HASH160

HASH160 is the two-step hashing operation Bitcoin uses to turn a public key (or a script) into a short, fixed-length fingerprint. It is defined as RIPEMD160(SHA256(data)), first applying the 256-bit SHA-256 and then compressing the result with RIPEMD-160 into a 20-byte (160-bit) digest, which is where the name comes from.

Why two different hash functions

Running SHA-256 followed by RIPEMD-160 shortens the value to 20 bytes, keeping addresses compact, and hedges against an unforeseen weakness in either algorithm alone. The resulting public-key hash is what an address actually commits to: a legacy P2PKH address is simply this 20-byte hash wrapped in a version byte and a checksum, then Base58Check-encoded into the familiar string beginning with "1".

Where it appears on-chain

In a Pay-to-Public-Key-Hash locking script, the spender's public key is duplicated, passed through OP_HASH160, and compared with the stored hash via OP_EQUALVERIFY before OP_CHECKSIG validates the signature. This design means the full public key stays hidden until the coins are spent, offering a measure of protection should the underlying elliptic-curve signature scheme ever weaken. The same HASH160 also underlies P2SH and witness-program addresses.

HASH160 sits beneath the addresses generated along a BIP44 derivation path, and its SHA-256 component is the same primitive used in the Merkle root that secures every block. Explore both for the fuller cryptographic picture.