TeachMeBitcoin

Custom Python Nested SegWit Auditor

From TeachMeBitcoin, the free encyclopedia Reading time: 3 min

Custom Python Nested SegWit Auditor

In this final guide, we will build a Python script that analyzes an Unlocking Script (ScriptSig) to determine if it is a Nested SegWit spend. We will look for the specific 22-byte pattern that signals a SegWit transition.

The Nested SegWit Auditor

def audit_scriptsig(scriptsig_hex):
    # 1. Identify the length of the script
    # The first byte is usually the length of the redeem script
    try:
        script_len = int(scriptsig_hex[:2], 16)
        redeem_script = scriptsig_hex[2:]
    except:
        print("[ERROR] Invalid ScriptSig format.")
        return

    print(f"--- Nested SegWit Audit ---")
    print(f"[*] Full ScriptSig: {scriptsig_hex}")
    print(f"[*] Script Length:  {script_len} bytes")

    # 2. Check for the Nested SegWit P2WPKH signature
    # Pattern: 00 (Version 0) 14 (Push 20 bytes)
    if script_len == 22 and redeem_script.startswith("0014"):
        print("[STATUS] MATCH: This is a Nested SegWit (P2SH-P2WPKH) spend.")
        pkh = redeem_script[4:]
        print(f"[*] Public Key Hash: {pkh}")
        print(f"[*] Logic: Move signatures to the Witness block.")

    # 3. Check for the Nested SegWit P2WSH signature
    # Pattern: 00 (Version 0) 20 (Push 32 bytes)
    elif script_len == 34 and redeem_script.startswith("0020"):
        print("[STATUS] MATCH: This is a Nested SegWit (P2SH-P2WSH) spend.")
        sh = redeem_script[4:]
        print(f"[*] Script Hash: {sh}")
        print(f"[*] Logic: Multi-signature witness logic detected.")

    else:
        print("[STATUS] NO MATCH: This is a standard P2SH (Legacy) spend.")

# --- Simulation ---

# Case 1: Standard Nested SegWit (P2WPKH)
# Length 22 (16 hex), starts with 0014
p2wpkh_scriptsig = "16001462e907b15cbf27d5425399ebf6f0fb50ebb88f18"
audit_scriptsig(p2wpkh_scriptsig)

# Case 2: Legacy P2SH Multisig
# Length is not 22 or 34
print("\n--- Next Audit ---")
legacy_scriptsig = "47522102f9e61c56f7e841f77d337d45e4120f44e132e01b3d36b85994f31c28b5e28a952103333333333333333333333333333333333333333333333333333333333333333352ae"
audit_scriptsig(legacy_scriptsig)

How to Run the Auditor

  1. Ensure you have Python 3 installed.

  2. Copy the code into a file named nested_auditor.py.

  3. Run it using python3 nested_auditor.py.

Technical Takeaways

  1. Strict Signaling: Notice how the script length must be exactly 22 bytes. If a user added even one extra byte of data, the node would treat it as a legacy P2SH script and fail to find the signatures.

  2. Witness Redirection: The presence of 00 14 tells the validator to "look elsewhere" for the data. This is why SegWit was able to increase throughput without breaking old nodes.

  3. Upgrade Path: Nested SegWit showed that Bitcoin can support multiple script "Versions" at once. Version 0 is SegWit, and we are now moving into Version 1 (Taproot).

Congratulations! You have completed the Nested SegWit (P2SH-P2WPKH) module. You now understand how Bitcoin bridged the gap between its legacy and modern eras.

Related Articles
☕ Help support TeachMeBitcoin

TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation:

Ethereum: 0x578417C51783663D8A6A811B3544E1f779D39A85
Bitcoin: bc1q77k9e95rn669kpzyjr8ke9w95zhk7pa5s63qzz
Solana: 4ycT2ayqeMucixj3wS8Ay8Tq9NRDYRPKYbj3UGESyQ4J
◄ Previous article (Fee Savings and the Discount) Next article (P2SH-P2WSH Overview) ►
Address copied to clipboard!