Bitcoin Forum

Bitcoin => Development & Technical Discussion => Topic started by: vneos on July 09, 2024, 09:38:32 AM


Title: Same private key, different P2WSH address
Post by: vneos on July 09, 2024, 09:38:32 AM
Hi all, I'm having problems trying to convert a private key to a P2WSH address.

Using the tool provided on this site: https://secretscan.org/Bech32 (https://secretscan.org/Bech32), the P2WSH address obtained for private key '1' is
Code:
bc1qpac4ht6afshdx2tctnhjnetz7u6g3j9zhwwmc4cqkdsa2jumq42qd3drf7
, which is the same as the result generated by the tool provided on github: https://github.com/fortesp/bitcoinaddress (https://github.com/fortesp/bitcoinaddress).

But when I use bitcoin core, the address I get using private key '1' is
Code:
bc1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3qccfmv3
, which can be confirmed here: https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki/#examples (https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki/#examples)

Why is there this discrepancy?

Best regards.

Title: Re: Same private key, different P2WSH address
Post by: ABCbits on July 09, 2024, 10:04:11 AM
I tried reading source code for bitcoinaddress[1], but couldn't understand what kind of redeem script would be generated. But i'm fairly sure that BIP 173 and bitcoinaddress use different redeem script which caused the discrepancy.

[1] https://github.com/fortesp/bitcoinaddress/blob/master/bitcoinaddress/address.py#L130 (https://github.com/fortesp/bitcoinaddress/blob/master/bitcoinaddress/address.py#L130)

Title: Re: Same private key, different P2WSH address
Post by: vjudeu on July 09, 2024, 11:23:54 AM
Code:
SHA-256(210279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798ac)=1863143c14c5166804bd19203356da136c985678cd4d27a1b8c6329604903262
SHA-256(0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798)=0f715baf5d4c2ed329785cef29e562f73488c8a2bb9dbc5700b361d54b9b0554
The first Script is locked into the public key. The second Script is simply invalid. Which means, that coins from bc1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3qccfmv3 require a valid signature. However, coins from bc1qpac4ht6afshdx2tctnhjnetz7u6g3j9zhwwmc4cqkdsa2jumq42qd3drf7 are trapped on that address, probably forever.

Edit: I thought they are always spendable, but it is worse: they are locked into invalid Script.

Code:
$ ./bitcoin-cli -testnet decodescript 210279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798ac
{
  "asm": "0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 OP_CHECKSIG",
  "desc": "pk(0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798)#gn28ywm7",
  "type": "pubkey",
  "p2sh": "2MvVwHhgE2JyjkjQk72CghrhrJsanKfHfqe",
  "segwit": {
    "asm": "0 751e76e8199196d454941c45d1b3a323f1433bd6",
    "desc": "addr(tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kxpjzsx)#0wnhlaqf",
    "hex": "0014751e76e8199196d454941c45d1b3a323f1433bd6",
    "address": "tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kxpjzsx",
    "type": "witness_v0_keyhash",
    "p2sh-segwit": "2NAUYAHhujozruyzpsFRP63mbrdaU5wnEpN"
  }
}

$ ./bitcoin-cli -testnet decodescript 0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
{
  "asm": "-15993 OP_VERNOTIF OP_CAT OP_UNKNOWN OP_UNKNOWN OP_UNKNOWN OP_CHECKSIG 5 OP_GREATERTHAN OP_VER OP_MUL OP_UNKNOWN OP_EQUAL 07029bfcdb2dce28d959f2 OP_RIGHT 11 [error]",
  "desc": "raw(0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798)#7v4hh3gm",
  "type": "nonstandard"
}

Title: Re: Same private key, different P2WSH address
Post by: nc50lc on July 10, 2024, 05:09:48 AM
Quote from: vneos
But when I use bitcoin core, the address I get using private key '1' is
Code:
bc1qrp33g0q5c5txsp9arysrx4k6zdkfs4nce4xj0gdcccefvpysxf3qccfmv3
, which can be confirmed here: https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki/#examples (https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki/#examples)
This is the correct address which is properly imported to Bitcoin Core,
you probably used this descriptor: wsh(pk(0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798))
pubKey can be replaced by its WIF prvKey pair for non-watching-only wallets.

Quote from: vneos on July 09, 2024, 09:38:32 AM
Code:
bc1qpac4ht6afshdx2tctnhjnetz7u6g3j9zhwwmc4cqkdsa2jumq42qd3drf7
, which is the same as the result generated by the tool provided on github: https://github.com/fortesp/bitcoinaddress (https://github.com/fortesp/bitcoinaddress).
Now this is as if they've forcefully created it with the descriptor: wsh(0279be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798)
Which will not work since its redeeem script would be the public key itself.

Title: Re: Same private key, different P2WSH address
Post by: ABCbits on July 10, 2024, 09:06:53 AM
I forget to mention this earlier. If you want to create address based on single private key as spend condition, you better use either P2TR or P2WPKH. Those option have lower input/output size, which means you could pay less fee.

Quote from: vjudeu on July 09, 2024, 11:23:54 AM
--snip--

Good catch, those website/library doesn't include include 0x21 (which push the 33 byte data) and 0xAC (OP_CHECKSIG). But i didn't expect Bitcoin Core parse the script (which only contain public key) in that way.

Title: Re: Same private key, different P2WSH address
Post by: pooya87 on July 11, 2024, 11:06:18 AM
This highlights the risk of using unpopular tools that aren't reviewed and lack enough tests; or in this case I should say tools that have wrong tests which is worse because it is creating a false sense of correctness!

A quick look at the source code shows their test vector for P2WSH with a single pubkey is wrong as well:
https://github.com/fortesp/bitcoinaddress/blob/da9dd65e529600bc7ad0b5427c91bbff533fe773/tests/test_address.py#L20-L21
The correct address is bc1q6gmqnd9x8q40gusftcxw84sjmdszcp3hv0ur3k7aufvjwzw5y77sl2kknp


Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines