So, let’s talk about Bip16 P2WSH and Bip141 P2SH. These are both types of Pay to Witness Script Hash (P2WSH) and Pay to Script Hash (P2SH) which include the Pay to Multisig (P2MS) locking script.
Basically, both P2WSH and P2SH are multisig scripts that use the hash from a multi-sig redeem script. They can also use the hash of other types of redeem scripts, since they both include the P2MS locking script.
Quick rundown on multisig wallets:
For the addresses, P2SH was the go-to before Segwit came along, which introduced P2WSH. The main goal of P2WSH was to have a more standard alternative to P2SH.
You can spot a P2SH address since it starts with a "3" and usually has 34 characters. For testnet, it kicks off with "2".
On the flip side, P2WSH addresses start with "bc1q", like P2WPKH. Both belong to Segwit version 0, but P2WSH is longer, having 62 characters. For testnet, it starts with "tb1q".
Now, regarding unlocking scripts, these are what you use to unlock the output of transactions. The unlocking script for P2SH is found in the Script Sig, which contains both the unlocking code and the redeem script. For P2WSH, the witness field holds the unlocking script (the witness script), which must be hashed using SHA-256 to derive the script hash.
I’ve picked up this info while hanging around here, so corrections or extra info are totally welcome.
Oh, and let's not forget about P2TR.
Understanding P2WSH and P2SH
11 replies 174 views
Why not talk about the other address formats as well?
Bech32
Native Segwit, starts with bc1, lower fees than compatible segiwt (3)
Taproot
Bech32m format , stars with bc1p
Full list here
https://en.bitcoin.it/wiki/List_of_address_prefixes
They aren't "multisig type", both of these script hashes can use hash of a multi-sig redeem script as well as hash of any other redeem script type.
Being standard is not a spectrum, a script is either standard or not.
P2WSH is not exactly a replacement either even though it may look like one. It is the SegWit way of using script hash in locking scripts.
The old multisig that was used by so-called P2SH and P2MS addresses had some serious limitations in the number of co-signers you could have. I think it was a maximum of three or something. But for segwit addresses (P2WSH in other words), the limit has increased significantly to about a thousand co-signers or close to that. That is why everybody is using P2WSH when they want to use Multisig, as the old address format was way too restrictive about this.
Here's an addition from me. P2TR or Taproot exist today which allow lower transaction size and slightly better privacy, so there's no strong reason to keep using P2SH and P2WSH unless you can't find software which use P2TR (with specific spending condition you impose) or you perform transaction with someone else who use software which doesn't support P2TR.
paul.stakeHero Member
Posts: 651 · Reputation: 3798
#6Apr 25, 2020, 05:16 AM
Soon to be updated with silent payment addresses.
Maybe some nodes treat it as standard, maybe some don't!
Correct, 3. The serious limitation was that P2MS didn't have an address type, it was plain script. This practically means no reputable wallet software can send to P2MS. You need to manually construct it. Recipe for disaster.
Only talked about those because they "can receive hash of a multisig reedem script" just as I've been correct maybe I can create another thread talking about it if I learn more about them
Thank you for this
Noted sir.. and corrected
Thank you for this....
Okays noted and added ...
However, I have a question although I haven't read much about P2TR but can it have co-signers just like a multisig or maybe I'm just getting it all wrong
I believe 3 is standard limitation otherwise you can use up to 20 for n in P2MS and only 15 in P2SH (assuming compressed pubkeys)
For witness version 0 the n value is still limited to 20 max
https://github.com/bitcoin/bitcoin/blob/bd5d1688b4311e21c0e0ff89a3ae02ef7d0543b8/src/script/interpreter.cpp#L1116
Yes, it's possible. What can be done with P2SH and P2WSH is also possible with P2TR.
In this case does it means it use the P2MS locking Script too because I'm so surprised it could be used in a multisig wallet
The locking script is different. If you try to create P2TR multi-sig address with help of Miniscript and descriptor, you need to use multi_a(k,key1,...,keyN) rather than multi(k,key1,...,keyN).
Still going through this,still trying to find my way around the abstractions
?Reply
Sign in to reply to this topic
Related topics
- Understanding the Difference Between Traditional and Simplified Chinese Mnemonic Words 6
- Understanding square and cube roots in secp224k1 6
- Bitcoin Core displaying coins (UTXOs) in a new tab 13
- Are you in favor of BIP-110? Let's get a Bitcoin poll going. 0
- Erlay seems to have some issues here’s a better proposal for a bitcoin protocol without invites 3
- New Optional Hourglass Implementation is Live 3