P2SH: Pay-to-Script-Hash (The "3" Addresses)

P2SH (Pay-to-Script-Hash), defined in BIP 16, was a revolutionary upgrade to the Bitcoin protocol. It moved the responsibility of defining complex spending conditions from the sender to the receiver. This enabled the creation of shorter, standardized addresses that start with the number 3.

1. The Complexity Shift

Before P2SH, if you wanted someone to pay into a 2-of-3 multisig account, you had to give them a massive raw script containing all the public keys.

• The Problem: The sender had to pay higher fees for a larger transaction, and they could see all your internal keys.

• The P2SH Solution: You give the sender a 20-byte hash of your script. They pay to the hash, and they don't care what the actual rules are.

2. Hiding the "Redeem Script"

The actual logic (like "Needs 2 of 3 signatures") is called the Redeem Script.

• In P2SH, the Redeem Script is kept secret until the moment the money is spent.

• The blockchain only records the hash of the script until the output is consumed.

3. Standardized Addresses

P2SH introduced a new address format using Base58Check with a version byte of 0x05.

• This results in addresses starting with 3.

• Because every P2SH address is a hash of a script, all P2SH addresses are the same length, regardless of whether they represent a simple 1-of-1 or a complex 15-of-15 multisig.

4. Backward Compatibility

P2SH was a "Soft Fork." Old nodes that didn't understand P2SH simply saw the output as a "Pay to a hash" script. They didn't know they were supposed to verify the Redeem Script, but new nodes did, ensuring the network remained secure.

Feature	P2MS (Bare)	P2SH (Hashed)
Address Prefix	None	3
Privacy	Public keys visible immediately	Public keys hidden until spend
Sender Fee	High (for multisig)	Low (Standard size)
Standardness	Limited to 3 keys	Supports up to 15 keys (Standard)

In the next section, we will analyze the ScriptPubKey Structure of P2SH.