What are opcodes in Bitcoin’s blockchain?
Bitcoin’s code is written in Script, a simple, deliberately constrained programming language. It does not support infinite loops or complex constructs, in the interests of security and efficiency. Operations are processed on a stack that follows the “last in, first out” (LIFO) principle.
Opcodes (operation codes) are instructions used to set the conditions for a transaction to execute under a given command.
In the Bitcoin network, each opcode is written as a command prefixed with OP (OP_RETURN) to carry out functions across categories such as computation, validation or invalidation of transactions, and adding, removing or moving items on the stack. Some examples:
- cryptography. Hashing and cryptographic checks: OP_HASH256 applies SHA-256 twice to the input, strengthening protection;
- control flow. Influences script execution logic: OP_VERIFY deems a transaction invalid if the top stack item is false;
- bitwise logic. Works with bits of the input: OP_INVERT inverts all bits of the input.
Although the architecture of the first cryptocurrency’s blockchain allows for up to 256 different opcodes, fewer than half are active today.
In 2010 Satoshi Nakamoto deliberately removed 16 such instructions on security grounds. One of them — OP_CAT — could significantly expand smart contracts on Bitcoin and make them as programmable as in Ethereum.
After the Taproot soft fork was activated in late 2021, a potential large-memory-usage vulnerability — the main reason Satoshi removed the opcode — was eliminated. A revival of OP_CAT has been actively discussed in the community since 2023.
What is OP_RETURN?
OP_RETURN is a standard output-locking script pattern that allows arbitrary data or messages to be embedded in Bitcoin transactions. As a NULLDATA implementation, it usually creates an explicit, verifiable, unspendable and prunable output.
Put simply, the opcode marks outputs as unambiguously prunable or unspendable, while leaving the attached messages — thanks to the immutability of the blockchain — there permanently. It lets users store 83 bytes of data, akin to “notes on a receipt”, without disrupting the network’s monetary foundation.
OP_RETURN was introduced in 2014 in Bitcoin Core 0.9.0 as a compromise to prevent spam related to messages in the UTXO set.
Early on, attaching data required sending bitcoin to one of the non-functioning addresses — burning coins. But each such transaction increased the number of outputs in the UTXO set, threatening sooner or later to overload validator nodes and the entire network.
OP_RETURN prevents the creation of new unspent outputs, making the opcode a more efficient way of sending data to the blockchain of the first cryptocurrency. Caution is necessary: bitcoin sent via this function is lost forever.
Initially, the limit on attached data was 40 bytes, but in 2015 it was raised to 80 bytes, and in 2016 to 83 bytes. These constraints were chosen deliberately to encourage the use of hashes rather than raw data.
On 27 April 2025, Bitcoin Core developer Peter Todd submitted Pull Request #32359 to the Bitcoin Core repository. The proposal included fully removing size limits for OP_RETURN outputs up to 4 MB.
On 9 June, Bitcoin Core developers decided to lift the cap on OP_RETURN-published data in client release v30, scheduled for October. Users will be able to set a temporary limit manually.
The opposing Bitcoin Knots camp offers alternative Bitcoin nodes with a conservative cap. In June 2025, the share of validators of such nodes approached 10%.
What ways exist to store data on Bitcoin’s blockchain?
The first to attach a message to a Bitcoin transaction was the network’s founder — Satoshi Nakamoto. He embedded in the genesis block the phrase: «The Times 03/Jan/2009 Chancellor on brink of second bailout for banks».
Satoshi used the then-available option of placing information in the scriptSig field of the coinbase transaction. It can still carry arbitrary messages today, such as a pool name, software version or hashrate data.
Encoding is used to place information on-chain. In the ASCII standard, each letter, number or other symbol is represented by a unique number from 0 to 127.
For example, the letter F in decimal (dec) ASCII corresponds to 70, and a comma to 44.
The word ForkLog in dec looks like 70 111 114 107 76 111 103, and its hexadecimal (hex) form for insertion into Bitcoin’s code appears as 466F726B4C6F67.
When browsing the blockchain via specialised software or an AI assistant such as ChatGPT, hex data can be easily decoded back into readable text. Thus, the Bitcoin blockchain stores many encoded messages.
The OP_RETURN field at this stage allows up to 83 bytes of data to be written. Since each ASCII character occupies 1 byte, around 83 characters can be placed in a single transaction. Users have to be inventive — choose concise yet expressive phrases, or simply leave an encoded IPFS link to a web resource.
How is OP_RETURN used?
As a more efficient way to store small amounts of data, OP_RETURN can be used across various domains. With the limit set to rise to the 4 MB block size, the scope of applications will broaden.
Existing use cases include:
- timestamp and Proof-of-Existence. Perpetuating an important document: a hash is embedded in a transaction, thereby proving its existence at a specific moment in time immutably and verifiably;
- metadata and notes. Some users add simple notes via OP_RETURN: order numbers, short messages, hashes;
- creating NFTs. The technology enables the creation and storage of non-fungible tokens on Bitcoin via Runes. The earlier — more “harmful” for the network — Ordinals protocol will be able to switch to the OP_RETURN method after the limits are lifted. Previously, the opcode was one of the key tools behind “colored coins”. It allowed individual satoshis to be “coloured” (tagged) with metadata representing shares in NFTs or company tokens. This made it possible to track and transfer Colored Coins in the first cryptocurrency’s blockchain and became a prototype for later developments;
- potential profit from large transactions. It may be lucrative for miners to process more “heavy” transactions;
decentralised applications and layer-2 networks (L2). Sidechains or state-channel networks such as Lightning Network can use OP_RETURN to embed summary off-chain state information into Bitcoin’s blockchain. This helps scalable solutions that need to interact periodically with the main chain and that currently have to issue two UTXOs because of the limit.
What are OP_RETURN’s drawbacks?
The many ways OP_RETURN can be used to store data in the blockchain underscore the technology’s innovative character. Even so, the community split signals a flipside.
Many believe Bitcoin’s primary purpose is to be digital gold, not a data-storage platform. Excessive use of OP_RETURN could lead to undue growth in blockchain size. The bigger every node becomes, the higher the hardware requirements — potentially increasing centralisation over time.
Some downsides of OP_RETURN:
- no obvious intrinsic benefit. While storing non-financial data via OP_RETURN may sound appealing, it does not by itself help the protocol operate: the technology does not participate in processing or validating transactions. Its utility depends entirely on external applications that can interpret and use the information as intended;
- high fees. Enlarging a transaction increases its fee — especially during periods of heavy network load;
- possible abuse. Data written with the opcode cannot be deleted or altered. This raises ethical and privacy questions, particularly if prohibited content is involved.