Bitcoin Forum
March 28, 2024, 07:12:33 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Having issues with a non-standard P2SH address...  (Read 221 times)
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 29, 2020, 01:06:35 AM
Merited by AB de Royse777 (5), ABCbits (1)
 #1

Hi,

I wanted to create a paper wallet using bitcoin-bash-tools and a P2SH address, but after spending quite a bit of time trying to see a test transaction with Electrum and reading on the Bitcoin Wiki, I came to the conclusion that what is referred to as a "P2SH [PKH]" address in bitcoin-bash-tools might not be a standard P2SH address. I am trying to figure out what to do to use it. Can you please help me?

So let's say I generate random keys with the latest version of bitcoin-bash-tools. Here is an output example:

Code:
newBitcoinKey
---
secret exponent:          0xC0B5F12086C2B36BAD4C6A759D69969FB1FD90E358CA51DDE704BF2DE05680B6
public key:
    X:                    D144A172E24F499F9C59BDEED23FE625E814BBE815B1170A4EAFED7CBC970EAC
    Y:                    05B094AAD6E5AC0BA8CDDA59A5FA0E0662372C854679B50F89BC0180F26436C3

compressed addresses:
    WIF:                  L3gKEzRWXnVtZKkMA6ncKoJqo53EwReMdB5o5ceUtVfg9HApkWGB
    Bitcoin (P2PKH):      1CYRRtWCuocUmXquwDEHfvhM1V2jQ92dL6
    Bitcoin (P2SH [PKH]): 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq
    Bitcoin (P2WPKH):     33XT3ryB3EtMAVoG4W7zg7MAiSNtsSPaYD
    Bitcoin (1-of-1):     3NMFMq1dzchuX9wJf7wLc9aKP48KJedJXT
 ---- other networks ----
    Qtum:                 QY9QYBnv6GVJCfvwMYYmoCUyWjySc6ZbRH

uncompressed addresses:
    WIF:                  5KHA7o66nVS89gbHoU94vegPPDhPByLLdHnVZmKuzS5EQBbbBBe
    Bitcoin (P2PKH):      1PxyavTxmjmVorygy5H7DjhdJUyhLs5GV9
    Bitcoin (P2SH [PKH]): 3GaxAXYYBHQzGyEasAoxxgw6xqGiqxrJdZ
    Bitcoin (1-of-1):     38RRStSx3R5V1aQxh3MaxN6xUpS8cAbFgF
 ---- other networks ----
    Ethereum:             0xFE73b836722bDe5fCFf4596406437C5eaaae902a
    Tron:                 TZAdG7zVWJdGckVkHEy8qBJXQdFDzbF5Z4

I used a compressed "P2SH [PKH]" address for a test transaction. The transaction went through, and I can look it up using the address. If I had used the above keys, this address would have been 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq.

Now, if I import the above private key in Electrum by using p2wpkh-p2sh:L3gKEzRWXnVtZKkMA6ncKoJqo53EwReMdB5o5ceUtVfg9HApkWGB, it tries using 33XT3ryB3EtMAVoG4W7zg7MAiSNtsSPaYD as the receiving address, and not 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq as I was expecting. So based on this result, it looks like bitcoin-bash-tools refers to a standard P2SH address as a compressed "P2WPKH" address instead of a compressed "P2SH [PKH]" address. In bitcoin-bash-tools's code, I see:
Code:
...
            full_p2pkh_addr="$(hexToAddress "$(pack "$full_pubkey" | hash160)")"
            comp_p2pkh_addr="$(hexToAddress "$(pack "$comp_pubkey" | hash160)")"
            full_p2sh_addr="$(hexToAddress "$(pack "41${full_pubkey}AC" | hash160)" 05)"
            comp_p2sh_addr="$(hexToAddress "$(pack "21${comp_pubkey}AC" | hash160)" 05)"
            # Note: Witness uses only compressed public key
            comp_p2wpkh_addr="$(hexToAddress "$(pack "0014$(pack "$comp_pubkey" | hash160)" | hash160)" 05)"
...
            echo "compressed addresses:"
            echo "    WIF:                  $comp_wif"
            echo "    Bitcoin (P2PKH):      $comp_p2pkh_addr"
            echo "    Bitcoin (P2SH [PKH]): $comp_p2sh_addr"
            echo "    Bitcoin (P2WPKH):     $comp_p2wpkh_addr"
            echo "    Bitcoin (1-of-1):     $comp_multisig_1_of_1_addr"
            echo " ---- other networks ----"
            echo "    Qtum:                 $qtum_addr"
            echo
            echo "uncompressed addresses:"
            echo "    WIF:                  $full_wif"
            echo "    Bitcoin (P2PKH):      $full_p2pkh_addr"
            echo "    Bitcoin (P2SH [PKH]): $full_p2sh_addr"
            echo "    Bitcoin (1-of-1):     $full_multisig_1_of_1_addr"
...


