Pay-to-Witness-Script-Hash
The Bitcoin transaction output known as P2WSH, or Pay-to-Witness-Script-Hash, was first used in 2016 as a crucial part of the Segregated Witness (SegWit) update. It replaces the more antiquated P2SH (Pay-to-Script-Hash) transaction type with a more contemporary, effective, and secure alternative.
Fundamentally, Pay-to-Witness-Script-Hash is made for intricate transactions with a unique spending script, like time locks or multi-signature wallets. It transfers the unlocking information to a new, distinct section of the transaction known as the “witness” and enables these intricate criteria to be represented by a straightforward hash on the blockchain.
How P2WSH Works
Several essential elements are included in Pay-to-Witness-Script-Hash mechanics:
ScriptPubKey (Locking Script)
The ScriptPubKey (Locking Script) is a 32-byte data push that comes after an OP_0 (sometimes referred to as the version byte) in order to generate a P2WSH locking script. The Script Hash, which is the single SHA-256 hash of a customized locking script, is this 32-byte data push. A 32-byte data push after OP_0 in a locking script is always treated as a special P2WSH locking script. This ScriptPubKey will either be a P2WPKH or a Pay-to-Witness-Script-Hash, according to the OP_0.
ScriptSig
The ScriptSig field needs to be empty in order to unlock a P2WSH output.
Witness Field (Unlocking Data)
The required data must be entered in the Witness field in order to unlock a P2WSH output. The final item in this field is the Witness Script, which is the original custom locking script that created the Script Hash. Everything that comes before this Witness Script has the information needed to open it, like signatures. For instance, the two necessary signatures would be the first elements in a 2-of-3 P2MS (Pay-to-Multi-Signature) Witness Script. When a P2MS is used as the Witness Script, an additional “dummy value” (00) is inserted before the signatures because of a problem in the OP_CHECKMULTISIG opcode.
Also Read About Blockchain Public Key For safe transactions & communications
Witness Script
The Witness Script is a fully customised locking script. It is comparable to a P2SH transaction’s Redeem Script. The Witness Script is often a P2MS, but it can be any kind of bespoke locking script.
Script Hash Validation
To make sure the Witness Script matches the Script Hash included in the ScriptPubKey, it is hashed using SHA-256 before spending. Importantly, a P2WSH’s script hash is a single SHA-256 hash rather than a double SHA-256 hash (like HASH256) or a script’s HASH160 (like P2SH).
Execution
Unlike standard Bitcoin scripts, Pay-to-Witness-Script-Hash is a unique kind of locking script. It makes use of unique “witness validation logic” instead:
- To make that the Witness Script matches the Script Hash, it is hashed using SHA-256.
- They are placed on the stack before the Witness Script.
- Using the current stack, the Witness Script is deserialised and executed similarly to any other script. The input is unlocked if each of these procedures is completed successfully.
P2WSH Addresses
Native SegWit addresses are Pay-to-Witness-Script-Hash addresses. Because of the OP_0 version byte at the beginning, they always begin with bc1q and employ a unique encoding known as Bech32. Because its ScriptPubKey is 34 bytes long (0020 + 32-byte Script Hash), a P2WSH address is normally 62 characters long. In essence, the address is the ScriptPubKey encoded in Bech32.
P2WSH Features
Also Read About Unconfirmed Bitcoin Transactions And Core Concepts In It
| Feature | P2WSH |
|---|---|
| Meaning | Pay-to-Witness-Script-Hash |
| Purpose | Lock funds to a complex script’s SHA-256 hash using SegWit |
| Output script (scriptPubKey) | 0 <32-byte witness script hash> |
| Unlocking data (witness) | Full witness script + data to satisfy it |
| Address format | bc1 (bech32) |
| Best for | Multisig, timelocks, smart contracts |
| Advantages | Lower fees, SegWit benefits, scalable |
Benefits of P2WSH over P2SH
Pay-to-Witness-Script-Hash replaced P2SH because it had a number of important benefits, chief among them being the utilization of SegWit and the Witness field:
Reduced Transaction Fees
When calculating transaction size, information in the Witness field is “discounted” or has less “weight” than information inside the ScriptSig. This implies that when unlocking a P2WSH output as opposed to a legacy P2SH, you pay fewer transaction fees.
Increased Script Size Limit
In a P2WSH, the Witness Script may contain up to 3,600 bytes. This enables far larger and more intricate bespoke locking scripts because it is substantially larger than the 520-byte restriction for the Redeem Script in a P2SH.
Enhancement of Security (Transaction Malleability Fix)
SegWit and P2WSH addressed the issue of transaction malleability, a persistent weakness in Bitcoin.
Enhanced Transaction Privacy
Pay-to-Witness-Script-Hash adds a layer of confidentiality by making it more difficult for outside observers to examine and connect transactions by just disclosing the script’s hash on the blockchain and concealing its specifics.
Increased Flexibility
More complicated smart contracts and transaction conditions can be created without sacrificing efficiency or security to P2WSH’s capacity to abstract complex scripting conditions into a hash.
Improved Multisig Security and Efficiency
By abstracting intricate multisig spending conditions into a simplified hash and reducing information exposure, P2WSH excels in multi-signature transactions, improving their security, privacy, and efficiency.
Improved Scalability
P2WSH helps the Bitcoin network scale more effectively by using less space and being more effective.
Also Read About Off Chain Transactions, Purpose, Advantages & Disadvantages
Drawback
One significant drawback of P2WSH is that it is incompatible with extremely old Bitcoin clients and necessitates more recent wallets and software that supports SegWit.
In conclusion, P2WSH and P2SH function similarly; the main distinction is where the unlocking code is placed in the Witness area. SegWit’s modification offers notable advantages in terms of costs, script complexity, and security. When it comes to locking bitcoins to bespoke locking scripts, P2WSH is currently the recommended option.
Limits of Standard P2WSH Locks
Standard Pay-to-Witness-Script-Hash locks have some restrictions:
- The maximum size of the Witness Script is 3,600 bytes.
- There can be no more than 100 stack items prior to the Witness Script.
- Each stack item pushed before the Witness Script can only be 80 bytes in size. If these thresholds are exceeded, the transaction will be deemed non-standard and will not be relayed by nodes.
P2WSH vs. P2SH: What’s the Difference?
The function of Pay-to-Witness-Script-Hash and P2SH is similar: they both enable complicated scripts to be “hashed” to a straightforward address. However, SegWit gives P2WSH a number of important benefits.
| Feature | P2SH (Legacy) | P2WSH (Native SegWit) |
| Address Prefix | 3 | bc1q |
| Unlocking Data Location | In the scriptSig field | In the witness field |
| Transaction Fees | Higher, as unlocking data is part of the main transaction. | Lower, as witness data is “discounted” in the transaction size calculation. |
| Script Size Limit | Limited to 520 bytes, restricting complexity. | Increased to 3,600 bytes, allowing for more complex scripts. |
| Malleability | Susceptible to transaction malleability. | Immune to transaction malleability. |