SegWit is the shortened version of Segregated Witness. This still seems rather cryptic, but the name makes a lot more sense when you break it down. Segregatedmeaning “to set apart from the rest” and witness referring to the transaction signatures for a specific transaction.
SegWit is a BIP or Bitcoin Improvement Proposal that changed the structure of bitcoin transaction data. Specifically, it is BIP 141 and is available to view on Github with all of the other BIPS. Bitcoin core developer Peter Wuille presented the idea of SegWit in late 2015 and the document is authored by Pieter, Eric Lombrozo, Johnson Lau.
SegWit suggested taking the witness data out of the list of inputs which allows more transactions fit in a block. Increasing the number of transactions that can fit into a block is often cited as the main rationale for the change. In fact, the main reason for the change was to address the problem of transaction malleability and the block size increase was a secondary benefit. More on malleability and block size below.
In the old transaction data structure, signatures (the piece of code that “unlocks” existing bitcoins) sat next to each input. So this witness or unlocking code exists throughout the transaction data. The TXID (the hash of a transaction’s data) is then created from the entire transaction data, including the unlocking code.
SegWit moves all of the unlocking code to the end of the transaction data so the TXID is then created from all of the transaction data, except for the unlocking code.
As mentioned, transaction malleability and block size are two of the main drivers for the change. Beyond this, it also paved the way for the implementation ofLightning Network and other planned future enhancements to Bitcoin.
Transaction malleability refers to the fact that the TXID of a transaction is changed by altering the unlocking code (i.e witness data) in the transaction. The unlocking code still works in unlocking the input, but a slight change can alter the TXID completely. Therefore, when you send a transaction to the network, it’s TXID is susceptible to change without affecting the validity or confirmation of the transaction. However, if the unlocking code is no longer part of the TXID, then the TXID of your transaction remains unmalleable (if that’s a word). This is important because Bitcoin is a global ledger that’s organized around these transaction identifiers and new transactions refer to old transactions in a daisy chain fashion. This identifier also needs to be immutable for the Lightning network – SegWit is the last protocol change needed to make the Lightning Network safe to deploy.
In terms of block size, the maximum size in bytes that the consensus rules allowed a block to be was 1,000,000 bytes (1MB). From 2015 there was a lot of debate and controversy around changing this block size limit. More on that here.
The new rule is blockweight ≤ 4,000,000. This does not equate to 4MB and instead works out at approx 1.8 Mb. The detail behind the calculation here.
How does it work?
Now let’s break down some of the mechanics behind SegWit.
Transactions are one of the most important parts of the Bitcoin system. Andreas M. Antonopoulos in Mastering Bitcoin describes:
“A transaction is a data structure that encodes a transfer of value from a source of funds, called an input, to a destination, called an output. Transaction inputs and outputs are not related to accounts or identities. Instead, you should think of them as bitcoin amounts—chunks of bitcoin—being locked with a specific secret that only the owner, or person who knows the secret, can unlock.”
The transaction contains a number of fields: version, input counter, inputs, output counter, outputs, locktime. The transaction input includes the unlocking scripts to spend the Bitcoin. The unlocking script is sometimes called scriptSig because it contains a signature proving ownership. The sha256d hash function hashes the transaction data to give the transaction an id or txid.
As mentioned, Segwit strips out of the unlocking code from transactions and moves to the end of the transaction data. The TXID is then created from all of the transaction data, minus this unlocking code, preventing transaction malleability.
Segwit introduced the witness field and witness transaction id (wtxid) in addition to the regular transaction id (txid) . The witness is a serialization of all witness data of the transaction. The witness is committed in a tree (witness merkle root) that’s nested into the block’s existing merkle root via the coinbase transaction. A coinbase transaction is a unique type of bitcoin transaction that will have no inputs and can only be created by a miner who mines the block. With current mining fees this transaction is 12.5 BTC.
The SegWit block’s coinbase transaction contains an output with a commitment to the witness root hash. ScriptPubKey records the commitment in the format below:
1-byte – OP_RETURN (0x6a)
1-byte – Push the following 36 bytes (0x24)
4-byte – Commitment header (0xaa21a9ed)
32-byte – Commitment hash: Double-SHA256(witness root hash|witness reserved value)
39th byte onwards: Optional data with no consensus meaning
Segwit and the bitcoin cash hardfork
One simple answer to the scaling debate is to just increase the block size limit, and that was the direction Bitcoin Cash decided to go. This change required a hard fork – a change in the Bitcoin protocol that is not backwards compatible.
Bitcoin Cash split off from the main blockchain in August 2017. Bitcoin cash allows blocks of 8 megabytes and did not adopt the SegWit protocol.
What is the difference between Legacy and SegWit?
The most obvious difference between Legacy and SegWit addresses are the address formats.
Legacy Pay-to-PubKey-Hash (P2PKH) addresses start with a 1. Nested SegWit Pay to script hash (P2SH) addresses start with a 3. Native SegWit (bech32) addresses start with bc1. For example, the below bech32 was generated using segwitaddress.org and you’ll notice it starts with bc1 and is single-case.
It’s coming up on two years since Segwit was first activated, but adoption as of June 2019 is only 39.58% Because it was not a forced upgrade some businesses and exchanges have stalled on the switch to enable SegWit transactions. This is likely because of a combination of factors; philosophical resistance, miner commercial opposition and the development effort required by wallets and exchanges to support SegWit.
Major exchanges such asCoinbase and OTC providers like LocalBitcoins now enable SegWit transactions. At the end of the day, SegWit offers lower fees so as more users demand SegWit transactions, adoption among the community will only increase.
Explainer video : https://www.youtube.com/watch?v=DzBAG2Jp4bg