Witness Script vs. Redeem Script
Witness Script vs. Redeem Script
In Nested SegWit Multisig, the terminology can get confusing because there are two different "scripts" involved in a single transaction. Understanding the difference is key to auditing these transactions.
1. The P2SH Redeem Script
The Redeem Script is the 34-byte "Envelope" that sits in the ScriptSig.
-
Role: It satisfies the legacy P2SH ScriptPubKey.
-
Content:
00 20 [SHA256_HASH]. -
Location: The Input data.
2. The P2WSH Witness Script
The Witness Script is the actual logic (e.g., the 2-of-3 multisig).
-
Role: It is the "Real" smart contract.
-
Content:
OP_M [PubKeys] OP_N OP_CHECKMULTISIG. -
Location: The Witness Area (a separate part of the transaction).
3. The Relationship
Think of it like a set of nested boxes:
-
The ScriptPubKey looks for the hash of the Redeem Script.
-
The Redeem Script looks for the hash of the Witness Script.
-
The Witness Script looks for the Signatures.
4. Why this matters for fees
Because the large Witness Script (which contains all the public keys) is stored in the Witness area, it gets the 75% discount.
-
In legacy multisig, the entire
OP_M [Keys] OP_Nscript was in the Input, costing 4 WU per byte. -
In Nested Multisig, only the 34-byte pointer is in the Input. The massive keys are in the Witness, costing only 1 WU per byte.
| Term | Also Known As | Content | Storage Location |
|---|---|---|---|
| Redeem Script | The Wrapper | 00 20 [Hash] |
ScriptSig (Input) |
| Witness Script | The Inner Script | OP_M [Keys] OP_N... |
Witness Stack |
In the next section, we will discuss the security implications of SHA256 vs. HASH160.
TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation: