![](/files/programmingwallet.png)


![](/files/session1/s1.png)


# Session 1 Objectives
* Learn pay-to-witness-pubkey-hash
* Learn bech32 addresses
* Redeem a pay-to-witness-pubkey-hash output


# Pay to Witness Pubkey Hash (p2wpkh)


## What is Segregated Witness?
* A way to fix transaction malleability
* A way to reduce network transmission
* A way to increase transaction throughput
* A way for smooth future upgrades


## p2pkh
![](/files/session1/old.png)


## p2wpkh
![](/files/session1/new.png)


## Pay to Witness Pubkey Hash (aka "Native Segwit")
* Acts like p2pkh but puts the ScriptSig data in another place
* New type of ScriptPubKey
* Different Data is sent to pre-Segwit nodes vs Segwit nodes


# Non-Segwit Nodes
![](/files/session1/old-nodes.png)


# Segwit Nodes
![](/files/session1/new-nodes.png)


In [None]:
############## PLEASE RUN THIS CELL FIRST! ###################

# import everything and define a test runner function
from importlib import reload
from helper import run
import ecc, script, tx

### Exercise 1




#### Make [this test](/edit/session1/tx.py) pass: `tx.py:TxTest:test_parse_segwit`

In [None]:
# Exercise 1

reload(tx)
run(tx.TxTest('test_parse_segwit'))

### Exercise 2




#### Make [this test](/edit/session1/tx.py) pass: `tx.py:TxTest:test_serialize_segwit`

In [None]:
# Exercise 2

reload(tx)
run(tx.TxTest('test_serialize_segwit'))

## Combining Scripts
* ScriptPubKey:
![](/files/session1/p2wpkh-scriptpubkey.png)
* ScriptSig:
Empty!


## Combined
![](/files/session1/p2wpkh-combined.png)


In [None]:
from IPython.display import YouTubeVideo
YouTubeVideo('ZHtJYfZsiAE')

## Witness
![](/files/session1/p2wpkh-witness.png)


## BIP143: New Signature Hash for Segwit
* Solve quadratic hashing
* Input amounts included
* Precompute and reuse parts


#### Legacy Signature Hash Spec
* Version
* For each Input
  - Previous Tx hash and index
  - Previous ScriptPubKey or RedeemScript if input being signed otherwise null
  - Sequence
* For each output
  - Amount
  - ScriptPubKey
* Locktime
* Hashing Type (SIGHASH_ALL, usually)


# Witness
![](/files/session1/p2wpkh-witness.png)


#### Segwit Signature Hash Spec (BIP143)
* Version
* HashPrevouts (calculated from tx hash and index of each input)
* HashSequence (calculated from sequence of each input)
* Script Code
* Value of input in Satoshis
* Sequence
* HashOutputs (calculated from amount and ScriptPubKey of each output)
* Locktime
* Hashing Type (SIGHASH_ALL, usually)


## Script Code
* ScriptPubKey being executed
* For p2wpkh, this is the p2pkh ScriptPubKey
* The 2nd argument is used as the hash


### Exercise 3




#### Make [this test](/edit/session1/tx.py) pass: `tx.py:TxTest:test_sig_hash_bip143`

In [None]:
# Exercise 3

reload(tx)
run(tx.TxTest('test_sig_hash_bip143'))

# Bech32


### Problems with Base58
* Encoding/Decoding is slow
* Inefficient for QR codes
* Hard to communicate in analog effectively
* Hash256 checksum is slow and has no error-detection
* Error-Detection requires a power of 2, 58 is not


### Bech32
* Defined in BIP173
* Uses BoseChaudhuriHocquenghem, or BCH Code, hence "Bech"
* 32 characters, using only lower case letters and numbers
* All characters (26+10) except 1, b, i, o
* NOT ALPHABETICAL
* Address has human part, separator, data and checksum


