Hey everyone, I’m planning to keep this thread going by throwing out questions, especially the ones that have me stumped.
Here are a few questions to kick things off:
1. How can we use P2SH multisig wallets, given that Bitcoin is all about decentralization? Shouldn’t we be keeping things anonymous and not sharing control?
2. I’ve heard that SegWit is an upgrade for all standard Bitcoin wallet addresses, from P2PKH to P2SH. Can it also work as a multisig wallet?
3. I read that non-standard transactions can still make it into a block if a miner decides to accept them. Can someone break that down for me?
4. Is there a difference between Bitcoin ScriptPubKey and a Public key? I got a bit mixed up when I saw the term "ScriptPubKey."
5. I found out that hashing a specific public key multiple times will give you the same address. So, why can’t we get the public key back from an address? Is it just that no one has made a program for that yet?
My journey in tech
8 replies 208 views
I only give short answer. But feel free to ask more detailed answer.
Here are few example usage of multi-signature address.
1. Someone try improve their security with 2-of-3 multisig address. He need to sign it using at least 2 different device. So if one of his device got hacked, his Bitcoin isn't lost immediately.
2. Company that require all Bitcoin spending approved by N of M people.
3. 2-of-3 multisig address between seller, buyer and escrow. In case of dispute, escrow (along with either buyer/seller) can move the Bitcoin based on escrow decision.
Besides, Bitcoin isn't anonymous.
P2WSH can be used to create multisig address/wallet.
Transaction usually broadcasted to all other nodes, including node owned by miner/mining pool. But most Bitcoin node doesn't broadcast non-standard transaction, so such transaction usually never reach miner/mining pool node.
Same input always leads to same output when hashed, because hashing is a deterministic/consistent task. There are many reason why you can't retrieve public key from address, for example.
1. Hashing have avalanche effect, where slightly different input leads to very different output.
2. There's no guarantee certain address types (such as P2SH, P2WSH or P2TR) is generated from single public key.
I already did in the previous topic. Some transaction can be non-standard, but miners can accept it anyway, for example: https://mempool.space/tx/0301e0480b374b32851a9462db29dc19fe830a7f7d7a88b81612b9d42099c0ae
As you can see, in this example, the size of the transaction is set to 3.94 MB. And the fee is set to zero. It is non-standard, but miners can accept it, and include such things in their own blocks.
Initially, it was called "pubKey" and "sig". Later, Satoshi added Script to the source code, and then it became "scriptPubKey" and "scriptSig". Since then, it was possible to use the whole scripting language, to do much more things, than just checking a public key, and a signature. Which means, that now you can lock coins on a single key, multiple keys, or even no keys at all.
No, if you hash different things, then you will get different results. For example:
And so on, and so forth. Of course, paying to double, triple, or more hashes, is non-standard, unless you wrap it into P2WSH, or P2TR.
Some tool for calculating hashes: https://learnmeabitcoin.com/technical/cryptography/hash-function/#hash160
Its good to see a newbie actually digging into how things work instead of just skimming the surface. Ill try to keep this as simple and practical as possible
P2SH multisig is mostly used where shared control makes sense such as in company funds, escrow, inheritance or personal security setups. Its not about anonymity but about reducing single-key risk
Absolutely yes. Multisig works with SegWit using P2WSH or P2SH-wrapped SegWit. Same idea as before just that it is more efficient and usually cheaper
Non-standard transactions are still valid but not relayed by most nodes. If a miner receives one directly and it follows consensus rules, it can still be mined
The answer is yes. A public key is just cryptographic data while ScriptPubKey is the locking script that defines the conditions on how the coins can be spent.
Because an address is made by hashing the public key using one-way functions. Youll always get the same address from the same public key but the process cant be reversed. Its like a fingerprint that you can recognize it but you cant reconstruct the person from it.
