Bitcoin
Non-standard witnesses when constructing transactions
I’m trying to use P2WSH 2of2 multi-signature input in Python for learning purposes. When checking assembled TX with testmempoolaccept, I get the message “bad-witness-nonstandard”.
This is my role in gathering witnesses:
def get_p2wsh_witness(privs: List(bytes), msg: bytes) -> bytes:
sigs = (sign(priv, msg) for priv in privs)
witness = bytes.fromhex("04")
witness += bytes.fromhex("00")
for sig in sigs:
witness += len(sig).to_bytes(1, "little") + sig
musig_script = b""
op2 = bytes.fromhex("52")
op_checkmultisig = bytes.fromhex("ae")
musig_script += op2
for key in privs:
key = get_pub_from_priv(key)
musig_script += bytes.fromhex("21") # 33 bytes
musig_script += key
musig_script += op2
musig_script += op_checkmultisig
musig_script = len(musig_script).to_bytes(1, "little") + musig_script
witness += musig_script
return witness
This is how I constructed the promise hash.
def get_commitment_hash(outpoint: bytes, scriptcode: bytes, value: int, outputs: List(bytes)) -> bytes:
def dsha256(data: bytes) -> bytes:
return hashlib.new("sha256", hashlib.new("sha256", data).digest()).digest()
result = b""
result += (2).to_bytes(4, "little")
result += dsha256(outpoint) # hashPrevouts
result += dsha256(bytes.fromhex("ffffffff"))
result += outpoint
# Passed scriptcode (hex): 522103abd618be2d6e412bb31457bf416cf05138592da9ab4c9647a79577492710eacb2103bc2e2480bd8f5a66d45ceb333db45a980283a3c55df3c23eed22f30aa99e82e852ae
if len(scriptcode) > 30:
result += len(scriptcode).to_bytes(1, "little") + scriptcode
else:
result += scriptcode
result += value.to_bytes(8, "little")
result += bytes.fromhex("ffffffff")
result += dsha256(b"".join(outputs))
result += bytes.fromhex("00000000")
result += bytes.fromhex("01000000")
return dsha256(result)
The original transaction for UTXO is as follows:
02000000000101f823195349b831db24d266223c16030ce52062e984c113df966be11a3cef881d7e00000000ffffffff0240420f000000000047522103abd618be2d6e412bb31457bf416cf05138592da9ab4c9647a79577492710eacb2103bc2e2480bd8f5a66d45ceb333db45a980283a3c55df3c23eed22f30aa99e82e852aec26e7b000000000016001437528e3adfd4f8c5322164689306f9a3c24571aa02483045022100d0a4effc5f870a8845a33c584d9239b97b8a28a85e95c43e5e7dd2bc31876fe202201c6996b0b3ee4981fcfd620ca3199f20b3630ae846b2cfd28a82004d85acdcc50121023e7362dad760249706fc4526d8781a70571b125a2ff51b817ba5b8fa5706ec1400000000
0400483045022100ec7dfded7d97f8d990d8470b0855a705c118dff718aed9f5a6c5faa24c33a03402207919d822f44bb3a36ffb0771e2e4dc99688e002e26a71fc53224eba84aa526d6014830450221009535cda9d3533a8b95ab3cbd8004b1fc4d689d5104ae0c027b4e857a6345e54b022020b8df4231a2fb0fbcbf2d7593f0fbdb63d72feea04167afcd1708fba130dd8a0147522103abd618be2d6e412bb31457bf416cf05138592da9ab4c9647a79577492710eacb2103bc2e2480bd8f5a66d45ceb333db45a980283a3c55df3c23eed22f30aa99e82e852ae
The hexadecimal private key (private signature) to sign with is:
3e2d99b06d1e763e8a208d0f2522432596fc1ae75825e777fb6b04ecf7260848 27d7edd524be491da6f5996e830e92b5477844800155e47f672cd5527f3a0e7d
Assuming sign() and the given key are correct, can anyone see an obvious mistake here? Or can you give me some hints on how to check the output myself?