I would like to understand what I should do to use a "BP2SH [PKH]" address as shown above? Also while trying to learn more about transactions and how P2SH works, I could not quite find a fully detailed step by step example that shows the execution of a transaction, including how the signature is generated and how the private key is used?

Thank you!
1711653153
Hero Member
*
Offline Offline

Posts: 1711653153

View Profile Personal Message (Offline)

Ignore
1711653153
Reply with quote  #2

1711653153
Report to moderator
1711653153
Hero Member
*
Offline Offline

Posts: 1711653153

View Profile Personal Message (Offline)

Ignore
1711653153
Reply with quote  #2

1711653153
Report to moderator
1711653153
Hero Member
*
Offline Offline

Posts: 1711653153

View Profile Personal Message (Offline)

Ignore
1711653153
Reply with quote  #2

1711653153
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711653153
Hero Member
*
Offline Offline

Posts: 1711653153

View Profile Personal Message (Offline)

Ignore
1711653153
Reply with quote  #2

1711653153
Report to moderator
nc50lc
Legendary
*
Offline Offline

Activity: 2366
Merit: 5429


Self-proclaimed Genius


View Profile
November 29, 2020, 05:07:50 AM
Last edit: November 29, 2020, 11:57:30 AM by nc50lc
 #2

I'm not using bitcoin-bash-tools but I can tell that the address 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq is "P2SH-P2PK" which can only be spent
by providing its Redeem Script: 2103d144a172e24f499f9c59bdeed23fe625e814bbe815b1170a4eafed7cbc970eacac [PubKeySize PubKey OP_CHECKSIG]
(of course, along with the signature)

The only wallet that I know that uses such address is Armory but it'll only take uncompressed PrvKey and derive the P2PKH address for import.
So I think the only way to spend from it is to use Bitcoin core's RPC command createrawtransaction & signrawtransactionwithkey.
But there may be more options.

Now, if I import the above private key in Electrum by using p2wpkh-p2sh:L3gKEzRWXnVtZKkMA6ncKoJqo53EwReMdB5o5ceUtVfg9HApkWGB, it tries using 33XT3ryB3EtMAVoG4W7zg7MAiSNtsSPaYD as the receiving address, and not 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq as I was expecting.
It's expected since the prefix used is p2wpkh-p2sh which isn't p2sh-p2pk, they are totally different.
Sadly Electrum doesn't support that address type.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
November 29, 2020, 07:14:56 AM
 #3

Also while trying to learn more about transactions and how P2SH works, I could not quite find a fully detailed step by step example that shows the execution of a transaction, including how the signature is generated and how the private key is used?
If you are familiar with bitcoin scripts then P2SH scripts shouldn't be that hard to understand since there is only 3 additional things to know. So if you aren't already, take a look at how scripts work[1][2]. The 3 are:
1. The signature script has to be push only
2. The last push is duplicated and evaluated as a script called the redeem script (so there should be at least 1 push in a P2SH signature script). With introduction of SegWit, this evaluation could lead to needing additional steps for SegWit redeem scripts.
3. For CheckSig OPs the redeem script is used during signing instead of the pubkey script.

