Bitcoin

Non-standard witnesses when constructing transactions

I’m trying to use P2WSH 2of2 multi-signature input in Python for learning purposes. When checking assembled TX with testmempoolaccept, I get the message “bad-witness-nonstandard”.

This is my role in gathering witnesses:

def get_p2wsh_witness(privs: List(bytes), msg: bytes) -> bytes:
    sigs = (sign(priv, msg) for priv in privs)
    witness = bytes.fromhex("04")
    witness += bytes.fromhex("00")
    for sig in sigs:
        witness += len(sig).to_bytes(1, "little") + sig
    musig_script = b""
    op2 = bytes.fromhex("52")
    op_checkmultisig = bytes.fromhex("ae")
    musig_script += op2
    for key in privs:
        key = get_pub_from_priv(key)
        musig_script += bytes.fromhex("21")  # 33 bytes
        musig_script += key
    musig_script += op2
    musig_script += op_checkmultisig
    musig_script = len(musig_script).to_bytes(1, "little") + musig_script
    witness += musig_script
    return witness

This is how I constructed the promise hash.

def get_commitment_hash(outpoint: bytes, scriptcode: bytes, value: int, outputs: List(bytes)) -> bytes:
    def dsha256(data: bytes) -> bytes:
        return hashlib.new("sha256", hashlib.new("sha256", data).digest()).digest()
    result = b""
    result += (2).to_bytes(4, "little")
    result += dsha256(outpoint)  # hashPrevouts
    result += dsha256(bytes.fromhex("ffffffff"))
    result += outpoint
    # Passed scriptcode (hex): 522103abd618be2d6e412bb31457bf416cf05138592da9ab4c9647a79577492710eacb2103bc2e2480bd8f5a66d45ceb333db45a980283a3c55df3c23eed22f30aa99e82e852ae 
    if len(scriptcode) > 30:
        result += len(scriptcode).to_bytes(1, "little") + scriptcode
    else:
        result += scriptcode
    result += value.to_bytes(8, "little")
    result += bytes.fromhex("ffffffff")
    result += dsha256(b"".join(outputs))
    result += bytes.fromhex("00000000")
    result += bytes.fromhex("01000000")
    return dsha256(result)

The original transaction for UTXO is as follows:

02000000000101f823195349b831db24d266223c16030ce52062e984c113df966be11a3cef881d7e00000000ffffffff0240420f000000000047522103abd618be2d6e412bb31457bf416cf05138592da9ab4c9647a79577492710eacb2103bc2e2480bd8f5a66d45ceb333db45a980283a3c55df3c23eed22f30aa99e82e852aec26e7b000000000016001437528e3adfd4f8c5322164689306f9a3c24571aa02483045022100d0a4effc5f870a8845a33c584d9239b97b8a28a85e95c43e5e7dd2bc31876fe202201c6996b0b3ee4981fcfd620ca3199f20b3630ae846b2cfd28a82004d85acdcc50121023e7362dad760249706fc4526d8781a70571b125a2ff51b817ba5b8fa5706ec1400000000
0400483045022100ec7dfded7d97f8d990d8470b0855a705c118dff718aed9f5a6c5faa24c33a03402207919d822f44bb3a36ffb0771e2e4dc99688e002e26a71fc53224eba84aa526d6014830450221009535cda9d3533a8b95ab3cbd8004b1fc4d689d5104ae0c027b4e857a6345e54b022020b8df4231a2fb0fbcbf2d7593f0fbdb63d72feea04167afcd1708fba130dd8a0147522103abd618be2d6e412bb31457bf416cf05138592da9ab4c9647a79577492710eacb2103bc2e2480bd8f5a66d45ceb333db45a980283a3c55df3c23eed22f30aa99e82e852ae

The hexadecimal private key (private signature) to sign with is:

3e2d99b06d1e763e8a208d0f2522432596fc1ae75825e777fb6b04ecf7260848 27d7edd524be491da6f5996e830e92b5477844800155e47f672cd5527f3a0e7d

Assuming sign() and the given key are correct, can anyone see an obvious mistake here? Or can you give me some hints on how to check the output myself?

Related Articles

Back to top button