Error Signing P2SH-P2WSH MultiSig: “Unable to sign input, invalid stack size..“

[praveenbm5]

I am trying to create and spend a P2SH-P2WSH transaction using bitcoin-cli but am getting "Unable to sign input, invalid stack size (possibly missing key)" when I try to sign the Multi-Sig transaction using bitcoin-cli signrawtransactionwithkey ...

please help!

Here is the shell script I am using to create and sign the transaction:

https://gist.github.com/praveenbm5/e39be366bebbab71ec29342722f5c29b

Code:

#!/bin/bash

read -r -d '' bitcoin_conf <<-EOM
## Generated - `date`
## bitcoin.conf configuration file. Lines beginning with # are comments.
##
daemon=1
regtest=1

listen=0

# JSON-RPC options (for controlling a running Bitcoin/bitcoind process)
rpcuser=coinvault
rpcpassword=my_hen_lays_two_eggs_a_day
rpcport=8332

# server=1 tells Bitcoin-Qt and bitcoind to accept JSON-RPC commands
server=1
#prune=5500
txindex=1
EOM

echo $bitcoin_conf > ~/.bitcoin/bitcoin.conf

set -x #echo on

start afresh
rm -R ~/.bitcoin/regtest
bitcoind

#Depositor - Keys
DepositorAdrs="2NDHneT24Kv2WBEdR3bK12Esx22Lwt269Sq"
DepositorPriv="cUrRAGYGV9Lj7yk7qFMZxxVeFTFqgt6BuJheb4EgVMafHef8f9p9"
DepositorPub="023320c921fb86d276cf996c97a3f3893e5da2c03926acd1d5160d0ccdb582f416"
#DepositorToken - Keys
DepositorTokenAdrs="2N5MtkMHE6LdEPmFcAt8E7dUVdYFSZbpJhz"
DepositorTokenPriv="cTXijGDBz6jDD2tKarpt982e4VnF7Jm1uJg5oKsVSpzcL8y3ut63"
DepositorTokenPub="032aa651b6e0064cf4ddc0230e5cf37496d32e7970e9221f0d16d7afefd2be2451"
#Vault - Keys
VaultAdrs="2MtfrYeMAZSMZMZhWbpt6RyCsKfbQ4YTGm1"
VaultPriv="cS71P5KPZbgGYhkXfTomFNYxq2NRccQb8Zkw3XEQkMVnQdSvAYQn"
VaultPub="03cb7ef39e4bf4e487f73dd8c0ac6f0ef112a6ac7b3fa09546007121605bfa7c7b"
#VaultToken - Keys
VaultTokenAdrs="2NBNydtkbBZ4cpVPmQai5M7HPaCTG2TtiMG"
VaultTokenPriv="cSU3xYnsJuojZiuaoJs6tBP8dA5MUL67kwwPvh2hwgQVuByGUJ7u"
VaultTokenPub="0380f1bd8cfc7560dc0a0da73d121d7ff7e9c63464321d3fb6758c400dcbc021a2"

bitcoin-cli generatetoaddress 101 "2NDHneT24Kv2WBEdR3bK12Esx22Lwt269Sq"
bitcoin-cli importaddress "2NDHneT24Kv2WBEdR3bK12Esx22Lwt269Sq"

utxo_txid_1=$(bitcoin-cli listunspent | jq -r '.[0] | .txid')
utxo_vout_1=$(bitcoin-cli listunspent | jq -r '.[0] | .vout')

# Create Deposit Transaction

DepositTxOutputAddress="2N5WCSHb1jzz1DWY7bSc6oW4Q918R6teLvc"
DepositTxRedeemScript="002077ed8a9258123317cfe7c30a8990b4c7ef4fe011e26c1dbe5838466dd4633c08"
DepositTxWitnessScript="0072537a532103cb7ef39e4bf4e487f73dd8c0ac6f0ef112a6ac7b3fa09546007121605bfa7c7b21032aa651b6e0064cf4ddc0230e5cf37496d32e7970e9221f0d16d7afefd2be245121023320c921fb86d276cf996c97a3f3893e5da2c03926acd1d5160d0ccdb582f41653ae"

