Generate P2WSH - redeemScript does not correspond to witnessScript

[barno]

I want to generate P2WSH to study it. I read the spec https://bitcoincore.org/en/segwit_wallet_dev/#creation-of-p2sh-p2wsh-address but I have an error during spend it. (redeemScript does not correspond to witnessScript)

I create a bash script to generate private and public key, and I will report only the part to create redeem script etc.

Public key

Code:

02aa31bcc43d302bd217761e3268b3fde67078a8ddcb157517f9c69633f5f9e214

Witness script

Code:

SCRIPT="76a9"$PBLENGTH$PBH"88AC"
printf $SCRIPT > witness_script.txt
> result: 76a9143a067efd9e4c79d0b8c94d81108fa21920ef896788AC

Create Script Hash, use sha256 once

Code:

ADDR_SHA=`printf $SCRIPT | xxd -r -p | openssl sha256| sed 's/^.* //'`
printf $ADDR_SHA > scripthash.txt
> result: bd73935d1af51d3e4490f158cc2585fdd8ac81cae898855faa8e26606a7e9934

Create redeem script  (i.e. 0x0020{32-byte scripthash})

Code:

REDEEMSCRIPT="0020"$ADDR_SHA
printf $REDEEMSCRIPT > redeem_script.txt
> result: 0020bd73935d1af51d3e4490f158cc2585fdd8ac81cae898855faa8e26606a7e9934

Create SCRIPTPUBKEY (OP_HASH160 hash160(redeemScript) OP_EQUAL) where hash160 is Sha256 and ripemd160

Code:

  ADDR_160=$(printf $(printf $REDEEMSCRIPT | xxd -r -p | openssl sha256| sed 's/^.* //') | xxd -r -p | openssl ripemd160 | sed 's/^.* //')
  SCRIPTPUBKEY="A914"$ADDR_160"87"
  printf $SCRIPTPUBKEY > scriptPubKey.txt
> result: A914bb18c1d4c6d65ca60f4dee268475c429f9896b6587

Create Address (regtest, prefix is C4)

Code:

  ADDR=`printf $VERSION_PREFIX_ADDRESS$ADDR_160 | xxd -p -r | base58 -c`
  printf $ADDR > address_p2sh-p2wsh.txt
> result: 2NAJW1K8Us8ymnzZvRJY4JPqKQ6VqRcMqd7

Then I create a transaction from this address to anther address. I have 50 bitcoin available.

Code:

REDEEMSCRIPT=`cat redeem_script.txt`
SCRIPTPUBKEY=`cat scriptPubKey.txt`
WITNESSCRIPT=`cat witness_script.txt`

TX_DATA=$(bitcoin-cli createrawtransaction '[{"txid":"'$TXID'","vout":'$VOUT'}]' '[{"'$ADDR_DEST'":'$AMOUNT'}]')

TX_SIGNED=$(bitcoin-cli signrawtransactionwithkey $TX_DATA '["'$PK'"]' '[{"txid":"'$TXID'","vout":'$VOUT',"scriptPubKey":"'$SCRIPTPUBKEY'","redeemScript":"'$REDEEMSCRIPT'","witnessScript":"'$WITNESSCRIPT'","amount":"'$TOTAL_UTXO_AMOUNT'"}]'  | jq -r '.hex')

At that moment I have this error
redeemScript does not correspond to witnessScript

TX_DATA:

Code:

{
  "txid": "b0a12356d1caa8bb6cfb1dd572c520742fc96d176762a10b8f669118744417c7",
  "hash": "b0a12356d1caa8bb6cfb1dd572c520742fc96d176762a10b8f669118744417c7",
  "version": 2,
  "size": 85,
  "vsize": 85,
  "weight": 340,
  "locktime": 0,
  "vin": [
    {
      "txid": "4de43b38df24ff350ac9821637ea8996fa33d20aa99677b86918f577697a3e15",
      "vout": 0,
      "scriptSig": {
        "asm": "",
        "hex": ""
      },
      "sequence": 4294967295
    }
  ],
  "vout": [
    {
      "value": 49.99100000,
      "n": 0,
      "scriptPubKey": {
        "asm": "OP_DUP OP_HASH160 af886b3952c6b69e25721d6ffbf3d96c39ca4352 OP_EQUALVERIFY OP_CHECKSIG",
        "hex": "76a914af886b3952c6b69e25721d6ffbf3d96c39ca435288ac",
        "reqSigs": 1,
        "type": "pubkeyhash",
        "addresses": [
          "mwX5yAv3Q42VsebJwuk3Qzn2mikWBugF4g"
        ]
      }
    }
  ]
}

UTXO

Code:

