Understanding Bitcoin Script: The Original Smart Contract Language
LTB Historical Background
When Satoshi Nakamoto released Bitcoin in 2009, they included a complete scripting system capable of far more than simple value transfers. Bitcoin Script was designed as a stack-based, non-Turing complete language drawing inspiration from Forth. The intentionally restricted design prioritized security and predictability over expressiveness, establishing a foundation for programmable money that has remained robust for over a decade.
Key historical developments include:
- 2009: Initial release with basic opcodes and stack operations
- 2010: Deactivation of certain opcodes (OP_CAT, OP_SUBSTR) for security
- 2015: Introduction of OP_CHECKLOCKTIMEVERIFY (BIP 65)
- 2016: Addition of OP_CHECKSEQUENCEVERIFY (BIP 112)
- 2017: SegWit activation enabling new script types
- 2021: Taproot upgrade introducing Schnorr signatures
Technical Architecture
Stack-Based Execution
Bitcoin Script operates on a stack data structure using Reverse Polish Notation (RPN). Operations proceed from left to right, with data being pushed onto the stack and opcodes consuming stack elements to perform operations.
Example stack operation:
Initial stack: []
Push 2: [2]
Push 3: [2, 3]
OP_ADD: [5] // Pops 2 and 3, pushes sumCore Components
- Stack: Last-In-First-Out (LIFO) data structure
- Opcodes: Built-in operations that manipulate stack data
- Program counter: Tracks execution position
- Script interpreter: Processes opcodes and manages stack
Common Script Types
P2PKH (Pay to Public Key Hash)
The most common script type for standard transactions:
OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIGP2SH (Pay to Script Hash)
Enables complex redemption conditions through script hashing:
OP_HASH160 <scriptHash> OP_EQUALMultisignature
Requires multiple signatures to spend:
OP_2 <pubKey1> <pubKey2> <pubKey3> OP_3 OP_CHECKMULTISIGKey Opcodes
| Opcode | Description |
|---|---|
| OP_DUP | Duplicates top stack item |
| OP_HASH160 | SHA256 + RIPEMD160 of top item |
| OP_EQUAL | Compares top two stack items |
| OP_VERIFY | Marks transaction invalid if top stack item is false |
| OP_CHECKSIG | Validates signature against public key |
Security Considerations
Non-Turing Completeness
Bitcoin Script intentionally lacks loops and recursion to prevent infinite execution. This design choice ensures predictable execution costs and prevents denial-of-service attacks through resource exhaustion.
Standard Transaction Types
Bitcoin nodes enforce “standard” transaction templates through IsStandard() checks. While the protocol allows arbitrary scripts, relay policies restrict which scripts can propagate through the network to prevent potential vulnerabilities.
Stack Size Limits
The stack is limited to 1000 items and 10,000 bytes total size. Individual stack elements cannot exceed 520 bytes. These limits prevent memory exhaustion attacks.
Practical Applications
Time-Locked Transactions
<expiry time> OP_CHECKLOCKTIMEVERIFY OP_DROP
OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIGHash Time-Locked Contracts (HTLCs)
OP_HASH160 <hash> OP_EQUALVERIFY
OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIGLightning Network Commitment Transactions
The Lightning Network relies heavily on Bitcoin Script to create secure payment channels through carefully crafted scripts that enable efficient off-chain transactions while maintaining on-chain security guarantees.
Future Developments
Several proposals aim to enhance Bitcoin Script capabilities while maintaining its security properties:
- SIGHASH_ANYPREVOUT for eltoo payment channels
- Covenant proposals like OP_CHECKTEMPLATEVERIFY
- New signature validation schemes
- Additional time-lock mechanisms
Related Tools & Resources
- Bitcoin Script Decoder & Analyzer – Interactive tool for working with Bitcoin Script
- Crypto Tools Directory – Comprehensive collection of cryptocurrency development tools
- Bitcoin Core script interpreter source code
- BIP proposals related to Script improvements