[1] https://en.bitcoin.it/wiki/Script
[2] https://bitcoin.stackexchange.com/questions/32628/redeeming-a-raw-transaction-step-by-step-example-required

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 29, 2020, 09:23:32 PM
Last edit: November 29, 2020, 10:03:34 PM by kreyszig
 #4

I'm not using bitcoin-bash-tools but I can tell that the address 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq is "P2SH-P2PK" which can only be spent
by providing its Redeem Script: 2103d144a172e24f499f9c59bdeed23fe625e814bbe815b1170a4eafed7cbc970eacac [PubKeySize PubKey OP_CHECKSIG]
(of course, along with the signature)

Thank you. How did you find that it is P2SH-P2PK, is it from the address itself, or from the information I provided about bitcoin-bash-tools? If it is the former, can you tell me how you found out?

So I think the only way to spend from it is to use Bitcoin core's RPC command createrawtransaction & signrawtransactionwithkey.
But there may be more options.

Is there a method to do this without downloading the whole chain, I have a 1 Mbps Internet connection  Sad I assume there must be a tool to create and sign the raw transaction locally without the need for downloading the whole chain, and then to use a tool connected to the network to send the signed transaction?

Thank you!
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 29, 2020, 09:30:53 PM
Last edit: November 29, 2020, 09:47:28 PM by kreyszig
 #5

Also while trying to learn more about transactions and how P2SH works, I could not quite find a fully detailed step by step example that shows the execution of a transaction, including how the signature is generated and how the private key is used?
If you are familiar with bitcoin scripts then P2SH scripts shouldn't be that hard to understand since there is only 3 additional things to know. So if you aren't already, take a look at how scripts work[1][2]. The 3 are:
1. The signature script has to be push only
2. The last push is duplicated and evaluated as a script called the redeem script (so there should be at least 1 push in a P2SH signature script). With introduction of SegWit, this evaluation could lead to needing additional steps for SegWit redeem scripts.
3. For CheckSig OPs the redeem script is used during signing instead of the pubkey script.

[1] https://en.bitcoin.it/wiki/Script
[2] https://bitcoin.stackexchange.com/questions/32628/redeeming-a-raw-transaction-step-by-step-example-required

Thanks for the links. No, I am not quite familiar with bitcoin scripts yet, in fact it was my first transaction ever, I did not have a low level understanding of transactions and it looks like I went over my skis and should have started with P2PKH. I understand P2PKH quite well now, having read and reproduced most of the transaction detailed on this page: https://medium.com/coinmonks/bitcoin-p2pkh-transaction-breakdown-bb663034d6df. I will continue reading on P2SH.
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 30, 2020, 02:54:39 AM
 #6

When i did the test transfer to the P2SH-P2PK address, I don't understand how the script hash in scriptPubKey was generated, given that I only provided the value to be transferred, the P2SH-P2PK address and nothing else (I did not provide the public key) to create the transaction?
nc50lc
Legendary
*
Offline Offline

Activity: 2366
Merit: 5429


Self-proclaimed Genius


View Profile
November 30, 2020, 03:50:33 AM
Merited by ABCbits (2), kreyszig (2)
 #7

I'm not using bitcoin-bash-tools but I can tell that the address 3KbhF81wMizzyjJUKLMCBbscSj9puQyBbq is "P2SH-P2PK" -snip-
Thank you. How did you find that it is P2SH-P2PK, is it from the address itself, or from the information I provided about bitcoin-bash-tools? If it is the former, can you tell me how you found out?
First based from your info.
Then, I suspected that it's that type of address and constracted the p2sh-p2pk redeem script based from the compressed public key.
And it did derived the same address that concluded my initial guess.

Quote from: kreyszig
So I think the only way to spend from it is to use Bitcoin core's RPC command createrawtransaction & signrawtransactionwithkey.
But there may be more options.
Is there a method to do this without downloading the whole chain, I have a 1 Mbps Internet connection  Sad I assume there must be a tool to create and sign the raw transaction locally without the need for downloading the whole chain, and then to use a tool connected to the network to send the signed transaction?
You can use those commands with an offline Bitcoin core, just disconnect the internet and Core wont sync.
You just need to fetch the required info to create the transaction from other sources.
When the "RAW Transaction" is ready, you can broadcast it using any "push/broadcast txn service" online.

