In order to determine the Avalanche address that corresponds to a Bitcoin address that provided collateral to the bridge, the Bridge Nodes will identify the public key of the user wallet from the signed transaction on the Bitcoin network, and use it to derive the Avalanche C-chain address. This way, the funds on both networks are controlled by the same private key or Recovery Phrase, and that secret never leaves the sole possession of the user’s wallet. Similarly, when a user goes to transfer funds from Avalanche back to Bitcoin, the user's Bitcoin address is derived from the public key identified from the Avalanche transaction that burns the wrapped asset.
An additional challenge to using this address derivation approach is the fact that almost all Bitcoin wallets are hierarchical deterministic (HD) wallets that use different public and private keys for each UTXO received. This is in contrast to the EVM account model, where wallets use the same private key for all transactions. HD wallets are incompatible with the Avalanche Bridge because users expect their funds to arrive at a single Avalanche address rather than be split across multiple addresses. In order to provide an intuitive user experience, the Core Wallet extension provides Bitcoin wallet functionality and also provides the user interface for bridging Bitcoin over to Avalanche. The Bitcoin wallet within the Core extension uses the same private key as used for the C-chain address on Avalanche, allowing for easy bridging between the two chains from within a single wallet. While HD wallets provide additional privacy on Bitcoin by using new addresses for each transaction, we found using a single address wallet a very reasonable trade-off to enable more seamless bridging, given that all EVM-based chains, including the Avalanche C-chain and Ethereum, follow this model.
For a more in-depth read on how the Bitcoin Bridge works, please read the following articles.