# Bech32 Address
![](/files/session1/bech32.png)


### Human Part
* bc = mainnet, tb = testnet

### Separator
* 1

### Data Part
* First character is the Segwit Version (0)
* Rest is data (usually a hash) of 1 to 40 bytes



# Data Part
![](/files/session1/segwitaddress.png)


In [None]:
# example for creating a bech32 address
from ecc import S256Point
from helper import encode_bech32_checksum, encode_varstr
sec_hex = '039d5ca49670cbe4c3bfa84c96a8c87df086c6ea6a24ba6b809c9de234496808d5'
point = S256Point.parse(bytes.fromhex(sec_hex))
h160 = point.hash160()
raw = bytes([0])
raw += encode_varstr(h160)
bech32 = encode_bech32_checksum(raw, testnet=False)
print(bech32)

### Exercise 4
#### Create a testnet bech32 address using your private key from the Session 0

Fill in the spreadsheet with your bech32 address.


In [None]:
# Exercise 4

from ecc import PrivateKey
from helper import encode_bech32_checksum, encode_varstr, hash256, little_endian_to_int
# use the same passphrase from session 0
passphrase = b'jimmy@programmingblockchain.com Jimmy Song'
secret = little_endian_to_int(hash256(passphrase))
# create a private key using the secret
private_key = PrivateKey(secret)
# get the public key using the .point property
public_key = private_key.point
# get the hash160 of the point
h160 = public_key.hash160()
# the raw bytes to be encrypted starts with the segwit version (0 or b'\x00)
raw = bytes([0])
# next, add the hash160 using encode_varstr
raw += encode_varstr(h160)
# encode to bech32 using encode_bech32_checksum, remember testnet=True
bech32 = encode_bech32_checksum(raw, testnet=True)
# print the address
print(bech32)

### Exercise 5




#### Make [this test](/edit/session1/ecc.py) pass: `ecc.py:S256Test:test_bech32_address`

In [None]:
# Exercise 5

reload(ecc)
run(ecc.S256Test('test_bech32_address'))

## Signing a p2wpkh Input
* ScriptSig is empty!
* Witness field has the signature and the compressed SEC pubkey
![](/files/session1/p2wpkh-witness.png)


In [None]:
# Example for signing a p2wpkh input
from io import BytesIO
from ecc import PrivateKey
from helper import hash256, little_endian_to_int, SIGHASH_ALL
from tx import Tx
from witness import Witness
private_key = PrivateKey(little_endian_to_int(hash256(b'jimmy@programmingblockchain.com Jimmy Song')))
raw_tx_hex = '01000000000101cca99b60e1d687e8faaf93e114114e7b5f6382d9f5d45ffb76ac7472ad7d734c0100000000ffffffff014c400f0000000000160014092ab91b37b4182061d9c01199aaac029f89561f0000000000'
input_index = 0
stream = BytesIO(bytes.fromhex(raw_tx_hex))
tx_obj = Tx.parse(stream, testnet=True)
z = tx_obj.sig_hash_bip143(input_index)
der = private_key.sign(z).der()
sig = der + SIGHASH_ALL.to_bytes(1, 'big')
sec = private_key.point.sec()
tx_in = tx_obj.tx_ins[input_index]
tx_in.witness = Witness([sig, sec])
print(tx_obj.verify_input(input_index))

### Exercise 6




#### Make [this test](/edit/session1/tx.py) pass: `tx.py:TxTest:test_sign_p2wpkh`

In [None]:
# Exercise 6

reload(tx)
run(tx.TxTest('test_sign_p2wpkh'))

In [None]:
# Example for creating a p2wpkh transaction
from ecc import PrivateKey
from helper import decode_bech32, hash256, little_endian_to_int
from script import P2WPKHScriptPubKey
from tx import Tx, TxIn, TxOut
private_key = PrivateKey(little_endian_to_int(hash256(b'jimmy@programmingblockchain.com Jimmy Song')))
prev_tx_hex = '0f007db8670c8b22ed64d95c61895d9c8e516ec938f99fbe4973fc0172ef93cf'
prev_tx = bytes.fromhex(prev_tx_hex)
prev_index = 1
fee = 500
tx_in = TxIn(prev_tx, prev_index)
amount = tx_in.value(testnet=True) - fee
target_address = 'tb1qdcfewxgnhx4gjev6nafaxfa64zpx7tt470r3au'
_, _, h160 = decode_bech32(target_address)
script_pubkey = P2WPKHScriptPubKey(h160)
tx_out = TxOut(amount, script_pubkey)
tx_obj = Tx(1, [tx_in], [tx_out], 0, testnet=True, segwit=True)
tx_obj.sign_input(0, private_key)
print(tx_obj.serialize().hex())

### Exercise 7

#### Create a p2wpkh spending transaction

You have been sent 0.05 testnet BTC. Send 0.03 to `tb1qdcfewxgnhx4gjev6nafaxfa64zpx7tt470r3au`
and the change back to your bech32 address.


