Overview
- BIP-360 introduces Pay-to-Merkle-Root (P2MR), a Taproot-adjacent output that removes key-path spends and commits to a script Merkle root to cut long-exposure public-key risk.
- P2MR retains tapscript and script-tree functionality, is scoped as a soft-fork change, and would arrive as a new SegWit v2 output with bech32m addresses starting with bc1z.
- The proposal targets only long-exposure threats and does not prevent short-exposure attacks, with authors signaling separate work on post-quantum signature options if needed.
- The BIP notes trade-offs including a larger minimal spend witness—estimated about 37 bytes more than a Taproot key-path spend—and privacy shifts because all spends use script paths.
- Co-authors include Hunter Beast and Ethan Heilman, with Isabel Foxen Duke added in the latest update, and supporters frame the step within broader moves toward quantum-safe standards referenced by U.S. agencies; some asset managers suggest the progress could ease quantum-related market fears.