When i did the test transfer to the P2SH-P2PK address, I don't understand how the script hash in scriptPubKey was generated, given that I only provided the value to be transferred, the P2SH-P2PK address and nothing else (I did not provide the public key) to create the transaction?
You can use the command getaddressinfo to get your address' scriptPubKey.
The example address in OP: scriptPubKey": "a914c470975e1d7b8311e554626cb7fab6076a50bd2287"
consist of:
  • a9 = OP_HASH160
  • 14 = Script Hash's size
  • c470975e1d7b8311e554626cb7fab6076a50bd22 =  RIPEMD160[SHA256(Redeem Script)]
  • 87 = OP_EQUAL

Here's an example usage of those command for P2SH scripts: /index.php?topic=5251740.msg54527358#msg54527358
As you can see, P2SH requires some extra args compared to other scripts when signing.

That's for P2SH-Multisig so in your case, you'll only need to sign once.

The Big Question is:
Is there a reason why you don't want to use others for your paper wallet?

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 30, 2020, 05:04:47 AM
 #8

Quote from: kreyszig
So I think the only way to spend from it is to use Bitcoin core's RPC command createrawtransaction & signrawtransactionwithkey.
But there may be more options.
Is there a method to do this without downloading the whole chain, I have a 1 Mbps Internet connection  Sad I assume there must be a tool to create and sign the raw transaction locally without the need for downloading the whole chain, and then to use a tool connected to the network to send the signed transaction?
You can use those commands with an offline Bitcoin core, just disconnect the internet and Core wont sync.
You just need to fetch the required info to create the transaction from other sources.
When the "RAW Transaction" is ready, you can broadcast it using any "push/broadcast txn service" online.

Thanks. I will give this a try then

Quote from: nc50lc
When i did the test transfer to the P2SH-P2PK address, I don't understand how the script hash in scriptPubKey was generated, given that I only provided the value to be transferred, the P2SH-P2PK address and nothing else (I did not provide the public key) to create the transaction?
You can use the command getaddressinfo to get your address' scriptPubKey.
The example address in OP: scriptPubKey": "a914c470975e1d7b8311e554626cb7fab6076a50bd2287"
consist of:
  • a9 = OP_HASH160
  • 14 = Script Hash's size
  • c470975e1d7b8311e554626cb7fab6076a50bd22 =  RIPEMD160[SHA256(Redeem Script)]
  • 87 = OP_EQUAL

Here's an example usage of those command for P2SH scripts: /index.php?topic=5251740.msg54527358#msg54527358
As you can see, P2SH requires some extra args compared to other scripts when signing.

That's for P2SH-Multisig so in your case, you'll only need to sign once.

Ok, I think I get it, I had overlooked how the address is generated. So in bitcoin-bash-tools, it uses
Code:
comp_p2sh_addr="$(hexToAddress "$(pack "21${comp_pubkey}AC" | hash160)" 05)"

The address is basically the encoding in base 58 of "05"[Hashed script]Checksum("05"[Hashed script]), which is a reversible operation, so the address can be decoded back to HEX, providing the hashed script, which is the variable part of the scriptPubKey for P2SH. Based on the above code, it looks like the redeem script is 21${comp_pubkey}AC, so it is <03D144A172E24F499F9C59BDEED23FE625E814BBE815B1170A4EAFED7CBC970EAC> OP_CHECKSIG?

Quote from: nc50lc
The Big Question is:
Is there a reason why you don't want to use others for your paper wallet?

Sorry, "others"?
NotATether
Legendary
*
Offline Offline

Activity: 1554
Merit: 6533


bitcoincleanup.com / bitmixlist.org


View Profile WWW
November 30, 2020, 06:20:39 AM
Last edit: November 30, 2020, 05:44:46 PM by NotATether
 #9

Quote from: nc50lc
The Big Question is:
Is there a reason why you don't want to use others for your paper wallet?

Sorry, "others"?

