Topic: Change addresses: What was the motive of Satoshi? - page 2. (Read 1489 times)

Perhaps you are right. I am no expert on these matters - I try to understand them.

On what you say:

a) That's a very artificial limitation for an electronic payment system, wouldn't you agree?

b) 1 Bitcoin consists of millions of satoshis anyway - so again the fictional bank to do the division is quite redundant...

c) In terms of future-proofing, what's the chance that the coins remain undivided over the course of 10-20-30-40-50 years? They will be divided anyway, so? If the currency is successful it's almost a given that the vast majority of transactions will be conducted in fractional amounts. Why the need to divide them?

d) What about halvings in block reward that produce fractional coins to begin with?

One of the ideas with bitcoin is that you generate a new address for every input you get. So you have no main address you just have bunch of addresses.



! If you get an input of .1 you have spend it as .1 you can split it into several outputs though. So you can use it to pay .05 to someone and get .05 as change.

Sorry, can't get you.

Heh, speaking of privacy, we're not even supposed to -have- a main address. I'm guilty as well, of course.

No, you don't know how bitcoin works at protocol level. It has nothing to do with privacy or quantum computing.

Bitcoin is like a banknote. You can only spend it as one piece. You can't cut it into 2 halves by yourself. If you want to spend part of its value, you need someone (e.g. a bank) to divide it into 2 banknotes for you. That's how "change" comes. (of course, we don't have a bank in bitcoin, but miners are doing such job)

I'm using it as a sort of privacy, I don't feel that I want to share my MAIN address with everyone for example.

We know that "change" in real life are useful because you give ten dollars and you get back change. However in Bitcoin you can send a precise amount of coins, so change is not really "necessary" - not even as an option. It's not needed and adds bloat out of nowhere.

Some say "change increase privacy so that's why it was placed in there". Surely, a protocol as transparent as bitcoin, wouldn't increase its privacy by any significant amount through change (not to mention that change can be linked during future spending). This is stuff that even a script can put together, deanonymizing transactions.

And why, if it is privacy-related, wouldn't one be able to control change spending so as to not be linked together?

So there has to be something else here that Satoshi saw.

I'm thinking it may be related to Quantum-Computing resistance. By moving the amount to the recipient + change to a new address (which hasn't yet published its public key), a good portion of the network's money will remain uncrackable by a quantum computer as the QC won't know the public key to extrapolate the private key.

If control of change is going to be implemented in future versions of Bitcoin, this quantum-resistance could be broken. Perhaps it should also be accompanied by a change in the private/public key algorithm to a quantum-resistant one.

Or, alternatively, introduce a button in the wallet that places one's funds into "quantum storage" - aggregating them automatically in a single address with no spends (that prevent QC cracking). One could even checkbox something like "automatic quantum storage" so that when one wants to spend money, one amount would go to the destination and the other would go to a new address with zero spends. Thus change control won't affect the principle of QC-resistance, if that's the rationale of Satoshi.