Skip to content

Instantly share code, notes, and snippets.

@kallewoof

kallewoof/1 script tapscript fund and spend

Created February 5, 2020 19:05
Show Gist options
  • Save kallewoof/cd40d4a83753ac721c8d3c28e2a9ce6a to your computer and use it in GitHub Desktop.
Save kallewoof/cd40d4a83753ac721c8d3c28e2a9ce6a to your computer and use it in GitHub Desktop.
Download ZIP
Raw
1 script tapscript fund and spend
internal_pubkey=efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
tapscript=a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
➜ btcdeb git:(taproot) ✗ ./tap $internal_pubkey 1 $tapscript
tap 0.2.19 -- type `./tap -h` for help
WARNING: This is experimental software. Do not use this with real bitcoin, or you will most likely lose them all. You have been w a r n e d.
LOG: sign segwit taproot
Internal pubkey: efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
1 scripts:
- #0: a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
Script #0 leaf hash = TapLeaf<<0xc0 || a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac>>
→ 38fdfbefe5f26656c3ac52bc84da60d76f2c9414d71e4ad409f28cb4f5fb6acd
Tweak value = 7626fe4fb1a9b390c9fa9cceaa495c9f06c9f2950ff5ae142ee97f7e2f18f6c9
Tweaked pubkey = e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5 (negated)
Resulting Bech32 address: sb1pulf2cnpr8rtsw9mplzpe9zntp7yjjhz5ge4zzytus4r29dp3eljsle92cv
➜ btcdeb git:(taproot) ✗ txin=020000000001015847fdd33335286eefb1cbd3ceff68226f72d69413c0093161d7c02348923cdf0000000000feffffff02a086010000000000225120e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5b13ac82801000000160014bbcfdba7564dfcf5c5c06cdbcf526baed8f1384a0247304402202bb9714a75e26585cdbed19d26f8fb307003cc2b31db2701ffb344607b15f18d02207a172f3551d8a34a53a2a16f9d61bbe057e4ceb407d974f539f74dcb64f935c101210287ff8bb2c262631ccb0474035ed38e25389002ee9cf154fa70fe96f866757b1818060000
➜ btcdeb git:(taproot) ✗ tx=020000000102ed5adc5e7f10af7527344021d7e41560ceb9339fed67936d721f4079d611e40000000000ffffffff01b882010000000000160014f3135d8ea607de940cc32fe9120cf01526883e8900000000
➜ btcdeb git:(taproot) ✗ ./tap --privkey=$alice_privkey --txin=$txin --tx=$tx $internal_pubkey 1 $tapscript 0 $preimage
tap 0.2.19 -- type `./tap -h` for help
WARNING: This is experimental software. Do not use this with real bitcoin, or you will most likely lose them all. You have been w a r n e d.
LOG: sign segwit taproot
targeting transaction vin at index #0
Internal pubkey: efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
2 spending arguments present
- 1+ spend arguments; TAPSCRIPT mode
#0: 107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f
1 scripts:
- #0: a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
Script #0 leaf hash = TapLeaf<<0xc0 || a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac>>
→ 38fdfbefe5f26656c3ac52bc84da60d76f2c9414d71e4ad409f28cb4f5fb6acd
Control object = (leaf), (internal pubkey = efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7), ...