You can also generate paper wallets that use P2PKH multisig, it is less complicated to spend from because instead of constructing a redeem script and getting its script hash you just need to put the public key hash in the scriptPubKey.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
November 30, 2020, 06:30:23 AM
 #10

You can also generate paper wallets that use P2PKH multisig, it is less complicated to spend from because instead of constructing a redeem script and getting its script hash you just need to put the public key hash in the scriptPubKey.
That won't be "multisig" since there is only one signature and one public key, it is called "P2SH" and the script that is being hashed can be anything.
I still don't get why OP wants to use a P2SH script as their paper wallet though, the transaction size is increased while not really gaining any benefits by using a script hash instead of the regular P2PKH or P2WPKH script/address types.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
nc50lc
Legendary
*
Offline Offline

Activity: 2366
Merit: 5429


Self-proclaimed Genius


View Profile
November 30, 2020, 07:58:31 AM
 #11

Quote from: nc50lc
-snip-
Ok, I think I get it, I had overlooked how the address is generated. So in bitcoin-bash-tools, it uses
Code:
comp_p2sh_addr="$(hexToAddress "$(pack "21${comp_pubkey}AC" | hash160)" 05)"

The address is basically the encoding in base 58 of "05"[Hashed script]Checksum("05"[Hashed script]), which is a reversible operation, so the address can be decoded back to HEX, providing the hashed script, which is the variable part of the scriptPubKey for P2SH. Based on the above code, it looks like the redeem script is 21${comp_pubkey}AC, so it is <03D144A172E24F499F9C59BDEED23FE625E814BBE815B1170A4EAFED7CBC970EAC> OP_CHECKSIG?
Yes, I've already mentioned the example's redeem script in my first reply.
So it's:
  • 21 = Size of the public key (Compressed)
  • 03D144A172E24F499F9C59BDEED23FE625E814BBE815B1170A4EAFED7CBC970EAC = Compressed public key
  • AC = (another 0xAC aside from the public key's last byte which happens to be 'ac') = OP_CHECKSIG

Quote from: kreyszig
Quote from: nc50lc
The Big Question is:
Is there a reason why you don't want to use others for your paper wallet?
Sorry, "others"?
As NotATether said (minus the correction above), you can use Legacy ('1' address);
or native SegWit (bc1 address) that can easily be spent by importing the prvKey to a known wallet.
If safety is your concern, you can import it to an offline machine and spend using an online "watch-only" wallet.

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 30, 2020, 01:41:29 PM
 #12

You can also generate paper wallets that use P2PKH multisig, it is less complicated to spend from because instead of constructing a redeem script and getting its script hash you just need to put the public key hash in the scriptPubKey.
That won't be "multisig" since there is only one signature and one public key, it is called "P2SH" and the script that is being hashed can be anything.
I still don't get why OP wants to use a P2SH script as their paper wallet though, the transaction size is increased while not really gaining any benefits by using a script hash instead of the regular P2PKH or P2WPKH script/address types.

Don't think too hard, before I start reading more on the topic, I thought that the use of P2SH was at least as efficient as P2PKH. My understanding now is that P2SH can lead to a smaller transaction size when sending bitcoins using multisig for redeeming them, because it uses a hashing of multisig script in scriptPubKey. However, when redeeming, the multisig script has to be provided, so the total size of the two transactions is not necessarily smaller. It makes it less expensive to send the bitcoins though, and it "pushes" the fees to the redeemer. Is this correct?
ranochigo
Legendary
*
Offline Offline

Activity: 2940
Merit: 4127



View Profile
November 30, 2020, 03:18:52 PM
Merited by pooya87 (1), ABCbits (1)
 #13

Don't think too hard, before I start reading more on the topic, I thought that the use of P2SH was at least as efficient as P2PKH. My understanding now is that P2SH can lead to a smaller transaction size when sending bitcoins using multisig for redeeming them, because it uses a hashing of multisig script in scriptPubKey. However, when redeeming, the multisig script has to be provided, so the total size of the two transactions is not necessarily smaller. It makes it less expensive to send the bitcoins though, and it "pushes" the fees to the redeemer. Is this correct?
P2SH can be below 100 bytes for a 1 input 1 output transaction but that is not practical (nor realistic) at all [1]. The transaction cannot be smaller. It has to contain the public key + signature + redeem script which is more than what you'll need for a normal P2PKH transaction. If you're talking about sending to a P2SH address, your output specifies the hash160 of the address, which is the same size for both P2PKH and P2SH. P2SH does not necessarily have to be a multisig, what you've done is essentially wrapping a P2PKH in a P2SH which is not efficient.