In [None]:
# Exercise 7

from ecc import PrivateKey
from helper import decode_bech32, hash256, little_endian_to_int
from network import SimpleNode
from script import P2WPKHScriptPubKey
from tx import Tx, TxIn, TxOut
passphrase = b'jimmy@programmingblockchain.com Jimmy Song'
private_key = PrivateKey(little_endian_to_int(hash256(passphrase)))
prev_tx_hex = '94448a601fce6961a5fabbc554068460d979b15bee9531e378fbb458bc644378'
prev_tx = bytes.fromhex(prev_tx_hex)
prev_index = 0
fee = 500
target_address = 'tb1qdcfewxgnhx4gjev6nafaxfa64zpx7tt470r3au'
target_amount = 3000000
# create the transaction input
tx_in = TxIn(prev_tx, prev_index)
# create an array of tx_outs
tx_outs = []
# decode the target address to get the hash160 of the address
_, _, target_h160 = decode_bech32(target_address)
# create the target script pubkey using P2WPKHScriptPubKey
target_script_pubkey = P2WPKHScriptPubKey(target_h160)
# add the target transaction output
tx_outs.append(TxOut(target_amount, target_script_pubkey))
# calculate the change amount, remember you were sent 5000000 sats
change_amount = 5000000 - target_amount - fee
# calculate the hash160 for your private key
change_h160 = private_key.point.hash160()
# create the change script pubkey using P2WPKHScriptPubKey
change_script_pubkey = P2WPKHScriptPubKey(change_h160)
tx_outs.append(TxOut(change_amount, change_script_pubkey))
# create the transaction with testnet=True and segwit=True
tx_obj = Tx(1, [tx_in], tx_outs, 0, testnet=True, segwit=True)
# sign the one input with your private key
tx_obj.sign_input(0, private_key)
# print the hex to see what it looks like
print(tx_obj.serialize().hex())

### Exercise 8




#### Make [this test](/edit/session1/tx.py) pass: `tx.py:TxTest:test_verify_p2wpkh`

In [None]:
# Exercise 8

reload(tx)
run(tx.TxTest('test_verify_p2wpkh'))

## What is P2SH-P2WPKH?
* Backwards-compatible p2wpkh
* Uses p2sh to wrap single-key segwit (p2wpkh)
* Looks like p2sh addresses which start with a 3


![](/files/session1/p2sh-p2wpkh-old.png)


![](/files/session1/p2sh-p2wpkh-new.png)


# P2SH-P2WPKH "Nested Segwit"
* Acts like p2wpkh but looks like p2sh
* ScriptPubKey looks exactly like p2sh
* Different Data is sent to pre-Segwit nodes vs Segwit nodes


# Non-Segwit Nodes
![](/files/session1/p2sh-p2wpkh-old-nodes.png)


# Segwit Nodes
![](/files/session1/p2sh-p2wpkh-new-nodes.png)


## Combining Scripts
* ScriptPubKey:
![](/files/session1/p2sh-p2wpkh-scriptpubkey.png)
* ScriptSig:
![](/files/session1/p2sh-p2wpkh-scriptsig.png)


## Combined
![](/files/session1/p2sh-p2wpkh-combined.png)


## RedeemScript
![](/files/session1/p2sh-p2wpkh-redeemscript.png)


## Witness
![](/files/session1/p2sh-p2wpkh-witness.png)


In [None]:
from IPython.display import YouTubeVideo
YouTubeVideo('efDU3HZAHtc')

