff88fbed347571a2d7cb54aeb85a883f4010000006a473044022012048b6ac38277642e24e012267cf91c22326c3b447d6b4056698f7c298fb36202201139039bb4090a7cfb63c57ecc60d0ec8b7483bf0461a468743022759dc50124012102317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0ffffffff5704be9a882060ac36f96e204553e92d37c78f831d84dce32832f4c0b919e594000000006a47304402207601fb44eab2eaf87b7988e672657c763d7ba0337cf19a3ba8fcdee55da483ec022067122f2e4aa523b1a081ad2b7a94a90cca16cd2a5214b31649a2e8aaf5565427012102dec5f30310c48e3ced04237a995469c41182383ee403d904ccb19ef85feaafa9ffffffff5704be9a882060ac36f96e204553e92d37c78f831d84dce32832f4c0b919e594010000006a473044022002f924830a1cf8214da7601e17a74d5e197c3f9b043d2964b4b4e99cfaf38f8402201587208194bc578e17d274ce5d7db253ce48d24ddd4f574377535d437351a74f0121032a934955fbdd4601265c801150f999ba6cda536de2dbfcab7d6912c803211b9bffffffff0563fb7805000000001976a914cd2be655e57086668a5be28c02f5563c06a1b47b88aca3738402000000001976a914ddcb7fedaacc18da645a2d7ffdabbc24880e288a88aca71b9a00000000001976a91486165b6dc00d1ae52685ed594f8262f39ec0150c88ac867f0d03000000001976a91421b95ee973b8966ff6cf039969491801cc42f1a088ace7489601000000001976a914c879015ab911026b277e48231a2bf256c6e9492688ac00000000

Examples for segwit transaction:

020000000001029d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf000000000171600144c54f5eb3063f89cc3b85a6b53b5f894345f368cfeffffffbdb0697236af2157163e6422dd96b33f65e5b8dea8995cdfff4b15a72b61d5a50000000017160014bce7218c126924b6cb203e0ac465647ec8ccee8dfeffffff0285ac1a000000000017a91460c3cfca3e622480cd67a6b7110c73f1de5aff04877f1a0900000000001976a914956b62c9f2dcf00e93bc6422ec9eea427f32353788ac02483045022100f5ac21aebd09acf08495684b3632b2a9a54085e2f46ff2d74822b2c9568cb457022047936507ff77d032a221f0672cfb279bba525f1a71b4eca0563f3422d10e3dc50121034e08b96022a79da60fa9a90f5c5c0a4ae554cb25851cddc00c6a7d3b281b3cd5024830450221009ffda404de89bfcb785de58ad957b7638ff30bb880af99cf4fd196e9e60034aa0220694a0fc09b8e8927f676e4ad7d8043999e8eace3ae17ee3f1007fe977250b618012103ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e8b1c0800

All image examples provided for this transaction:

SIGHASH_ALL signature type

This is the most commonly used type of signature, signs all inputs and outputs, protecting all elements from modification. Signature scripts are not subject to signature and are always deleted from all inputs before forming a signature hash pre-image template before the signature process begins.

Example for non-segwit transaction, signs input with index 0:

Public key:

02317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0

Pre-image:

0000000100000000ac882649e9c656f22b1a23487e276b0211b95a0179c814a9761900000000019648e7ac88a0f142cc011849699903cff66f96b873e95eb92114a9761900000000030d7f86ac880c15c09ef362824f59ed8526e51a0dc06d5b168614a9761900000000009a1ba7ac888a280e8824bcabfd7f2d5a64da18ccaaed7fcbdd14a9761900000000028473a3ac887bb4a1063c56f5028ce25b8a668670e555e62bcd14a97619000000000578fb6305ffffffff000000000194e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe0457ffffffff000000000094e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe0457ffffffffe09b90a0d6ead24bbbc7ada6ec36dc9561d4510abbe8bf251838430ccde67e31022100000001f483a885eb4ab57c2d1a5747d3be8ff83fa825ddaed2fd8176ed2cac9ee98fae0300000001

Sighash:

d9c85312f47d05449c0f05fb09d726a309d75fd598ce927fbc565f0750412e14

Example for segwit transaction, signs input with index 0:

Public key:

 03ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e

Amount: 1142938

Pre-image:

020000000079ee2e593f194687f6a899d8c691d4d27931c82d5824b89c9c348d415e0880c992651ac89a97aecd0811c1761915a8e2c8f5153d1bdd994a789e6bd86ab7179d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf00000000003ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e9a70110000000000feffffffee526ec083b5121f7dd631c5b6ea8bb6e9ac633f9741497403b1615a5f94163b8b1c080001000000

Sighash:

9b3eda3e7a1c8bb7673d08084389db4fbc30a9bdaf0cd93684405edfd97e9715

SIGHASH_SINGLE signature type

All output excluded from the pre-image template, except one output whose index corresponds to the index of the signing input. All inputs include to pre-image but sequence field for non signing inputs are excluded and can be updated.

