Question: SegWit Second Merkel Tree?

[AgentofCoin]

First of all this is a moderated topic, so if your responses are insufficient or pointless, I will remove it.

This question may be extremely simple, but I have watched conferences on youtube
and read explanations of SegWit and I could not find the answer stated plainly.

If the purpose of SegWit is to separate the signatures from the transaction data,
and in theory it will be done by having two different merkel trees,
where is the second merkel tree for verification being stored?

From my understanding it seems to be held outside the Bitcoin blockchain.

Any clarifications are greatly appreciated.

[1715072250]

1715072250

[1715072250]

1715072250

[saturn643]

From what I understand, that hash is stored in an OP_RETURN output in the coinbase transaction. This is where it is defined in the spec: https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#commitment-structure

To catch up on segwit stuff, I think you should read the BIPs. Those are BIP 141, 142, 143, and 144

[AgentofCoin]

From what I understand, that hash is stored in an OP_RETURN output in the coinbase transaction. This is where it is defined in the spec: https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#commitment-structure

To catch up on segwit stuff, I think you should read the BIPs. Those are BIP 141, 142, 143, and 144

I should have been more specific. I do not have a coding background, so that is why I was looking for the info "plainly".
If what you say is correct, then the witness data is still being maintained within the Bitcoin blockchain.
I am reading the BIPs over now, even though 85% flys over my head.
Thank you for your response.

[saturn643]

From what I understand, that hash is stored in an OP_RETURN output in the coinbase transaction. This is where it is defined in the spec: https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#commitment-structure

To catch up on segwit stuff, I think you should read the BIPs. Those are BIP 141, 142, 143, and 144

I should have been more specific. I do not have a coding background, so that is why I was looking for the info "plainly".
If what you say is correct, then the witness data is still being maintained within the Bitcoin blockchain.
I am reading the BIPs over now, even though 85% flys over my head.
Thank you for your response.

Technically speaking, the witness data is not in the blockchain. It is sent separately alongside of the blocks. However, the blocks must have some way to reference the witness block, and they do that by including the hash of the witnesses in the coinbase transaction. This also helps make this soft forkable.

[AgentofCoin]

Technically speaking, the witness data is not in the blockchain.

If the witness data is not in the blockchain, where is it? I thought you said it is in the OP_RETURN.

It is sent separately alongside of the blocks.

Do you mean alongside the txs, prior to being in a block?

However, the blocks must have some way to reference the witness block, and they do that by including the hash of the witnesses in the coinbase transaction.

Why do blocks need to reference the witness block? when a block is formed, isn't all txs within that block proved to be signed properly?
What do you mean coinbase transaction? I thought that is the block reward (currently 25btc).


I guess I'm really not understanding it.

[hhanh00]

Technically speaking, the witness data is not in the blockchain.

If the witness data is not in the blockchain, where is it? I thought you said it is in the OP_RETURN.

The OP_RETURN contains the hash of the witness data not the witness data itself.

It is sent separately alongside of the blocks.

Do you mean alongside the txs, prior to being in a block?

If you are familiar with alt-coins that are using the bitcoin blockchain, it is a similar principle. You have data
(here it's the witness data) that is transmitted aside from the blockchain. However, in order to prove that
data authentic, its hash is included in the blockchain.

However, the blocks must have some way to reference the witness block, and they do that by including the hash of the witnesses in the coinbase transaction.

Why do blocks need to reference the witness block? when a block is formed, isn't all txs within that block proved to be signed properly?
What do you mean coinbase transaction? I thought that is the block reward (currently 25btc).

This one, I'm unclear myself. It seems to me that it's a nice to have - but not a requirement. Every transaction is either signed directly and its signature included
in the blockchain (normal case) or in the witness data. If you are interested in verifying signatures, you have to download the witness data. Once you have it,
I believe you could verify every transaction in two steps:
1. the signature is correct
2. the hash of the witness data is equal to the value in the OP_RETURN

Before:
Tx in blockchain:
- Inputs: [Pubkey, Signature]

After
Tx in blockchain:
- Inputs: [Hash of [Pubkey] ]
Tx in segwit data: [PubKey, Signature]

There are other cases too but at first approximation, I hope this helps.

The coinbase tx is the block reward so technically it doesn't have need any input. However, the bitcoin protocol uses its inputs in a special way. It is like an
extension to the block header, but putting data there keeps the header short and can be done by a soft-fork.

[AgentofCoin]

...
If you are familiar with alt-coins that are using the bitcoin blockchain, it is a similar principle. You have data
(here it's the witness data) that is transmitted aside from the blockchain. However, in order to prove that
data authentic, its hash is included in the blockchain.

