Bitcoin Address Types Explained: Legacy, SegWit, Taproot and Testnet Addresses
Bitcoin addresses explained
Introduction
If you have spent any time looking through old Bitcoin wallets, block explorers, transaction records, paper backups, screenshots, wallet.dat files or exchange withdrawal histories, you will quickly notice something odd.
Not all Bitcoin addresses look the same.
Some begin with a 1.
Some begin with a 3.
Some begin with bc1q.
Some begin with bc1p.
And if you are testing software, using a development wallet, or looking at a testnet transaction, you may see addresses beginning with m, n, 2, tb1q, tb1p, or even bcrt1.
To someone new to Bitcoin, this can feel like a mess. Are these different coins? Are they different wallets? Are they different public keys? Is one safer than another? Can old addresses still receive bitcoin? Can a modern wallet send to an old address? Why do some addresses cost more to spend from? And why does any of this matter when recovering an old Bitcoin wallet?
This article explains the major Bitcoin address types in detail.
Before we go further, however, we need to correct one common phrase. People often say “public keys that start with 1, 3, bc1q or bc1p.” Strictly speaking, those are not public keys. They are Bitcoin addresses. A public key is a cryptographic object derived from a private key. A Bitcoin address is a human-friendly, checksummed encoding that tells a wallet how to create a locking condition on the Bitcoin blockchain.
That distinction matters. If you are recovering an old wallet, an address can help you identify which wallet, software era, derivation path or script type you may be dealing with. But an address alone cannot spend coins. Spending requires the correct private key, seed phrase, wallet file, signing device, script, or combination of keys depending on the address type.
So let’s go through the address types one by one.
The quick identification guide
Here is the simplest practical version:
1...
Legacy address, P2PKH, Bitcoin mainnet, Older single-signature Bitcoin addresses
3...
Script address / compatibility address, P2SH, Bitcoin mainnet, Multisig, nested SegWit, scripts
bc1q... ,Native SegWit address, P2WPKH or P2WSH, Bitcoin mainnet, Modern efficient SegWit addresses
bc1p... ,Taproot address, P2TR, Bitcoin mainnet, Taproot, Schnorr signatures, advanced scripts
m... or n... ,Testnet legacy address, Testnet P2PKH, Bitcoin testnet/signet, Testing only
2... ,Testnet script address, Testnet P2SH, Bitcoin testnet/signet, Testing only
tb1q... ,Testnet native SegWit, Testnet P2WPKH/P2WSH, Bitcoin testnet/signet, Testing only
tb1p... ,Testnet Taproot, Testnet P2TR, Bitcoin testnet/signet, Testing only
bcrt1... ,Regtest SegWit/Taproot, Regtest address, Local Bitcoin regtest, Developer-only local testing
To understand why these address types exist, we need to understand the difference between private keys, public keys, addresses and scripts.
Private keys, public keys and addresses: what is the difference?
Bitcoin is built on public-key cryptography.
At the most basic level:
A private key is the secret.
A public key is mathematically derived from the private key.
A Bitcoin address is usually derived from the public key, a hash of a script, or a SegWit witness program.
A transaction output locks bitcoin to a condition.
To spend that bitcoin later, the wallet must satisfy that condition.
A private key is what allows you to sign a Bitcoin transaction. If someone has your private key, they can spend the bitcoin controlled by that key. A public key can be shared publicly. It is used to verify that a signature was created by the corresponding private key. A Bitcoin address is a shorter and more user-friendly way of telling someone where to send coins.
An address is not quite the same as a bank account number. Bitcoin does not have account balances in the traditional banking sense. Instead, Bitcoin has UTXOs, or unspent transaction outputs. Each UTXO is locked with a small script. An address is a convenient way for wallet software to construct that locking script.
When someone sends bitcoin to your address, what they are really doing is creating a UTXO that can only be unlocked by whoever can satisfy the spending condition represented by that address.
That spending condition may be simple:
“Show a valid signature from the private key corresponding to this public key hash.”
Or it may be more complex:
“Show signatures from two of these three keys.”
Or:
“Spend through this Taproot key path, unless a script path is revealed.”
This is why Bitcoin address types matter. The prefix tells you what kind of locking condition is probably being used.
A note on old raw public-key outputs
Before we look at addresses beginning with 1, it is worth mentioning something older: P2PK, or Pay-to-Public-Key.
In the earliest days of Bitcoin, some outputs paid directly to a raw public key. These are not the familiar addresses most people use today. Instead of paying to a hash of a public key, the output included the public key itself.
This matters historically. Some very old mined coins and early transactions used this style. In a P2PK output, the public key is visible immediately on-chain, before the coin is spent. In later address types, Bitcoin generally moved toward paying to hashes or witness programs, which are smaller, more flexible, and often reveal less information until spending time.
Most ordinary users today will not create P2PK outputs. But in wallet recovery and blockchain archaeology, they can still matter. If someone mined Bitcoin in 2009 or 2010, old wallet structures may not look like modern HD wallets. A recovery specialist may need to consider old keypool behaviour, non-HD key storage, imported keys, old wallet.dat formats, and older script types.
For the rest of this article, however, we will focus on the address formats most people actually recognise.
1. Legacy Bitcoin addresses beginning with 1
What is a 1... Bitcoin address?