... with proof -> efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
Tweak value = 7626fe4fb1a9b390c9fa9cceaa495c9f06c9f2950ff5ae142ee97f7e2f18f6c9
Tweaked pubkey = e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5 (negated)
Pubkey matches the scriptPubKey of the input transaction's output #0
Resulting Bech32 address: sb1pulf2cnpr8rtsw9mplzpe9zntp7yjjhz5ge4zzytus4r29dp3eljsle92cv
Final control object = c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
Adding selected script to taproot inputs: a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
→ 20107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f45a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
appending control object to taproot input stack: c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
Tapscript spending witness: [
"107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f",
"a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac",
"c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7",
]
input tx index = 0; tx input vout = 0; value = 100000
got witness stack of size 3
34 bytes (v0=P2WSH, v1=taproot/tapscript)
Taproot commitment:
- control = c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
- program = e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5
- script = a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
- path len = 0
- p = efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
- q = e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5
- k = cd6afbf5b48cf209d44a1ed714942c6fd760da84bc52acc35666f2e5effbfd38 (tap leaf hash)
(TapLeaf(0xc0 || a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac))
valid script
- generating prevout hash from 1 ins
[+] COutPoint(e411d67940, 0)
SignatureHashSchnorr(in_pos=0, hash_type=00)
- tapscript sighash
sighash (little endian) = 9df606d39a6943377f75d34d56ac034bcdf1163b871b2828487dd6920edab013
sighash: 9df606d39a6943377f75d34d56ac034bcdf1163b871b2828487dd6920edab013
privkey: 2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae
pubkey: cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01
signature: 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc69bbfeb6de3b4fa3955621130f72fc8554a046b93d69fd6e82d87dd74a929efe88
Resulting transaction: 0200000000010102ed5adc5e7f10af7527344021d7e41560ceb9339fed67936d721f4079d611e40000000000ffffffff01b882010000000000160014f3135d8ea607de940cc32fe9120cf01526883e89044011ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc69bbfeb6de3b4fa3955621130f72fc8554a046b93d69fd6e82d87dd74a929efe8820107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f45a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac21c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be700000000
➜ btcdeb git:(taproot) ✗ ./btcdeb --txin=$txin --tx=0200000000010102ed5adc5e7f10af7527344021d7e41560ceb9339fed67936d721f4079d611e40000000000ffffffff01b882010000000000160014f3135d8ea607de940cc32fe9120cf01526883e89044011ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc69bbfeb6de3b4fa3955621130f72fc8554a046b93d69fd6e82d87dd74a929efe8820107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f45a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac21c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be700000000
btcdeb 0.2.19 -- type `./btcdeb -h` for start up options
LOG: sign segwit taproot
got segwit transaction dfcd293b9d5569ada9ddb65ed59eabac69c540016f85bf6367876c32e5dbba79:
CTransaction(hash=dfcd293b9d, ver=2, vin.size=1, vout.size=1, nLockTime=0)
CTxIn(COutPoint(e411d67940, 0), scriptSig=)
CScriptWitness(11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc69bbfeb6de3b4fa3955621130f72fc8554a046b93d69fd6e82d87dd74a929efe88, 107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f, a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac, c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7)
CTxOut(nValue=0.00099000, scriptPubKey=0014f3135d8ea607de940cc32fe912)
got input tx #0 e411d679401f726d9367ed9f33b9ce6015e4d72140342775af107f5edc5aed02:
CTransaction(hash=e411d67940, ver=2, vin.size=1, vout.size=2, nLockTime=1560)
CTxIn(COutPoint(df3c924823, 0), scriptSig=, nSequence=4294967294)
CScriptWitness(304402202bb9714a75e26585cdbed19d26f8fb307003cc2b31db2701ffb344607b15f18d02207a172f3551d8a34a53a2a16f9d61bbe057e4ceb407d974f539f74dcb64f935c101, 0287ff8bb2c262631ccb0474035ed38e25389002ee9cf154fa70fe96f866757b18)
CTxOut(nValue=0.00100000, scriptPubKey=5120e7d2ac4c2338d7071761f88392)
CTxOut(nValue=49.79178161, scriptPubKey=0014bbcfdba7564dfcf5c5c06cdbcf)
input tx index = 0; tx input vout = 0; value = 100000
got witness stack of size 4
34 bytes (v0=P2WSH, v1=taproot/tapscript)
Taproot commitment:
- control = c1efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
- program = e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5
- script = a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac
- path len = 0
- p = efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
- q = e7d2ac4c2338d7071761f883928a6b0f89295c54466a21117c8546a2b431cfe5
- k = cd6afbf5b48cf209d44a1ed714942c6fd760da84bc52acc35666f2e5effbfd38 (tap leaf hash)
(TapLeaf(0xc0 || a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac))
valid script
- generating prevout hash from 1 ins
[+] COutPoint(e411d67940, 0)
8 op script loaded. type `help` for usage information
script | tapscript commitment state
-------------------------------------------------------------------+-------------------------------------------------------------------
<<< taproot commitment >>> | i: 0
Tweak: efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5b... | k: 38fdfbefe5f26656c3ac52bc84da60d76f2c9414d71e4ad409f28cb4f5fb...
CheckPayToContract |
OP_SHA256 |
6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333 |
OP_EQUALVERIFY |
cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01 |
OP_CHECKSIG |
<<< tapscript commitment >>>
btcdeb> step
- looping over path (0..-1)
- final k = c9f6182f7e7fe92e14aef50f95f2c9069f5c49aace9cfac990b3a9b14ffe2676
(TapTweak(internal_pubkey=efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7 || TapLeaf(0xc0 || a8206c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd53338820cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01ac)))
script | tapscript commitment state
-------------------------------------------------------------------+-------------------------------------------------------------------
<<< taproot commitment >>> | i: 0
Tweak: efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5b... | k: 7626fe4fb1a9b390c9fa9cceaa495c9f06c9f2950ff5ae142ee97f7e2f18...