# bitcoin-cli decodescript $DepositTxWitnessScript
#
# {
#   "asm": "0 OP_2SWAP 3 OP_ROLL 3 03cb7ef39e4bf4e487f73dd8c0ac6f0ef112a6ac7b3fa09546007121605bfa7c7b 032aa651b6e0064cf4ddc0230e5cf37496d32e7970e9221f0d16d7afefd2be2451 023320c921fb86d276cf996c97a3f3893e5da2c03926acd1d5160d0ccdb582f416 3 OP_CHECKMULTISIG",
#   "type": "nonstandard",
#   "p2sh": "2MzCj5bQ67x3vsy5GZnHeE5oezZnzvK62GT",
#   "segwit": {
#     "asm": "0 77ed8a9258123317cfe7c30a8990b4c7ef4fe011e26c1dbe5838466dd4633c08",
#     "hex": "002077ed8a9258123317cfe7c30a8990b4c7ef4fe011e26c1dbe5838466dd4633c08",
#     "reqSigs": 1,
#     "type": "witness_v0_scripthash",
#     "addresses": [
#       "bcrt1qwlkc4yjczge30nl8cv9gny95clh5lcq3ufkpm0jc8prxm4rr8syqw6ctdw"
#     ],
#     "p2sh-segwit": "2N5WCSHb1jzz1DWY7bSc6oW4Q918R6teLvc"
#   }
# }

read -r -d '' DepositTxInputs <<-EOM
    [
        {
            "txid": "$utxo_txid_1",
            "vout": $utxo_vout_1
        }
    ]
EOM

read -r -d '' DepositTxOutputs <<-EOM
    [
        {
            "$DepositTxOutputAddress": 50
        }
    ]
EOM


DepositTx=$(bitcoin-cli createrawtransaction "$DepositTxInputs" "$DepositTxOutputs")

echo "Unsigned Deposit Tx"
bitcoin-cli decoderawtransaction "$DepositTx"

DepositTxSigned=$(bitcoin-cli signrawtransactionwithkey "$DepositTx"  "[\"$DepositorPriv\"]" | jq -r '.hex')

echo "Signed Deposit Tx"
bitcoin-cli decoderawtransaction "$DepositTxSigned"

DepositTxID=$(bitcoin-cli decoderawtransaction "$DepositTxSigned" | jq .txid)
DepositTxScriptPubKey=$(bitcoin-cli decoderawtransaction "$DepositTxSigned" | jq '.vout[0] | .scriptPubKey.hex')


ProvTxOutputAddress="2MtBFk78tB3awCMREc2KBy93WAUT9ZxGc2Y"

read -r -d '' ProvTxInputs <<-EOM
    [
        {
            "txid": $DepositTxID,
            "vout": 0
        }
    ]
EOM

read -r -d '' ProvTxOutputs <<-EOM
    [
        {
            "$ProvTxOutputAddress": 50
        }
    ]
EOM

ProvTx=$(bitcoin-cli createrawtransaction "$ProvTxInputs" "$ProvTxOutputs")

echo "Unsigned Prov Tx"
echo "HEX: $ProvTx"
bitcoin-cli decoderawtransaction "$ProvTx"

read -r -d '' PrevTx <<-EOM
    [
        {                            
            "txid": $DepositTxID,        
            "vout": 0,                 
            "scriptPubKey": $DepositTxScriptPubKey,
            "redeemScript": "$DepositTxRedeemScript",     
            "witnessScript": "$DepositTxWitnessScript",
            "amount": 50.00000000         
        }
    ]
EOM

echo "Prev Tx Data for Prov Tx"
echo "$PrevTx" | jq -r .

