Testnet Bitcoin wallet: which script in hash addresses?

Why does the Testnet Wallet create receiving addresses in the form of script hash addresses (prefix 2) instead of "plain" m/n-prefixed addresses? Is there any security reason? And, which script does it hash? I was assuming, from BIP.16, a single-signature case:

scriptPubKey: OP_HASH160 [20-byte-hash of {[pubkey] OP_CHECKSIG} ] OP_EQUAL

But I was not able to obtain the same script hash (of course I know the private key). I tried the following steps:

$ echo [02b6d...public key...47f89] checksig > script

$ bx script-encode < script | bx sha256 | bx ripemd160

046f...fb3

$ echo hash160 [046f...fb3] equal > script2

$ bx script-encode < script2 | bx sha256 | bx ripemd160 | bx base58check-encode --version 196

2NxxxexxxxxL

(I had expected to get the same result built by the wallet, but they were different).

Please note that I know for sure both the private and public keys.

robermann

Posted 2018-09-02T21:23:51.810

Reputation: 135

Answers

What're seeing is a P2SH embedded Segwit address.

It contains the hash of the script OP_0 [20-byte hash160 of compressed pubkey].

You can configure Bitcoin Core to instead produce legacy P2PKH addresses (start with -addresstype=legacy). You can also make it construct Bech32 (BIP173) addresses using -addresstype=bech32, which represent the OP_0 [20-byte hash160 of compressed pubkey] script directly. These are cheaper to spend, but not all software supports sending to them.

Pieter Wuille

Posted 2018-09-02T21:23:51.810

Reputation: 54 032

Thanks to @pieter-wuille, I confirm it is a P2SH embedded Segwit address:

$ echo '0 [a01..pukbKeyHash..e8e]' | bx script-to-address -v  196
2Mu..xxxx..r

Or:

$ echo '0 [a01..pukbKeyHash..e8e]' > script3
$ bx script-encode < script3 | bx sha256 | bx ripemd160 | bx base58check-encode --version 196
2Mu..xxxx..r

Which is the address I was looking for.

robermann

Posted 2018-09-02T21:23:51.810

Reputation: 135