I don't understand what you mean by the redeemer. The fees are the difference between the value of the output and the inputs so it is paid by whoever is sending the funds.


[1] https://blockchair.com/bitcoin/address/3MaB7QVq3k4pQx3BhsvEADgzQonLSBwMdj

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
November 30, 2020, 03:46:42 PM
Merited by ranochigo (1)
 #14

I don't understand what you mean by the redeemer. The fees are the difference between the value of the output and the inputs so it is paid by whoever is sending the funds.


[1] https://blockchair.com/bitcoin/address/3MaB7QVq3k4pQx3BhsvEADgzQonLSBwMdj

What I meant is that at some point these Bitcoins are likely to be sent somewhere else, and if they have been initially sent using a P2SH address, the next time they are transferred, the scriptSig will need to contain the whole script and not simply a hash of it. In my case I was trying to use a paper wallet using a P2SH address. So if I want to transfer funds from this paper wallet, I would need to provide the script in scriptSig, which would generate higher fees.
pooya87
Legendary
*
Offline Offline

Activity: 3402
Merit: 10433



View Profile
December 01, 2020, 04:51:33 AM
Merited by ranochigo (1), ABCbits (1)
 #15

If you're talking about sending to a P2SH address, your output specifies the hash160 of the address, which is the same size for both P2PKH and P2SH.
The hashes are the same size (160 bits) but the scripts are slightly different, although it is so small that it doesn't really matter.
P2PKH: OP_DUP OP_HASH160 <hash> OP_EQUALVERIFY OP_CHECKSIG -> 25 bytes
P2SH:  OP_HASH160 <hash> OP_EQUAL                          -> 23 bytes

..JAMBLER.io..Create Your Bitcoin Mixing
Business Now for   F R E E 
▄█████████████████████████████
█████████████████████████
████▀████████████████████
███▀█████▄█▀███▀▀▀██████
██▀█████▄█▄██████████████
██▄▄████▀▄▄▄▀▀▀▀▀▄▄██████
█████▄▄▄██████████▀▄████
█████▀▄█▄██████▀█▄█████
███████▀▄█▀█▄██▀█▄███████
█████████▄█▀▄█▀▄█████████
█████████████████████████
█████████████████████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
      OUR      
PARTNERS

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
▄█████████████████████████████
████████▀▀█████▀▀████████
█████▀█████████████▀█████
████████████████████████
███████████████▄█████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████▀█████████
████████████████████████
█████▄█████████████▄█████
████████▄▄█████▄▄████████
▀█████████████████████████████
█████████████████████████████████████████████████
.
   INVEST   
BITCOIN

.
█████████████████████████████████████████████████
████▄
██
██
██
██
██
██
██
██
██
██
██
████▀
kreyszig (OP)
Newbie
*
Offline Offline

Activity: 8
Merit: 7


View Profile
December 04, 2020, 03:14:57 PM
 #16

Thanks to the help provided in this thread, I was able to create, sign and broadcast a new raw transaction. I used bitcoin-bash-tools in combination with bitcoin-cli on an offline computer to do this. It worked, but I found that the JSON interface of bitcoin-cli is not the best to deal with, because of the copy/paste operations involved between the multiple commands (I could write code to automate the process, but it is still clonky and it seems unnecessary to run Bitcoin Core on an offline machine just to create and sign transactions). I looked at the different Python libraries available and I was trying to find one that works well with bech32 addresses. I came across bitcoinlib, after finding out that bit does not support wallets with bech32 addresses. At first sight bitcoinlib seems fine. Anyone has experience using it?

Are you aware of any tool to generate offline transactions with bech32 addresses that has a better interface than bitcoin-cli? I guess my workflow would be to start from the hex data and private keys for the existing transactions I want to use as inputs, create bech32 addresses for new transactions using new private keys, calculate txid, sigscript, etc, from the existing transactions' hex data, create the new transaction, sign it and decode it for verification purpose before broadcasting it on another machine.

Thanks!
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!