I guess my question here is then, when the signature data is separated out, (and is now called the segregated witness data),
it is still checked to determine if it is valid and spendable and follow the same procedures and rules as prior to
SegWit being activated?

The signature data is separated from the transaction data and verified as before, but now hashed into OP_RETURN?

This one, I'm unclear myself. It seems to me that it's a nice to have - but not a requirement. Every transaction is either signed directly and its signature included
in the blockchain (normal case) or in the witness data. If you are interested in verifying signatures, you have to download the witness data. Once you have it,
...

When you say "you have to download the witness data" what do you mean? Is that separate from the blockchain data?

Either I am overthinking this too much or am oblivious since I am a laymen with this.

It would be great if someone could make a youtube video with simple animations as to how SegWit would work.
If it becomes a major function/feature of Bitcoin/bitcoin into the future,
there should be something that average users can grasp easily.

Thank you for helping me to understand.

Edit: I guess my real problem was when I learned that the SegWit would have its own merkel tree.

[achow101]

I guess my question here is then, when the signature data is separated out, (and is now called the segregated witness data),
it is still checked to determine if it is valid and spendable and follow the same procedures and rules as prior to
SegWit being activated?

Yes.

The signature data is separated from the transaction data and verified as before, but now hashed into OP_RETURN?

No. The signature data is put into a second data structure called a Witness. That witness has a reference to the transaction that it belongs to and is send alongside of the transaction.

When you say "you have to download the witness data" what do you mean? Is that separate from the blockchain data?

Yes. It is sent alongside the block as another data structure called a Witness Block.

I think the point of the OP_RETURN in the coinbase is to essentially assign the witness block to that block. It makes downloading it easier as instead of requesting the witness of each transaction individually, the node can request the entire witness block.

[AgentofCoin]

I guess my question here is then, when the signature data is separated out, (and is now called the segregated witness data),
it is still checked to determine if it is valid and spendable and follow the same procedures and rules as prior to
SegWit being activated?

Yes.

The signature data is separated from the transaction data and verified as before, but now hashed into OP_RETURN?

No. The signature data is put into a second data structure called a Witness. That witness has a reference to the transaction that it belongs to and is send alongside of the transaction.

When you say "you have to download the witness data" what do you mean? Is that separate from the blockchain data?

Yes. It is sent alongside the block as another data structure called a Witness Block.

I think the point of the OP_RETURN in the coinbase is to essentially assign the witness block to that block. It makes downloading it easier as instead of requesting the witness of each transaction individually, the node can request the entire witness block.

I think I understand better now. Thank you.

Last few questions:

1. If the Witness blocks are separate from the blockchain data,
I assume miners will need to download the full SegWit Data blocks to verify the signatures,
in addition to the blockchain blocks?


2. If the Witness blocks are now an additional thing to download, verify, and maintain,
will this cause additional effort and time for the chinese miners,
before transmitting a block with txs included?

What I mean is, will this new step add time to the race to find a block and add txs to it?
I understand that SegWit provides for more space within a block to add more txs,
but since it is now SegWit is a separate chain, will that add to the race to make blocks with txs?


3. If the Witness blocks are separate from the blockchain data,
will there need to be SegWit block explorers in the near future?
Or would everyone just watch the bitcoin block explorers and wait and watch the OP_RETURN hash?

[achow101]

1. If the Witness blocks are separate from the blockchain data,
I assume miners will need to download the full SegWit Data blocks to verify the signatures,
in addition to the blockchain blocks?

Yes, and full nodes that support segwit will do that as well.

2. If the Witness blocks are now an additional thing to download, verify, and maintain,
will this cause additional effort and time for the chinese miners,
before transmitting a block with txs included?

Yes but not that much. I think it would be about the same amount of extra work that increasing the block size to 2 Mb would be.

What I mean is, will this new step add time to the race to find a block and add txs to it?
I understand that SegWit provides for more space within a block to add more txs,
but does it now being a seperate chain add to the race to make blocks with txs?

About as much as a block size limit increase does

3. If the Witness blocks are separate from the blockchain data,
will there need to be SegWit block explorers in the near future?
Or would everyone just watch the bitcoin block explorers and wait and watch the OP_RETURN hash?

The block explorers should have something that is also able to deal with the witness blocks and associate the witnesses with the proper transactions. The full nodes behind block explorers will still be downloading the witness data so they just need to upgrade their software to understand it.

[AgentofCoin]

...

I think i get it now.
Thank you for your help to understand this.
I guess my original question was a no brainer, lol.

Thanks again.