If signing input index matches the non-existent output, an exception occurs in which the hash of the template returns the value 1. Signing input with hash from pre-image equally 1 will lead to compromise private key.

Example for non-segwit transaction, signs input with index 1:

Public key:

02317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0

Pre-image:

0000000300000000ac888a280e8824bcabfd7f2d5a64da18ccaaed7fcbdd14a9761900000000028473a300ffffffffffffffff0200000000000000000194e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe0457ffffffffe09b90a0d6ead24bbbc7ada6ec36dc9561d4510abbe8bf251838430ccde67e3102210000000094e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe0457000000000000000001f483a885eb4ab57c2d1a5747d3be8ff83fa825ddaed2fd8176ed2cac9ee98fae0300000001

Sighash:

8a3810a1994d4f956a54e8cdd600c5cbf9b4c278f39552870bcaba2f380a49d2

Example for segwit transaction, signs input with index 0:

Public key:

03ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e

Amount: 1142938

Pre-image:

020000000079ee2e593f194687f6a899d8c691d4d27931c82d5824b89c9c348d415e088000000000000000000000000000000000000000000000000000000000000000009d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf00000000003ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e9a70110000000000feffffffdbc1cd31f4cae57f414f7f9c8b23f7fd3e07fbdb0611dbc6680a2e504748f8b98b1c080003000000

Sighash:

0b4435260ec8d8ad304c6678727a13028118bc8e14990da18dd9202a9f0627c0

SIGHASH_NONE signature type

Signs of all inputs, all outputs are excluded from the pre-image template. Sequence field for non signing inputs are excluded and can be updated. Any output can be changed until another transaction input does not lock outputs with a different type of signature. The use of this type of signature without the combination with another type of signatures that impose a lock on the outputs is unsafe.

Example for non-segwit transaction, signs input with index 0:

Public key:

02317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0

Pre-image:

00000002000000000000000000000000000194e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe045700000000000000000094e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe0457ffffffffe09b90a0d6ead24bbbc7ada6ec36dc9561d4510abbe8bf251838430ccde67e31022100000001f483a885eb4ab57c2d1a5747d3be8ff83fa825ddaed2fd8176ed2cac9ee98fae0300000001

Sighash:

e18470175dff934e34fb767ec5198aed37d2d1953ad8418fec381961f467fa38

Example for segwit transaction, signs input with index 0:

Public key:

03ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e

Amount: 1142938

Pre-image:

020000000079ee2e593f194687f6a899d8c691d4d27931c82d5824b89c9c348d415e088000000000000000000000000000000000000000000000000000000000000000009d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf00000000003ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e9a70110000000000feffffff00000000000000000000000000000000000000000000000000000000000000008b1c080002000000

Sighash:

d17e502f7e656adc4f17ecaf13bd2e53bdf9a387552b5de3b2b28f6504b95183

SIGHASH_ALL + SIGHASH_ANYONECANPAY flag

Signs all of the outputs but only this one input. Rest inputs excluded. This type allows anyone to add or remove other inputs, so anyone can add funds to the transaction but cannot change destination.

Example for non-segwit transaction, signs input with index 0:

Public key:

02317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0

Pre-image:

0000008100000000ac882649e9c656f22b1a23487e276b0211b95a0179c814a9761900000000019648e7ac88a0f142cc011849699903cff66f96b873e95eb92114a9761900000000030d7f86ac880c15c09ef362824f59ed8526e51a0dc06d5b168614a9761900000000009a1ba7ac888a280e8824bcabfd7f2d5a64da18ccaaed7fcbdd14a9761900000000028473a3ac887bb4a1063c56f5028ce25b8a668670e555e62bcd14a97619000000000578fb6305ffffffffe09b90a0d6ead24bbbc7ada6ec36dc9561d4510abbe8bf251838430ccde67e3102210000000094e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe04570100000001

Sighash:

dc2f3eb93b9bd2a8ce4f1a6f9c834cef1fedeb174317a790d7a07275965b91be

Example for segwit transaction, signs input with index 0:

Public key:

03ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e

Amount: 1142938

Pre-image:

02000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf00000000003ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e9a70110000000000feffffffee526ec083b5121f7dd631c5b6ea8bb6e9ac633f9741497403b1615a5f94163b8b1c080081000000

Sighash:

1cf67c0342fe34ff6b96ba11912586dcbcf391381149d2bf52aa5c22251962db

SIGHASH_SINGLE + SIGHASH_ANYONECANPAY flag

Signs this one input and its corresponding output. Rest input and outputs excluded. Allows anyone to add or remove other inputs and outputs. Signer just locks his part of the transaction.

