TeachMeBitcoin

Custom Python ScriptSig Decoder

From TeachMeBitcoin, the free encyclopedia Reading time: 2 min

Custom Python ScriptSig Decoder

In this final simulation, we will write a script that parses a raw ScriptSig from a Legacy transaction. We will identify the signature and the public key, and deconstruct the lengths of these data pushes.

The Python ScriptSig Decoder

def decode_scriptsig(scriptsig_hex):
    # Convert hex string to bytes
    data = bytes.fromhex(scriptsig_hex)
    cursor = 0

    print(f"--- Decoding Raw ScriptSig ---")

    # 1. Read Signature Length (Usually 0x47 or 0x48)
    sig_len = data[cursor]
    cursor += 1

    # 2. Extract Signature (DER Encoded)
    signature = data[cursor:cursor+sig_len]
    cursor += sig_len

    # 3. Read Public Key Length (Usually 0x21 for compressed)
    pubkey_len = data[cursor]
    cursor += 1

    # 4. Extract Public Key
    pubkey = data[cursor:cursor+pubkey_len]

    # Analysis
    print(f"\n[Signature Data]")
    print(f"[*] Length: {sig_len} bytes")
    print(f"[*] SIGHASH: 0x{signature[-1]:02x}")
    print(f"[*] Raw:    {signature.hex()[:30]}...")

    print(f"\n[Public Key Data]")
    print(f"[*] Length: {pubkey_len} bytes")
    print(f"[*] Type:   {'Compressed' if pubkey_len == 33 else 'Uncompressed'}")
    print(f"[*] Hex:    {pubkey.hex()}")

# --- Simulation ---
# A real P2PKH ScriptSig hex:
# [47] -> Sig Len (71)
# [3044...01] -> DER Signature + SIGHASH_ALL
# [21] -> Pubkey Len (33)
# [02...8f] -> Compressed Pubkey
sample_scriptsig = (
    "47" + 
    "3044022026859367ca7e2c943806297491730419266993a46611f71a0673c683c316226a022003c274191730419266993a46611f71a0673c683c316226a01" + 
    "21" + 
    "0281cd6495d3550e553c3066d40026a090ef666993a46611f71a0673c683c31622"
)

decode_scriptsig(sample_scriptsig)

How to Run the Decoder

  1. Ensure you have Python 3 installed.

  2. Copy the code into a file named scriptsig_decoder.py.

  3. Run it using python3 scriptsig_decoder.py.

Technical Takeaways

  1. Prefix-Based Parsing: Note how we use the first byte to tell us how many bytes to read next. This is how Bitcoin's streaming parser works.

  2. SIGHASH Discovery: The last byte of the signature (0x01 in our example) is the SIGHASH flag. This is what makes the signature "valid" for the whole transaction.

  3. Transparency: Even though the signature looks like random gibberish, it has a strict internal structure (DER) that allows nodes to verify it.

Congratulations! You have completed the ScriptSig module. You now understand the "Key" that unlocks the world's most valuable ledger.

Related Articles
  • Unlocking Script Overview — Analyze the 'Key' of the Bitcoin protocol. Learn how the ScriptSig field provides the cryptographic ...
  • Components of ScriptSig — Deconstruct the digital signatures and public keys found in a standard input. Learn about DER encodi...
  • The Stack Execution Model — Explore the Bitcoin Script Virtual Machine. Learn how ScriptSig and ScriptPubKey interact on the sta...
☕ Help support TeachMeBitcoin

TeachMeBitcoin is an ad-free, open-source educational repository curated by a passionate team of Bitcoin researchers and educators for public benefit. If you found our articles helpful, please consider supporting our hosting and ongoing content updates with a clean donation:

Ethereum: 0x578417C51783663D8A6A811B3544E1f779D39A85
Bitcoin: bc1q77k9e95rn669kpzyjr8ke9w95zhk7pa5s63qzz
Solana: 4ycT2ayqeMucixj3wS8Ay8Tq9NRDYRPKYbj3UGESyQ4J
◄ Previous article (Legacy vs. SegWit ScriptSig) Next article (The Sequence Field Overview) ►
Address copied to clipboard!