taproot – How do I configure the P2TR address if I want to use only the key path?
BIP 341 (BIP-Taproot) describes this example, which does not require a script path.
If the spend condition does not require a script path, the output key should be committed to a non-spendable script path instead of no script path.
The BIP also explains the rationale for this.
If the tabroot output key is a collection of keys, it is possible for a malicious party to add script paths without other parties noticing. This allows them to bypass multilateral policies and steal coins.
Committing to an unavailable script path gives you the ability to prove to third-party observers that there are no hidden script paths. To achieve the same effect in the case of no coordination at all, the key aggregation scheme, including the individual public keys, must be revealed to the appropriate observers (even this may not be sufficient for certain key aggregation schemes).
Taproot’s Bitcoin Optech Workshop explains that calculating the adjusted public key uses:
Q = P + H(P|c)G
where
Q is the tweaked public key
P is the initial public key (P = xG where x is the private key)
H is the hash function
| is concatenation
c is the commitment to the script path spend
G is the generator point
If you don’t need to spend the script path, you can calculate the adjusted public key using:
Q = P + H(bytes(P))G
where bytes(P)
Serialization of P as defined in BIP 340 (BIP-Schnorr).
This adjusted public key Q will be your Taproot (P2TR) address. Remember that you do not hash (reconcile) public keys with Taproot (SegWit v1) like you do with P2PKH, P2SH, and P2WSH (SegWit v0).