Script Template
locking_script
P2MS (bare multisig)
Bare m-of-n multisig. The locking script lists n public keys directly; any m valid signatures unlock it. Distinct from P2SH-wrapped multisig — the keys are in the locking script itself.
| name | p2ms |
| category | locking_script |
| family | payment |
| status | stable |
ASM Pattern
OP_... OP_ OP_CHECKMULTISIG
Hex Pattern
55 ae
Fields
| Name | Type | Size | Description |
|---|---|---|---|
| m | integer | 1 | Threshold. Number of valid signatures required (1–16). Encoded as OP_1..OP_16 (0x51..0x60). |
| pubkeys |
list |
n × 33 or 65 | The n candidate public keys, each pushed individually. Order matters — signatures must be provided in the same order. |
| n | integer | 1 | Total key count (m ≤ n ≤ 16). Encoded as OP_1..OP_16. |
Detector
| method | opcode_sequence |
| rule | script[0] in 0x51..0x60 # OP_1..OP_16 (m) && script[-1] == 0xae # OP_CHECKMULTISIG && script[-2] in 0x51..0x60 # OP_1..OP_16 (n) && interior pushes count == n |
| confidence | medium |
Unlocking script
OP_0 <signature_1> <signature_2> ... <signature_m>
The leading OP_0 is the well-known off-by-one workaround for OP_CHECKMULTISIG,
which pops one extra item from the stack.
Notes
Bare P2MS is less common than P2SH-wrapped multisig on BTC but remains present
on BSV. The detector confidence is medium because non-standard scripts can
incidentally start with OP_<n> and end with OP_CHECKMULTISIG without being
well-formed multisig; a full parser should verify that the interior pushes are
valid pubkey encodings.