Example for non-segwit transaction, signs input with index 0:

Public key:

02317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0

Pre-image:

0000008300000000ac888a280e8824bcabfd7f2d5a64da18ccaaed7fcbdd14a9761900000000028473a300ffffffffffffffff02ffffffffe09b90a0d6ead24bbbc7ada6ec36dc9561d4510abbe8bf251838430ccde67e3102210000000094e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe04570100000001

Sighash:

eb1c98cd221f760cffbca140d1a8ed4f5a6b111ddbfbfc8048e313f32cecb567

Example for segwit transaction, signs input with index 0:

Public key:

03ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e

Amount: 1142938

Pre-image:

02000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf00000000003ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e9a70110000000000feffffffdbc1cd31f4cae57f414f7f9c8b23f7fd3e07fbdb0611dbc6680a2e504748f8b98b1c080083000000

Sighash:

f084a27f344d451e7a96ef2492db098b3202fed9c535925d317e3b1ee3fc81d7

SIGHASH_NONE + SIGHASH_ANYONECANPAY flag

Signs just one input all other inputs/outputs excluded.

Example for non-segwit transaction, signs input with index 0:

Public key:

02317ee6cd0c43381825bfe8bb0a51d46195dc36eca6adc7bb4bd2ead6a0909be0

Pre-image:

000000820000000000ffffffffe09b90a0d6ead24bbbc7ada6ec36dc9561d4510abbe8bf251838430ccde67e3102210000000094e519b9c0f43228e3dc841d838fc7372de95345206ef936ac6020889abe04570100000001

Sighash:

77ddf4cfb29f334f7475115069aa046441d3ba44eac65df72b4492912faee3fd

Example for segwit transaction, signs input with index 0:

Public key:

03ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e

Amount: 1142938

Pre-image:

02000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009d4d29133abef262970c53713c3fb1aa20bfa9fe1df4b932baf21a7c30ef4bf00000000003ca939e4b3f88cc8702212b31dc8ded683329f220c71112a1edb57ff27c68360e9a70110000000000feffffff00000000000000000000000000000000000000000000000000000000000000008b1c080082000000

Sighash:

3f7a02f92b498169b6d506be620901eb7a392487ecf71ac4096a2bc46c30eb9a

This article is a detailed description of how P2SH output works in bitcoin transactions and the step-by-step algorithm for signing this type of output inside transaction input. In the enclosed part is an example of a signing P2SH input using the Python.

OP_HASH160 <hash160> OP_EQUAL

Pay to Script Hash output script allow transactions to be sent to script (redeem script) hash. This means that from any script serialized to a byte string, you can take a hash and use this hash as a unique identifier. The address of P2SH output is a hash160 from redeem script converted into base58 encoding with the addition of a byte version and a checksum.

Mainnet address example: 3NVBnDRBUsdnfVb77DYGwEfwSt7kVCrv8s
Testnet address example: 2N8hwP1WmJrFF5QWABn38y63uYLhnJYJYTF

To create a spending transaction from this type of output, must provide a signature script (unlocking script) for this output. The signature script consists of a redeem script and other elements that depend on the content of the redeem script.

Signature script: <sig> ... <redeem script>
P2SH script: OP_HASH160 <hash160> OP_EQUAL

Script execution P2SH with redeem script 1of 2 multisig script step by step:

Step 1 verify redeem script

First step execution completed in case top stack element is True (not 00 or empty) execution continue with redeem script (top stack element removed)
redeem script for this example is:

OP_1 <pub_key_1> <pub_key_2> OP_2 OP_CHECKMULTISIG

Step 2 execute redeem script

Execution completed if top stack item in case of the signature was valid in stack pushed 01 this means True, and transaction input validation is passed.

Bitcoin testnet signing P2SH with nested MULTISIG 1 of 2 step by step example:

We have 1.3 tBTC locked on P2SH with nested multisig output for address 2MwYC4w4xucVYqTRk89u7V2FaBSdrpjmk15. Want to transfer to mwJMtn5hW54pJC748EExvhRm6FRVmUZXQt

Private Key 1: cPBuqn4ZsddXunx6EEev6khbfUzFnh3xxdEUPCrm5uy9qGcmbBEt
Private Key 2: cVgShyj2q4YKFX8VzCffuQcrJVYhp522NFozNi7ih2KgNVbnysKX

Redeem Script: 512103b4603330291721c0a8e9cae65124a7099ecf0df3b46921d0e30c4220597702cb2102b2ec7de7e811c05aaf8443e3810483d5dbcf671512d9999f9c9772b0ce9da47a52ae

Redeem Script opcodes: OP_1 [33] [33] OP_2 OP_CHECKMULTISIG
P2SH address: 2MwYC4w4xucVYqTRk89u7V2FaBSdrpjmk15

Input transaction: ae0df7bd689026e13fe7d71333a8fda2c7d3f5998644a8a96f60364bb7dfd62f
                   
                   
Input transaction output: 0
Input amount:  1.3000000

Step 1: create unsigned transaction with empty Signature script

{ version: 1
  vIn: {0: {scriptSig: ,
            sequence: 4294967295,
           txId: ae0df7bd689026e13fe7d71333a8fda2
                 c7d3f5998644a8a96f60364bb7dfd62f,
           vOut: 0}},
  vOut: {0: {address: mwJMtn5hW54pJC748EExvhRm6FRVmUZXQt,
             value:  130000000}},
 lockTime: 0}

Transaction hex:

0100000001857aff3abca2353193397a7d2eea61b25d8be381cabe5a1935868b74fa4c24ad0000000000ffffffff014062b007000000001976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac00000000

Explained:

01000000 [version]

01 [inputs count]
  857aff3abca2353193397a7d2eea61b25d8be381cabe5a1935868b74fa4c24ad
  [input transaction hash in little endian byte order]
  00000000 [input transaction output]
  00 [signature script len]
  ffffffff [sequence]

01 [outputs count]
  4062b00700000000 [output amount]
  1976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac 
  [locking script]

00000000 [locktime]

Step 2: we should get signature hash from this transaction. ( we will use SIGHASH_ALL type of sighash)

Input 0 sighash preimage:

0100000001857aff3abca2353193397a7d2eea61b25d8be381cabe5a1935868b74fa4c24ad0000000047512103b4603330291721c0a8e9cae65124a7099ecf0df3b46921d0e30c4220597702cb2102b2ec7de7e811c05aaf8443e3810483d5dbcf671512d9999f9c9772b0ce9da47a52aeffffffff014062b007000000001976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac0000000001000000

Sighash: bd412a2ba475b9f0cb16e58de11a6d4ddbe52a12f76c0e2a056887f2dcc8bf08
         

Step 3: sign sighash with private keys

Signature 1:

3044022051c7546ff919248badd1012317066cc0edd3e5f49050ac54ef52b66a8e80e17b02201dd65963551e0dc7d8ce5721fbd3125fa9272a98bad1ed5df91488a462eac123

Step 4: insert signature to transaction signature script and insert serialized redeem script into transaction signature script. For each signature add sighash type byte

Transaction hex:

0100000001857aff3abca2353193397a7d2eea61b25d8be381cabe5a1935868b74fa4c24ad000000009100473044022051c7546ff919248badd1012317066cc0edd3e5f49050ac54ef52b66a8e80e17b02201dd65963551e0dc7d8ce5721fbd3125fa9272a98bad1ed5df91488a462eac1230147512103b4603330291721c0a8e9cae65124a7099ecf0df3b46921d0e30c4220597702cb2102b2ec7de7e811c05aaf8443e3810483d5dbcf671512d9999f9c9772b0ce9da47a52aeffffffff014062b007000000001976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac00000000

Explained:

01000000 [version]

01 [inputs count]
  857aff3abca2353193397a7d2eea61b25d8be381cabe5a1935868b74fa4c24ad
  [input transaction hash in littile endian byte order]
  00000000 [input transaction output]
  91 [signature script len]
    00  [Due to a bug, one extra unused value is removed from the 
         stack for OP_CHECKMULTISIG]
    47 [signature push len]                
      3044022051c7546ff919248badd1012317066cc0edd3e5f49050ac54ef52b
      66a8e80e17b02201dd65963551e0dc7d8ce5721fbd3125fa9272a98bad1ed
      5df91488a462eac12301 [signature]
      01 [sighash type SIGHASH_ALL]
    47 [redeem script len]                
      512103b4603330291721c0a8e9cae65124a7099ecf0df3b46921d0e30c4220
      597702cb2102b2ec7de7e811c05aaf8443e3810483d5dbcf671512d9999f9c
      9772b0ce9da47a52ae [redeem script]
  [signature script]
  ffffffff [sequence]

01 [outputs count]
  4062b00700000000 [output amount]
  1976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac 
  [locking script]

00000000 [lock time]

Example with python bitcoin library pybtc:

https://pybtc.readthedocs.io

This article is a detailed description of how bare MULTISIG output works in bitcoin transactions and the step-by-step algorithm for signing this type of output inside transaction input. In the enclosed part is an example of a signing bare MULTISIG input using the Python.