ProvTxPartSignedDep=$(bitcoin-cli signrawtransactionwithkey "$ProvTx"  "[\"$VaultPriv\"]" "$PrevTx")
echo $ProvTxPartSignedDep | jq -r .
ProvTxPartSignedDep=$( echo $ProvTxPartSignedDep | jq -r '.hex')

echo "Vault Signed Prov Tx"
echo "HEX: $ProvTxPartSignedDep"
bitcoin-cli decoderawtransaction "$ProvTxPartSignedDep"

ProvTxPartSignedDep=$(bitcoin-cli signrawtransactionwithkey "$ProvTxPartSignedDep"  "[\"$DepositorTokenPriv\"]" "$PrevTx")
echo $ProvTxPartSignedDep | jq -r .
ProvTxPartSignedDep=$( echo $ProvTxPartSignedDep | jq -r '.hex')

echo "Vault+DepositorToken Signed Prov Tx"
echo "HEX: $ProvTxPartSignedDep"
bitcoin-cli decoderawtransaction "$ProvTxPartSignedDep"

ProvTxPartSignedDep=$(bitcoin-cli signrawtransactionwithkey "$ProvTxPartSignedDep"  "[\"$DepositorPriv\"]" "$PrevTx")
echo $ProvTxPartSignedDep | jq -r .
ProvTxPartSignedDep=$( echo $ProvTxPartSignedDep | jq -r '.hex')

echo "Vault+DepositorToken+Depositor Signed Prov Tx"
echo "HEX: $ProvTxPartSignedDep"
bitcoin-cli decoderawtransaction "$ProvTxPartSignedDep"

bitcoin-cli stop

[1715255187]

1715255187

[1715255187]

1715255187

[1715255187]

1715255187

[1715255187]

1715255187

[BrewMaster]

the way i understand it, the code first checks the type of your script so that it can decide how it should sign your transaction. so there are only a handful of things it can sign and everything else should fail for automatic detection and signing.
in this case it may be failing because your redeem script is a strange one starting with "0 OP_2SWAP 3 OP_ROLL" so core has no idea how to sign this.

have you tested your code with a normal (standard) checkmultisig redeem script? i think you should start there and move to non-standard.

[praveenbm5]

Hello BrewMaster

Thank you for looking through my script..

I actually created that script using the following Ivy code...

Code:

contract DepositTx(
  Depositor: PublicKey,
  DepositorToken: PublicKey,
  Vault: PublicKey,
  val: Value
) {
  clause spend(DepositorSig: Signature, DepositorTokenSig: Signature, VaultSig: Signature) {
    verify checkMultiSig([Depositor, DepositorToken, Vault], [DepositorSig, DepositorTokenSig, VaultSig])
    unlock val
  }
}

which compiles to the following Bitcoin Script...

Code:

0 2SWAP 3 ROLL 3 PUSH(Vault) PUSH(DepositorToken) PUSH(Depositor) 3 CHECKMULTISIG

I am actually trying to create even more complex contracts... so trying to stick to this Ivy based workflow using non-standard scripts..

Are there any particular caveats to using non-standard scripts?

[achow101]

I am actually trying to create even more complex contracts... so trying to stick to this Ivy based workflow using non-standard scripts..

Are there any particular caveats to using non-standard scripts?

Bitcoin Core cannot sign non-standard scripts.

[praveenbm5]

Hello Achow101

Thank you for clarifying about non-standard scripts in transactions..

So transactions from Lightning Network which I believe are non-standard cannot be signed or relayed by standard nodes is it?

[BrewMaster]

So transactions from Lightning Network which I believe are non-standard cannot be signed or relayed by standard nodes is it?

there is a difference between signing and relaying.
to relay a transaction all you have to do is to verify it which includes verifying the signature (running that script). so in your example all they have to do is to know what OP_2SWAP and others do. and nodes do know it so they can verify and relay the transaction.

but to sign it, they have to know how. even a human can not always know how to produce a signature for all scripts so it can not be turned into pre-defined code.

[praveenbm5]

I understand...

Can you recommend a framework/library in which I can easily create, sign (full/partial) and broadcast these types of transactions.

I wanted to stick to bitcoin-core to be absolutely sure but this is not an option as I have learnt from you guys.

Lot of effort wasted in trying to do it with bitcoind and bitcoin-cli