segregated witness – Convert bech32 Bitcoin address to legacy


This answer is about the differences between address formats and what causes incompatibilities. If you don’t code your wallet, don’t trust your wallet about recognizing different addresses made from the same public key! Don’t experiment with anything I’ve said with real money!

In Bitcoin Cash, CashAddr and 1 addresses are different ways to encode the public key hash for Pay-2-Public-Key-Hash. To spend P2PKH outputs, the public key is revealed, for which a signature is signed. How the public key hash is serialized doesn’t change how the output is spent or created. Thus those addresses are convertible.

Here are the information Bech32 (P2WPKH), SegWit in P2SH (P2SH-P2WPKH) and 1 addresses keep:

  • P2PKH contains the <20-byte-key-hash>
  • P2WPKH contains the <20-byte-key-hash>
  • P2SH-P2WPKH contains the hash of the script 0 <20-byte-key-hash>

Does that mean P2PKH and P2WPKH are the same? No, sending money to the P2PKH and the Bech32 of the same public key will yield different transactions. And how the payee’s wallet will spend it with the corresponding private key will be different too. But it’s the same private key, the wallet should be able to spend both! When a wallet generated a Bech32 address for example, there’s nothing that requires the wallet to scan for the transactions spending to that public key as P2PKH or P2SH-P2WPKH. This will depend on the implementation. (BTW, in P2PKH a compressed or uncompressed public key can be used. P2WPKH or P2SH-P2WPKH can’t be used with an uncompressed public key)

For P2WPKH and P2SH-P2WPKH, similar to the previous case, from P2WPKH you can craft a P2SH-P2WPKH, and use it if the payee’s wallet is compatible (I don’t know about Bitcoin Core but there’s no reason a lightweight wallet to be compatible with this). On the other hand, if you see one’s P2SH-P2WPKH, you can’t derive the P2WPKH or P2PKH unless that address has spent. This is related to hashing once, appending a zero, hashing again. When spent, the public key (and it’s hash) are exposed.

Summary: It’s theoretically possible but no implementation will be compatible.


Source link






Leave a Reply

Your email address will not be published. Required fields are marked *