mirror of
https://github.com/bitcoinbook/bitcoinbook
synced 2025-02-22 04:22:15 +00:00
Several fixes to Segwit/P2SH #440
There were several errors in the address and hash calculations. Fixed errors and added command line examples to clarify the process
This commit is contained in:
Andreas M. Antonopoulos
parent
240b5b0c1c
commit
1ddd89b658
@ -777,7 +777,7 @@ Now, let's look at how this entire example would be upgraded to segwit. If Moham
|
||||
|
||||
.Example P2WSH output script
|
||||
----
|
||||
0 9592d601848d04b172905e0ddb0adde59f1590f1e553ffc81ddc4b0ed927dd73
|
||||
0 a9b7b38d972cabc7961dbfbcb841ad4508d133c47ba87457b4a0e8aae86dbb89
|
||||
----
|
||||
|
||||
Again, as with the example of P2WPKH, you can see that the Segregated Witness equivalent script is a lot simpler and omits the various script operands that you see in P2SH scripts. Instead, the Segregated Witness program consists of two values pushed to the stack: a witness version (0) and the 32-byte SHA256 hash of the redeem script.
|
||||
@ -850,28 +850,37 @@ Bob's wallet starts with the P2WPKH witness program we saw earlier:
|
||||
|
||||
The P2WPKH witness program consists of the witness version and Bob's 20-byte public key hash.
|
||||
|
||||
Bob's wallet then hashes the preceding witness program, first with SHA256, then with RIPEMD160, producing another 20-byte hash:
|
||||
Bob's wallet then hashes the preceding witness program, first with SHA256, then with RIPEMD160, producing another 20-byte hash.
|
||||
|
||||
Let's use +bx+ on the command-line to replicate that:
|
||||
|
||||
.HASH160 of the P2WPKH witness program
|
||||
----
|
||||
echo \
|
||||
'0 [ab68025513c3dbd2f7b92a94e0581f5d50f654e7]'\
|
||||
| bx script-encode | bx sha256 | bx ripemd160
|
||||
3e0547268b3b19288b3adef9719ec8659f4b2b0b
|
||||
----
|
||||
|
||||
[role="pagebreak-before"]
|
||||
The hash of the witness program is then embedded in a P2SH script:
|
||||
|
||||
Next, the redeem script hash is converted to a bitcoin address. Let's use +bx+ on the command-line again:
|
||||
|
||||
.P2SH address
|
||||
----
|
||||
echo \
|
||||
'3e0547268b3b19288b3adef9719ec8659f4b2b0b' \
|
||||
| bx address-encode -v 5
|
||||
37Lx99uaGn5avKBxiW26HjedQE3LrDCZru
|
||||
----
|
||||
|
||||
Now, Bob can display this address for customers to pay for their coffee. Alice's wallet can make a payment to +37Lx99uaGn5avKBxiW26HjedQE3LrDCZru+, just as it would to any other bitcoin address.
|
||||
|
||||
To pay Bob, Alice's wallet would lock the output with a P2SH script:
|
||||
----
|
||||
HASH160 3e0547268b3b19288b3adef9719ec8659f4b2b0b EQUAL
|
||||
----
|
||||
|
||||
Finally, the P2SH script is converted to a P2SH bitcoin address:
|
||||
|
||||
.P2SH address
|
||||
----
|
||||
37Lx99uaGn5avKBxiW26HjedQE3LrDCZru
|
||||
----
|
||||
|
||||
Now, Bob can display this address for customers to pay for their coffee. Alice's wallet can make a payment to +37Lx99uaGn5avKBxiW26HjedQE3LrDCZru+, just as it would to any other bitcoin address. Even though Alice's wallet has no support for segwit, the payment it creates can be spent by Bob with a segwit transaction.((("", startref="aliced")))
|
||||
Even though Alice's wallet has no support for segwit, the payment it creates can be spent by Bob with a segwit transaction.((("", startref="aliced")))
|
||||
|
||||
===== Pay-to-Witness-Script-Hash inside Pay-to-Script-Hash
|
||||
|
||||
@ -879,34 +888,55 @@ Similarly, a P2WSH witness program for a multisig script or other complicated sc
|
||||
|
||||
As we saw in <<p2wsh>>, Mohammed's ((("use cases", "import/export")))company is using Segregated Witness payments to multisignature scripts. To make it possible for any client to pay his company, regardless of whether their wallets are upgraded for segwit, Mohammed's wallet can embed the P2WSH witness program inside a P2SH script.
|
||||
|
||||
First, Mohammed's wallet creates the P2WSH witness program that corresponds to the multisignature script, hashed with SHA256:
|
||||
First, Mohammed's wallet hashes the redeem script with SHA256 (just once). Let's use +bx+ to do that on the command-line:
|
||||
|
||||
.Mohammed's wallet creates a P2WSH witness program
|
||||
----
|
||||
echo \
|
||||
2 \ [04C16B8698A9ABF84250A7C3EA7EEDEF9897D1C8C6ADF47F06CF73370D74DCCA01CDCA79DCC5C395D7EEC6984D83F1F50C900A24DD47F569FD4193AF5DE762C587] \
|
||||
[04A2192968D8655D6A935BEAF2CA23E3FB87A3495E7AF308EDF08DAC3C1FCBFC2C75B4B0F4D0B1B70CD2423657738C0C2B1D5CE65C97D78D0E34224858008E8B49] \
|
||||
[047E63248B75DB7379BE9CDA8CE5751D16485F431E46117B9D0C1837C9D5737812F393DA7D4420D7E1A9162F0279CFC10F1E8E8F3020DECDBC3C0DD389D9977965] \
|
||||
[0421D65CBD7149B255382ED7F78E946580657EE6FDA162A187543A9D85BAAA93A4AB3A8F044DADA618D087227440645ABE8A35DA8C5B73997AD343BE5C2AFD94A5] \
|
||||
[043752580AFA1ECED3C68D446BCAB69AC0BA7DF50D56231BE0AABF1FDEEC78A6A45E394BA29A1EDF518C022DD618DA774D207D137AAB59E0B000EB7ED238F4D800] \
|
||||
5 CHECKMULTISIG \
|
||||
| bx script-encode | bx sha256
|
||||
9592d601848d04b172905e0ddb0adde59f1590f1e553ffc81ddc4b0ed927dd73
|
||||
----
|
||||
|
||||
Next, the hashed redeem script is turned into a P2WSH witness program:
|
||||
|
||||
----
|
||||
0 9592d601848d04b172905e0ddb0adde59f1590f1e553ffc81ddc4b0ed927dd73
|
||||
----
|
||||
|
||||
Then, the witness program itself is hashed with SHA256 and RIPEMD160, producing a new 20-byte hash, as used in traditional P2SH:
|
||||
Then, the witness program itself is hashed with SHA256 and RIPEMD160, producing a new 20-byte hash, as used in traditional P2SH. Let's use +bx+ on the command-line to do that:
|
||||
|
||||
.The HASH160 of the P2WSH witness program
|
||||
----
|
||||
echo \
|
||||
'0 [9592d601848d04b172905e0ddb0adde59f1590f1e553ffc81ddc4b0ed927dd73]'\
|
||||
| bx script-encode | bx sha256 | bx ripemd160
|
||||
86762607e8fe87c0c37740cddee880988b9455b2
|
||||
----
|
||||
|
||||
Next, Mohammed's wallet puts the hash into a P2SH script:
|
||||
Next, the wallet constructs a P2SH bitcoin address from this hash. Again, we use +bx+ to calculate on the command-line:
|
||||
|
||||
.P2SH bitcoin address
|
||||
----
|
||||
echo \
|
||||
'86762607e8fe87c0c37740cddee880988b9455b2'\
|
||||
| bx address-encode -v 5
|
||||
3Dwz1MXhM6EfFoJChHCxh1jWHb8GQqRenG
|
||||
----
|
||||
|
||||
Now, Mohammed's clients can make payments to this address without any need to support segwit. To send a payment to Mohammed, a wallet would lock the output with the following P2SH script:
|
||||
|
||||
.P2SH script used to lock payments to Mohammed's multisig
|
||||
----
|
||||
HASH160 86762607e8fe87c0c37740cddee880988b9455b2 EQUAL
|
||||
----
|
||||
|
||||
Finally, the wallet constructs a bitcoin address from this script:
|
||||
|
||||
.P2SH bitcoin address
|
||||
----
|
||||
3Dwz1MXhM6EfFoJChHCxh1jWHb8GQqRenG
|
||||
----
|
||||
|
||||
Now, Mohammed's clients can make payments to this address without any need to support segwit. Mohammed's company can then construct segwit transactions to spend these payments, taking advantage of segwit features including lower transaction fees.
|
||||
Mohammed's company can then construct segwit transactions to spend these payments, taking advantage of segwit features including lower transaction fees.
|
||||
|
||||
===== Segregated Witness addresses
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user