A Bitcoin address beginning with 1 is usually called a legacy address.
Technically, it is a P2PKH address, which stands for Pay-to-Public-Key-Hash.
Example:
1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
That famous example is the address associated with the Bitcoin genesis block reward. Do not send funds to example addresses in articles. They are for explanation only.
A P2PKH address was the original standard address type used by Bitcoin wallets for many years. If you used Bitcoin Core, early mobile wallets, old paper wallets, or early exchange deposit addresses, there is a good chance you encountered addresses beginning with 1.
What does P2PKH mean?
P2PKH means:
“Pay to the hash of a public key.”
The address does not contain the public key itself. Instead, it contains a hash of the public key.
The simplified process is:
Start with a private key.
Derive the public key.
Hash the public key using SHA-256 and RIPEMD-160.
Add a network/version prefix.
Add a checksum.
Encode the result using Base58Check.
The final address begins with 1 on Bitcoin mainnet.
The locking script for a P2PKH output is commonly written like this:
OP_DUP OP_HASH160 <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
That may look intimidating, but the logic is fairly understandable:
“Provide a public key. Hash it. Check that the hash matches the hash in the output. Then provide a valid signature from the matching private key.”
When you spend from a P2PKH address, your transaction reveals both:
the public key
the signature
Before the coin is spent, only the public key hash is visible. After it is spent, the public key is visible on-chain forever.
Why do legacy addresses start with 1?
Legacy Bitcoin addresses use Base58Check encoding.
Base58Check avoids characters that are easy to confuse, such as 0, O, I and l. It also includes a checksum to help detect typing errors.
On Bitcoin mainnet, P2PKH addresses use a version byte of 0x00. When encoded in Base58Check, that produces addresses beginning with 1.
That first character is not random. It tells wallet software, block explorers and users that the address is a mainnet P2PKH address.
Are 1... addresses still valid?
Yes.
Legacy addresses are still valid Bitcoin addresses. Bitcoin is designed for backward compatibility. A modern wallet can still send bitcoin to a legacy address, and bitcoin held at a legacy address can still be spent if the correct private key is available.
However, legacy addresses are generally less efficient than newer address types. Spending from a legacy P2PKH output usually requires more transaction weight than spending from a native SegWit output. In plain English, that means higher fees, especially when the mempool is busy.
Why do old wallets often contain 1... addresses?
Many older wallets predate SegWit and Taproot. If someone bought or mined Bitcoin in the early years, their wallet.dat file may contain many P2PKH addresses. Old Bitcoin Core wallets generated pools of keys and used fresh addresses for change. Users often did not realise that a wallet could contain many private keys, not just the one address they copied from the receive screen.
This is important in recovery work.
Someone may say:
“I only ever had one Bitcoin address.”
But the wallet may contain dozens, hundreds or thousands of keys. Some may have received coins directly. Some may have received change. Some may never have been used. If the wallet is old, many of those addresses may begin with 1.
In old wallet recovery, looking at the address type can help estimate the era and wallet behaviour. A wallet full of 1... addresses suggests an older or legacy configuration. A wallet full of bc1q... addresses suggests a later SegWit-era wallet. Taproot addresses suggest an even newer wallet setup.
2. P2SH addresses beginning with 3
What is a 3... Bitcoin address?
A Bitcoin address beginning with 3 is usually a P2SH address.
P2SH stands for Pay-to-Script-Hash.
Example:
3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy
A P2SH address does not pay directly to a public key hash. Instead, it pays to a hash of a script.
This was a major development in Bitcoin’s evolution because it made more complex spending conditions easier to use.
What problem did P2SH solve?
Before P2SH, complex scripts could be awkward. If you wanted to receive bitcoin using a multisignature setup, the sender might have needed to understand or include a long and complicated script. That is not good for usability.
P2SH changed the model.
With P2SH, the receiver creates the complex script, hashes it, and gives the sender a simple address beginning with 3.
The sender does not need to know the details of the script. They just send bitcoin to the P2SH address. Later, when the receiver wants to spend the coins, the receiver reveals the script and provides the required signatures or data.
This moved complexity away from the sender and onto the spender, where it belongs.
How does P2SH work?
The simplified logic is:
Create a redeem script.
Hash the redeem script.
Encode the script hash as a Base58Check address.
On mainnet, the address begins with 3.
When spending, reveal the redeem script and satisfy its conditions.
The locking script is generally:
OP_HASH160 <Hash160(redeemScript)> OP_EQUAL
When the coin is spent, the spender provides the redeem script. Bitcoin checks that the hash of the provided script matches the hash in the output. Then it executes the script.
What are P2SH addresses used for?
P2SH has been used for several important purposes.
1. Multisignature wallets
A classic use of P2SH is multisig.
For example, a 2-of-3 multisig wallet might require any two signatures from three possible keys. This is useful for businesses, custody arrangements, escrow, inheritance planning and security setups where no single key should control everything.
A P2SH multisig address still looks like a normal 3... address to the sender. The complexity only appears when the coins are spent.
2. Nested SegWit
P2SH was also used as a compatibility bridge for SegWit.
When SegWit was introduced, not every wallet, exchange and service immediately supported native SegWit addresses. Some older software could not send to bc1q... addresses. To solve this, wallets could wrap a SegWit spending condition inside a P2SH address.
