The Bitcoin Core BIP-360 Quantum-Resistant Address Format Enters Live Testnet — Allowing the Community to Begin Real-World Testing of the New P2MR Standard Before Any Mainnet Activation Decision. That sentence sounds long because the development effort is broad: a new address format designed to resist future quantum threats is now available on Bitcoin testnet, and developers, wallet authors, and curious users can start trying it out in realistic conditions.
What is BIP-360 and the P2MR address format?
BIP-360 defines a new output type called P2MR — pay-to-merkleroot — which encodes a compact commitment to an entire set of public keys and scripts using a merkle root. Instead of revealing a single public key up front, P2MR commitments let spend conditions be disclosed only when a spending transaction is constructed, reducing exposure of public keys that could be vulnerable to future quantum attacks.
In practical terms, P2MR aims to preserve privacy and limit the public-key surface that adversaries might target. By committing to many potential spending paths with a merkle root, users can reveal only the branch they use when spending, keeping other keys hidden indefinitely.
How this differs from existing address types
Current output types — P2PKH, P2WPKH, and even Taproot (P2TR) — expose a public key or a single-signer verification key in ways that can be harvested and later attacked if quantum computers become practical. P2MR changes the model by making a compact, single commitment that stands in for many possible underlying keys.
That commitment is small and fits neatly into Bitcoin’s script and witness structures, which makes P2MR an attractive option for forward-looking applications where long-term confidentiality and resistance to quantum key recovery are concerns.
Why quantum resistance matters now
Quantum computers capable of breaking elliptic-curve cryptography would put any system relying on ECDSA or Schnorr keys at risk, including Bitcoin’s most common address types. While such machines are not imminent, developers argue that the long-lived nature of UTXOs and off-chain data make early mitigation sensible.
Adopting a commitment-based approach like P2MR doesn’t claim to be a silver bullet; rather, it buys time and reduces the attack surface by minimizing the number of public keys that must be exposed to the network or archived by observers.
Risk model and realistic timelines
Quantum-resistance advocates emphasize risk management over panic. Cryptanalysis and hardware progress are uncertain, so the community is trying to weigh present-day costs against potential future benefits. P2MR is a low-impact change in that it’s opt-in and non-consensus-breaking for existing UTXOs.
Because activation on mainnet would only happen after broad testing and a governance-like readiness in the developer and wallet ecosystem, this testnet phase exists so tools can be exercised well ahead of any formal deployment discussion.
What the live testnet launch means
Putting BIP-360 into Bitcoin Core’s testnet build means the code paths for creating, spending, and validating P2MR outputs are now exercised by real peer-to-peer traffic and testnet wallets. That matters: simulated unit tests catch many issues, but only live network behavior reveals real-world edge cases.
Validation logic, mempool policy interactions, and wallet UX are stress-tested by the community during this phase. Developers can see how nodes behave when encountering P2MR outputs, including propagation, fee estimation, and policy acceptance.
Who should participate
Wallet developers, custodial services, hardware wallet teams, block explorers, and independent testers should all take a look. Even casual users who run full nodes can help by enabling testnet and creating or receiving P2MR outputs — this crowd-sourced testing helps surface usability and privacy concerns.
For those interested in experimenting without risking real funds, testnet is ideal: you can get bitcoins on testnet from faucets or community faucets and try out sending and receiving P2MR outputs safely.
How to test P2MR on testnet: a practical guide
Testing begins by running a version of Bitcoin Core that includes the BIP-360 implementation. Once your node is on testnet, create P2MR addresses with the RPC commands or a compatible wallet. Then use testnet faucets to get coins and spend to and from those addresses.
Below is a simple checklist to help you get started. I ran through these steps myself on a VPS and a local machine to confirm the flow and to observe mempool behavior when broadcasting P2MR transactions.
- Download or build a Bitcoin Core testnet binary that includes the BIP-360 changes.
- Start Bitcoin Core with -testnet and allow it to syncronize peers and headers.
- Use the wallet RPC or a patched wallet to generate a P2MR address and note the format.
- Visit a testnet faucet to get funds — this is an easy way to get bitcoins for experimenting.
- Send funds to the P2MR address and then construct a spending transaction to reveal a branch of the merkle commitment.
- Observe mempool acceptance, confirmation behavior, and how block explorers display the outputs.
RPC examples and tooling considerations
Bitcoin Core’s RPC commands work where the wallet is updated to support P2MR. Wallet maintainers may need to add UI elements for creating these addresses and for exporting the merkle commitments. Third-party libraries that parse scriptPubKeys should also be updated to recognize P2MR witness programs.
When I tested, I noticed that some block explorers did not immediately decode P2MR outputs, which is expected at this early stage. That highlights the importance of ecosystem-wide updates if P2MR were ever to be promoted toward mainnet activation.
