Topic: Are all BTC addresses really unique? - page 2. (Read 661 times)

Then you didn't get what I have intended to say, There are 2²⁵⁶ private keys. There are 2¹⁶⁰ legacy addresses  calculated from those  keys by applying RIPEMD-160 to SHA-256 hash of those keys. It means at the end we  have collision as only 2¹⁶⁰ legacy addresses will correspond to the whole set of  2²⁵⁶ private keys. Roughly each address can be accessible through the set of  2⁹⁶  keys.

No, it's straight up 2^160 addresses, no need to divide. RIPEMD-160 is used to hash the SHA-256 hash of the corresponding public key [1], reducing the P2PKH address space from a potential 2^256* to 2^160.

*slightly smaller, ECDA's private key space does not cover the full 2^256 [2]



There's also P2SH and Bech32 Bitcoin addresses, so any private key corresponds to at least 3 valid Bitcoin addresses.



[1] https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
[2] https://en.bitcoin.it/wiki/Private_key

That means that each single key may correspond roughly to 2²⁵⁶ / 2¹⁶⁰ = 2⁹⁶ addresses, right? So in fact addresses  are not unique in their nature cuz bunches of them have the same private keys.

Depends on the wallet. In some cases the password is used to extend the seed phrase, in some cases it's used to encrypt the wallet file.

e.g. Trezor and Ledger use the password to extend the seed phrase (ie. the private keys are derived from the seed phrase + password), so an adversary can't do anything with the seed phrase alone (except trying to brute-force the accompanying password).



You can attempt to send a competing transaction spending the same coins with a higher transaction fee, maybe submitting the transaction to an accelerator while you're at it. Unless your adversary has set a really low fee you're unlikely to succeed though.

@DannyHamilton,
Isn't it true that even if we add a passphrase to secure our wallet, it does not add any security locks to the seed and if seed is compromised, the wallet software will not ask for the old passphrase but a new passphrase to the person who hacked it, right?


Confirmed? What if they remain unconfirmed during the time the original owner of the wallet sees and catches the fraudulent activity? Are there any chances of reversal?

Everyone here has done a pretty good job of trying to help you understand that an ACCIDENTAL collision with a RANDOMLY generated address simply isn't going to happen in the amount of time that humans will likely exist.

That being said, it is possible for INTENTIONAL collisions to happen with addresses that aren't completely random (or aren't derived from a properly random seed).

For example., I could generate an address, look up the private key (or seed), send that private key (or seed) to you, and you could import it into your own wallet.  If you do that, then we will both have the same address in our wallets.

So, to answer your technical question about what happens when two wallets have the same address, in that case, both wallets will display the funds to both users.  Whomever spends the coins first (more specifically gets the transaction spending the coins CONFIRMED first) will be the one that wins, and the other will see the funds vanish from their wallet. This is because the funds are NOT in the wallet.  The funds are on the blockchain.  Both wallets have access to identical copies of the blockchain.  The wallet just stores the private keys and then looks at the blockchain to see which funds those private keys can spend.

This is why it is important to protect your private keys.  If an attacker gains access to your private keys (and/or seed), then they can import those private keys into their own wallet and have access to your coins whenever they arrive at the associated address.  If they send those coins somewhere else and get that transaction confirmed, then you will have lost the coins.

The blockchain can't tell the difference between the original owner of a private key and a stolen private key.  The nodes just check to see if the transaction is properly signed. If it is, then the transaction is valid regardless of who generated the signature.

Don't sound like ... "so. there is a chance ... "


There is a much better chance of you winning the PowerBall or Mega Millions or Grand Lotto Super Max 20 times in a row, then get struck by lightning 10 times in a row without dying, than for anyone else to get the same bitcoin address as you accidentally.

It takes light more than 4 hours to get to Pluto from the Sun.

8 Random Diceware words getting cracked at 1 trillion attempts per second will take 15 times the age of the universe, on average.


noooo.. people and other mostly normal human beings do not understand time when expressed beyond a million years. There's only less than ten thousand years of recorded human history.