$ bitcoin-cli getrawtransaction 4de43b38df24ff350ac9821637ea8996fa33d20aa99677b86918f577697a3e15 2
{
  "txid": "4de43b38df24ff350ac9821637ea8996fa33d20aa99677b86918f577697a3e15",
  "hash": "df9abe47f73aacbe0fd021868123c0a7e9ab923db9d8a4972f12bdb36d8e89d6",
  "version": 2,
  "size": 169,
  "vsize": 142,
  "weight": 568,
  "locktime": 0,
  "vin": [
    {
      "coinbase": "510101",
      "sequence": 4294967295
    }
  ],
  "vout": [
    {
      "value": 50.00000000,
      "n": 0,
      "scriptPubKey": {
        "asm": "OP_HASH160 bb18c1d4c6d65ca60f4dee268475c429f9896b65 OP_EQUAL",
        "hex": "a914bb18c1d4c6d65ca60f4dee268475c429f9896b6587",
        "reqSigs": 1,
        "type": "scripthash",
        "addresses": [
          "2NAJW1K8Us8ymnzZvRJY4JPqKQ6VqRcMqd7"
        ]
      }
    },
    {
      "value": 0.00000000,
      "n": 1,
      "scriptPubKey": {
        "asm": "OP_RETURN aa21a9ede2f61c3f71d1defd3fa999dfa36953755c690689799962b48bebd836974e8cf9",
        "hex": "6a24aa21a9ede2f61c3f71d1defd3fa999dfa36953755c690689799962b48bebd836974e8cf9",
        "type": "nulldata"
      }
    }
  ],
  "hex": "020000000001010000000000000000000000000000000000000000000000000000000000000000ffffffff03510101ffffffff0200f2052a0100000017a914bb18c1d4c6d65ca60f4dee268475c429f9896b65870000000000000000266a24aa21a9ede2f61c3f71d1defd3fa999dfa36953755c690689799962b48bebd836974e8cf90120000000000000000000000000000000000000000000000000000000000000000000000000",
  "blockhash": "4fa868b42b4f935ff48ae10893f5dad5cb1a0fb5c1f1dd38b7cbe476aa3c0270",
  "confirmations": 107,
  "time": 1585666082,
  "blocktime": 1585666082
}

[1713946828]

1713946828

[1713946828]

1713946828

[1713946828]

1713946828

[achow101]

It looks like you've run into a bug in Bitcoin Core

Specifically, for historical reasons, Bitcoin Core will sometimes automatically convert P2PKH scripts into P2WPKH outputs when doing segwit stuff. So what happened is that when it checks whether the redeemScript matches the witnessScript, it mistakenly computes the P2WPKH script for your P2PKH witnessScript instead of the P2WSH script that you are expecting. This causes a mismatch and the error.

You could try omitting the redeemScript field from your call to signrawtransactionwithkey but it may fail to sign then.

I've opened a PR to fix this.

[barno]

It looks like you've run into a bug in Bitcoin Core

Specifically, for historical reasons, Bitcoin Core will sometimes automatically convert P2PKH scripts into P2WPKH outputs when doing segwit stuff. So what happened is that when it checks whether the redeemScript matches the witnessScript, it mistakenly computes the P2WPKH script for your P2PKH witnessScript instead of the P2WSH script that you are expecting. This causes a mismatch and the error.

You could try omitting the redeemScript field from your call to signrawtransactionwithkey but it may fail to sign then.

I've opened a PR to fix this.

Thanks for reply.
I tried to omit the redeem script

Code:

$ bitcoin-cli signrawtransactionwithkey $TX_DATA '["'$PK'"]' '[{"txid":"'$TXID'","vout":'$VOUT',"scriptPubKey":"'$SCRIPTPUBKEY'","witnessScript":"'$WITNESSCRIPT'","amount":"'$TOTAL_UTXO_AMOUNT'"}]'
error code: -8
error message:
redeemScript/witnessScript does not match scriptPubKey

But I get the same error

[barno]

I create another script P2SH-P2WSH wrap P2PK and I get the same error.

Code:

$ cat compressed_public_key_1.txt 
03ccf24edaa6fe2fd9f5a9d2103be709f388e31814b2ae1a68de9fd7283ed202b8
$ cat redeem_script_1.txt 
0020c9d55d035e6f48bd09d06a72a221374e6b8ab2e5ca79c3f81aed7560bcbf35b7                                                                                                                   
$ cat scriptPubKey_1.txt 
A9146fbae965219dd0d5e0ec6355221bcdce2670ba1487                                                                                                                                          
$ cat witness_script_1.txt 
2103ccf24edaa6fe2fd9f5a9d2103be709f388e31814b2ae1a68de9fd7283ed202b8AC

Create transaction and sign it

Code:

$ TX_DATA=$(bitcoin-cli createrawtransaction '[{"txid":"'$TXID'","vout":'$VOUT'}]' '[{"'$ADDR_DEST'":'$AMOUNT'}]')

$ bitcoin-cli signrawtransactionwithkey $TX_DATA '["'$PK'"]' '[{"txid":"'$TXID'","vout":'$VOUT',"scriptPubKey":"'$SCRIPTPUBKEY'","redeemScript":"'$REDEEMSCRIPT'","witnessScript":"'$WITNESSCRIPT'","amount":"'$TOTAL_UTXO_AMOUNT'"}]'  | jq -r '.hex'

error code: -8
error message:
redeemScript does not correspond to witnessScript

I don't try with custom script yet

[achow101]

That is also expected due to this bug. The fix for the bug has been merged and will be available with 0.20.0. Once that is released, you should be able to sign your transactions.

[barno]

Yes I saw the PR!
I thought that another example should be interest to understand the bug 

[BTCW]

Yes I saw the PR!
I thought that another example should be interest to understand the bug 

I too have a redeemscript problem that I'm trying to figure out. Did you ever sort yours? Does yours work in 0.20 as expected?

My question is about P2SH and not P2WSH, but I think we have things in common.

Check it out if you have the time, thanks:

https://bitcointalk.org/index.php?topic=5261766