ShopA Bitcoin address is a string of characters that represents a destination on the Bitcoin network.
A Bitcoin address is a string of characters that represents a destination on the Bitcoin network. It is the identifier you share with someone who wants to send you bitcoin, and the string your wallet monitors for incoming funds. It is not an account and does not "hold" bitcoin. It is a derived representation of a public key, used to identify which outputs on the ledger you can spend.
What Does a Bitcoin Address Do?
If you have ever received bitcoin in an on-chain transaction, you have used a Bitcoin address. Your wallet generated a string of characters, which you shared with someone, and bitcoin was sent to you. But that address is not an account number, and nothing about how it works resembles a bank account.
When someone sends you bitcoin, they construct a transaction that has inputs and outputs. One of the transaction's outputs specifies your Bitcoin address. That output is recorded on Bitcoin's distributed public ledger, unspent, until someone authorizes the spending of it in a new transaction. Only the holder of the private key corresponding to that address can produce the proof required to authorize.
Balance vs. UTXO
An address is not a balance. It is an identifier associated with unspent transaction outputs, or "UTXOs." What people call the "balance" at an address is simply the total value of all unspent outputs locked to it, visible to anyone on the ledger.
When you hold bitcoin in self-custody, your addresses are not issued to you by any institution. It is a string of characters derived mathematically from a key you generated. Anyone who holds the corresponding private key controls the funds associated with that address, and no one else does.
Addresses are designed to be shared publicly with the peoople and businesses you are transacting with. The address itself reveals nothing about the private key that generated it. Sharing it is how you receive bitcoin.
How Have Bitcoin Address Types Evolved?
Not all Bitcoin addresses look the same. Bitcoin's address formats have evolved through five generations, each one introduced to fix a limitation of what came before. The prefix of an address tells you immediately which generation it belongs to.
P2PK (Pay to Public Key)
The original format, no standard address
The first Bitcoin transactions used a script type that paid directly to a raw public key. There was no hashing step and no human-readable address. The limitation of this format was that the full public key was exposed on the ledger from the moment funds arrived, not just when they were spent. If elliptic curve cryptography were ever weakened, unspent P2PK outputs would be more vulnerable than hashed addresses. P2PK is a script type rather than an address format and has no standard human-readable form.
P2PKH (Pay to Public Key Hash)
Begins with "1"
The first standard address format was P2PKH, which solved P2PK's exposure problem by hashing the public key before embedding it in the address. The public key only appears on the ledger at the time of spending, not at the time of receiving. Legacy addresses still work and are supported by wallets, but they carry the largest transaction size of the active formats, which means higher fees.
P2SH (Pay to Script Hash)
Begins with "3"
P2SH was introduced a way to lock funds to a script rather than a simple public key hash. This enabled complex spending conditions (multisig arrangements, timelocks, and other programmable logic) without making the full script visible in the receiving address. P2SH was also used as a compatibility wrapper to support SegWit addresses in wallets that had not yet upgraded.
P2WPKH (Pay to Witness Public Key Hash, Native SegWit)
Begins with "bc1q"
Introduced by the SegWit upgrade (BIP141), P2WPKH separates the transaction signature data (the "witness") from the transaction body. This reduced the weight of each transaction and lowered fees. P2WPKH uses bech32 encoding, which is case-insensitive and includes stronger error detection than Base58Check. It is the recommended format for single-key wallets in software that has not yet adopted Taproot.
P2TR (Pay to Taproot)
Begins with "bc1p"
Introduced by Taproot (BIP341), P2TR uses Schnorr signatures and bech32m encoding. Its defining advantage is that complex spending conditions (multisig arrangements, time-locked scripts) look identical on-chain to a simple single-key spend. A 3-of-5 multisig and a standard single-signature transaction are indistinguishable on the ledger. This improves both privacy and efficiency. P2TR is the most capable and private current format.
The prefix is a reliable recognition guide: 1 is P2PKH, 3 is P2SH, bc1q is P2WPKH, bc1p is P2TR. A modern wallet defaulting to Taproot generates bc1p addresses.
How is a Bitcoin Address Generated?
An address comes from a public key and the process is deterministic. The same public key always produces the same address, on any wallet, using the same standard.
The generation pipeline works in five steps:
- Start with the public key. Take the compressed public key from the key pair (33 bytes, the form that modern wallets use).
- Apply SHA-256. Hash the public key using SHA-256 to produce a 32-byte output.
- Apply RIPEMD-160. Hash the SHA-256 output using RIPEMD-160 to produce a 20-byte output, known as Hash160. This is the core of the Bitcoin address.
