I've come across several p2sh addresses that have some balance, but they look like they're built with these strange, short RedeemScripts. How do you actually make transactions from these addresses? Seems like none of the standard tools work for this.
For instance, I attempted to redeem from 3MiHYymaFeSj6B2oMQivWPgqhqHYmUyea3 to send it to bc1q39meky2mn5qjq704zz0nnkl0v7kj4uz6r529at, but I'm lost on how to create such a transaction manually. I tried using the online tools at bitaps.com and nubits.com, but they didn't really help me out.
Honestly, I'm starting to wonder if these addresses can even be redeemed or if they're just some burn addresses and the funds are gone for good.
Transactions from p2sh Addresses
6 replies 64 views
This topic is a very good start both informative and interactive https://learnmeabitcoin.com/technical/script/p2sh/
How did you find these?
You first have to understand what the redeem script is (evaluate it) and then if they were valid and possible to pass, you'd provide the rest of the signature script to complete the evaluation.
example:
When interpreting 0a as a redeem script, we first read the first byte (0x0a == 10) that means a PushData10 operation which means there should be 10 more bytes in front of the 0x0a inside the redeem script but there are none. Meaning the interpreter fails here due to encountering an invalid script and that output becomes unspendable.
Same situation here.
We first interpret the script 0x5200ae which is OP_2 OP_0 OP_CHECKMULTISIG and when this script is executed (push 2 to stack, then push 0 to the stack and then) the OP_CHECKMULTISIG pops first item to interpret as n which is 0 so it needs no public keys and moves on to popping the next value and interpret that as m which is 2 but m must be smaller than or equal to n which is not (2 > 0) so this script is also invalid and rejected.
Meaning these coins are also unspendable.
Well the address in the last quote section has received its first coins in 2015, if it were possible to steal them someone might have done it already
I was experimenting purely from iterator side maths, as in the case of p2sh address the hash of the redeemscript is being matched with the script hash, so i started to check collision instead of the usual Hash( privatekey -> pubkey -> Hash -> ), what if we randomly or sequentially generate a redeemscript which computes to the associated p2sh address. After your explanation it looks like script evaluation will invalidate this collision.
Thank you for your explanation. In simple terms, so it all depends on valid script evaluation and not just on on hash collision.
My question is how were how did their owners construct most of these transactions in the first place.
As far as I know, there are still no good tools for constructing a P2[W]SH script, except for a handful of Python tools here and there, and I can't imagine the situation is any different from 10 years ago. So that means that they could have possibly be made by hand, which begs the question - have they thought to make a practical condition inside the scripts that would allow themselves to spend the funds later?
As you have guessed, i am sure most of these addresses must have been made through programming errors and testing purpose intentionally.
My take from this exercise is that script evaluation is keeping an extra layer of protection.
For example if you somehow collide with an address which was originally multisig maybe 11/19 thinking as super duper strong. But by brutefore and completely bypassing the entire slow EC maths and doing just HASH160 and base58 random bytes you can generate the required redeemscript and construct the Tx without even knowing privatkey. Much higher speed than Address bruteforce.
Although i know it's highly unlikely to get a 20 bytes collision but also even if we get collision, it's not sure whether the script evaluation will allow or discard such script.
BTW for P2[W]SH in my test i use very very simple, only with pubkey.
Assume it's a placeholder for POC purpose.
https://github.com/iceland2k14/btc_words/blob/main/p2sh_brute.py
Related topics
- Bitcoin Core displaying coins (UTXOs) in a new tab 13
- Are you in favor of BIP-110? Let's get a Bitcoin poll going. 0
- Erlay seems to have some issues here’s a better proposal for a bitcoin protocol without invites 3
- New Optional Hourglass Implementation is Live 3
- Ways to earn some sats by contributing to bitcoin core development 5
- Exploring the Potential and Challenges of a Kardashev-Scale Bitcoin Network 3