Author

Topic: Address & key-pair overlaps (Read 534 times)

legendary
Activity: 3472
Merit: 4801
February 21, 2014, 03:24:10 PM
#2
Address is 160 bits, public key is 256 bits (Compressed public keys are 33 bytes[...]. The older uncompressed keys are 65 bytes (Source)), correct? This means there's obvious duplication.

Now, question is:-
If someone receives money on address A, then uses keypair B to spend the money on address A, then receives some more money to address A, can keypair C (Assuming RIPEMD-160 of the public key hashed to the same thing) then spend the money on address A

Yes.

, even though keypair B has already been 'registered' in the blockchain? Is there any validation?

Only that the public key hashes appropriately and that the signature matches the public key supplied.

Or, is it simply "looks good, let's go"?

Exactly.
full member
Activity: 238
Merit: 109
February 21, 2014, 12:51:05 PM
#1
Address is 160 bits, public key is 256 bits (Compressed public keys are 33 bytes[...]. The older uncompressed keys are 65 bytes (Source)), correct? This means there's obvious duplication.

Now, question is:-
If someone receives money on address A, then uses keypair B to spend the money on address A, then receives some more money to address A, can keypair C (Assuming RIPEMD-160 of the public key hashed to the same thing) then spend the money on address A, even though keypair B has already been 'registered' in the blockchain? Is there any validation? Or, is it simply "looks good, let's go"?

Obviously, this isn't a threat as the chances are insanely low, but, just wondering.
Jump to: