Topic: Bitcoin Wallet Challenge... (Read 841 times)

In order to show this point valid, you would have to show that your public key is significantly more vulnerable than your address.

The OP was arguing that when you use an Bitcoin address to send BTC, you eliminate your steps 1 and 2.  The counter argument is that step 3 is so difficult that it doesn't matter.

If you have a key stroke logger, then your entire wallet, along your your banking login, if you keep that on your computer, is compromised. It doesn't matter how many Bitcoin addresses you have at that point.

not sure who died and made the OP king...

but ill use my funds and addresses in any damned way i please..... thank you very much. as such, if i was to have a donation address id prefer to use one single address everyone knows and can be verified to belong to me.

only the illegal activities community would consider keeping their funds on the move, but i see no benefit in such a practice for my personal bitcoins. the only reason i can see anyone doing this is to create more transactions to feed the greedy mining pool owners with extra transaction fee's. as such it has already been noted that luke JR has already put blocks into his mining pool code that ignores a majority of addresses if they are old/reused. only allowing a small amount through per block.

this is ludicrus. bitcoin is suppose to be used to give people freedoms. not demand they transfer funds in certain ways. i do not have anything against moving funds to new addresses, but trying to force people to do it as a rule... no way

So, if I insist on static addresses, perhaps I could have a routine where I'm always sweeping to a now empty but previously used address for offline wallets? Maybe even sweep from one offline client to another? Would that be beneficial or practical in anyway? I've yet to develop any transaction routine so I hodl.

DannyHamilton's explanation is really good.  I think the original question comes from a re-interpretation of the methods surrounding how a person should use a private key when they're using a paper wallet or a Bitcoin Firesafe.  In those situations, if you import that private key into a software Bitcoin application, and you wish to withdraw a partial amount, many many warnings have been issued to simply "not do that" and instead sweep the whole amount from the wallet to a new address, in a single transaction.  The reasoning is that the whole amount really does move, and the "change" is sent to another address.  If the PC software is deleted after a partial move of the funds, they may lose all the remaining funds, as they no longer resided at an address that is controlled by the paper wallet or Firesafe's private key. 

It's a really messy situation, and without a full understanding, the simple rule of "always sweep" prevents possible losses.

The "do not re-use" guideline probably comes from the concept of uploading a private key from a Bitcoin Firesafe or paper wallet to an online wallet service.  That moment of uploading is an act of sharing the private key, which reduces the trust one would want to place in that wallet/firesafe.  For a more permanent and valuable item, like the Bitcoin Firesafe, we recommend keeping that key private and importing it into software on your own PC, etc... rather than uploading that key to a third party.  Prior to our product, "do not re-use" a simple paper wallet was a good guideline that didn't cost much to follow.

Your address becomes a part of the blockchain as soon as you receive bitcoins at the address. It doesn't matter if you "re-use" it or not.  Fortunately the private keys are protected by 3 layers of cryptography (and no encryption at all).

To calculate a private key from a bitcoin address:

You would first have to figure out a way to reverse the RIPEMD-160 hash function.  A bitcoin address is really just a representation of the output of a RIPEMD-160 hash on a 256 bit number.  Therefore, you have to find a 256 bit number that results in the bitcoin address when you perform RIPEMD-160 on it.

Next, you would have to figure out a way to reverse the SHA-256 hash function.  The 256 bit number that is hashed with RIPEMD-160 is the output of a SHA-256 hash on a 256 bit public key. Therefore, you have to find a 256 bit public key that results in the desired 256 bit hash.

Finally, you would have to figure out a way to reverse the ECDSA digital signature algorithm when using the Secp256k1 curve to calculate the private key from the public key.

At the moment there is no known way to reverse ANY of those three functions, so it doesn't really matter how many attempts the hacker uses.

Again, the address is available on the blockchain as soon as you receive bitcoins, so you don't get any protection against knowledge of your bitcoin address by avoiding re-using addresses.


Your private key is not "transmitted" over the internet to send bitcoins (not even encrypted), so it is not subject to capture or hacking.


If you are using a proper bitcoin wallet (such as Bitcoin-Qt, Electrum, Armory, MultiBit, etc), then you should never have to enter your private key.  The wallet should have created it, and should use it without your even needing to know what it is.  As such, a keylogger shouldn't have access to it.  A virus could access wherever the wallet stores the private keys, but it can do that even if you don't re-use addresses.  Therefore avoiding re-using addresses does not protect you from viruses.


All theories that are based on imagination and a complete lack of understanding about how bitcoin works.  While your advice ("Don't re-use addresses") might be good advice, your reasoning is flawed and unconvincing.

[/quote]

Can you explain why a wallet should only be used once and not re-used?

[/quote]

There are at least three theories I've come across to not re-use [addresses].

1. Once a key is used, it is technically part of the block chain, and while it may be encrypted, the fact is hackers could work enormous calculations to crack it. The reason your bank login is safer, is your bank will likely allow three attempts and lock it down. By comparison, anyone can download the blockchain and run infinite cracks to dissever the private key data, possibly enabling theft. Keep in mind, hackers do not need your address, only the private key which contains your public address within it.

2. Once you transmit your key over the internet to "use" it legitimately in the blockchain to send Bitcoin, although encrypted, it is subject to capture and hacking.

3. With common virus distributed key stroke loggers (etc.) your copy and paste of the private key to use it, could be detected compromising your wallet security.

Again, all theories, but we have had theft in at least 1 of these categories and the list is not complete by any means. Do a test, leave a sloppy wallet out there with a few dollars in it, if it gets hacked, you know there is a security hole in your strategy. I would also consider BIP38 encryption for your private keys if you discover any breeches in your system.

He doesn't say that "a wallet should only be used once and not re-used".  He says that "you need to . . . not re-use the source address again".

A wallet can have multiple addresses.  As long as you use a new address for every transaction (as suggested in the original Satoshi Whitepaper, and by many knowledgeable experts), and a wallet that generates new addresses for "change" (such as Bitcoin-Qt) you can re-use the wallet as muh as you like and will have all the security that the OP is suggesting.

Can you explain why a wallet should only be used once and not re-used?

My position on wallets regardless of being offline, cold, or online is that once the private key has been used to move any coin, you need to move the remaining balance to a new unused wallet address and not re-use the source address again. In other words, wallets are theoretically safe indefinitely, but any wallet address that has been used to move even 1 Satoshi out needs to be abandoned and never re-used again. Wallet addresses used for out bound transactions are therefore temporary. If you don't keep a balance in a given wallet, then theoretically, you may be able to safely re-use that address assuming no balance is kept for any length of time (i.e. you sweep accumulated balances to another address frequently).

I'd like someone from this forum to challenge or confirm the premise with backed up logic.