The Nested SegWit Redeem Script
The Nested SegWit Redeem Script
To "Nest" SegWit inside a P2SH output, we use a very specific Redeem Script. This script acts as a cryptographic trapdoor: to an old node, it is just data, but to a new node, it is an instruction.
1. The Script Template
The Redeem Script for a P2SH-P2WPKH output is exactly 22 bytes long:
00 14 [20-Byte Public Key Hash]
-
00: This is the SegWit version byte (Version 0).
-
14: This is the push-data opcode (20 bytes).
-
[20-Byte Hash]: This is the hash of the public key (exactly like in P2PKH).
2. On-Chain Footprint
When someone sends you Nested SegWit, they send to a standard P2SH ScriptPubKey:
OP_HASH160 [20-Byte Hash of the 22-byte script] OP_EQUAL
Notice how small this is. The sender doesn't even know they are sending to a SegWit address.
3. The Unlocking Script (ScriptSig)
When you spend these coins, your ScriptSig must contain the 22-byte Redeem Script:
16 0014[20-byte-hash]
-
16: Hex for 22 (the length of the script). -
0014...: The script itself.
4. Why 22 bytes?
The 22-byte format is the signal for BIP 141.
-
The BVM sees a P2SH spend.
-
It checks the hash. It matches.
-
It looks at the Redeem Script.
-
It says: "Wait, this is exactly 22 bytes and starts with 00 14. This is a SegWit spend!"
-
It then looks in the Witness field for the actual signature and public key.
| Component | Length | Content |
|---|---|---|
| Witness Version | 1 Byte | 0x00 |
| Push Opcode | 1 Byte | 0x14 |
| PKH Data | 20 Bytes | The Hashed Identity |
In the next section, we will discuss Backward Compatibility Mechanics.
TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation: