I believe from some more reading now that it is the case that a transaction may not have a destination address. Which I didn't expect!
Something I notice a lot of people don't expect is that:
There are no addresses in the blockchain. There are no addresses in transactions. Not with TapRoot, not with SegWit, not with P2SH, not with P2PKH, not in any bitcoin transaction ever. Addresses are something that wallet software does for us humans to make it easier to talk about the transfer of control over value. It's not something that actually exists in the bitcoin protocol.
All bitcoin transactions use output scripts that set up conditions that must be satisfied in order for the output to be spent. Humans and wallets use the abstract concept of an "address" as a shorthand way to describe a specific script.
Without the concept of an "address", if you wanted someone to create a transaction for you, you'd have to say something like:
"Please create an output that can only be spent when a signature is provided which can be validated with the public key that hashes to f54a5851e9372b87810a8e60cdd2e7cfd80b6e31 when first hashed with SHA256 and the result is then hashed with RIPEMD160."
Instead, we say:
"Please send bitcoins to the following address 1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs"
Those 2 statements each mean the exact same thing. The first one is what is actually stored in transactions and the blockchain (encoded using the bitcoin script language instead of english. Wallet software has been standardized to know that when the second statement is made, it needs to create a transaction that is described in the first statement. Wallet software (and block explorers) have also been standardized to recognize whenever they see any transaction output that matches the description in the first statement, they should display the "address" in the second statement.
If a transaction is created using ANY script that doesn't have a standardized way of converting that script into a single value, then that transaction doesn't have a "destination address". That's because there is no way for most wallets to recognize the script and know what single value to display to any human, and there's no way for any human to provide a single value to the wallet and for it to know exactly how to create that non-standardized script.
On the other hand, ANY script that becomes popular could become a new address type if the majority of wallet software maintainers all come to an agreement on how to represent that script as a single value.
I might have mis-phrased my question. I had the basic understanding of UTXOs, but my question is around interpreting the output.
Specifically: the address(es) holding the UTXOs.
This is where your confusion probably started.
Addresses do not "hold UTXO". Addresses don't even exist in the transactions or the blockchain.
Addresses are just a script re-written in a form designed for easier human consumption.
A UTXO is an unspent transaction output. Until it is spent, all you need to know about it is its value and how to find it.
To find it, you just need to know that transaction ID, and (since transactions can have more than one output) which output in that transaction it is.
Later, when someone wants to spend that output, they describe it using the transaction ID and an indication of which output from the transaction is being spent (the TXID_INDEX in your attachment at the top of this thread), and the script needed to satisfy the conditions of the original output script. This is when the original output script needs to be evaluated. The information from the input script is applied to the information from the output script. If the result of evaluating the two scripts together is satisfactory (according to the rules of the bitcoin protocol), then the output can be spent and the transaction attempting to spend it is valid. If the result of evaluating the two scripts together is not satisfactory (according to the rules of the bitcoin protocol), then the output cannot be spent and the transaction attempting to spend it is invalid.
In reading about Taproot and privacy, I don't see how there can be any privacy where the input and output addresses must be explicit for the ledger to be accurate.
Again, there are no addresses. There are only scripts.
One type of script is a P2SH script. In that type of output, the requestor of the payment is essentially asking:
"Please create an output that can only be spent when a SCRIPT is provided which can hashed to the following value (some hash value), AND that script is considered satisfied and valid under the rules of the bitcoin protocol."
Now, anyone that looks at the output will find that all of the signature requirements are hidden. The only way to see the signature requirements (if you aren't involved in creating the signature requirements) is then to wait for the output to be spent. When it is spent, the signature requirements (along with the necessary signatures) will be included in the input script. At that time you can see ALL of the signature requirements, and which ones were met. Sometimes only a subset of signatures are requires (for example a 2-of-3 multisig). There are 3 different signature requirements, but only 2 of those signature requirements need to be met for the transaction to be valid. Without TapRoot, all 3 signature requirements need to be included in the input script, otherwise the script won't hash to the value provided in the output that is being spent. Therefore, there is a loss of privacy for the person that did NOT sign, since the script will contain the information that he was a part of the original transaction as one of the potential signers.
With TapRoot, You can structure the scripts such that you ONLY need to reveal information about those that are providing the proof of validity (for example the signatures), and everyone else that was a party to the original transaction, but that aren't participating in the spending of it, remains hidden and unrevealed.
