Step 7: Add Witness Field

Our transaction now has all its fields populated except for the witness data.

For a P2WPKH input, the witness structure is:

text

1   
2  witness = [num_items] [signature_item] [pubkey_item]
3
4  where:
5     - num_items = 0x02 (always 2 items for P2WPKH)
6     - signature_item = [length][DER_signature + SIGHASH_ALL]
7     - pubkey_item = [length][compressed_pubkey]

Our test transaction's witness data:

text

   witness = 02                                      # number of witness items
           47                                      # signature length (71 bytes)
           304402203609e17b84f6a7d30c80bfa...01    # DER signature + SIGHASH_ALL
           21                                      # pubkey length (33 bytes)
           025476c2e83188368da1ff3e292e7aca...57   # compressed public key

Code Implementation

python

def get_p2wpkh_witness(priv: bytes, msg: bytes) -> bytes:
  """
  Create witness stack for P2WPKH input with format:
  [num_items][sig_len][signature][pubkey_len][pubkey]
  """
  # Get signature with sighash byte
  signature_with_sighash = sign(priv, msg)
  
  # Get compressed public key
  compressed_public_key = get_pub_from_priv(priv)
  
  # Number of witness items (always 2 for P2WPKH)
  num_witness_items = bytes([2])
  
  # Serialize signature with its length
  sig_len = bytes([len(signature_with_sighash)])
  serialized_sig = sig_len + signature_with_sighash
  
  # Serialize public key with its length
  pk_len = bytes([len(compressed_public_key)])
  serialized_pk = pk_len + compressed_public_key
  
  # Combine all parts
  serialized_witness = num_witness_items + serialized_sig + serialized_pk
  return serialized_witness

BIP143 Test Vector

python

def test_witness_stack():
  # Private key from BIP143
  privkey = bytes.fromhex(
      '619c335025c7f4012e556c2a58b2506e30b8511b53ade95ea316fd8c3286feb9'
  )
  
  # Commitment hash from previous step
  commitment = bytes.fromhex(
      'c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670'
  )
  
  # Generate witness stack
  witness = get_p2wpkh_witness(privkey, commitment)
  
  # Expected witness data from BIP143 (broken down for clarity)
  expected_witness = (
      b'\x02' +                    # Number of witness items
      b'\x47' +                    # Signature length (71 bytes)
      bytes.fromhex(                # DER signature + SIGHASH_ALL
          '304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a' +
          '0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee01'
      ) +
      b'\x21' +                    # Public key length (33 bytes)
      bytes.fromhex(                # Compressed public key
          '025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357'
      )
  )
  
  print("Generated witness:", witness.hex())
  print("Expected witness:", expected_witness.hex())
  assert witness == expected_witness, "Witness stack does not match BIP143 test vector"
  print("Success! Witness stack matches BIP143 test vector")

When you run this code locally, it will generate the witness stack that matches the BIP143 test vector:

python

# Expected witness stack from BIP143
witness = "02" +                    # Number of witness items
       "47" +                    # Signature length (71 bytes)
       "304402203609e17b84f6a7d30c80bfa...01   # DER signature + SIGHASH_ALL
       21                                      # pubkey length (33 bytes)
       025476c2e83188368da1ff3e292e7aca...57   # compressed public key

Note about Browser Execution

This code cannot be run directly in the browser as Trinket doesn't support the ECDSA module. Please run the code locally to verify the witness stack generation. Here's what you should see when running locally:

Suggest Edits

Previous: Step 6: Generate and Encode the Signature
Next: Step 8: Final Transaction Structure

Step 7: Add Witness Field

Our transaction now has all its fields populated except for the witness data.

For a P2WPKH input, the witness structure is:

text

1   
2  witness = [num_items] [signature_item] [pubkey_item]
3
4  where:
5     - num_items = 0x02 (always 2 items for P2WPKH)
6     - signature_item = [length][DER_signature + SIGHASH_ALL]
7     - pubkey_item = [length][compressed_pubkey]

Our test transaction's witness data:

text

   witness = 02                                      # number of witness items
           47                                      # signature length (71 bytes)
           304402203609e17b84f6a7d30c80bfa...01    # DER signature + SIGHASH_ALL
           21                                      # pubkey length (33 bytes)
           025476c2e83188368da1ff3e292e7aca...57   # compressed public key

Code Implementation

python

def get_p2wpkh_witness(priv: bytes, msg: bytes) -> bytes:
  """
  Create witness stack for P2WPKH input with format:
  [num_items][sig_len][signature][pubkey_len][pubkey]
  """
  # Get signature with sighash byte
  signature_with_sighash = sign(priv, msg)
  
  # Get compressed public key
  compressed_public_key = get_pub_from_priv(priv)
  
  # Number of witness items (always 2 for P2WPKH)
  num_witness_items = bytes([2])
  
  # Serialize signature with its length
  sig_len = bytes([len(signature_with_sighash)])
  serialized_sig = sig_len + signature_with_sighash
  
  # Serialize public key with its length
  pk_len = bytes([len(compressed_public_key)])
  serialized_pk = pk_len + compressed_public_key
  
  # Combine all parts
  serialized_witness = num_witness_items + serialized_sig + serialized_pk
  return serialized_witness

BIP143 Test Vector

python

def test_witness_stack():
  # Private key from BIP143
  privkey = bytes.fromhex(
      '619c335025c7f4012e556c2a58b2506e30b8511b53ade95ea316fd8c3286feb9'
  )
  
  # Commitment hash from previous step
  commitment = bytes.fromhex(
      'c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670'
  )
  
  # Generate witness stack
  witness = get_p2wpkh_witness(privkey, commitment)
  
  # Expected witness data from BIP143 (broken down for clarity)
  expected_witness = (
      b'\x02' +                    # Number of witness items
      b'\x47' +                    # Signature length (71 bytes)
      bytes.fromhex(                # DER signature + SIGHASH_ALL
          '304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a' +
          '0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee01'
      ) +
      b'\x21' +                    # Public key length (33 bytes)
      bytes.fromhex(                # Compressed public key
          '025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357'
      )
  )
  
  print("Generated witness:", witness.hex())
  print("Expected witness:", expected_witness.hex())
  assert witness == expected_witness, "Witness stack does not match BIP143 test vector"
  print("Success! Witness stack matches BIP143 test vector")

When you run this code locally, it will generate the witness stack that matches the BIP143 test vector:

python

# Expected witness stack from BIP143
witness = "02" +                    # Number of witness items
       "47" +                    # Signature length (71 bytes)
       "304402203609e17b84f6a7d30c80bfa...01   # DER signature + SIGHASH_ALL
       21                                      # pubkey length (33 bytes)
       025476c2e83188368da1ff3e292e7aca...57   # compressed public key

Note about Browser Execution

Suggest Edits

Previous: Step 6: Generate and Encode the Signature
Next: Step 8: Final Transaction Structure

Start your career in bitcoin open source — ₿OSS

Code Implementation

BIP143 Test Vector

Note about Browser Execution

Code Implementation

BIP143 Test Vector

Note about Browser Execution