These are often called:
P2SH-P2WPKH
nested SegWit
wrapped SegWit
compatibility SegWit
They begin with 3, just like other P2SH addresses.
This means you cannot always tell from the address alone whether a 3... address is a traditional multisig P2SH address, a nested SegWit single-key address, or some other script. You generally only learn more when the output is spent and the redeem script is revealed.
3. Script-based conditions
P2SH can also represent other redeem scripts. Bitcoin script is deliberately limited compared with general-purpose programming languages, but it still allows useful conditions such as multisig, timelocks and other policy structures.
Are 3... addresses still valid?
Yes.
P2SH addresses are still valid and widely recognised.
They are especially useful for compatibility. If a service cannot send to a native SegWit bc1q... address, it may still be able to send to a 3... P2SH address.
However, P2SH is not always the most fee-efficient option. Native SegWit addresses are usually more efficient because they do not need the same wrapping structure. Taproot may be better for certain advanced spending conditions.
Why are 3... addresses important in wallet recovery?
A 3... address tells us that the funds were sent to a script hash, not directly to a simple public key hash.
That matters because recovering the private key alone may not always be enough if the script requires multiple keys or a redeem script. For example, if the address is a multisig address, you may need:
multiple private keys
the redeem script
the correct wallet configuration
cosigner information
the wallet descriptor or multisig setup file
If it is nested SegWit, the recovery path may involve SegWit derivation paths rather than old legacy paths. If it is a multisig wallet, the address may have been generated by Electrum, Armory, Bitcoin Core, hardware wallet software, a custody service, or a bespoke setup.
This is why professional crypto recovery is rarely just “try the password and see.” Address format gives clues about wallet structure, script type, wallet age and likely derivation paths.
3. Native SegWit addresses beginning with bc1q
What is a bc1q... address?
A Bitcoin address beginning with bc1q is usually a native SegWit address.
More technically, it is usually one of these:
P2WPKH : Pay-to-Witness-Public-Key-Hash
P2WSH : Pay-to-Witness-Script-Hash
Both are SegWit version 0 address types.
Example P2WPKH address:
bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kg3g4ty
Example P2WSH addresses are longer because they encode a 32-byte script hash rather than a 20-byte public key hash.
The bc part is the human-readable prefix for Bitcoin mainnet. The 1 is the separator used in Bech32 encoding. The q after bc1 indicates witness version 0 in the encoded data.
What is SegWit?
SegWit stands for Segregated Witness.
It was one of Bitcoin’s most important upgrades. It changed how signature data is stored in transactions. Instead of placing all unlocking data in the old scriptSig field, SegWit introduced witness data.
This had several benefits:
It fixed transaction malleability for SegWit spends.
It allowed more efficient use of block space.
It enabled newer second-layer protocols and cleaner transaction design.
It allowed lower effective fees for SegWit spends.
It created a framework for future witness versions, including Taproot.
The important point for normal users is this:
A native SegWit address beginning with bc1q is usually more fee-efficient than older 1... or 3... address types when spending.
What does P2WPKH mean?
P2WPKH stands for Pay-to-Witness-Public-Key-Hash.
It is the SegWit equivalent of P2PKH.
In simple terms, a P2WPKH output says:
“To spend this output, provide a public key and signature in the witness field, and the hash of that public key must match this 20-byte witness program.”
A P2WPKH address is commonly used for ordinary single-signature wallet receiving addresses.
What does P2WSH mean?
P2WSH stands for Pay-to-Witness-Script-Hash.
It is the SegWit equivalent of a script-based output. Instead of committing to a public key hash, it commits to a script hash.
P2WSH is often used for more complex scripts, including multisig. Compared with old P2SH multisig, native SegWit script spending can be more efficient and avoids some old limitations.
A P2WSH address also begins with bc1q, but it is longer than a P2WPKH address because the witness program is 32 bytes rather than 20 bytes.
Why does bc1q use Bech32?
Native SegWit addresses use Bech32 encoding.
Bech32 was designed to improve on Base58Check for SegWit addresses. It has several practical advantages:
It uses a restricted 32-character set.
It is usually written in lowercase.
It avoids mixed-case confusion.
It has strong error-detection properties.
It is more QR-code friendly than Base58.
It clearly identifies the network through the human-readable prefix.
For Bitcoin mainnet, the prefix is bc.
For testnet and signet, the prefix is tb.
For regtest, the prefix is bcrt.
Are bc1q... addresses case-sensitive?
This is a common source of confusion.
Bech32 addresses are normally written in lowercase. They can technically be all uppercase in some contexts, but mixed-case Bech32 strings are invalid. In practice, you should copy and paste them exactly and use lowercase.
This is different from old Base58Check addresses beginning with 1 or 3, where uppercase and lowercase letters are different characters. For old Base58Check addresses, changing a letter’s case changes the address and will usually invalidate the checksum or point somewhere else.
The safest rule is simple:
Never manually retype Bitcoin addresses if you can avoid it. Copy and paste carefully, verify the first and last characters, and use QR codes or hardware wallet address verification where possible.
Are bc1q... addresses supported everywhere?
Today, most modern wallets and exchanges support bc1q... addresses. But that was not always true.
When SegWit was new, some services could not send to native SegWit addresses. That is why nested SegWit 3... addresses became popular as a compatibility bridge.
If you are using a very old wallet or exchange, it may not recognise bc1q.... In that case, a P2SH compatibility address may be required. But for modern Bitcoin use, native SegWit is generally a good default.
Why are bc1q... addresses important in wallet recovery?
If a wallet contains bc1q... addresses, it likely used SegWit derivation paths or descriptors.
For example, many modern wallets use derivation paths associated with SegWit accounts. Hardware wallets, Electrum, Bitcoin Core descriptor wallets and other modern software may generate different address types from the same seed depending on the account type selected.
This is one reason people sometimes restore a seed phrase and think their bitcoin has disappeared. The seed may be correct, but the wallet may be looking at the wrong address type or derivation path.
For example, the same seed could potentially generate:
legacy 1... addresses
nested SegWit 3... addresses
native SegWit bc1q... addresses
Taproot bc1p... addresses
If the wallet software restores the wrong account type, it may show an empty balance even though the funds are still on-chain.
In recovery work, address type is a clue. If the known receiving address begins with bc1q, the recovery process should check native SegWit paths and wallet settings, not only old legacy paths.
4. Taproot addresses beginning with bc1p
What is a bc1p... address?
A Bitcoin address beginning with bc1p is a Taproot address.
Technically, it is a P2TR address, which stands for Pay-to-Taproot.
Example:
bc1p5cyxnuxmeuwuvkwfem96llyxfk9l2nrj2j3qj9k7g8xq3v4x7fqsfq0y5n
Taproot is a newer Bitcoin address type introduced as part of Bitcoin’s Taproot upgrade. It uses SegWit version 1 and Bech32m encoding.
Why does Taproot start with bc1p?
The bc part means Bitcoin mainnet.
The 1 is the Bech32/Bech32m separator.
The p indicates witness version 1 when encoded in this address format.
That is why native SegWit version 0 addresses begin with bc1q, while Taproot version 1 addresses begin with bc1p.
The difference between q and p is not cosmetic. It tells you that the address represents a different witness version and uses different spending rules.
What is Taproot?
Taproot is one of the most significant Bitcoin upgrades after SegWit.
It introduced or combined several ideas:
Schnorr signatures
Pay-to-Taproot outputs
Tapscript
More private script spending
More efficient complex spending policies
A Taproot output can often be spent in one of two broad ways:
Key path spend
The output is spent with a signature for the Taproot public key. This looks like a simple spend.Script path spend
One of the possible scripts is revealed and satisfied. Only the used script path needs to be revealed, not every possible condition.
This is a big idea. With older script systems, complex conditions could become obvious and bulky when used. With Taproot, many complex conditions can be hidden behind a single public key unless a script path is actually needed.
What does P2TR contain?
A P2TR output contains a 32-byte witness program representing a Taproot output key.
This is different from P2PKH and P2WPKH, which use public key hashes. Taproot works with x-only public keys and Schnorr signatures.
In ordinary language:
A Taproot address commits to a Taproot public key. That key may represent a simple key spend, or it may be tweaked to commit to additional script paths. When spent through the key path, the transaction can look simple even if alternative conditions existed in the background.
What is Bech32m?
Taproot addresses use Bech32m, not original Bech32.
This distinction matters.
Bech32 was introduced for SegWit version 0 addresses, such as bc1q....
Later, a weakness was identified in Bech32 for future witness versions in certain edge cases. Bech32m was introduced as an improved variant for SegWit version 1 and later.
So the rule is:
SegWit version 0, such as bc1q..., uses Bech32.
SegWit version 1 and later, such as bc1p..., uses Bech32m.
If wallet software supports bc1q... but not Bech32m, it may still fail to send to bc1p... Taproot addresses. This was common in the early Taproot adoption period. Modern wallets increasingly support Taproot, but compatibility should still be checked before large transfers.
Are Taproot addresses cheaper?
The answer is: it depends.
Taproot is often more efficient for complex spending policies. It can be especially powerful for multisig-like arrangements, script trees and advanced wallet designs because cooperative spends can appear as a simple key path spend.
For simple single-signature payments, the fee comparison depends on the number of inputs and outputs and the exact transaction structure. Native SegWit bc1q is still extremely efficient and widely supported. Taproot may have advantages in some cases, while bc1q remains a safe modern default for many ordinary users.
A sensible practical view is:
Avoid legacy 1... addresses when possible if you care about fees.
Use native SegWit bc1q... for broad modern compatibility and efficiency.
Use Taproot bc1p... where your wallet and receiving/sending services support it and where you want the benefits of Taproot.
Why are Taproot addresses important in wallet recovery?
Taproot is newer. If a known address begins with bc1p, the wallet is unlikely to be an untouched 2012 Bitcoin Core wallet. It suggests a more recent wallet, or a seed restored into a modern Taproot account.
That matters because Taproot uses different derivation paths and address descriptors from older wallet types. If someone restores a seed phrase into a wallet but chooses the wrong account type, they may not see their Taproot funds.
Taproot also matters in more advanced recovery cases. Some Taproot outputs may involve key tweaks or script paths. Recovery may require not just a seed phrase, but the correct wallet metadata, descriptor, script tree, cosigner information, or derivation details.
For ordinary single-key Taproot wallets, recovery may be straightforward if the seed and derivation path are known. For advanced Taproot scripts, recovery may be more complex.