### Generating a p2sh-p2wpkh address
* RedeemScript is what would be the ScriptPubKey for p2wpkh
* This is Segwit Version + 20 byte hash
* p2sh address is the hash160 of the RedeemScript in Base58


In [None]:
# Example of generating a p2sh-p2wpkh address
from ecc import S256Point
from helper import encode_base58_checksum, hash160
from script import P2WPKHScriptPubKey, P2SHScriptPubKey
sec_hex = '02c3700ce19990bccbfa1e072d287049d7c0e07ed15c9aeac84bbc2c38ea667a5d'
point = S256Point.parse(bytes.fromhex(sec_hex))
h160 = point.hash160()
redeem_script = P2WPKHScriptPubKey(h160)
p2sh_h160 = hash160(redeem_script.raw_serialize())
p2sh_script_pubkey = P2SHScriptPubKey(p2sh_h160)
address = p2sh_script_pubkey.address(testnet=False)
print(address)

### Exercise 9
#### Create a testnet p2sh-p2wpkh address with your private key.



In [None]:
# Exercise 9

from ecc import PrivateKey
from helper import encode_varstr, hash160, hash256, little_endian_to_int
from script import P2WPKHScriptPubKey, P2SHScriptPubKey
# use the same passphrase from session 0
passphrase = b'jimmy@programmingblockchain.com Jimmy Song'
secret = little_endian_to_int(hash256(passphrase))
# create a private key using the secret
private_key = PrivateKey(secret)
# get the public key using the .point property
public_key = private_key.point
# get the hash160 of the point
h160 = public_key.hash160()
# create the RedeemScript, which is the P2WPKHScriptPubKey of the hash160
redeem_script = P2WPKHScriptPubKey(h160)
# perform a hash160 on the raw serialization of the RedeemScript
p2sh_h160 = hash160(redeem_script.raw_serialize())
# create a P2SHScriptPubKey using the h160
p2sh_script = P2SHScriptPubKey(p2sh_h160)
# return the address, remember testnet=True
address = p2sh_script.address(testnet=True)
# print the address
print(address)

### Exercise 10




#### Make [this test](/edit/session1/script.py) pass: `script.py:P2SHScriptPubKeyTest:test_address`

In [None]:
# Exercise 10

reload(script)
run(script.P2SHScriptPubKeyTest('test_address'))

### Exercise 11




#### Make [this test](/edit/session1/ecc.py) pass: `ecc.py:S256Test:test_p2sh_p2wpkh_address`

In [None]:
# Exercise 11

reload(ecc)
run(ecc.S256Test('test_p2sh_p2wpkh_address'))

### Signing a p2sh-p2wpkh input
* ScriptSig is only the RedeemScript
* RedeemScript is what would be the ScriptPubKey for p2wpkh
* Witness is the signature and compressed SEC pubkey


In [None]:
# Example for signing a p2sh-p2wpkh input
from io import BytesIO
from ecc import PrivateKey
from helper import hash256, little_endian_to_int, SIGHASH_ALL
from script import Script
from tx import Tx
from witness import Witness
private_key = PrivateKey(little_endian_to_int(hash256(b'jimmy@programmingblockchain.com Jimmy Song')))
redeem_script = private_key.point.p2sh_p2wpkh_redeem_script()
raw_tx_hex = '010000000001014e6b786f3cd70ab1ffd75caa6bb252c9888fdca9ca94d40fec24bec3e643d89e0000000000ffffffff014c400f0000000000160014401af0b57c7a4b7490c508a47d0747d03cf6ac2e0000000000'
input_index = 0
stream = BytesIO(bytes.fromhex(raw_tx_hex))
tx_obj = Tx.parse(stream, testnet=True)
z = tx_obj.sig_hash_bip143(input_index, redeem_script=redeem_script)
der = private_key.sign(z).der()
sig = der + SIGHASH_ALL.to_bytes(1, 'big')
sec = private_key.point.sec()
tx_in = tx_obj.tx_ins[input_index]
tx_in.witness = Witness([sig, sec])
tx_in.script_sig = Script([redeem_script.raw_serialize()])
print(tx_obj.verify_input(input_index))

