It is very easy to create valid, custom scriptSig/scriptPubkey-combinations, calculate a P2SH address, send coins to it, and semi-manually spend from it. One example:
scriptSig #Push 8 byte secret hexadecimal string "0123456789abcdef"
8 0x0123456789abcdef
Result (written as part of a raw transaction): 080123456789abcdef
scriptPubkey#SHA-256 of the input, push SHA-256 hash of string in scriptSig, verify that the are equal, which will return "TRUE", i.e. a valid script
OP_SHA256
32 0x55c53f5d490297900cefa825d0c8e8e9532ee8a118abe7d8570762cd38be9818
OP_EQUAL
Result (written as part of a raw transaction): a82055c53f5d490297900cefa825d0c8e8e9532ee8a118abe7d8570762cd38be981887
The redeem script is simply combining the two, i.e. (here padded with a lenght byte "2c" in front to make it valid):
2c080123456789abcdefa82055c53f5d490297900cefa825d0c8e8e9532ee8a118abe7d8570762cd38be981887
Calculating the P2SH address can easily be done in Python like so:
>>> import hashlib, base58, binascii
>>> base58.b58encode_check(binascii.unhexlify('05'+ hashlib.new('ripemd160', hashlib.sha256(binascii.unhexlify(b'a82055c53f5d490297900cefa825d0c8e8e9532ee8a118abe7d8570762cd38be981887')).digest()).hexdigest())).decode()
'33CGouuJW2G66mDaQ13pMBDuztW9eLKiKw'
So, we have a public P2SH address
33CGouuJW2G66mDaQ13pMBDuztW9eLKiKw, and all you need to spend from it is the redeem script.
You can use this online service to spend from it:
https://bitcoin-script-debugger.visvirial.com/This works almost OK in my experience (specifically this tends to insert an annoying OP_PUSHDATA1 that you may have to delete [and fix length size byte], before you can push the unsigned transaction via a web service directly or in your wallet); broadcast('xxx') in Electrum works like a charm for me in these cases.
In other words, I can get all of the above to work well, but it is semi-manual work.
And yes, this example
should not be used IRL, since the first time you spend from it, the scriptSig will be exposed on the blockchain; an since there are no real signatures involved, anyone can spend from the address using the same scriptSig again and again.
My question:
Is there any wallet software (not a web service!) that can take a scriptSig and a scriptPubkey (or just "import redeem script"), calculate and treat your custom P2SH address as a "normal" address and give you "normal" control over it? Without involving private keys, for which there are none in examples like this.As already mentioned, I can already do all of it manually, but... software wallets, hello?