Author

Topic: Is ChatGPT's answer correct? (Question about P2WPKH) (Read 78 times)

jr. member
Activity: 42
Merit: 48
The signature can be further sorted-out to get the R and S values, refer to BIP66: (https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki#der-encoding-reference)

Many thanks for the reference. I am trying to understand this as a whole and also came across this page:

https://learnmeabitcoin.com/technical/script/p2wpkh/

I hope the explanations there are correct.

I think my difficulties in understanding are due to the fact that I have not yet understood the classic P2PKH procedure in detail. So I still need to study it myself.

One question that is bothering me: What exactly is signed with the P2WPKH procedure? I sign on my offline wallet with the private key material. But what is the input for a signature?

Or to put it another way: How does the Core Client check the correctness of the signature? To which data does the core client (or another Bitcoin programme) apply the coresponding pubkey?
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
Thank you for your assessment. Is it possible to decode “txinwitness” even further? So the first value:
Code:
"304402201616c3090b25b40a1972fc1af2100fac806c6671a6c0f2c3d70760dc0bddda3c02203ae0cb30476e5c9ecfe022cedc645fb7e82fcd4dc966935eb5dd9016af0311c501",
If you mean a command to decode it, AFAIK there's none but that's the signature followed by the sighash flag "0x01" so it's basically the actual data that it represents.

The DER-encoded signature:
Code:
304402201616c3090b25b40a1972fc1af2100fac806c6671a6c0f2c3d70760dc0bddda3c02203ae0cb30476e5c9ecfe022cedc645fb7e82fcd4dc966935eb5dd9016af0311c5
And the SigHash type:
Code:
01

The signature can be further sorted-out to get the R and S values, refer to BIP66: (https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki#der-encoding-reference)
jr. member
Activity: 42
Merit: 48
For actual example, here's the mentioned part of a testnet4 transaction's decoded PSBT:

Thank you for your assessment. Is it possible to decode “txinwitness” even further? So the first value:
Code:
"304402201616c3090b25b40a1972fc1af2100fac806c6671a6c0f2c3d70760dc0bddda3c02203ae0cb30476e5c9ecfe022cedc645fb7e82fcd4dc966935eb5dd9016af0311c501",
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
Quote from: ChatGPT
In Bitcoin, when you're working with P2WPKH (Pay-to-Witness-PubKey-Hash) transactions, the signature is embedded into the scriptWitness (for SegWit transactions) rather than in the traditional `scriptSig` field used in legacy transactions. This is key to understanding why you only see a `final_scriptwitness` field instead of an explicit signature in the signed PSBT file. -snip-
That is actually good and direct answer. (probably because "PSBT" is relatively new)
The key concepts can be nitpicked or expanded here and there but the general explanation is on point.

For actual example, here's the mentioned part of a testnet4 transaction's decoded PSBT:
(transaction: 3a59bb3faabe232f62d8a67d60b5930e876ac26186565e7099c0b65b9bcff66a)
Code:
,
                "final_scriptwitness": [
                    "304402201616c3090b25b40a1972fc1af2100fac806c6671a6c0f2c3d70760dc0bddda3c02203ae0cb30476e5c9ecfe022cedc645fb7e82fcd4dc966935eb5dd9016af0311c501",
                    "029c9d450af9db59bdb3646bdd1a5faf9ed10a5d319d9fe0f479a889b51aa46b54"
                ]

Input part of "getrawtransaction 3a59bb3faabe232f62d8a67d60b5930e876ac26186565e7099c0b65b9bcff66a 1" result:
(as you can see, there's no scrptSig, the above is under "txinwitness")
Code:
"vin": [
        {
            "txid": "19271fea772888b5628a21971079c1cdfb4f619a83658f180dd0af5ebb97f740",
            "vout": 1,
            "scriptSig": {
                "asm": "",
                "hex": ""
            },
            "txinwitness": [
                "304402201616c3090b25b40a1972fc1af2100fac806c6671a6c0f2c3d70760dc0bddda3c02203ae0cb30476e5c9ecfe022cedc645fb7e82fcd4dc966935eb5dd9016af0311c501",
                "029c9d450af9db59bdb3646bdd1a5faf9ed10a5d319d9fe0f479a889b51aa46b54"
            ],
            "sequence": 4294967293
        }
    ]
jr. member
Activity: 42
Merit: 48
Question to ChatGPT:
I create an unsigned PSBT file (P2WPKH) in a watch wallet. I then sign the file offline and import the signed file back into my watch wallet. I can then broadcast the corresponding transaction and the transaction is added to the blockchain. However, when I look at the signed PSBT file, I only find “final_scriptwitness” as an additional value, but no explicit signature. What is the reason for this?

Quote from: ChatGPT
In Bitcoin, when you're working with P2WPKH (Pay-to-Witness-PubKey-Hash) transactions, the signature is embedded into the scriptWitness (for SegWit transactions) rather than in the traditional `scriptSig` field used in legacy transactions. This is key to understanding why you only see a `final_scriptwitness` field instead of an explicit signature in the signed PSBT file. Let's walk through this in more detail.

Key Concepts:

1. SegWit (Segregated Witness) Transactions:
  • P2WPKH is a SegWit address type, meaning the signature data is stored in the `witness` field rather than in the `scriptSig` field.
  • The `witness` is part of the SegWit structure that separates the witness (signature data) from the rest of the transaction data. This helps to reduce transaction size and enable lower fees.

2. PSBT Structure:
  • A Partially Signed Bitcoin Transaction (PSBT) is a container format used to allow multiple parties to sign a transaction in different environments (e.g., one party signs offline, another party signs online).
  • The PSBT for a P2WPKH transaction will typically have a `final_scriptwitness`field once it has been signed.
  • The `final_scriptwitness` field in the PSBT contains the actual witness stack, which includes the signature, the public key, and any other necessary data for the SegWit script execution.
   
   Specifically, for a P2WPKH transaction, the `final_scriptwitness` will contain:
  • Element 0: The signature (which is what you might expect to see directly).
  • Element 1: The public key (needed to verify the signature).
   
 However, the signed PSBT you’re inspecting does not directly show the signature in the traditional format, because SegWit transactions store this signature in the `witness` field, which is represented as the `final_scriptwitness` in the PSBT.

3. The Reason You Don’t See the Signature in the PSBT File:
  • When you sign the PSBT offline, the client (whether it's Bitcoin Core or another wallet) will create a SegWit-compatible witness stack that includes the signature and public key for the relevant input(s).
  • For P2WPKH, the final_scriptwitness will contain a witness stack (usually two elements): 1. The signature. 2. The public key.

The witness stack itself doesn't explicitly look like a signature in a traditional format. Instead, it looks like a data structure that Bitcoin Core (or other wallets) interpret as the witness for SegWit transactions. The signature is implicitly part of that stack.

So, when you look at the signed PSBT, you're seeing the signed witness data (which includes the signature) instead of a traditional, standalone signature field.
Jump to: