Bitcoin’s address system has evolved a lot since its inception in 2009 and subsequent rise to fame in 2013.
In this post we'll explore how Bitcoin addresses work, different types of addresses (including legacy, SegWit, and Taproot addresses), and their technical aspects.
How do you generate a Bitcoin public key?
Bitcoin keypairs are formed of a public key and private key.
The private key is put through elliptic curve multiplication to generate a public key. The same private key will always generate the same public key through the process of key derivation. The public key is then hashed and encoded for readability, creating an address.
What are Deterministic Wallets?
A Bitcoin wallet is typically a collection of private keys (or these keypairs).
Traditionally, wallets generated a new private key (and therefore a new public address) after each transaction to reduce address re-use and exposure of private keys. Nowadays, this approach of generating a new random private key after each transaction has been replaced by deterministic wallets. The most common type of deterministic wallet is a hierarchical deterministic wallet. A root seed is used to derive a "master" private key, and this private key is then used to derive further private keys, and so on.
Deterministic wallets mean that if you have the seed, you can always generate the master private key and its child keys.
This differs from the traditional approach and leads to better security for Bitcoin wallets. In the traditional method, a new private key is generated each time. If certain private keys are lost, then funds are lost. Even if you lose a certain private key with a deterministic wallet, as long as you have the seed, you will be able to re-generate all of the private keys used in the wallet.
Mnemonics and BIP 39
Most cryptocurrency wallets today have a "seed phrase". Seed phrases are typically 12-24 words, and are another format of the randomly generated "seed" number from deterministic wallets. Seed phrases are easier to remember, so they should be kept private and stored securely.
Most modern Bitcoin wallets are hierarchical deterministic wallets, and use mnemonics for the root seed. Some popular examples of (HD) wallets include Trezor, Ledger, Mycelium and Electrum.
As Bitcoin wallets have evolved, address types used inside wallets and transaction types have evolved too. Let’s take a look at this evolution by diving into Bitcoin’s legacy addresses and transaction types.
Legacy addresses
Legacy addresses were the original address types for Bitcoin transactions - most recognizably prefixed with “1”.
Bitcoin transactions are sent with a “locking” script - a way to “lock” funds so that only someone with the correct private key(s) and signature(s) can spend them. These are referred to as “pay-to” transaction types on Bitcoin, with the original pay-to types being P2PKH and P2SH.
P2PKH (Pay-To-Public-Key-Hash)
P2PKH is for sending BTC to the hash of a user's public key.
In a P2PKH transaction, when Bob sends $BTC to Alice, the output $BTC is “locked” to the hash of Alice's public key.
Alice can unlock these funds and spend them by providing a signature to prove they are the owner of the private key.
The public key is only hashed to shorten the length of it and make it a shareable address.
P2SH (Pay-To-Script-Hash)
P2SH allows $BTC to be transferred to the hash of a Bitcoin script.
Like P2PKH, it is also a locking script. The tokens can be unlocked or spent based on the rules of the custom locking script - such as requiring multiple signers.
Segwit Addresses
The Segregated Witness (SegWit) upgrade to Bitcoin, activated in 2017, introduced a new way of structuring transactions, distinct from the method used for legacy addresses.
By introducing new address types and transaction formats (P2WPKH and P2WSH), Bitcoin transactions became cheaper, with lower transaction fees than ever before.
P2WPKH (Pay-to-Witness-Public-Key-Hash)
P2WPKH works almost identically to P2PKH, but instead of using the legacy locking script (ScriptSig), it uses Witness fields to unlock unspent funds instead.
As SegWit transactions (and their accompanying addresses) are cheaper than using legacy address types, it is effectively a drop in replacement (with some nuances).
P2WSH (Pay-to-Witness-Script-Hash)
P2WSH also functions similarly to the original P2SH, but instead uses the Witness field to unlock funds. The applications are still the same, but come with the lower transaction fees from the SegWit upgrade.
Some of the older types such as P2SH are still in use, and as Segwit is not directly backwards compatible with these types, there are wrappers in place to ease the transition to Segwit.
It’s generally recommended to create new wallets and addresses which support Segwit (or the newer Taproot) though, to make use of the advantages.
Taproot Upgrade
The Taproot upgrade was activated in 2021 and enhances privacy, scalability, and smart contract functionality for Bitcoin by making complex transactions appear simpler and more efficient. Taproot implemented BIP 340 (Schnorr Signatures), BIP 341 (Taproot), and BIP 342 (Tapscript).
P2TR (Pay-to-Taproot)
P2TR addresses are the most recent address type added to Bitcoin, and utilize Taproot upgrades to lower transaction costs. Multi-sigs are also indistinguishable from single addresses with Taproot, increasing privacy.
Schnorr Signatures
Schnorr Signatures are a signing mechanism responsible for lower transaction costs, increasing privacy for Taproot addresses.
Individual digital signatures can be "batched" together into one valid signature, which reduces the size of a transaction, and in turn, reduces fees. Aggregating signatures is particularly useful for multi-sigs, as it makes them indistinguishable from single addresses.
Schnorr signatures are also smaller, more secure, and have faster verification times than the traditional ECDSA signatures used in Bitcoin.
How does Turnkey support Bitcoin?
Turnkey is an enterprise-grade operating system for wallets: powerful, modular, and built to adapt to any use case. With Turnkey, it’s possible to programmatically create thousands of embedded wallets at once for any applications built on Bitcoin.
On top of our initial Bitcoin support for transaction signing, we now support address derivations for all Bitcoin address types, which means that you can automatically generate private/public key pairs with Turnkey’s API. This is all done while achieving 50-100ms signing latency for millions of wallets, all with affordable transaction-based pricing that’s designed for scale.
If you'd like to learn more about how you can use Turnkey in your own Bitcoin applications, get started with our docs here.