- Add a version byte and checksum. Prepend a version byte (which identifies the address type) and append a 4-byte checksum derived from a double-SHA-256 of the prefixed hash. This is what makes the address self-validating. A wallet can detect a typo before sending.
- Encode. Apply Base58Check encoding for legacy addresses, or bech32/bech32m encoding for SegWit and Taproot addresses. The result is the human-readable address string.
The final output is between 25 and 62 characters depending on the format and encoding used.
There are two main reasons why you would want to run the public key through hashing algorithms:
- The hash is shorter. A 20-byte address is more practical to display and verify than a 33-byte public key.
- Hashing provides an extra layer of protection. The address exposes only the hash of the public key, not the key itself. The public key is only revealed when you spend from the address, so if elliptic curve cryptography were ever weakened, funds in addresses that have never been spent from would still be protected by the hash layer.
For the full treatment of hash functions, see What are Bitcoin hash functions?
Can You Reuse a Bitcoin Address?
Nothing in the Bitcoin protocol prevents address reuse. You can send bitcoin to your same address over and over again, and still be able to spend it. But reusing an address reduces privacy, and most modern wallets quietly prevent it by generating a new address for every transaction.
To understand why address reuse is inadvisable, you must understand how Bitcoin operates as a distributed public ledger. Every transaction to or from an address is visible to anyone who looks. When you receive to the same address more than once, those multiple transactions all become linked to the same public key on the ledger. An observer can connect them, sum the inflows and outflows, and build a spending history.
If you ever deposit and sell your bitcoin for fiat cash at an exchange that performs Know Your Customer (KYC) checks, then your your transaction history can be linked to your identity. This means the exchange has visibility not only to the amount of bitcoin you have sold, but the other transactions associated with your address.
Public Key Exposure from Address Reuse
There is a second consideration to note relating to public key exposure. Before you spend from an address, only the hashed public key appears on the ledger. Once you send from the address, the public key itself is revealed in the spending transaction. After that first spend, the key is permanently visible. Reusing the address after that point means all future transactions to it arrive at an address whose public key is already public.
Most modern HD wallets handle your addresses automatically. They derive a new receiving address for every transaction by incrementing the address index in the key hierarchy. Each address uses a different private key, but all keys are recoverable from the same seed so you do not have to track each address separately.
Address reuse is not catastrophic and does not expose your private key. But it is a meaningful and avoidable reduction in privacy.
What is Bitcoin Dust?
One more edge case worth knowing is "dust." A dust output is a UTXO whose value is too small to spend economically. Transaction fees are based on the amount of data required, so if the amount of data required to include a particular output in a transaction exceeds its value, that output effectively becomes unspendable. It would cost more in fees to spend that amount of bitcoin than the amount is worth.
Dust accumulates through small change outputs, address reuse, or deliberate dust attacks in which a small amount is sent to a wallet specifically to trace its on-chain activity. Dust is not lost, but it is practically unspendable under normal fee conditions.
What Does a Bitcoin Address Actually Prove?
An address on its own proves nothing. It is a public identifier, visible to anyone, derived from a public key that was itself derived from a private key you hold. The address serves as the destination, while the ability to spend resides in the private key.
Receiving bitcoin to an address requires nothing from you and you cannot block someone from sending to your address if they want to. The funds arrive as an unspent output locked to that address on the ledger, and they stay there until someone produces a valid signature to spend them.
If bitcoin is sent to an incorrect address, there is no recovery. The transaction is final once confirmed and the funds are permanently inaccessible to the sender. When sending bitcoin, it is always important to double check the address to avoid errors and lost funds.
Avoiding Errors
Errors can happen in several ways. A typo and a copy-paste mistake are the most obvious, where a single wrong character can mean funds are lost. Clipboard hijacking is less visible. Malware that monitors the your computer's clipboard can silently replace any copied Bitcoin address with one controlled by the attacker. The substituted address looks like a valid address and nothing signals that the swap occurred.
When using a signing device, the receiving address should always be verified on the device screen rather than relying solely on what the computer displays. The device derives the address independently from the key it holds and confirms the match, catching any discrepancy between what the software shows and what the key actually produces.
Related articles
How Bitcoin wallets work
How Bitcoin wallets generate keys, derive addresses, and sign transactions, and why they store keys, not bitcoin.
What is public key cryptography?
The mathematical system that lets Bitcoin prove ownership and authorize transactions without revealing the private key.
What are Bitcoin hash functions?
The one-way mathematical functions that secure Bitcoin's address generation, transaction IDs, mining, and block structure.
Bitcoin address reuse and on-chain privacy
The privacy implications of reusing Bitcoin addresses, and how modern wallets use fresh addresses to protect your transaction history.