In-depth explanation of how IOTA making a transaction
The full article was originally published by Louie Lu on Medium. Read the full article here.
Our transaction scenario
Person A have a seed A_SECRET_SEED that contain 100i in 4 different address relate to this seed:
address: AAAAAA……AAA, balance: 10
address: BBBBBB……BBB, balance: 5
address: CCCCCC……CCC, balance: 25
address: DDDDD……DDD, balance: 60
address: EEEEEE……EEE, balance: 0
Person B have a seed B_SECRET_SEED that contain 0i in its address:
address: QQQQQQ……QQQ, balance: 0
address: QQQQQQ……VVV, balance: 0
Today, Person A want to send 80i to Person B’s address QQQQQQ……QQQ.
How does IOTA construct this transaction?
1. Making transaction bundle
Bundle is the unit of a transaction, which include three kind of transaction: Input, Output, and meta transactions.
For our scenario, first we need to prepare output transaction, which mean, we want to send to B’s address with 80i IOTA:
Next, we will need to prepare input transaction. In our scenario, we will need to use all four address that contain IOTA (10 + 5 + 25 + 60 > 80) to fulfill output value 80i.
But our input transaction need to contain transaction signature, default address security level is 2, that mean we need an additional meta transaction to carry the transaction signature, let’s add it:
We are not done yet, now we have an unbalanced bundle. Take a little count, we have 10 + 5 + 25 + 60 = 100 IOTA input, and 80 IOTA output, which mean this bundle still got 100 – 80 = 20 IOTA unspend. We will need to get an additional transaction to receive this unspend IOTA.
In normal contitional, IOTA will get a new address from A’s seed, and make a transaction with unspend value:
Great, now we get the balanced bundle. As you see, in previous transactions, we have not fill in bundle hash and other information. Next step, we will finalize bundle to get the bundle hash.
2. Finalize bundle
In this step, we will fill in transaction index, last index and generate bundle hash by Kerl hash function.
Transaction validate items including: Address, value, obsolete tag, timestamp, index, and last index. Kerl hash function using sponge constructor, so it will absorb transaction validate item one by one (order is important), then squeeze out the result.
I know you will complain about the figure, for more accurate figure of hash function absorb and squeeze, please visit SHA-3 — wikipedia.
Also, in the step to get the bundle hash, it will check if the bundle hash is secure or not. If not, it will increase tail transaction (index 0 transaction)’s obsolete tag and regenerate the hash again.
After we get the bundle hash, we will need to fill-in into all transaction in the bundle, thus we got:
3. Signing signature for input transactions
Next, we will need to signing input transactions with correspond address’ private key. We can get the address private key from key generator with A_SECRET_SEED. From address private key, we can use Signature Fragment Generator with private key and bundle hash to get the transaction signature.
After this, all parts of making bundle is done.
4. Getting two tips — trunk and branch
In this article I will not cover the MCMC algorithm, think this as a black box that we can get two tips from IRI via getTransactionsToApprove.
5. Proof of Work
In the last step, we will need to fill-up trunk, branch, and find nonce (Proof of Work here!) into each transaction in the bundle.
It will then walk through all transactions in the bundle from the last index to 0 index, to fill-up trunk, branch hash, timestamp, and then do PoW (pearlDiver) to find nonce and generate transaction hash, then validated the PoW result.
Last index’s transaction trunk and branch hash will be previous tips we get. Other transaction’s trunk will be previous transaction’s hash, and branch hash is trunk transaction from tips.
If everything is fine, we then can get the full transactions trytes with all field be filled in!
6. POC code for Python with PyOTA
Here we use picture to demostrate how IOTA construct a bundle with transactions, and when it fill-up some critical parts of the transaction, such as bundle hash, transaction hash, trunk hash, branch hash, and nonce.
We can clearly know that in all the step to making a transaction, the essential part of an IoT device will only need to take care of the part of signing its transaction, other parts such as other output transaction, tip selection and PoW will no need to be done on it.
If you like this article, welcome to donate IOTA to