The Book of Bitcoin

Hash Locked Transactions

All Bitcoin transactions are actually short programs that each full node quickly executes to determine the validity of spending funds. When sending funds, a one way signature of the way the funds will be spent is sent to, constructed by the person or person receiving funds. There are generally two types of signatures or addresses, the standard pay to public key hash or P2PKH or 1xx and the newer pay to script hash or P2SH or 3xx.

When spending funds sent to these addresses, the spender presents a new transaction with a new short program describing how he spends the funds, if the program executes successfully the transaction can enter the Blockchain. Inside these short programs are fund unlocking statements: simple very straightforward statements for standard addresses that merely confirm the signature of a private key, and more complicated statements for transactions that may include locking times, multiple signatures and other logic. Although it is technically possible to send funds to an address that may be unlocked by anyone, typically secret signature inputs are referenced as strict requirements to ensure the singular control of funds.

Technically transactions unlock through a presentation of any unlocking statement. This means that even an arbitrary key may be used to lock funds, like the answer to a puzzle. This can be used to exchange payment for data, as long as the data desired can both be used to solve the puzzle and unlock a payment. These type of transactions locked by a signature hash are called hash locked transactions. To lock hash locked funds to a single party, multiple signatures are used ensuring that only the hash combined with a single party's signature may be used to move the locked funds.

There are two types of hash locks possible in a hash locked transaction. One of these types is using a statement in which a trusted hash creator signs an attestation to a certain fact. This hash lock is called an oracle, the trusted service simply present signatures to attest to facts, which unlock transactions. The second type of hash lock does not require a trusted oracle, simply a computer program acting as a signature creating automaton. This type of hash lock is limited, given limitations on automatons, but strictly superior, given that no oracle may be trusted. It's even possible to produce an automaton that proves of the knowledge of an answer, instead of the answer itself.

One issue with hash lock type payments is that when paying someone with the hash lock attached, does not guarantee that they accept the payment and publish the lock solution. This can create a deadlock where the funds sent for the solution are never claimed, but can also not be returned. To avoid this situation, it is recommended that hash lock transactions be accompanied with a timeout window using CSV or CLTV techniques.