 OP_M <pub_key_1> <pub_key_2> ... <pub_key_N> OP_N OP_CHECKMULTISIG

The bare MULTISIG output script means that more than one key required in accordance with the given threshold number of signatures from the provided number of public keys to authorize the transaction.

To create a spending transaction from this type of output, must provide a signature script (unlocking script) for this output. The signature script consists of the required count of signatures serialized in the order of compliance with public keys in MULTISIG script. Validation of signed transaction input (unspent output from other transaction) starts from execution signature script, then executed MULTISIG script.

Signature script: <sig_1> <sig_2>
MULTISIG script: OP_2 <pub_key_1> <pub_key_2> <pub_key_3> OP_3
                 OP_CHECKMULTISIG

Script execution 2 of 3 multisig script step by step:

Execution completed. In case of signatures were valid in stack pushed 01 this means True, and transaction input validation is passed.

Bitcoin testnet signing bare MULTISIG 2 of 3 step by step example:

We have 0.64 tBTC locked on bare multisig output. Provided 3 public keys corresponding to addresses:

mqbRt6MSEgu7qb9ym23EWgJVPm6Q9kxe6q
mvQ6bwQYfSgK87iqcr8Vk69SghhSj9BRuh
mwJMtn5hW54pJC748EExvhRm6FRVmUZXQt

We want transfer to mwJMtn5hW54pJC748EExvhRm6FRVmUZXQt.

Private Key 1: cPBuqn4ZsddXunx6EEev6khbfUzFnh3xxdEUPCrm5uy9qGcmbBEt
Private Key 2: cVgShyj2q4YKFX8VzCffuQcrJVYhp522NFozNi7ih2KgNVbnysKX
Private Key 3: cQWBhFENcN8bKEBsUHvpCyCfWVHDLfn1M65Gd6nenQkpEqL4DNUH

Input transaction: cfe002d20590e2400a26b2dd9e2e6af2369cbb1f5442af286485841798590068
                   
Input transaction output: 0
Input amount:  0.6400000

Step 1: create unsigned transaction with empty Signature script

{ version: 1
  vIn: {0: {scriptSig: ,
            sequence: 4294967295,
           txId: cfe002d20590e2400a26b2dd9e2e6af2
                 369cbb1f5442af286485841798590068,
           vOut: 0}},
  vOut: {0: {address: mwJMtn5hW54pJC748EExvhRm6FRVmUZXQt,
             value:  63000000}},
 lockTime: 0}

HEX:

0100000001680059981784856428af42541fbb9c36f26a2e9eddb2260a40e29005d202e0cf0000000000ffffffff01c04dc103000000001976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac00000000

HEX explained:

01000000 [version]

01 [inputs count]
  680059981784856428af42541fbb9c36f26a2e9eddb2260a40e29005d202e0cf 
  [input transaction hash in little endian byte order]
  00000000 [input transaction output]
  00 [signature script len]
  ffffffff [sequence]

01 [outputs count]
  c04dc10300000000 [output amount]
  1976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac 
  [locking script]

00000000 [locktime]

Step 2: we should get signature hash from this transaction. ( we will use SIGHASH_ALL type of sighash)

Input 0 sighash preimage:

0100000001680059981784856428af42541fbb9c36f26a2e9eddb2260a40e29005d202e0cf0000000069522103b4603330291721c0a8e9cae65124a7099ecf0df3b46921d0e30c4220597702cb2102b2ec7de7e811c05aaf8443e3810483d5dbcf671512d9999f9c9772b0ce9da47a2102c711ad61c9fbd3600716b981d101cf0a000ab3524525235c42f2cbcd8c17c6da53aeffffffff01c04dc103000000001976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac0000000001000000

Sighash: da726f7ac87e8f41ac359743a1146ab2158b583f651509b83b0da81ebd2f4775

Step 3: sign sighash with private keys

Signature 1: 

3045022100a7383d84ee35fb965978144d9243ca0892a1be81ce70058e70b2ba1ea5a762a7022058647d131fcec2e3a63e57fa475b779b94c81a95b5c164fdfdbcee0124e3448c

Signature 2:

3045022100b3945861a5a8a406bd575857e19accdb0f6385ebf1c02938b35462cddeef400802205857f56d83e9ed7e98082d9127b8934262d3a0461429747e865b06345bbf8f9e

Step 4: insert signatures to transaction signature script using the same order as their corresponding public keys were placed in the MULTISIG script. For each signature add sighash type byte

Transaction hex:

