How to create a Bitcoin black hole

It is surprisingly easy to construct a new Bitcoin address that can accept payments, which will be immediately and forever lost. Such addresses are called “provably unspendable,” meaning that you can prove beyond all doubt that no one ever can transfer a single sathoshi out from them.

In this example, we will be creating a so-called P2SH address, in which “SH” means “script hash.” Keep in mind that every bitcoin address is, in fact, a wrapped script, and for its owner to spend from it, he or she must create a valid transaction from it.

Valid transactions, in turn, contain scripts that must – somewhat over-simplified – satisfy two criteria: First, they must run without errors. Second, they must return “TRUE” (technically: the top item in the stack must be a positive integer).

Since P2SH addresses give away only the hash of the script, and not the script itself, it is not possible to determine beforehand whether a given script hash corresponds to code that is able to run without errors. Therefore, it is impossible to enforce any sort of new standard that would disallow dysfunctional scripts – as we shall demonstrate. In other words, creating a “catastrophic P2SH address” is fairly straightforward.

The magic ingredient is the opcode OP_RETURN. If we look it up, we see that:

Marks transaction as invalid. Since bitcoin 0.9, a standard way of attaching extra data to transactions is to add a zero-value output with a scriptPubKey consisting of OP_RETURN followed by data. Such outputs are provably unspendable and specially discarded from storage in the UTXO set, reducing their cost to the network.

This means that a script that contains OP_RETURN and nothing else can never satisfy the criteria, as when they are executed they will always return “FALSE.” Put differently, such scripts are provably unspendable. Any output to such an address is forever stuck and non-retrievable.

Let’s create such an address! First, we need a few bytes of gibberish data to create a unique address, so why not “6274636c65616b2e636f6d”, which happens to be the hexadecimal representation of the ASCII string “” (cheesy?).

Our script is thus:

OP_RETURN 11 0x6274636c65616b2e636f6d

A few short comments about it. The “11” in it is simply the number of bytes that follow, and somewhat confusingly, they are written as a “normal” decimal number, which is followed by a hexadecimal string. (Since 1 byte is 8 bits, and hexadecimal is a 16-digit format, the byte-size of a hexadecimal string is its number of characters divided by 2.)

This script is then converted – or rather serialized, which is the correct term – into the hexadecimal string


which we will use. Now, there are a million ways to convert a serialized script to its corresponding P2SH address, but this is not a tutorial for that, so we will simply provide you with a few uncommented lines of Python that do the job:

>>> import hashlib, base58, binascii
>>> script = ‘6a0b6274636c65616b2e636f6d’
>>> base58.b58encode_check(binascii.unhexlify(’05’+‘ripemd160’, hashlib.sha256(binascii.unhexlify(script)).digest()).hexdigest())).decode()

Hereby, we have shown that 3JM8v96QvZ17jjcH2hDa81BSdMt2yqER56 is a valid Bitcoin address that anyone can send to, and we have also proven that no one can ever redeem it.

Bitcoins are fragile. Anyone who owns them has the capacity to burn them – with indisputable evidence. We take the liberty to call 3JM8v96QvZ17jjcH2hDa81BSdMt2yqER56 a Bitcoin black hole. Whatever you send to it is forever lost.

(If we define “forever” until the time for a Bitcoin hard-fork that will allow spending from such scripts; it can theoretically happen, but in that case, Bitcoin is no longer Bitcoin.)

The existence of Bitcoin black holes opens up a few interesting possibilities. One such option is that someone who controls a large amount of Bitcoin can burn them and prove it. Since the total amount of Bitcoin is written in stone, this will lead to fewer Bitcoins in circulation – and thus an increase in value for those that are.

Comments or questions?

One more thing!

Consider the donation address at the bottom of the page. We re-invest all contributions into new projects for Help us create new content and remain ad-free forever. Thank you.

3 Replies to “How to create a Bitcoin black hole”

    1. We plead guilty 🙂 We transferred 666 satoshi – a suitable sum – straight into the black hole. Check if it’s still there tomorrow and then in ten years. We cannot take it back. No one can ever touch them. They are lost forever…


  1. How can one tell if a script hash is invalid? For example, using your python script above I found a few other used addresses with trivial script hashes, but appear invalid:

    Script: 0e0020

    Script: 5200ae

    Script: 494e46

    Script: 93545887

    These are all unspendable? Is there a tool to debug script hashes?


Leave a Reply

Your email address will not be published.