As an exercise in hashing things, you can try to spend these signet coins: https://mempool.space/signet/tx/2f38119b212f9f15b5769e424e38a5b05a9ea18028fff75698a30112b0b6e250
They are all P2WSH, where single-hashed, double-hashed, and triple-hashed key is used, for the private key, equal to one:
And then, you should clearly see, that by hashing some key multiple times, you will get a different hash each time, because a different data is used to make it.
For P2WSH, spending it is standard, but if it would be a raw Script, then only the first address would be standard, and others would require contacting signet miners.
@ABCbits thanks for the explanation, well i guess multisignature also has its security risk especially for personal uses when 2 of the 3 devices got broken, hacked or stolen(like a burglary) since you certainly would be moving with all three devices.
Thanks for the further explanation on retrieving public key from address.
@stwenhao does that mean the ScriptSig is what people use in making non-standard transactions like locking coins with no keys to spend them? Like the illustration you gave in the other topic?
Secondly, Thanks for the tool, I've been playing with it for a while now, and I discovered that same input(35bytes) hashed several times gave me same output(20bytes) but immediately I changed the last character of the input, the output became totally different from the previous one irrespective of the fact that only 1 character was changed, though the input and output bytes where still 35 and 20 respectively for the hash160. I also tried other hash functions and result where all True(same input=same output)
@Donneski thanks for simplifying all explanation, it all makes sense.
I will add to ABCbits reply to your question that not only most Bitcoin nodes don't broadcast non-standard transactions but they also don't relay them to their peers. So it's basically not possible to get a non-standard transaction to reach miners over the nodes network even if your own modified node would broadcast such a non-standard transaction.
You can have a non-standard transaction mined at slipstream.mara.com, a private hidden mempool service by MARA mining pool, which accepts non-standard transactions at a quite reasonable and affordable transaction fee surplus.
I have no affiliation with Slipstream service or MARA pool, I just happen to know this service.
@Lal_bitcoin
dude come on now with the multisig security risk
if you use 2 of 3 and lose 2 keys at once that's on you
it's called redundancy for a reason
you don't keep all your eggs in the same fragile basket
also you thanked @ABCbits for explaining retrieving public key from address
@ABCbits didn't do that @stwenhao did
pay attention to who's helping you out
about your hashing confusion
you said you "discovered that same input (35bytes) hashed several times gave me same output (20bytes)"
lol of course it does
that's how a hash function works
the exact same input will always produce the exact same output
that's its fundamental property
what @stwenhao showed you earlier was hashing different inputs that had slightly different data
and yes if you change even one character the output hash will be completely different
that's the avalanche effect another fundamental property
you're mixing up hashing the same thing repeatedly with hashing slightly different things
about scriptSig and non-standard tx
no scriptSig isn't what makes non-standard transactions
scriptSig is just the part that provides the signatures and other data to unlock the scriptPubKey
it's like the key you present to a lock
non-standard means the transaction structure or rules break what most nodes accept
it's a network policy thing not usually a scriptSig thing
you can have perfectly valid scriptSigs in a non-standard transaction
locking coins with no keys is just a specific type of scriptPubKey that's unspendable
the scriptSig for that type of output would effectively be empty or irrelevant because there's nothing to unlock
hope that clears up some of your confusion
thanks for the additional explanation.
Sure it's possible to have some sort of inside information without having any contact with the company.
thanks for the tips though but @ABCbits did give explanation on retrieving public key as well you can check his last paragraph.
So in essence ScriptSig can be seen as the signature present in a key to unluck your coins in the ScriptPubKey for spending, and if there are no keys to the ScriptPubKey then ScriptSig can't be of effect. I get it now.
?Reply
Sign in to reply to this topic
Related topics
- Could Innopolis Tech launch a 51% attack on the testnet? 19
- Bitcoin Core displaying coins (UTXOs) in a new tab 13
- Are you in favor of BIP-110? Let's get a Bitcoin poll going. 0
- Erlay seems to have some issues here’s a better proposal for a bitcoin protocol without invites 3
- New Optional Hourglass Implementation is Live 3
- Ways to earn some sats by contributing to bitcoin core development 5