Topic: "In Bitcoin, public key are either compressed or uncompressed" (Read 653 times)

  yes!
it's very clear now, thank you all!

Gol.

BTW

i am not "designing a wallet", but i do want to know everthing there is on Bitcoin and cryptocurrencies.

bitcoin address is basically a 20 bytes long hash of the actual key, that could have been compressed or uncompressed before hashing - you cannot figure it out from the hash.

when spending coins from such an address, the signature is provided along with the original key - and then this key's hash must match the hash from the address, in order for a transaction to be valid.

The PubKeyHash is the pubkeyhash of the receiver.  You don't need to know or care about if they used a compressed or uncompressed pubkey because you aren't "sending" coins to the PubKey you are sending it to the PubKeyHash.  The output of the transaction will contain the receiver's pubkeyhash, you don't need to know more than that.

As for the question of if your PubKey(s) for a particular transactions are compressed or uncompressed, that depends on the wallet which originally created them and which form it used.  The wallet should store the PubKey in the correct format.  When importing a private key you create the correct PubKey format depending on the flag in the private key.  The WIF for private keys has a "flag" to allow you to identify if the PubKey should be compressed or uncompressed.  If they key was originally a compressed PubKey then you will recreate a compressed PubKey and if it was originally an uncompressed one, you will recreate an uncompressed one.

As pointed out above originally uncompressed pubkeys were used.  There is absolutely no reason that was done other than Satoshi probably was not aware of compressed pubkeys.  There is no advantage to Uncompressed PubKeys and they make the wallet, transactions, blocks, and logs larger for no benefit.  Today any competent wallet designer should make all NEW keypairs compressed.  A competent wallet designer however needs to consider that a user may important EXISTING key and that key may use an uncompressed PubKey so it needs to handle both formats.  Any wallet today creating new uncompressed pubkeys has a developer who is either uninformed or lazy.

All of this is far below the level of an end users.  Unless you are designing a wallet/client you should never need to make this determination.  If you are designing a wallet your line of questions would indicate you need to stop NOW and do more research.

...not sure i got it

the sender is responsible to make the signature? if so, is it "his" responsibility to generate the signature?

When you send, you are sending to a hash.  You have no idea what it is the hash of.  It could be a compressed pubkey, it could be an uncompressed pubkey.  You don't know and don't care.

The transactions that you are redeeming will be either compressed or uncompressed depending on the keys and addresses you received them with, which depends on where your addresses came from.

if you are sending to "someone" - he already decided whether his address was compressed, or not, before giving you the base58 encoded payment address.
in many cases you don't even know whether you are sending coins to compressed or uncompressed address - and you also don't care about this, because it only matters when the owner of such an address is spending the coins you sent him.

it's all up to your wallet, that generates public addresses (the ones that start with 1...)

for instance old versions of satoshi client were always creating uncompressed addresses - but the new versions always create compressed.

using my wallet you can choose what you want, but the default is compressed.

using other wallets - I don't know, but likely most of the modern ones make compressed addresses, since they are just more space efficient, thus (theoretically) cheaper in transaction fees while spending coins from them.

ok! so lets say that "we" only use ready made client download(or any 3rd party) for the Bitcoin site
and "we" want to send coins to someone- by pressing "send"(or OK or what ever):
uncompressed or compressed?

Basically, it comes down to whether or not the person writing the key generator understands compressed keys or not.  There is only one reason why uncompressed keys should ever be made new, and that reason is that the author didn't know how to compress them.  Also, that isn't a very good reason.

Thanks.
i did a search, no answer on why and who.


who or what are the criteria(s) for the decision?

Search is not quite so useless here that it wouldn't have answered your question.

The decision is made when the address is created, or on a more meta level when the software that generates the keys is written.

Hello all!
the subject is for here:
https://en.bitcoin.it/wiki/Elliptic_Curve_Digital_Signature_Algorithm

please help me clarify this:
who and how the decision to use compressed or uncompressed is made?

thank you!
Gol.