What is the precise definition of "witness program"?

6

3

BIP 141 uses the term "witness program" extensively without, apparently, adhering to a consistent definition.

From the heading "Witness Program":

A scriptPubKey (or redeemScript as defined in BIP16/P2SH) that consists of a 1-byte push opcode (for 0 to 16) followed by a data push between 2 and 40 bytes gets a new special meaning. The value of the first push is called the "version byte". The following byte vector pushed is called the "witness program". [my emphasis]

https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#witness-program

In other words, a "witness program" is a byte sequence 2 to 40 bytes in length. In P2WPKH authentication, the witness program is the 20-byte hash value of a public key. In P2WSH authentication, the witness program is the 32-byte hash value of the serialize "witness script" (last element of witness data).

At least, this is what I gather from reading the definition under the heading.

However, BIP 141 makes other references to "witness program" that seem to suggest something else. For example:

  • "In addition, opcodes within the witness program are counted identical to as previously within the P2SH check script."
  • "The P2WPKH witness program is then executed as described in the previous example."

Also, headings seem to suggest that "witness program" means something else:

What is a precise definition for the term "witness program?"

Rich Apodaca

Posted 2016-07-09T21:01:58.230

Reputation: 1 896

The usage of the term "authentication" above might be replaced with "identification" or removed altogether.Jonathan Cross 2018-11-21T04:26:39.010

Answers

2

Thanks for your comments. This is the proposed fix: https://github.com/bitcoin/bips/pull/416

Johnson Lau

Posted 2016-07-09T21:01:58.230

Reputation: 42

1Thanks - those changes are consistent with the definition in the paragraph I quoted, and clear up all of my questions. In other words, a witness program is a hash value. Still, I'm uneasy about using the term "witness program" to refer to something that isn't actually a program or even Script. What's the origin of that term and the compelling reason to use it rather than something more consistent with function?Rich Apodaca 2016-07-10T16:52:05.670

The witness program is still a script, just a trivial one, and one that follows a fixed structure that is given a new meaning.Pieter Wuille 2016-08-09T17:40:37.760

@PieterWuille, the current BIP-141 staes "The value of the first push is called the "version byte". The following byte vector pushed is called the "witness program"." Yet "witness program" is clearly identified as a hash value elsewhere in the BIP. A hash value is not a script in any way I can decipher. It's a hash value of a script. Am I missing something?Rich Apodaca 2017-06-07T19:34:59.650

1See it as a continuation of P2SH. P2SH scripts are clearly programs (they're executed, and contain opcodes); however, their only substance is the script hash they contain. Witness programs just continue that trend - the encoding as script bytes is vestigial, but there are actual semantics involved (P2WPKH and P2WSH have different semantics, for example).Pieter Wuille 2018-01-06T14:23:44.667