5. Testnet Bitcoin addresses
What is testnet?
Bitcoin testnet is a separate network used for testing.
Testnet coins have no real market value. They are used by developers, wallet creators, exchanges, educators and technical users to test software without risking real bitcoin.
This is important: a testnet address is not a mainnet Bitcoin address. You cannot send real bitcoin to testnet and you cannot send testnet coins to mainnet.
Testnet has its own address prefixes.
Testnet legacy P2PKH: addresses beginning with m or n
On Bitcoin testnet, legacy P2PKH addresses usually begin with m or n.
Example:
mipcBbFg9gMiCh81Kj8tqqdgoZub1ZJRfn
This is the testnet equivalent of a mainnet 1... address.
So:
Mainnet P2PKH begins with 1.
Testnet P2PKH begins with m or n.
If someone sends you an address beginning with m or n, do not send real bitcoin to it. It is for testnet coins.
Testnet P2SH: addresses beginning with 2
Testnet P2SH addresses begin with 2.
Example:
2MzQwSSnBHWHqSAqtTVQ6v47XtaisrJa1Vc
This is the testnet equivalent of a mainnet 3... address.
So:
Mainnet P2SH begins with 3.
Testnet P2SH begins with 2.
This can confuse people because 2... looks somewhat like an ordinary cryptocurrency address, but on Bitcoin it indicates a testnet script-hash address.
Testnet native SegWit: tb1q...
Native SegWit addresses on testnet begin with tb1q.
Example:
tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kxpjzsx
This is the testnet equivalent of a mainnet bc1q... address.
So:
Mainnet native SegWit begins with bc1q.
Testnet native SegWit begins with tb1q.
The tb prefix identifies testnet or signet. The q indicates witness version 0.
Testnet Taproot: tb1p...
Taproot addresses on testnet begin with tb1p.
This is the testnet equivalent of a mainnet bc1p... address.
So:
Mainnet Taproot begins with bc1p.
Testnet Taproot begins with tb1p.
Again, testnet coins are not real bitcoin. Testnet is for testing transactions, wallet behaviour, signing flows, multisig policies, recovery procedures and development.
Signet addresses
Signet is another Bitcoin testing network. It is more controlled than testnet and is often used by developers because it is more stable for testing.
Signet generally uses the same address prefixes as testnet:
m or n for P2PKH
2 for P2SH
tb1q for native SegWit
tb1p for Taproot
This means an address alone may not tell you whether it is testnet or signet. You need to know which network the wallet or node is using.
Regtest addresses: bcrt1...
Regtest is a local Bitcoin testing mode. Developers use it to create private blockchains on their own machines. It is not a public network.
Regtest SegWit and Taproot addresses commonly begin with bcrt1.
For example, a regtest native SegWit address may begin with:
bcrt1q...
A regtest Taproot address may begin with:
bcrt1p...
If you see bcrt1, you are almost certainly looking at a local development environment, not real bitcoin and not public testnet.
6. Address types versus wallet types
It is easy to confuse address types with wallet types.
They are related, but not the same.
A single wallet may support several address types. A single seed phrase may generate several different accounts. A hardware wallet may allow you to create legacy, nested SegWit, native SegWit and Taproot accounts from the same seed.
For example, one seed phrase could generate:
legacy account: addresses beginning with 1
nested SegWit account: addresses beginning with 3
native SegWit account: addresses beginning with bc1q
Taproot account: addresses beginning with bc1p
If you restore the seed into a new wallet and choose the wrong account type, you may see an empty wallet.
This is one of the most common panic moments in Bitcoin recovery.
The user thinks:
“My seed phrase is wrong.”
But the real issue may be:
wrong derivation path
wrong address type
wrong account number
wrong passphrase
wrong wallet software
missing imported private keys
missing multisig cosigner data
old non-HD wallet structure
descriptor mismatch
The address prefix gives an important clue about where to look.
7. Public key formats: compressed, uncompressed and x-only
Although this article is mainly about addresses, it is useful to explain actual public key formats because they often appear in wallet recovery, old Bitcoin Core files, raw transaction data and technical debugging.
Uncompressed public keys
Older Bitcoin wallets sometimes used uncompressed public keys.
An uncompressed public key is 65 bytes and begins with 04.
It contains both the x and y coordinates of an elliptic curve point.
In hex, it looks like:
04...
followed by 64 bytes of coordinate data.
Uncompressed public keys are larger and lead to larger transaction data when spent. Older P2PKH addresses may have been created from uncompressed public keys. This matters because the hash of an uncompressed public key is different from the hash of the compressed version of the same key.
That means the same private key can correspond to different addresses depending on whether the public key is compressed or uncompressed.
This is extremely important in old wallet recovery.
If you import a private key incorrectly as compressed or uncompressed, the wallet may scan for the wrong address. The funds may still be recoverable, but the software may not show them until the key is interpreted correctly.
Compressed public keys
Compressed public keys are 33 bytes and begin with either:
02
03
The prefix indicates which of the two possible y-coordinates is correct. The x-coordinate is stored, and the y-coordinate can be derived.
Compressed public keys became standard because they reduce transaction size. Many SegWit wallet rules expect compressed keys. In some contexts, using an uncompressed key where a compressed key is required can cause serious problems.