0100000001680059981784856428af42541fbb9c36f26a2e9eddb2260a40e29005d202e0cf000000009300483045022100a7383d84ee35fb965978144d9243ca0892a1be81ce70058e70b2ba1ea5a762a7022058647d131fcec2e3a63e57fa475b779b94c81a95b5c164fdfdbcee0124e3448c01483045022100b3945861a5a8a406bd575857e19accdb0f6385ebf1c02938b35462cddeef400802205857f56d83e9ed7e98082d9127b8934262d3a0461429747e865b06345bbf8f9e01ffffffff01c04dc103000000001976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac00000000

Explained:

01000000 [version]

01 [inputs count]
  680059981784856428af42541fbb9c36f26a2e9eddb2260a40e29005d202e0cf
  [input transaction hash in littile endian byte order]
  00000000 [input transaction output]
  93 [signature script len]
    00  [Due to a bug, one extra unused value is removed from the 
         stack for OP_CHECKMULTISIG]
    48 [signature push len]                
      3045022100a7383d84ee35fb965978144d9243ca0892a1be81ce70058e70
      b2ba1ea5a762a7022058647d131fcec2e3a63e57fa475b779b94c81a95b5
      c164fdfdbcee0124e3448c [signature]
      01 [sighash type SIGHASH_ALL]
    48 [signature push len]                
      3045022100b3945861a5a8a406bd575857e19accdb0f6385ebf1c02938b3
      5462cddeef400802205857f56d83e9ed7e98082d9127b8934262d3a04614
      29747e865b06345bbf8f9e [signature]
      01 [sighash type SIGHASH_ALL]
  [signature script]
  ffffffff [sequence]

01 [outputs count]
  c04dc10300000000 [output amount]
  1976a914ad204de226b3d11a70dc53b4998f4603e138ff3f88ac 
  [locking script]

00000000 [lock time]

Step 5: broadcast transaction to network

7193e8e9894069253b52ebcdc74caf8eed5d93c00022dcf23fa096b27180fe21

Example with python bitcoin library pybtc:

https://pybtc.readthedocs.io

This article is a detailed description of how P2PKH output works in bitcoin transactions and the step-by-step algorithm for signing this type of output inside transaction input. In the enclosed part is an example of a signing P2PKH input using the Python.

OP_DUP OP_HASH160 <hash> OP_EQUALVERIFY OP_CHECKSIG

Pay to Public Key Hash output script is the most commonly used way to transfer and store bitcoins. At this moment the most substantial number of unspent transaction outputs falls on this type of script. The address of this script is a hash from the public key converted into base58 encoding with the addition of a byte version and a checksum. Visually for the user does not differ from the addresses received from the P2PUBKEY script.

Mainnet address example: 1BsBzuBTT8r4auWrxZr8sGVtoRhGg9ndUC
Testnet address example: mn9QhsFiX2eEXtF6zrGn5N49iS8BHXFjBt

Published public key hash (sha256+ripemd160) in blockchain instead of the public key, protects against attempts of cryptanalysis of the public key. This security model works only in case no address reuse. This type of script is safer then P2PUBKEY because public key not published in blockchain until received first spending transaction from this address. If the address used again after the first outgoing transaction, security level become the same as the P2PUBKEY script, because public key will be published in blockchain inside signature script of first spending transaction.

To create a spending transaction from this type of output, must provide a signature script (unlocking script) for this output. The signature script consists of a signature and public key. Validation of signed transaction input (unspent output from other transaction) starts from execution signature script, then executed P2PKH script.

Signature script: <sig> <pub_key>
P2PKH script: OP_DUP OP_HASH160 <hash> OP_EQUALVERIFY OP_CHECKSIG

Script execution step by step:

Execution completed. In case of the signature was valid in stack pushed 01 this means True, and transaction input validation is passed.

Bitcoin testnet signing P2PKH step by step example:

We have 1.3 tBTC on mvJe9AfPLrxpfHwjLNjDAiVsFSzwBGaMSP and want transfer it to n4AYuETorj4gYKendz2ndm9QhjUuruZnfk

Private Key: cThjSL4HkRECuDxUTnfAmkXFBEg78cufVBy3ZfEhKoxZo6Q38R5L
Address: mvJe9AfPLrxpfHwjLNjDAiVsFSzwBGaMSP
Input transaction: 5e2383defe7efcbdc9fdd6dba55da148b206617bbb49e6bb93fce7bfbb459d44
Input transaction output: 1
Input amount:  1.3000000

Step 1: create unsigned transaction with empty Signature script

{ version: 1
  vIn: {0: {scriptSig: ,
            sequence: 4294967295,
           txId: 5e2383defe7efcbdc9fdd6dba55da148
                 b206617bbb49e6bb93fce7bfbb459d44,
           vOut: 1}},
  vOut: {0: {address: n4AYuETorj4gYKendz2ndm9QhjUuruZnfk,
             value: 129000000}},
 lockTime: 0}

HEX:

0100000001449d45bbbfe7fc93bbe649bb7b6106b248a15da5dbd6fdc9bdfc7efede83235e0100000000ffffffff014062b007000000001976a914f86f0bc0a2232970ccdf4569815db500f126836188ac00000000

HEX explained:

01000000 [version]

01 [inputs count]
  449d45bbbfe7fc93bbe649bb7b6106b248a15da5dbd6fdc9bdfc7efede83235e   
  [input transaction hash in little endian byte order]
  01000000 [input transaction output]
  00 [signature script len]
  ffffffff [sequence]

01 [outputs count]
  4062b00700000000 [output amount]
  1976a914f86f0bc0a2232970ccdf4569815db500f126836188ac 
  [locking script]

00000000 [locktime]

Step 2: we should get signature hash from this transaction. ( we will use SIGHASH_ALL type of sighash)

Input 0 SIGHASH_ALL preimage:

0100000001449d45bbbfe7fc93bbe649bb7b6106b248a15da5dbd6fdc9bdfc7efede83235e010000001976a914a235bdde3bb2c326f291d9c281fdc3fe1e956fe088acffffffff014062b007000000001976a914f86f0bc0a2232970ccdf4569815db500f126836188ac0000000001000000

Sighash: 8e2f535bbaf17d32f784259bede09b7dd27deacca836661f4dde3ba3a440fc63

Step 3: sign sighash with private key

Signature: 3045022100e15a8ead9013d1de55e71f195c9dc613483f07c8a0692a2144ffa90506436822022062bc9466b9e1941037fc23e1cfadf24c8833f96942beb8f4340df60d506f784b

Step 4: insert signature to transaction signature script and sighash type byte

Transaction hex:

0100000001449d45bbbfe7fc93bbe649bb7b6106b248a15da5dbd6fdc9bdfc7efede83235e010000006b483045022100e15a8ead9013d1de55e71f195c9dc613483f07c8a0692a2144ffa90506436822022062bc9466b9e1941037fc23e1cfadf24c8833f96942beb8f4340df60d506f784b012103969a4ac9b1521cfae44a929a614193b0467a20e0a15973cae9ba1efb9627d830ffffffff014062b007000000001976a914f86f0bc0a2232970ccdf4569815db500f126836188ac00000000

Explained:

01000000 [version]

01 [inputs count]
  449d45bbbfe7fc93bbe649bb7b6106b248a15da5dbd6fdc9bdfc7efede83235e
  [input transaction hash in littile endian byte order]
  01000000 [input transaction output]
  6b [signature script len]
    48 [signature push len]           
       3045022100e15a8ead9013d1de55e71f195c9dc613483f07c8a0692
       a2144ffa90506436822022062bc9466b9e1941037fc23e1cfadf24c
       8833f96942beb8f4340df60d506f784b [signature]
       01 [sighash type SIGHASH_ALL]
    21 [public key push len]     
       03969a4ac9b1521cfae44a929a614193b0467a20e0a15973cae9ba1
       efb9627d830 [public key]
  [signature script]
  ffffffff [sequence]

01 [outputs count]
  4062b00700000000 [output amount]
  1976a914f86f0bc0a2232970ccdf4569815db500f126836188ac 
  [locking script]

00000000 [lock time]

Step 5: broadcast transaction to network

4484ec8b4801ada92fc4d9a90bb7d9336d02058e9547d027fa0a5fc9d2c9cc77

Example with python bitcoin library pybtc:

https://pybtc.readthedocs.io

This article is a detailed description of how P2PUBKEY output works in bitcoin transactions and the step-by-step algorithm for signing this type of output inside transaction input. In the enclosed part is an example of a signing PUBKEY input using the Python.

<pub_key> OP_CHECKSIG

Pay to public key output script was the first simple type of output script. This type is less secure then all other types because public key published in blockchain and is available for cryptanalysis attempts. This statement is only valid if you use the one Bitcoin address only once, that is, follow the principle no address reuse. If you use one address many times, then this type of output with compressed public key is the most economical in terms of the number of bytes written to the blockchain even in comparison with P2WPKH. The address of this script is a hash (sha256+ripemd160) from the public key converted into base58 encoding with the addition of a byte version and a checksum.

Mainnet address example: 1JUToCyRL5UwgeucjnFAagKs4v1YqhjT1d
Testnet address example: mrzbAkpiiyiEH8oBFmifi7RHftGwxA1rK7

To create a spending transaction from this type of output, must provide a signature script (unlocking script) for this output. The signature script is just signature. Validation of signed transaction input (unspent output from other transaction) starts from execution signature script, then executed P2PKH script.

Pubkey script: <pub_key> OP_CHECKSIG
Signature script: <sig>

Script execution step by step:

Execution completed. In case of the signature was valid in stack pushed 01 this means True, and transaction input validation is passed.

Bitcoin testnet signing P2PUBKEY step by step:

We have 1.29 tBTC on mjfWnmR8fRdmKKFBvkrRMAKNrthfzE6rNK and want transfer it to mrzbAkpiiyiEH8oBFmifi7RHftGwxA1rK7

Private Key: cP6Yo1Dm2Gx96gRWyxZ3B6gECpP9cMeD5oxd7Xs1qtW5knG8AgPm
Address: mjfWnmR8fRdmKKFBvkrRMAKNrthfzE6rNK
Input transaction: 0b7527ede5de924f91dc02e29de99c1a5595c1ac13dcf9bf702ce33cf1c9ddaa
Input transaction output: 0
Input transaction amount:  1.29000000

Step 1: create unsigned transaction with empty Signature script

{ version: 1
  vIn: {0: {scriptSig: ,
            sequence: 4294967295,
           txId: 0b7527ede5de924f91dc02e29de99c1a
                 5595c1ac13dcf9bf702ce33cf1c9ddaa,
           vOut: 0}},
  vOut: {0: {address: mrzbAkpiiyiEH8oBFmifi7RHftGwxA1rK7,
             value: 128000000}},
 lockTime: 0}

HEX:

0100000001aaddc9f13ce32c70bff9dc13acc195551a9ce99de202dc914f92dee5ed27750b0000000000ffffffff010020a107000000001976a914f86f0bc0a2232970ccdf4569815db500f126836188ac00000000

HEX explained:

01000000 [version]

01 [inputs count]
  aaddc9f13ce32c70bff9dc13acc195551a9ce99de202dc914f92dee5ed27750b     
  [input transaction hash in littile endian byte order]
  00000000 [input transaction output]
  00 [signature script len]
  ffffffff [sequence]

01 [outputs count]
  4062b00700000000 [output amount]
  1976a914f86f0bc0a2232970ccdf4569815db500f126836188ac 
  [locking script]

00000000 [locktime]

Step 2: we should get signature hash from this transaction ( we will use SIGHASH_ALL type of sighash)

Sighash preimage:

0100000001aaddc9f13ce32c70bff9dc13acc195551a9ce99de202dc914f92dee5ed27750b000000002321028483113a3487de28be23570f6bd8e196b75404e014d45c980b037d8112bcccfbacffffffff010020a107000000001976a914f86f0bc0a2232970ccdf4569815db500f126836188ac0000000001000000

Sighash: f0e8d6bbedf721a4cc33b1dc91850b82da87a97e30e67295de4b91d721599ded

Step 3: sign sighash with private key

Signature: 304402207ee89eceb8e3999d2c5ba4d902de91c2418f4e4b94bb76b1f57efc2c6d4e814d02207b43e3c38a3c35a722999bd1eee53153445948691b695e2158e11ec5485bb80a

Step 4: insert signature to transaction signature script and sighash type byte

HEX:

0100000001aaddc9f13ce32c70bff9dc13acc195551a9ce99de202dc914f92dee5ed27750b000000004847304402207ee89eceb8e3999d2c5ba4d902de91c2418f4e4b94bb76b1f57efc2c6d4e814d02207b43e3c38a3c35a722999bd1eee53153445948691b695e2158e11ec5485bb80a01ffffffff010020a107000000001976a914f86f0bc0a2232970ccdf4569815db500f126836188ac00000000

HEX explained:

01000000 [version]

01 [inputs count]
  aaddc9f13ce32c70bff9dc13acc195551a9ce99de202dc914f92dee5ed27750b
  [input transaction hash in littile endian byte order]
  00000000 [input transaction output]
  48 [signature script len]
    47 [signature push len]
      304402207ee89eceb8e3999d2c5ba4d902de91c2418f4e4b94bb76b1f57efc
      2c6d4e814d02207b43e3c38a3c35a722999bd1eee53153445948691b695e21
      58e11ec5485bb80a [signature] 01 [sighash type SIGHASH_ALL]
  [signature script]
  ffffffff [sequence]

01 [outputs count]
  0020a10700000000 [output amount]
  1976a914f86f0bc0a2232970ccdf4569815db500f126836188ac 
  [pubkey script]

00000000 [lock time]

Step 5: broadcast transaction to network

34409dd127401eab9c67255029a15a7ec7caa512d0ba4d6906989604b43b0b84

Example with python bitcoin library pybtc:

https://pybtc.readthedocs.io