CheckPayToContract |
OP_SHA256 |
6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333 |
OP_EQUALVERIFY |
cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01 |
OP_CHECKSIG |
#0001 Tweak: efe24af16da45a3e3ce3503b7b7172d64b16b28922011f8df970dd5bf6cc6be7
btcdeb>
- looping over path (0..-1)
- q.CheckPayToContract(p, k, 1) == success
script | stack
-------------------------------------------------------------------+-------------------------------------------------------------------
OP_SHA256 | 107661134f21fc7c02223d50ab9eb3600bc3ffc3712423a1e47bb1f9a9dbf55f
6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333 | 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc6...
OP_EQUALVERIFY |
cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01 |
OP_CHECKSIG |
#0002 CheckPayToContract
btcdeb>
<> POP stack
<> PUSH stack 6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333
script | stack
-------------------------------------------------------------------+-------------------------------------------------------------------
6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333 | 6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333
OP_EQUALVERIFY | 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc6...
cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01 |
OP_CHECKSIG |
#0003 OP_SHA256
btcdeb>
<> PUSH stack 6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333
script | stack
-------------------------------------------------------------------+-------------------------------------------------------------------
OP_EQUALVERIFY | 6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333
cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01 | 6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333
OP_CHECKSIG | 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc6...
#0004 6c60f404f8167a38fc70eaf8aa17ac351023bef86bcb9d1086a19afe95bd5333
btcdeb>
<> POP stack
<> POP stack
<> PUSH stack 01
<> POP stack
script | stack
-------------------------------------------------------------------+-------------------------------------------------------------------
cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01 | 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc6...
OP_CHECKSIG |
#0005 OP_EQUALVERIFY
btcdeb>
<> PUSH stack cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01
diff --git a/tap.cpp b/tap.cpp
index cd96250..b11ae7e 100644
--- a/tap.cpp
+++ b/tap.cpp
@@ -288,12 +288,16 @@ int main(int argc, char* const* argv)
}
}
if (pending) {
- // we have [a,b] [c,d] and pending e
- // we extend [c,d] to be [[c,d], e]
- TapNode* rightmost = branches.back();
- branches.pop_back();
- branches.push_back(new TapBranch(rightmost, pending));
script | stack
diff --git a/tap.cpp b/tap.cpp
index cd96250..63a764c 100644
--- a/tap.cpp
+++ b/tap.cpp
@@ -288,12 +288,16 @@ int main(int argc, char* const* argv)
}
}
if (pending) {
- // we have [a,b] [c,d] and pending e
- // we extend [c,d] to be [[c,d], e]
-------------------------------------------------------------------+-------------------------------------------------------------------
OP_CHECKSIG | cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01
| 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc6...
#0006 cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01
btcdeb>
Eval Checksig Tapscript
- sig must not be empty: ok
- validation weight - 50 -> 203
- 32 byte pubkey (new type); schnorr sig check
GenericTransactionSignatureChecker::CheckSigSchnorr(64 len sig, 32 len pubkey, sigversion=3)
sig = 11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc69bbfeb6de3b4fa3955621130f72fc8554a046b93d69fd6e82d87dd74a929efe88
pub key = cc9519ba6fb1cb0cca53743dc90c2418440cf637f8b891ce2f0e2dc5c5b3cf01
SignatureHashSchnorr(in_pos=0, hash_type=00)
- tapscript sighash
- schnorr sighash = 13b0da0e92d67d4828281b873b16f1cd4b03ac564dd3757f3743699ad306f69d
pubkey.VerifySchnorrSignature(sig=11ad4740770eab9e50e84ad2ad7f8ad47ab1e35d1a895fca33a941a11521bc69bbfeb6de3b4fa3955621130f72fc8554a046b93d69fd6e82d87dd74a929efe88, sighash=13b0da0e92d67d4828281b873b16f1cd4b03ac564dd3757f3743699ad306f69d):
result: success
<> POP stack
<> POP stack
<> PUSH stack 01
script | stack
-------------------------------------------------------------------+-------------------------------------------------------------------
| 01
#0007 OP_CHECKSIG
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment