Verification of untypical scriptSig

1

I want to be able to redeem a P2SH output with a script doing a multisig but also additional checks. The scriptSig to redeem this output thus has to provide enough signatures, as well as some specific data, that is then compared to what's in the redeem script. To my understanding, a scriptSig like this cannot be constructed using signrawtransaction, but needs to be put together manually. But then it's very prone to errors... Is there still an easy way to check the correctness of this self-constructed scriptSig? Like a RPC call to the verifying function, a miner would call, when validating the transaction?

lorisnoedboris

Posted 2018-12-14T10:29:44.080

Reputation: 35

Answers

1

Assuming that you are able to create the raw redeeming transaction yourself, it is possible to pass a signed transaction to bitcoin core's signrawtransaction (or signrawtransactionwithwallet on new releases), along with a json to describe the utxo being redeemed, to verify correctness.

In this example I'm setting up a json for redeeming a p2wsh scriptpubkey that has the very simple, single opcode redeemscript CHECKSIG, where the input's amount is one BTC. The input's txid in this example is just FFFF...FFFF.

'[{"txid":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF","vout":0,"scriptPubKey":"0020EE6BB86B44339392BAE631C8F61DD8F009243C635ADAB33C0B20923A2794BF22","redeemScript":"AC","amount":1}]'

I've built the raw transaction redeeming this utxo, which is :

02000000000101FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000FDFFFFFF01F0B9F505000000002321027777777777777777777777777777777777777777777777777777777777777777AC0347304402203333333333333333333333333333333333333333333333333333333333333333022055555555555555555555555555555555555555555555555555555555555555550121030EFF833692060EB20ABF63FDE930AD0F59BFDDF3FAD321AA5C85435120306FD101AC00000000

To check the validity of this spend, pass both the utxo and transaction to bitcoin core's signrawtransactionwithwallet :

$ printf '%s\n%s\n' 02000000000101FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000FDFFFFFF01F0B9F505000000002321027777777777777777777777777777777777777777777777777777777777777777AC0347304402203333333333333333333333333333333333333333333333333333333333333333022055555555555555555555555555555555555555555555555555555555555555550121030EFF833692060EB20ABF63FDE930AD0F59BFDDF3FAD321AA5C85435120306FD101AC00000000 '[{"txid":"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF","vout":0,"scriptPubKey":"0020EE6BB86B44339392BAE631C8F61DD8F009243C635ADAB33C0B20923A2794BF22","redeemScript":"AC","amount":1}]' | bitcoin-cli -stdin signrawtransactionwithwallet

{
  "hex": "02000000000101ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0000000000fdffffff01f0b9f505000000002321027777777777777777777777777777777777777777777777777777777777777777ac0347304402203333333333333333333333333333333333333333333333333333333333333333022055555555555555555555555555555555555555555555555555555555555555550121030eff833692060eb20abf63fde930ad0f59bfddf3fad321aa5c85435120306fd101ac00000000",
  "complete": true
}

To check the correctness of your script, simply replace the relevant values in the utxo and build the spending transaction.
The situation is a bit more involved when validating constraints such as relative and absolute timelocks. To have extra assurance, you could use Regtest and Testnet to try out your scripts, and even then, if the script is very exotic (maybe using undefined op_nop codes, or other forms of non standard-ness), the transaction be easily redeemable on regtest\testnet but at the same time almost impossible to redeem on mainnet.

arubi

Posted 2018-12-14T10:29:44.080

Reputation: 1 460

Asked: 2018-12-14T10:29:44.080

Viewed: 65 times

Active: 2018-12-14T12:49:50.763