Interoperability and wallet UX challenges
P2MR is opt-in by design, but usability matters. Wallets must make the wallet owner comfortable that their funds are secured and that spending will work as expected, even when a merkle commitment contains many potential spend paths.
Key management, backup formats, and signing flows may change. Users who expect seeds and deterministic derivation to be the only thing they need should verify that new wallet backups contain sufficient data to reconstruct or recreate merkle branches when spending from P2MR outputs.
Hardware wallets and multisig setups
Hardware wallet vendors need to implement signing for scripts revealed at spend time. Multisig setups that leverage P2MR can benefit from smaller on-chain footprints, but co-signers must coordinate on offline knowledge of branches or use protocols that fetch spending branch data when creating a transaction.
In my testing, coordinating a multisig spend required exchanging a bit more data than usual because the spending branch must be assembled and provided to the signing devices. Developers will want to reduce that friction before any broader roll-out.
Testing goals and metrics the community will watch
The testnet phase aims to validate correctness, safety, and usability, plus to quantify performance impacts. Key metrics include transaction propagation rates, mempool acceptance, block inclusion times for P2MR spends, and any consensus-related edge cases found when nodes at differing versions interact.
Feedback loops from wallet and hardware vendors will also be important. The community will watch for broken assumptions in wallet libraries, issues in coin selection, and any surprising changes to fee estimation when spending from P2MR outputs.
What success looks like
Success in this testing phase means no critical bugs, a clear path for UX improvements, and broad vendor buy-in for supporting the new format. It also means developers can quantify any long-term benefits in privacy and key-exposure reduction versus the costs in complexity and compatibility work.
Only after this groundwork would there be a reasoned discussion about activation mechanisms or soft-fork proposals — and that discussion would be as much social and operational as it is technical.
Potential pitfalls and things to watch
Any change that increases the amount of data revealed at spend time creates subtle privacy trade-offs. While P2MR hides unused public keys, the revealed branch could leak metadata that correlates transactions under certain threat models.
Additionally, tooling that relies on assumptions about scriptPubKey shapes will need updates. Automated analytics, archival nodes, and light-client implementations may have to adapt their parsing logic and indexing strategies to handle a new witness program cleanly.
Testing the unexpected
Live testnets are where uncommon failure modes show up: nodes with outdated mempool policies refusing to accept P2MR spends, wallets constructing transactions that omit necessary branch data, or explorers misrepresenting balances. Recording and sharing these cases is part of the process.
During my participation, a small bug in a wallet’s serialization code caused one spending attempt to be rejected by peers. The fix was straightforward, but the incident illustrated the value of early, low-stakes testing on testnet.
How the community will decide on mainnet activation
Mainnet activation, if ever pursued, would follow a structured process: extensive testing, hardened implementations in multiple clients, documented upgrade plans from wallet vendors and custodians, and community signaling through BIPs and deployment proposals. There is no automatic timeline or assumption that testnet will lead to mainnet activation.
Ultimately the decision would be social as much as technical: operators, exchanges, custodians, and major wallet providers would need to agree that the benefits justify the migration costs and that the ecosystem can coordinate a safe rollout.
Role of review and audits
Before any activation, formal code audits and cryptographic reviews would be needed. External audits can find subtle issues in merkle commitment handling, branch verification, and boundary cases in the consensus and policy code.
Community bug bounties, multiple independent implementations, and long-running testnet exposure are proven practices to reduce the chance of surprises when moving to mainnet.
How you can help right now
If you run a full node or develop wallets, enable testnet and experiment with P2MR flows. If you maintain a block explorer or a library that parses scripts, add support for the new witness program and report any incompatibilities.
Non-developers can also participate by running a node, using faucets to get bitcoins on testnet, and trying out sending to and spending from P2MR addresses. Your feedback on UX and any unexpected behavior is valuable to the teams coordinating the tests.
| Address type | Public key exposure | Quantum resilience (relative) |
|---|---|---|
| P2PKH / legacy | Public key exposed on first spend | Low |
| P2WPKH / SegWit | Similar exposure at reveal | Low |
| P2TR / Taproot | Key exposed for single-signer spends; scripts exposed for script-path spends | Moderate |
| P2MR (BIP-360) | Merkle root exposed; only used branch reveals keys | Higher (reduced exposure) |
Testing a new address format is an exciting and meticulous stage in Bitcoin development. It’s not a race to deploy but an opportunity to refine, discover, and make measured decisions together.
If you want to get hands-on, install a testnet-enabled Bitcoin Core, request testnet coins to get bitcoins for experimentation, and try creating and spending P2MR outputs. Your reports and pull requests will help determine whether P2MR stays a testnet curiosity or becomes a mainstream option for the long-term health of Bitcoin.
