Pay To Script Hash (P2SH) Explained

If anyone of you has tried to understand Bitcoin deeply, then you must be knowing that it is tough to get to the bottom.

I know of several acquaintances who gave up halfway in their journey to understand Bitcoin, and that’s because it is just like a rabbit hole that sucks you in it.

But here at TheMoneyMongers, we have taken up this challenge of explaining the core concepts of Bitcoin in plain English without beating around the bush.

And so far it is going right, and some of you have already appreciated our work. Some of our previous guides that you can look at are:

Having said that in this write-up we are going to discuss Pay To Script Hash (P2SH) concerning Bitcoin transactions but before that I would urge you to read our guide on Bitcoin UTXOs as it will be helpful for you to understand today’s concept.

So let’s get started:

Pay-to-PubKey Hash (P2PKH)

For those of you who don’t know Bitcoin uses a UTXO model and only UTXOs can be spent on the network. Bitcoin also uses a Scripting language known as Script.

This Script is a way for specifying conditions for spending the bitcoins or the Unspent Transaction Outputs (UTXOs).

A simple way to understand Bitcoin is that bitcoins are locked up on different Bitcoin addresses at different time using a script (a couple of lines of code).

This script defines under what conditions can the bitcoins present on this address can be spent. When these conditions are met and verified by the network, the bitcoins present on that address are unlocked.

So the most straightforward example to which most of the Bitcoin users might be familiar is that one needs to provide signatures using their private keys for spending bitcoins on their public address. This address is called a Pay-to-PubKey Hash (P2PKH) address which actually holds bitcoins using a script (a couple of lines of code).

And as one produces a signature using their private keys associated with that P2PKH address the scripted conditions are met and the coins are unlocked and in case of a mismatch, the coins remain locked.

However, this is a simple condition of producing your signatures using a private key, but Bitcoin allows you to incorporate more complex conditions for being able to spend a bitcoin output.

And under what conditions can you spend a specific bitcoin output is expressed using Script.

These conditions could be for example:

  • Several signatures are needed to unlock these bitcoins.
  • Or A certain amount of time needs to pass before these bitcoins can be unlocked.
  • Or apart from a valid signature, one needs to provide a password to unlock particular coins.

All these cool things can be scripted using the Bitcoin scripts, but there is a problem.

Though these multi conditional scripts are powerful, they are cumbersome to use.

These scripts are also called PubKey Scripts because PubKeys are calculated using these scripts. And scripts included in outputs which set the conditions that must be fulfilled for those bitcoins to be spent are know as Pubkey Scripts or PubKeys.

These PubKeys that’s why become very large due to the various conditions specified in the scripts.

Now all the senders need to include this while sending bitcoins to these PubKeys thus making it a costly affair for them because it increases the size of transaction by almost five times than the normal transaction.

Plus, it is only natural, why a sender should bear the additional cost of the transaction?  Especially when the conditions specified with that PubKey are not even required by the spender !!

Pay To Script Hash (P2SH): P2SH vs. P2PKH

This problem is solved by using Pay To Script Hash (P2SH) instead of using Pay-to-PubKey Hash (P2PKH).

Pay To Script Hash (P2SH) is the workaround that the Bitcoin developers found out for shifting this responsibility of extra fees back to the recipient who actually needs to utilize those scripted conditions.

Pay To Script Hash (P2SH) means “pay to a script matching this hash, a script that will be presented later by the recipient when this output is being spent.”

So now the senders need not put the long PubKey Scripts in their transactions, and instead, they can just put a simple and relatively short hash of the scripts/conditions that the recipient intends to use for his/her own purpose.

But the magic lies here:

The hashes of these scripted conditions can be translated into standard Bitcoin addresses to which the sender can directly send the bitcoins from any wallet without any special effort or extra fee.

These addresses are called P2SH addresses, and a P2SH address always begins with a ‘3’, instead of a ‘1’ as in P2PKH addresses.

How P2SH works?

Just like the standard P2PKH transactions, in P2SH also, the bitcoins are still locked up in a script. But this script is not included in the output or the transaction sent by the sender, instead, a hash of this script is included by the sender.

Later, when the recipient wants to unlock the coins on this P2SH address, they need to produce the whole script, the script hash and the requirements to unlock it on the blockchain. (Also known as known as the signature script !!)

This is because the blockchain doesn’t know the script yet and only knows the hash. And when the recipient who is now willing to spend these bitcoins produces the whole script, the Bitcoin nodes execute & hashes the script to match is against the hash of the previous output.

If these hashes match, Bitcoin network knows that the coins were  locked in this script only and the transaction gets successful.

For example, look at this interaction between Alice & Bob:

In this Bob creates a script hash or P2SH address using the conditional scripts he wants and passes this address to Alice.

Now, Alice can create n-number of transactions to this address without paying an extra fee.

On the other hand, when Bob wants to spend these bitcoins sent by Alice on this address, he can simply include his conditional scripts, the script hash (P2SH), and other requirements such as signatures to prove it to the blockchain that he has the keys and other requirements to unlock the scripted conditions.

P2SH Advantages

P2SH was introduced in 2012, and it has many advantages.

But the main reason for its introduction was “to move the responsibility for supplying the conditions to redeem a transaction from the sender of the funds to the Redeemer.”

  • Complex and lengthy scripts are replaced by its digital fingerprint, i.e., a cryptographic hash !!
  • Complex Scripts/conditions can be translated into valid Bitcoin addresses hence avoiding the need for any modifications in the sender’s wallet.
  • P2SH decreases the blockchain bloating by reducing its size because the UTXO sets with complex conditions would no longer be heavy.
  • P2SH shifts the extra fee overhead from the sender to the receipt who wants his/her bitcoins to be locked up under complicated scripts/conditions.


So P2SH merely is a fancy name of a new type of Bitcoin compatible Public addresses that is capable of wrapping up complex spending conditions in itself.

And when the recipient produces the original script/conditions with other requirements of the unlocking this script/conditions, then the coins become spendable.

But this way the transaction can become heavy as well for the recipient when he/she decides to spend those bitcoins stored on a P2SH address because the conditions can be too many also sometimes.

In that case, a technique called MAST-Merklized Abstract Syntax Trees in Bitcoin will be used to reduce further the size of transactions done by P2SH address owners.

Mast has several other benefits too which we will discuss in our next article.

So that’s all from our side in this guide on Pay To Script Hash (P2SH), and I hope it was easy to digest.

Do let us know your comments and thoughts below 🙂

If you liked this article? Do share it with your network !!

Leave a Reply