Author

Topic: Does Bitcoin address reuse concerns apply only to spends/outputs? (Read 236 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

Yes

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.

How the address is "stored" doesn't matter, but if an address received Bitcoin from multiple different address which belong to different people/group, then it weakens your privacy even if the Bitcoin isn't spent yet.
sr. member
Activity: 966
Merit: 274
I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.  


As long as we are not using our wallets to some illegal transaction or transaction that may break a protocol of some part that we are into, there's no reason to worry about it, cryptocurrencies are made to be personal for each ip address, meaning to say, that it is personal to each and every individual, it is better to utilize one wallet address, than to always try to be anonymous in the market by using multiple wallet address.
hero member
Activity: 1890
Merit: 831
I think it's more of the reason that you have higher chances of being discovered by someone who might be into you and after that you could actually be in problem since there isn't anywhere where you wouldn't find hackers and all therefore this is the reason this is always a problem..
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
Wallets with a large amount of bitcoins are usually target of hackers and of course you are in danger if you dont know how to combat such schemes.
Just follow the basic principle of securing your wallet (which is don't save your recovery seed online, use HW if possible, use different strong passwords on every site/exchange) and you will be fine.

then use blockchain.info wallets since that web-wallet host website usually changes the wallet address every time you make transactions.
Where talking security matters, and blockchain.info/.com is out of the context here. Mobile wallets are way more secure than web wallet for sure.
sr. member
Activity: 644
Merit: 264
Aurox
Reusing the same address over and over again is very risky especially if you have a large amount of bitcoin in your wallet. Aside from privacy issues the much bigger threat is the security issues. Wallets with large amount of bitcoins are usually target of hackers and of course you are in danger if you dont know how to combat such schemes. If you are not very technical and you want and address that changes each time you make transactions then use blockchain.info wallets since that web-wallet host website usually changes the wallet address every time you make transactions.
legendary
Activity: 1463
Merit: 1135
I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.

The primary issue with address reuse is privacy, though there is also a small security risk. There is no benefit to reusing addresses, so why do it?

Reusing a known address to receive funds can be useful as an easy reference through your notes as timerland has pointed out.
I understand the privacy concerns of reusing an address for payments from different senders and how association of addresses happens.

I'll receive multiple transactions for example from an exchange on to a single address. That exchange stores a record of that address and makes it easy for me to reuse without needing to get a new one from the wallet. I do not receive from any other party to that address
and always use a new address for different exchanges. My question was in essence, is this a safe practice where address reuse is regarded.

I believe NeuroticFish answered my question adequately, Thanks! (I'm intending to learn coin control and that was why I referenced trezor)
hv_
legendary
Activity: 2534
Merit: 1055
Clean Code and Scale
It’s actually just the obvious privacy concern and nothing more. With the sheer amount of possible address combinations in the address space using RIPEMD-160 (2^160) for bitcoin, it’s totally advisable to just use change addresses for each transaction in order to mask up one’s origins for their funds. Collision is also highly unlikely for bitcoin, so why be so conservative and not use new addresses for each transaction anyways?

I d say it is best practice to use always new addresses, and good wallets should just not implement anything else.

Best privacy comes from big blocks, many ppl using on chain txs and open scaling btw
legendary
Activity: 3542
Merit: 1352
Cashback 15%
It’s actually just the obvious privacy concern and nothing more. With the sheer amount of possible address combinations in the address space using RIPEMD-160 (2^160) for bitcoin, it’s totally advisable to just use change addresses for each transaction in order to mask up one’s origins for their funds. Collision is also highly unlikely for bitcoin, so why be so conservative and not use new addresses for each transaction anyways?
hero member
Activity: 1526
Merit: 596
Only problem with using an address over and over again is that people will be able to see all the transactions going through it, and basically stalk your account and it's balance, which if you don't care, you'll be fine.

It does make things a lot easier, you can just copy the address in your notes and send it to anyone, and also makes looking at your balance when you don't have access to your wallet a lot easier, personally do this myself Smiley.
sr. member
Activity: 910
Merit: 351
Reusing an address will become a main security issue if a machine capable of brute-forcing that address within hours is affordable for the public.

I believe you can choose which output you want to use. Read https://bitcoin.stackexchange.com/questions/30149/how-do-i-spend-bitcoins-from-a-specific-address for more details. This way, you can avoid spending from your dedicated receive only address. But that also means you have to make sure there's another output that you could use.
legendary
Activity: 4466
Merit: 3391
I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.

The primary issue with address reuse is privacy, though there is also a small security risk. There is no benefit to reusing addresses, so why do it?
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.  



First of add, adding Trezor into the equation doesn't change anything, it just makes it harder to understand for the newbies. Keep in mind that a hardware wallet only keeps the private keys for signing the transactions.

So, let's go for the main problem.
From what I know, any transaction contains the receiver address (public info) and a signature (based on the private key!) of the sender address.
So it doesn't matter how many times you send money to an address, only its public info is shown. But as soon as you send out money from there, you need the private key, which can be a security risk.
About the privacy, it depends where those inputs come from, since one can link this way multiple addresses you may not want to "tell" they're all yours.
legendary
Activity: 1463
Merit: 1135
 I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.  
Jump to: