From 21f7f2d6e3033a86db4cdf1a3ebd7077ae6056de Mon Sep 17 00:00:00 2001 From: "Andreas M. Antonopoulos" Date: Mon, 21 Jul 2014 20:06:33 -0500 Subject: [PATCH] Transaction Verification moved to chapter 8. --- ch06.asciidoc | 44 +++++++------------------------------------- ch08.asciidoc | 31 +++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 37 deletions(-) diff --git a/ch06.asciidoc b/ch06.asciidoc index 1459b663..e3e7a70d 100644 --- a/ch06.asciidoc +++ b/ch06.asciidoc @@ -241,52 +241,22 @@ In response to a +getdata+ message from the node, peers will send a +merkleblock The node setting the bloom filter can interactively add patterns to the filter by sending a +filteradd+ message. To clear the bloom filter, the node can send a +filterclear+ message. Since it is not possible to remove a pattern from a bloom filter, a node has to clear and re-send a new bloom filter if a pattern is no longer desired. -=== Independent Verification of Transactions - -In the previous chapter we saw how wallet software creates transactions by collecting UTXO, providing the appropriate unlocking scripts and then constructing new outputs assigned to a new owner. The resulting transaction is then sent to the neighboring nodes in the bitcoin network so that it may be propagated across the entire bitcoin network. - -Every bitcoin node that receives a transaction will first verify the transaction before forwarding it to its neighbors. This ensures that only valid transactions are propagated across the network, while invalid transactions are discarded at the first node that encounters them. - -Each node verifies every transaction against a long checklist of criteria: - -* Check the syntactic correctness of the transaction's data structure -* Make sure neither lists of inputs or outputs are empty -* The transaction size in bytes is less than MAX_BLOCK_SIZE -* Each output value, as well as the total, must be within the allowed range of values (less than 21m coins, more than 0) -* Check none of the inputs have hash=0, N=-1 (coinbase transactions should not be relayed) -* Check that nLockTime is less than or equal to INT_MAX -* Check that the transaction size in bytes is greater than or equal to 100 -* Check the number of signature operations contained in the transaction is less than the signature operation limit -* Reject "nonstandard" transactions: unlocking script (scriptSig) doing anything other than pushing numbers on the stack, or the locking script (scriptPubkey) not matching isStandard forms -* Check for a matching transaction in the pool, or in a block in the main branch, if so reject this transaction -* For each input, if the referenced output exists in any other transaction in the pool, reject this transaction. -* For each input, look in the main branch and the transaction pool to find the referenced output transaction. If the output transaction is missing for any input, this will be an orphan transaction. Add to the orphan transactions, if a matching transaction is not already in the pool. -* For each input, if the referenced output transaction is a coinbase output, it must have at least COINBASE_MATURITY (100) confirmations; else reject this transaction -* For each input, if the referenced output does not exist (e.g. never existed or has already been spent), reject this transaction -* Using the referenced output transactions to get input values, check that each input value, as well as the sum, are in the allowed range of values (less than 21m coins, more than 0) -* Reject if the sum of input values < sum of output values -* Reject if transaction fee would be too low to get into an empty block -* Verify the unlocking scripts for each input against the corresponding output locking scripts - -These conditions can be seen in detail in the functions AcceptToMemoryPool, CheckTransaction and CheckInputs in the bitcoin reference client. Note that the conditions change over time, to address new types of Denial-of-Service attacks or sometimes to relax the rules so as to include more types of transactions. - -By independently verifying each transaction as it is received and before propagating it, every node builds a pool of valid new transactions (the transaction pool), roughly in the same order. - [[transaction_pools]] === Transaction Pools -Almost every node on the bitcoin network maintains a temporary list of unconfirmed transactions called the memory pool or transaction pool. Once a transaction is verified using the detailed checklist introduced in the section above, it is added to the transaction pool. Nodes use this pool to keep track of transactions that are known to the network but are not yet included in the blockchain. For example, a node that holds a users wallet will use the transaction pool to track incoming payments to the users wallet that have been received on the network but are not yet confirmed. Every node also maintains a separate pool of orphaned transactions as detailed in <>. If a transactions inputs refer to a transaction that is not yet known, a missing parent, then it will be stored temporarily in the orphan pool until the parent transaction arrives. Both the transaction pool and orphan pool are stored in local memory and are not saved on persistent storage, rather they are dynamically populated from incoming network messages. When a node starts, both pools are empty and are gradually populated with new transactions received on the network. +Almost every node on the bitcoin network maintains a temporary list of unconfirmed transactions called the memory pool or transaction pool. Nodes use this pool to keep track of transactions that are known to the network but are not yet included in the blockchain. For example, a node that holds a users wallet will use the transaction pool to track incoming payments to the users wallet that have been received on the network but are not yet confirmed. -As transactions are received and verified using the criteria in the previous section, they are added to the transaction pool and relayed to the neighboring nodes to propagate on the network. +As transactions are received and verified, they are added to the transaction pool and relayed to the neighboring nodes to propagate on the network. + +Some node implementations also maintain a separate pool of orphaned transactions as detailed in <>. If a transaction's inputs refer to a transaction that is not yet known, a missing parent, then the orphan transaction will be stored temporarily in the orphan pool until the parent transaction arrives. When a transaction is added to the transaction pool, the orphan pool is checked for any orphans that reference this transaction's outputs (its children). Any orphans found are pulled from the orphan pool and validated using the above checklist. If valid, they are also added to the transaction pool, completing the chain that started with the parent transaction. In light of the newly added transaction which is no longer an orphan, the process is repeated recursively looking for any further descendants, until no more descendants are found. Through this process, the arrival of a parent transaction triggers a cascade reconstruction of an entire chain of interdependent transactions by re-uniting the orphans with their parents all the way down the chain. -Some implementations of the bitcoin client also maintain a UTXO pool which is the set of all unspent outputs on the blockchain. This may be housed in local memory or as an indexed database table on persistent storage. Unlike the transaction and orphan pools, the UTXO pool is not initialized empty but instead contains millions of entries of unspent transaction outputs including some dating back to 2009. Whereas the transaction and orphan pools represent a single nodes local perspective and may vary significantly from node to node depending upon when the node was started or restarted, the UTXO pool represents the emergent consensus of the network and therefore will vary little between nodes. Furthermore the transaction and orphan pools only contain unconfirmed transactions, while the UTXO pool only contains confirmed outputs. +Both the transaction pool and orphan pool (where implemented) are stored in local memory and are not saved on persistent storage, rather they are dynamically populated from incoming network messages. When a node starts, both pools are empty and are gradually populated with new transactions received on the network. +Some implementations of the bitcoin client also maintain a UTXO database or UTXO pool which is the set of all unspent outputs on the blockchain. While the name "UTXO pool" sounds similar to the transaction pool, it represents a different set of data. Unlike the transaction and orphan pools, the UTXO pool is not initialized empty but instead contains millions of entries of unspent transaction outputs including some dating back to 2009. The UTXO pool may be housed in local memory or as an indexed database table on persistent storage. - -=== Block Propagation and Verification +Whereas the transaction and orphan pools represent a single node's local perspective and may vary significantly from node to node depending upon when the node was started or restarted, the UTXO pool represents the emergent consensus of the network and therefore will vary little between nodes. Furthermore the transaction and orphan pools only contain unconfirmed transactions, while the UTXO pool only contains confirmed outputs. === Alert Messages - diff --git a/ch08.asciidoc b/ch08.asciidoc index 0476651d..fe7cab69 100644 --- a/ch08.asciidoc +++ b/ch08.asciidoc @@ -23,6 +23,37 @@ In the next few sections we will examine these processes and how they interact t Each of these processes also aggregates smaller bitcoin units into larger data structures. First, unspent transaction outputs (UTXO) are aggregated into transactions. Next, many transactions are aggregated into a block. Finally, blocks are added to a chain of blocks, the blockchain. In the previous chapter we looked at transactions as a data structure. In this chapter we will also look at the larger data structures: blocks and the blockchain. +=== Independent Verification of Transactions + +In the previous chapter we saw how wallet software creates transactions by collecting UTXO, providing the appropriate unlocking scripts and then constructing new outputs assigned to a new owner. The resulting transaction is then sent to the neighboring nodes in the bitcoin network so that it may be propagated across the entire bitcoin network. + +Every bitcoin node that receives a transaction will first verify the transaction before forwarding it to its neighbors. This ensures that only valid transactions are propagated across the network, while invalid transactions are discarded at the first node that encounters them. + +Each node verifies every transaction against a long checklist of criteria: + +* Check the syntactic correctness of the transaction's data structure +* Make sure neither lists of inputs or outputs are empty +* The transaction size in bytes is less than MAX_BLOCK_SIZE +* Each output value, as well as the total, must be within the allowed range of values (less than 21m coins, more than 0) +* Check none of the inputs have hash=0, N=-1 (coinbase transactions should not be relayed) +* Check that nLockTime is less than or equal to INT_MAX +* Check that the transaction size in bytes is greater than or equal to 100 +* Check the number of signature operations contained in the transaction is less than the signature operation limit +* Reject "nonstandard" transactions: unlocking script (scriptSig) doing anything other than pushing numbers on the stack, or the locking script (scriptPubkey) not matching isStandard forms +* Check for a matching transaction in the pool, or in a block in the main branch, if so reject this transaction +* For each input, if the referenced output exists in any other transaction in the pool, reject this transaction. +* For each input, look in the main branch and the transaction pool to find the referenced output transaction. If the output transaction is missing for any input, this will be an orphan transaction. Add to the orphan transactions, if a matching transaction is not already in the pool. +* For each input, if the referenced output transaction is a coinbase output, it must have at least COINBASE_MATURITY (100) confirmations; else reject this transaction +* For each input, if the referenced output does not exist (e.g. never existed or has already been spent), reject this transaction +* Using the referenced output transactions to get input values, check that each input value, as well as the sum, are in the allowed range of values (less than 21m coins, more than 0) +* Reject if the sum of input values < sum of output values +* Reject if transaction fee would be too low to get into an empty block +* Verify the unlocking scripts for each input against the corresponding output locking scripts + +These conditions can be seen in detail in the functions AcceptToMemoryPool, CheckTransaction and CheckInputs in the bitcoin reference client. Note that the conditions change over time, to address new types of Denial-of-Service attacks or sometimes to relax the rules so as to include more types of transactions. + +By independently verifying each transaction as it is received and before propagating it, every node builds a pool of valid new transactions (the transaction pool), roughly in the same order. + === Aggregating Transactions into Blocks Some of the nodes on the bitcoin network are specialized nodes called _miners_. A miner will collect, validate and relay new transactions just like any other node. Unlike other nodes, a miner will then aggregate these transactions into a _block_. The block of transactions constructed by a miner is a candidate block and becomes valid only if the miner succeeds in winning the mining competition. Each miner competes by trying billions of possible solutions to an equation based on a cryptographic hash. If they find a solution, they broadcast the candidate block for everyone to record on the blockchain. The competition difficulty is calibrated to ensure that a new block solution is found by someone every 10 minutes on average. We will look at the mining process itself in more detail in <>. For now, let's look at how miners aggregate transactions into blocks.