### Exercise 12




#### Make [this test](/edit/session1/tx.py) pass: `tx.py:TxTest:test_sign_p2sh_p2wpkh`

In [None]:
# Exercise 12

reload(tx)
run(tx.TxTest('test_sign_p2sh_p2wpkh'))

In [None]:
# Example for creating a p2sh-p2wpkh transaction
from ecc import PrivateKey
from helper import decode_bech32, hash256, little_endian_to_int
from script import P2WPKHScriptPubKey
from tx import Tx, TxIn, TxOut
private_key = PrivateKey(little_endian_to_int(hash256(b'jimmy@programmingblockchain.com Jimmy Song')))
prev_tx_hex = '6c14a8370da20c7de5ebf216ece3156e99e7d6070442d93b80cdc344b2e80867'
prev_tx = bytes.fromhex(prev_tx_hex)
prev_index = 1
fee = 500
tx_in = TxIn(prev_tx, prev_index)
amount = tx_in.value(testnet=True) - fee
target_address = 'tb1qdcfewxgnhx4gjev6nafaxfa64zpx7tt470r3au'
_, _, h160 = decode_bech32(target_address)
script_pubkey = P2WPKHScriptPubKey(h160)
tx_out = TxOut(amount, script_pubkey)
tx_obj = Tx(1, [tx_in], [tx_out], 0, testnet=True, segwit=True)
redeem_script = private_key.point.p2sh_p2wpkh_redeem_script()
tx_obj.sign_input(0, private_key, redeem_script=redeem_script)
print(tx_obj.serialize().hex())

### Exercise 13

#### Create a p2sh-p2wpkh spending transaction

You have been sent 0.05 testnet BTC. Send 0.03 to `tb1qdcfewxgnhx4gjev6nafaxfa64zpx7tt470r3au`
and the change back to your p2sh-p2wpkh address.


In [None]:
# Exercise 13

from ecc import PrivateKey
from helper import decode_bech32, decode_base58, hash256, little_endian_to_int
from network import SimpleNode
from script import P2WPKHScriptPubKey, P2SHScriptPubKey
from tx import Tx, TxIn, TxOut
passphrase = b'jimmy@programmingblockchain.com Jimmy Song'
private_key = PrivateKey(little_endian_to_int(hash256(passphrase)))
prev_tx_hex = '9b3e6e253c79672a4e60a8a563ee735c8f87351058a7a0f5d53a2b5771cf6a6d'
prev_tx = bytes.fromhex(prev_tx_hex)
prev_index = 0
fee = 500
target_address = 'tb1qdcfewxgnhx4gjev6nafaxfa64zpx7tt470r3au'
target_amount = 3000000
# create the transaction input
tx_in = TxIn(prev_tx, prev_index)
# create an array of tx_outs
tx_outs = []
# decode the target address to get the hash160 of the address
_, _, target_h160 = decode_bech32(target_address)
# create the target script pubkey using P2WPKHScriptPubKey
target_script_pubkey = P2WPKHScriptPubKey(target_h160)
# add the target transaction output
tx_outs.append(TxOut(target_amount, target_script_pubkey))
# calculate the change amount, remember you were sent 5000000 sats
change_amount = 5000000 - target_amount - fee
# get the p2sh-p2wpkh address for using your private key
p2sh_address = private_key.point.p2sh_p2wpkh_address()
# get the hash160 by decoding the p2sh-p2wpkh address
change_h160 = decode_base58(p2sh_address)
# create the change script pubkey using P2SHScriptPubKey
change_script_pubkey = P2SHScriptPubKey(change_h160)
tx_outs.append(TxOut(change_amount, change_script_pubkey))
# create the transaction with testnet=True and segwit=True
tx_obj = Tx(1, [tx_in], tx_outs, 0, testnet=True, segwit=True)
# grab the RedeemScript from the public point
redeem_script = private_key.point.p2sh_p2wpkh_redeem_script()
# sign the one input with your private key
tx_obj.sign_input(0, private_key, redeem_script=redeem_script)
# print the hex to see what it looks like
print(tx_obj.serialize().hex())