interactive tool

Script Playground

Step through Bitcoin Script execution with the opcode stack visible at every step. Pick a template — P2PKH, multisig, hashlock, timelock — or edit the unlocking and locking halves yourself. The interpreter is symbolic: signatures and hashes are tracked by name, not real crypto, so you can read the stack at a glance.

Templates

The classic Satoshi-era address shape. Lock to a hash of a pubkey; unlock with the pubkey + a signature.

Unlocking script

scriptSig / witness — what the spender provides

Locking script

scriptPubKey — committed to the output

current height

What to watch for

DUP keeps a copy of the pubkey so we can both hash it AND verify against it.
HASH160 transforms the pubkey symbolically; the next push is the committed hash.
EQUALVERIFY fails the script if the spender's pubkey doesn't match what was committed.
CHECKSIG verifies the signature against the still-on-stack pubkey.

Symbolic crypto — what's real, what isn't

This is a teaching tool. Signatures and pubkeys are tracked symbolically: <sig:alice> verifies against <pubkey:alice> because their names match, not because of any real Schnorr or ECDSA math. Hashing transforms a stack item x into HASH160(x) symbolically, so a script committing to <HASH160(pubkey:alice)> will succeed when the spender supplies <pubkey:alice> and the interpreter runs HASH160 on it.

Real Bitcoin Script handles bytes, not display strings; CHECKSIG verifies an ECDSA or Schnorr signature against the transaction's sighash. The opcode semantics in this playground are the real ones — stack effects, control flow, failure modes. The crypto isn't.

Related · SHA-256 · Seed Walkthrough · UTXO Visualizer · Glossary