How to retrieve a "dumb script" native P2WPKH? (Nested P2SH-P2WPKH worked fine)

8 replies 156 views
bull2011Member
Posts: 62 · Reputation: 206
#1Jul 9, 2026, 02:13 AM
I've been playing around with these "dumb scripts" like this: Script("OP_DROP", "OP_1") is pretty basic but still valid. It accepts any single value, drops it, and just leaves a True on the stack. In hex, it's simply 0x7151. I tested it on the testnet using Python 3 with hashlib, base58, and bitcoinutils: I sent 1 tBTC to 2NAfhvQFw2GR1A1iN8Eke47HqVuDcsW4Uzw, tx id 85fd05407575d31155824f6cdbaae1b544af78158cc643dd4d8f7c7351ef5bfb. To reclaim it, I made a raw transaction the easy way using Cointoolkit: ...and successfully broadcasted it in Electrum, getting the tBTC back in the same block. The tx id was 4d7eee43f95a1402128aee4577daf0fd287f8c6aab9893f6aad559ab688cc91f. Comments: I used "OP_1, OP_DROP, OP_1" as the sigScript, which, with the length prefixes, comes to 0x0451027551 that was all it took. I guess I could've used any number, but I just went with OP_1 and it worked like a charm. So far, so good. But I wanted to try this out with native Segwit P2WPKH, so I switched formats but kept the same (dumb) script: I sent another 1 tBTC to tb1qhudhq5jad3wa26unkzmt0llg4r0wt4euhpwxg7, tx id 2df1208d368035e6ff923f5a40053792f220b3d87628db62e51a7bcdf0a50a3a. Uh oh. I'm stuck! No sigScript allowed when spending... how do I create a witness program for a dumb script without any known public and private key? Is this even doable? Been staring at a random raw P2WPKH transaction but can't quite figure it out... If you can work this out, there's 1 tBTC waiting for you. Please take it and let me know how the witness part was made. If it's not possible, I'd love to understand why. Thanks a bunch!
5 Reply Quote Share
coin777Senior Member
Posts: 143 · Reputation: 970
#2Jul 9, 2026, 05:31 AM
I wonder, how you got that address. But whatever is there, it can lead you to something unspendable. Also, I wonder, which version of the library was used, and what was the result of each step in-between. Because I got a different address with that code, and I wonder, how you came up with that specific values. Of course. You need a valid public key. Which means, that if some Script was used, and it is not a valid public key, then it is unspendable. Or rather: unlikely to be spent. Because mathematically speaking, it could be spendable, if you could bruteforce the whole address as a vanity address. But it would mean that RIPEMD-160 is no longer safe. Which means, that it is practically unspendable, unless some public key is behind it, and that "list of bytes" was treated as a seed in some different versions of the library. It is very easy. Just feed it with random bytes, that are not the hash of something, and you will have a random, unspendable address. Of course. The address tb1qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq0l98cr is also "unlikely to be spent", as long as RIPEMD-160 is safe. But most importantly, there are two more important questions: 1. Why don't you test things on regtest first? In that case, it is possible to make mistakes, and then never broadcast those blocks. Which means, you can just start Bitcoin Core, run it in regtest mode, and test any scripts on your local computer, to check, if something is spendable or not. 2. Why don't you use Bitcoin Core to calculate proper addresses? It is easy, and it will always give you the right one (unless you force it to generate something unspendable). For example: Edit: Also, I recommend reading about Taproot. Because then, it is possible to create some TapScript, and spend by key, if it turns out to be unspendable by TapScript.
3 Reply Quote Share
gr3g.0rbitHero Member
Posts: 1025 · Reputation: 2646
#3Jul 9, 2026, 08:37 AM
The correct address should be the one provided by vjudeu from Bitcoin Core's decodescript command. To spend it, you'll basically have to do the same as your previous transaction, but for SegWit: Your previous transaction's scriptSig "0x0451027551" is used as Witness. But in P2WPKH spend, the number of stack items must be indicated followed by those stack items with their respective sizes. Transactions: Spent by:   blockstream.info/testnet/tx/1b291f7cf57e827f6e8d1225657264fcee9ad4a8248e769c2788a8196a2bda6b (the example above) Funded by: blockstream.info/testnet/tx/9ed2228e4ff5e8f50f4e81d3033f948932f508c19dc9965fe887c37c3fc652f0
3 Reply Quote Share
bull2011Member
Posts: 62 · Reputation: 206
#4Jul 9, 2026, 10:21 AM
Excellent, many thanks! This really works. Amended the code for public address generation, too (now produces the same results as Bitcoin Core):
2 Reply Quote Share
gwei_altMember
Posts: 7 · Reputation: 120
#5Jul 11, 2026, 03:41 AM
Can you or anyone give me a walkthrough of how to redeem this   ? Just use this one as an example, I know it's already spent. I don't understand the part of merging the script hash with another hash to form a redeem script.
2 Reply Quote Share
gr3g.0rbitHero Member
Posts: 1025 · Reputation: 2646
#6Jul 11, 2026, 05:30 PM
Do you mean in the code he provided for P2SH version? It's just for the generation of P2SH address which is not used to spend the transaction, he did that to conveniently create an output with that script. The Redeem Script is already the "dumb_script=7551". This is literally the instruction to spend it: He used "OP_1" to fulfill the RedeemScript "OP_DROP, OP_1"
1 Reply Quote Share
gwei_altMember
Posts: 7 · Reputation: 120
#7Jul 12, 2026, 09:58 AM
I tried the redeem script on cointoolkit(the link he provided) and it did not work I even tried on Coinbin and still it didn't work. I might be getting something wrong or they stopped supporting non standard scripts.
3 Reply Quote Share
gr3g.0rbitHero Member
Posts: 1025 · Reputation: 2646
#8Jul 12, 2026, 03:08 PM
Oh okay, he didn't explained how he used the tool. Such spend has to be done manually by entering the input's details, the txid, vout, scriptsig (minus the size) which is "51027551" and amount. Then the output and its amount considering the fee, don't forget to change the coin setting to Bitcoin (testnet). You can even reproduce the raw transaction that he shared in the OP by filling up with the same details of his transaction. Inputs; TXID: 85fd05407575d31155824f6cdbaae1b544af78158cc643dd4d8f7c7351ef5bfb | N: 0 | Script: 51027551 | Amount: 1 Outputs; Address: 2N2EJxoRy5hRE74aV4NDiC22dcH3QEqzf5G | Amount: 0.99999 Then submit it. Check the result transaction with his Byte by Byte. Take note that the address "2NAfhvQFw2GR1A1iN8Eke47HqVuDcsW4Uzw" is wrong.
5 Reply Quote Share
gwei_altMember
Posts: 7 · Reputation: 120
#9Jul 12, 2026, 07:43 PM
It worked like a charm, thanks a lot!
0 Reply Quote Share
?Reply
Sign in to reply to this topic

Related topics