We also don't understand distances beyond our own little planet, and people still get confused within the same city.

I mean yeah, there's also a non-zero chance for a bank robber to be able to walk through the wall straight into a bank's vault due to quantum tunneling.

https://physics.stackexchange.com/a/243715

It's just that that chance is very very small. Unlikely-to-occur-before-the-heat-death-of-the-universe small.

Granted the chance of a random private key collision is slightly higher, but still not within a realm that makes sense to consider as a threat model.

I'd say give a few dozen orders of magnitude.

Assuming the human race has spread across multiple planets in the next 10 billion years, lets give a generous population estimate of 1 trillion individuals. Even if every single one of those 1 trillion people generates 100 new bitcoin private keys every day (why anyone would need that many I don't know) for 10 billion years, we are still only talking about (1 trillion * 100 * 10 billion * 365) = 3.65*10²⁶ keys.

For OP, even in my hypothetical scenario above, we would still only have generated approximately 0.0000000000000000000000000000000000000000000000003% of all possible private keys. If we continued to use bitcoin for a trillion trillion trillion years, then we might have to start worrying about collisions, but given that all the stars in the universe will die in only 100 trillion years, we will probably have more pressing issues to deal with.

Only if you are silly enough to pick your own seed phrase or use a brainwallet. If you use a proper randomly generated seed phrase, the chances of someone guessing it are essentially the same as the chances of someone generating the same seed as you, as has been outlined above, i.e. never going to happen.

The equation where x = ∞ and y = the number of users creating x amount of addresses will only make it possible for the graph to dissolve this situation into an issue where people may face a 'collision' to each other. But there are chances you may get your seeds or phrases randomly guessed by someone and a person who is intentionally doing it, gets lucky some day.

That's assuming people still exist then

The question is not "Whether it is now or in 10 years" but more like "Whether it is now or in 10 billion years" (give or take a couple orders of magnitude)

Imho the best way to make them understand is to show them this image; it helps people get a glimpse of the immensity of the numbers involved:

No, you don't. You really have no idea just how large the numbers involved are. (It's not your fault; humans are notoriously bad at conceptualising numbers greater than a quadrillion or so.)

10 years is a very narrow time-frame for a collision to happen, even 1000 years isn't even enough for an "accidental" collision.
The only chance for it to happen in a short period is to find vulnerabilities in both the hashing algorithm used by generating addresses and secp256k1 (get the prv key from the pub key);
ex. a sudden "quantum supremacy".

FYI, Bitcoins aren't stored in wallets/clients, it's in the blockchain (nodes), and to spend it, you need the address' private key.
So, the answer to this "what if" question is: The first one to make a (higher fee -> confirmed) transaction can spend the bitcoin.

Okay, I get it that chances are nonexistent that it will ever happen to me personally that I will have an address which is the same as another one, but at some point EVER there will be 2 persons with the same BTC address. Whether it is now or in 10 years, it will happen some time.
What would happen then if a payment is made to that address? Will it be sent to the wallet owner who connects to the internet first? Or to the wallet owner who had this BTC address first?

FTFY. (A quindecillion is a trillion trillion trillion trillion.) Don't worry, you were only off by 36 orders of magnitude.

They don't. With numbers this large, they don't need to.

They don't. These addresses are generated randomly and chances are so damn small that this never happens. Bitcoin is decentralized, so these is no "central point" that shows which address to generate or which ones were already used.

People already discussed this multiple times in the past.

What happens if 2 people generate the same bitcoin wallet address?

Say I open an Electrum wallet, I get BTC addresses belonging to it and they are supposed to be totally unique. But say at the same time another person at the other end of the globe opens an Exodus wallet, who is to say he will not have 1 or more exact same addresses in his new wallet as me?

I know there are a trillion different combinations possible with so many characters in an address, but how do all these wallets make sure no duplicate addresses ever get generated?