In practical recovery terms, if you are dealing with older private key exports, WIF keys, paper wallets or wallet.dat files, it is important to know whether the key corresponds to compressed or uncompressed public keys.
X-only public keys in Taproot
Taproot uses x-only public keys.
These are 32 bytes rather than 33 or 65. They represent the x-coordinate of a public key point, with conventions used to handle the missing y-coordinate information.
This is part of the Taproot and Schnorr signature design.
For normal users, the practical point is simple:
Taproot is not just “another address prefix.” It uses a newer signing and key model under the hood. A bc1p... address tells you that the output is using Taproot rules, not the older P2PKH or P2WPKH rules.
8. Why address type affects transaction fees
Bitcoin transaction fees are based on transaction weight, not simply the amount of bitcoin being sent.
A transaction sending 0.01 BTC can cost more in fees than a transaction sending 10 BTC if it has more inputs or uses less efficient script types.
Address type matters most when you later spend the coins.
Legacy P2PKH fee profile
Legacy 1... addresses are generally the least efficient common address type.
When spending from a P2PKH output, the public key and signature are included in the older transaction input structure. This usually produces more transaction weight than SegWit spending.
If fees are low, this may not matter much. If fees are high, old legacy UTXOs can become noticeably more expensive to move.
P2SH fee profile
P2SH 3... addresses vary.
A simple nested SegWit P2SH address may be more efficient than legacy P2PKH, but less efficient than native SegWit because it has an extra redeem-script wrapper.
A P2SH multisig spend can be much larger because multiple signatures and the redeem script may need to be revealed.
So a 3... address tells you the output is script-hash based, but it does not tell you the full future fee cost until you know the redeem script.
Native SegWit fee profile
Native SegWit bc1q... addresses are generally fee-efficient.
SegWit moved signature data into the witness structure, which receives different weight treatment. This means spending SegWit UTXOs is usually cheaper than spending equivalent legacy UTXOs.
For ordinary users, bc1q... has been a strong default for years: efficient, modern and widely supported.
Taproot fee profile
Taproot bc1p... can be very efficient, especially for key-path spends and advanced spending policies.
For complex scripts, Taproot can be much more private and efficient because unused script branches do not need to be revealed. For cooperative multisig-like arrangements, Taproot-based constructions can make complex arrangements look like simple signature spends.
However, fee comparisons are not always one-size-fits-all. Whether Taproot is cheaper than native SegWit depends on the exact transaction structure. The broad practical point remains:
Modern SegWit and Taproot outputs are generally preferable to old legacy outputs for fee efficiency and future flexibility.
9. Privacy differences between address types
Address type also affects privacy.
Bitcoin is not fully anonymous. It is pseudonymous. Every transaction is public. Addresses do not directly show your name, but patterns can be analysed.
Address reuse is bad for privacy
The most important privacy rule is simple:
Do not reuse Bitcoin addresses.
If you receive multiple payments to the same address, observers can link those payments together. If you later spend from that address, more information may be revealed.
Modern wallets generate a new receiving address for each payment. This is normal. You do not need to keep using the same address.
Legacy P2PKH privacy
With P2PKH, the public key is hidden behind a hash until the coin is spent. Once spent, the public key becomes visible.
If the same address is reused, the privacy problem becomes worse because multiple payments are clearly linked.
P2SH privacy
P2SH hides the redeem script until spending time.
This is useful because the sender does not need to know whether the address represents multisig, nested SegWit or some other script. However, when the coin is spent, the redeem script is revealed.
If it is a multisig script, observers may learn the number of signers, the public keys involved and the policy structure.
Native SegWit privacy
Native SegWit improves efficiency but does not magically make Bitcoin private. P2WPKH still reveals the public key when spent. P2WSH reveals the witness script when spent.
Address reuse remains a major privacy issue.
Taproot privacy
Taproot can improve privacy for complex spending conditions.
If a Taproot output is spent through the key path, it can look like a simple single-signature spend even if alternative script paths existed. If a script path is used, only the used script path needs to be revealed, not every possible branch.
This does not make Bitcoin anonymous, but it can reduce unnecessary disclosure of wallet policy.
10. Compatibility: what address should you use today?
For most ordinary Bitcoin users today, the practical answer is:
Use the default address type recommended by your modern wallet.
In many wallets, that will be native SegWit bc1q.... In newer wallets, it may be Taproot bc1p....
When to use 1...
Use legacy 1... addresses only when required by old software or for a specific recovery or compatibility reason.
They are valid, but they are not usually the best modern default.
When to use 3...
Use 3... P2SH addresses when compatibility is needed.
For example, if a sender cannot send to bc1q..., a nested SegWit 3... address may work. Multisig wallets may also use P2SH or P2SH-wrapped structures depending on wallet design.
When to use bc1q...
Use bc1q... native SegWit addresses for a strong balance of efficiency and compatibility.
This is often the best default for ordinary single-signature Bitcoin receiving addresses.
When to use bc1p...
Use bc1p... Taproot addresses when your wallet supports Taproot and the sender can send to Taproot addresses.
Taproot is particularly useful for modern wallet designs and advanced spending conditions. It is increasingly supported, but it is still worth checking compatibility before moving large amounts.
11. What address type tells you about an old wallet
At Bring Back My Crypto, address types are more than trivia. They can be part of the recovery puzzle.
A known address can tell us a great deal.
If the address begins with 1
This may suggest:
older wallet software
legacy P2PKH receiving addresses
old Bitcoin Core wallet.dat behaviour
possible uncompressed public keys in very old cases
possible non-HD wallet structure
higher chance that change addresses also begin with 1
Recovery questions may include:
Do you have the original wallet.dat?
Was the wallet encrypted?
Was it created before HD wallets?
Did you ever export private keys?
Was the key compressed or uncompressed?
Are there old backups with different keypools?
If the address begins with 3
This may suggest:
P2SH script-hash output
multisig wallet
nested SegWit compatibility address
hardware wallet account
exchange or custody-style deposit address
script or redeem-script dependency
Recovery questions may include:
Was this a multisig wallet?
Were there cosigners?
Do you have the redeem script?
Do you have the wallet configuration file?
Was it Electrum, Armory, Casa, Unchained, Bitcoin Core or hardware-wallet based?
Was it a nested SegWit account from a seed phrase?
If the address begins with bc1q
This may suggest:
native SegWit wallet
modern seed-based wallet
SegWit derivation path
descriptor wallet
lower-fee UTXO structure
possible P2WPKH or P2WSH depending on length and context
Recovery questions may include:
Was the wallet restored as native SegWit?
Did you use the correct derivation path?
Was there a BIP39 passphrase?
Was it a single-signature or multisig wallet?
Do you have the wallet descriptor?
If the address begins with bc1p
This may suggest:
Taproot wallet
newer wallet software
Schnorr/Taproot signing rules
Taproot derivation path
possible script tree or advanced spending policy
Recovery questions may include:
Was this a Taproot account?
Which wallet generated it?
Is the wallet using descriptors?
Is there a key-path-only spend or script-path policy?
Was a hardware wallet involved?
Are all wallet metadata and derivation details available?
The address prefix does not solve the recovery by itself, but it points the investigation in the right direction.
12. Common mistakes people make with Bitcoin addresses
Mistake 1: thinking an address is a private key
A Bitcoin address is safe to share for receiving payments. A private key is not.
If someone asks you to send your private key, seed phrase, wallet password or wallet.dat file without a clear professional process, be extremely cautious.
An address beginning with 1, 3, bc1q or bc1p cannot spend funds by itself.
Mistake 2: restoring a seed into the wrong address type
This is very common.
A user restores a seed phrase and sees a zero balance. They assume the seed is wrong. But the wallet may simply be looking at the wrong account type.
For example, the funds may be on native SegWit bc1q... addresses, while the restored wallet is only showing legacy 1... addresses.
Mistake 3: confusing testnet with mainnet
Testnet addresses are for testing only.
If an address begins with tb1, m, n or testnet-style 2, it is not a normal Bitcoin mainnet receiving address.
Do not send real bitcoin to a testnet address. Wallet software should prevent this, but users should still understand the difference.
Mistake 4: manually typing addresses
Bitcoin addresses include checksums, but that does not mean manual typing is safe.
Always copy and paste carefully. Verify the beginning and end of the address. For large transfers, send a small test transaction first. Use hardware wallet screen verification where possible.
Mistake 5: assuming all 3... addresses are multisig
Many people think every 3... address is a multisig address. Not necessarily.
A 3... address is P2SH. It might be multisig, but it might also be nested SegWit or another script. You usually cannot know for certain until the output is spent and the redeem script is revealed.
Mistake 6: assuming Taproot means total privacy
Taproot improves privacy for certain script structures, especially when spending through the key path. But it does not make Bitcoin anonymous. Amounts, timings, transaction graph patterns and address reuse can still reveal information.
13. Examples of Bitcoin address types
These examples are for recognition and education only. Do not send funds to example addresses.
Mainnet examples
Legacy P2PKH:
1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
P2SH:
3J98t1WpEZ73CNmQviecrnyiWrnqRhWNLy
Native SegWit P2WPKH:
bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kg3g4ty
Taproot P2TR:
bc1p5cyxnuxmeuwuvkwfem96llyxfk9l2nrj2j3qj9k7g8xq3v4x7fqsfq0y5n
Testnet examples
Testnet P2PKH:
mipcBbFg9gMiCh81Kj8tqqdgoZub1ZJRfn
Testnet P2SH:
2MzQwSSnBHWHqSAqtTVQ6v47XtaisrJa1Vc
Testnet native SegWit:
tb1qw508d6qejxtdg4y5r3zarvary0c5xw7kxpjzsx
Testnet Taproot:
tb1p...
Regtest examples
Regtest native SegWit:
bcrt1q...
Regtest Taproot:
bcrt1p...
Regtest addresses are used in local developer environments only.
14. Can bitcoin be lost because of the wrong address type?
Usually, bitcoin is not lost simply because an address is old.
A valid 1... address is still valid. A valid 3... address is still valid. A valid bc1q... or bc1p... address is valid if the sending wallet supports it.
The bigger risks are:
sending to the wrong network
using malware that swaps addresses
restoring a wallet incorrectly
losing the seed phrase
forgetting the wallet password
losing a multisig cosigner
losing the redeem script or descriptor
misunderstanding old wallet backups
assuming one backup contains all keys when it does not
For example, older Bitcoin Core wallets used keypools. If you made a backup, then generated many new addresses later, an old backup might not contain all later keys. This is one reason repeated backups were important with older non-HD wallets.
Modern HD wallets reduce this problem by deriving addresses from a seed phrase, but they introduce other issues, such as derivation paths, passphrases and account types.
15. Address types and wallet.dat recovery
A wallet.dat file can contain encrypted private keys, metadata, address book entries, keypool information, scripts and other wallet data depending on the version and configuration.
When recovering a wallet.dat file, address types can help answer important questions:
Was the wallet old or modern?
Was it legacy or descriptor-based?
Were addresses generated before or after SegWit?
Are the visible addresses P2PKH, P2SH, SegWit or Taproot?
Are there imported keys?
Are there watch-only scripts?
Is the wallet encrypted?
Does the user remember a password pattern?
Are there multiple backups from different dates?
Was the wallet upgraded over time?
A password-protected wallet.dat file is not the same as a seed phrase backup. If the wallet is encrypted and the password is forgotten, specialist recovery may involve password pattern analysis, dictionary generation, rules, masks, GPU cracking, metadata review and careful forensic handling.
The address type does not reveal the password. But it helps build the picture.
For example, a wallet.dat from 2011 full of 1... addresses is a different recovery case from a modern descriptor wallet with Taproot receive addresses. The technical assumptions, likely wallet structure and recovery workflow may differ.
16. Frequently asked questions
Are 1... Bitcoin addresses obsolete?
No. They are old, but they are still valid. Bitcoin maintains backward compatibility. However, they are usually less fee-efficient than modern SegWit address types.
Are 3... addresses better than 1... addresses?
They are different. A 3... address is P2SH and can represent scripts, multisig or nested SegWit. It may be more flexible and sometimes more efficient than legacy, but native SegWit is usually preferable for ordinary modern use.
Are bc1q... addresses safe?
Yes, provided they are generated by a trustworthy wallet and used correctly. They are native SegWit addresses and are widely supported by modern Bitcoin wallets.
Are bc1p... addresses safe?
Yes, Taproot addresses are valid Bitcoin mainnet addresses. The main practical issue is compatibility. Make sure the sending wallet or exchange supports Taproot withdrawals before using a bc1p... address.
Why does my wallet show different addresses after restoring my seed?
You may have restored the seed using a different account type or derivation path. The same seed can generate multiple address families. Check whether the original wallet used legacy, nested SegWit, native SegWit or Taproot.
Can I convert a 1... address into a bc1q... address?
You cannot simply convert the existing UTXO without making a transaction. You can generate a new bc1q... receiving address in a modern wallet and send the funds from the old address to the new one. That transaction will require the private key controlling the old address and will pay a network fee.
Can I send bitcoin from a legacy address to a Taproot address?
Yes, if your wallet supports sending to Taproot addresses. The source address type and destination address type can be different. What matters is that the spending wallet can sign for the old UTXO and create a valid transaction paying the new output type.
Is a Bitcoin address the same as a public key?
No. A Bitcoin address is a user-friendly encoding of data used to create a locking script. It may contain a public key hash, script hash or witness program. A public key is a cryptographic key derived from a private key.
Does a Bitcoin address contain my private key?
No. Never. A Bitcoin address does not contain the private key. The private key must be stored in your wallet, seed phrase backup, hardware device or wallet file.
Can someone steal my bitcoin if they know my address?
No, not from the address alone. Addresses are meant to be shared for receiving payments. However, address reuse can harm privacy because people can track payments to and from that address.
What is the best Bitcoin address type today?
For many ordinary users, native SegWit bc1q... is a strong default because it is efficient and widely supported. Taproot bc1p... is also modern and powerful, especially where supported. The best choice depends on wallet compatibility and your use case.
17. Final thoughts: the prefix tells a story
Bitcoin addresses are not random-looking strings by accident. Their prefixes tell the story of Bitcoin’s technical evolution.
Addresses beginning with 1 come from Bitcoin’s early legacy P2PKH design.
Addresses beginning with 3 represent the move toward script flexibility, multisig and compatibility layers.
Addresses beginning with bc1q show the adoption of native SegWit, better fee efficiency and improved transaction structure.
Addresses beginning with bc1p represent Taproot, Schnorr signatures and a more private and flexible scripting future.
Testnet addresses such as m, n, 2, tb1q and tb1p exist so developers and users can experiment safely without risking real bitcoin.
For most users, the prefix is just a way to recognise whether an address is old, modern, SegWit, Taproot or testnet. For wallet recovery, however, it can be a valuable clue.
If you are trying to recover an old Bitcoin wallet, do not ignore the address format. It may help identify the wallet era, the script type, the derivation path, whether the public keys were compressed or uncompressed, and whether you are dealing with a simple single-key wallet or something more complex.
And most importantly: an address is not the secret. The secret is the private key, seed phrase, wallet password, cosigner set or wallet file that can satisfy the spending condition behind that address.
If you have an old wallet.dat file, a forgotten Bitcoin wallet password, a seed phrase that restores to the wrong addresses, or a confusing mix of old 1..., 3..., bc1q... or bc1p... addresses, BringBackMyCrypto should be able to help investigate the recovery path.
Bitcoin address prefixes look simple. But behind those first few characters is the entire history of Bitcoin wallet design.
