Lastly using RIPEMD-160 hash of the private key for the witness program is risky. This can lead to an invalid address or one that cannot be recovered .
It is best to use a proper public key derived from the private key when creating the witness program.
It is not just risky, it is impossible since there won't be any way to spend those coins. The hash
must be computed from the public key. The code OP posted in first post was wrong, they fixed it in the last comment:
hashed_public_key = hashlib.new('ripemd160', hashlib.sha256(public_key).digest()).digest()
~
bech32_address = bech32.encode(hrp, witver, hashed_public_key)