Popular Science: What is a Taproot transaction?

I haven’t seriously studied the script of Bitcoin for a long time, and recently I wanted to figure out Taproot assets, and found that I couldn’t bypass Taproot transactions, so I had to read several BIPs of Taproot.

P2PKH

The most common Bitcoin transaction is called Pay-to-Publick-Key-Hash (P2PKH), which locks Bitcoin to the hash of the public key, which is our Bitcoin address, that is, the kind of address that starts with 1.

If Alice wants to pay 1btc to Bob via a P2PKH transaction, the process can be explained as follows:

Technical process of P2PKH trading:

Address and public key hash: Bob gives Alice a Bitcoin address, which is actually a hash of his public key.

Unlock & Lock: To send 1 BTC to Bob, Alice needs to unlock the funds from her own wallet. She then applies this 1 when she creates a transaction BTC is locked to Bob’s public key hash.

Bob’s Signature and Unlock: When Bob wants to spend this 1 BTC, he needs to sign with his private key to prove that he is the owner of the address. This way he can unlock the funds and use them for new transactions.

Layman’s Explanation:

Bob gives Alice an open box with a lock (the lock here is Bob’s Bitcoin address).

Alice puts 1 BTC into the box and locks the box so that only someone with the correct key (i.e. Bob’s private key) can open it.

When Bob wants to use the 1 BTC, he uses his own key (private key) to open the box, take out the bitcoins, and have the option to put it in another person’s box (to make another transaction).

P2SH

The second most common Bitcoin transaction is called pay-to-script hash, and we often use this transaction format to implement multi-signatures.

If Alice wants to send 1 BTC to Bob via the P2SH transaction format, it can be explained as follows:

Technical process of P2SH trading:

Script hash instead of public key hash: In P2SH transactions, funds are locked to a script hash instead of a public key hash.

This script usually contains multiple conditions, such as requiring multiple signatures (multisig) or other specific conditions.

Create and send transactions: The sender (e.g. Alice) will send bitcoins to this script hash address. This address is provided by the recipient (e.g. Bob), and the hidden script behind this address contains the conditions needed to unlock the funds.

That is, the original script of this script hash is owned by Bob, but Bob will not expose this script, but only the hash value of this script. (This corresponds to the P2PKH above is the public key hash)

Unlock the funds: When Bob (the recipient) wants to spend the bitcoins, he provides the original script (this is the unlocking script, or redemption script) that the miner can use to verify the transaction.

Layman’s Explanation:

In fact, the difference between P2SH and the P2PKH above is that the lock on the box is different, the lock of P2SH is allowed to be customized by Bob, and very complex locks can be built.

For example, the most common multisig is that Bob customizes multiple unlocking keys and defines how many keys he wants to unlock.

Using the P2SH transaction mechanism, the script hash is used as a lock, and the original script is used as a private key, and various unlocking conditions can be customized. This makes Bitcoin much more programmable.

Now to explain P2TR (Pay to Taproot)

P2PKH is paid to the public key hash, and the cost is conditional on providing the private key signature corresponding to the public key.

P2SH is paid to the script hash, and the spend is conditional on the original script being provided.

P2TR is a combination of pay-to-public key hash and pay-to-script hash, so it has two spending paths, either directly by private key signature or by providing the original script.

In addition, the script of P2TR is a binary tree containing n scripts, which can be spent by providing a leaf node script and tree path of the tree.

In this way, P2TR transactions can define more complex spending conditions, and the programmability of Bitcoin is richer.