Pages:
Author

Topic: Standard Check Numbers (checksums for addresses) - page 2. (Read 3135 times)

legendary
Activity: 3514
Merit: 4895
So, to simplify things even further...
IRC Chatlog, v2:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Me: *looks generally over the address, then specifically checks the last 4 characters* confirmed

That's all there is to this. Someone would have to specially go out of the way to bruteforce a typo that wouldn't be caught by doing this easy check.
And the check isn't even necessary since the address won't work in the Bitcoin client that "Other" is using unless it is valid in the first place.
legendary
Activity: 1204
Merit: 1015
I often double/triple check addresses and I think what I'm asking for is just to give me piece of mind. I feel especially uneasy when sending an address via IRC, I think it would be nice to be able to do the following;

IRC Chatlog:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check FF4857EB

Me: confirmed

This would give me confidence that the address that was enter into the wallet by the other person is indeed the address I wanted to send to them.
So, to simplify things even further...
IRC Chatlog, v2:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Me: *looks generally over the address, then specifically checks the last 4 characters* confirmed

That's all there is to this. Someone would have to specially go out of the way to bruteforce a typo that wouldn't be caught by doing this easy check.
legendary
Activity: 3514
Merit: 4895
. . . Specifically, closely check THE LAST FOUR CHARACTERS of the bitcoin address, there is your built-in checksum.

eg:
12YgtanvDic1y5ZcgW5wCrwwBzSWrSUgXE

I just eyeball the first 4-6 but closely check the last 4-6 ... and never had an issue, hope this helps yogi.

That won't help the OP.  As he has already explained that he is concerned that he might have made a typo in the other characters.  How is looking at the last 4 characters going to tell you if you made a typo elsewhere in the address?

. . . Thank you Pieter for explaining to yogi what the condescending others where trying to say to the poor guy without actually spelling out what he needs to do . . .
I've been trying hard to not be condescending. But each time I try to explain the situation, the same question keeps coming back.  I simplify the explanation further and try harder to understand the use-case that the OP is concerned about. Still, the same question.

At this point is isn't a matter of condescension, it's just a matter of running out of ways to explain it, and the user refusing to offer a single real life use-case that they are concerned about.

legendary
Activity: 3920
Merit: 2349
Eadem mutata resurgo
I think it would be quicker, for a human being, to make a cursory inspection of an address followed by a detailed inspection of a check number, as opposed to a detailed inspection of the full address.

That is exactly the same thing as: making a cursory inspection of an address followed by a detailed inspection of the last few characters of the address (as an address can be considered to be the pubkeyhash with its own checksum appended).


Thank you Pieter for explaining to yogi what the condescending others were trying to say to the poor guy without actually spelling out what he needs to do.

Specifically, closely check THE LAST FOUR CHARACTERS of the bitcoin address, there is your built-in checksum.

eg:
12YgtanvDic1y5ZcgW5wCrwwBzSWrSUgXE


I just eyeball the first 4-6 but closely check the last 4-6 ... and never had an issue, hope this helps yogi.

https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
legendary
Activity: 3514
Merit: 4895
I don't know but you are the only one who asks a question, gets 3 answers, ignores them and then asks the same question again. 

Bye.
Agreed.  I'm not sure if Yogi is incapable of comprehension or simply not paying attention, but at this point I give up.
legendary
Activity: 1072
Merit: 1189
I think it would be quicker, for a human being, to make a cursory inspection of an address followed by a detailed inspection of a check number, as opposed to a detailed inspection of the full address.

That is exactly the same thing as: making a cursory inspection of an address followed by a detailed inspection of the last few characters of the address (as an address can be considered to be the pubkeyhash with its own checksum appended).
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
Am I really the only one who makes detailed comparisons between bitcoin addresses to ensure they are the same?

I guess I must just be paranoid, maybe it's the irreversibility of a bitcoin transaction that scares me.
If this is true then you aren't going to be satisfied with the checksum you are requesting.  There is already a 32-bit checksum built in to the address.  If knowing that you still feel a need to make a detailed comparison between bitcoin addresses, then how is an additional 32-bit checksum going to keep you from feeling like you still need to make a detailed comparison between bitcoin addresses to ensure they are the same?

I think it would be quicker, for a human being, to make a cursory inspection of an address followed by a detailed inspection of a check number, as opposed to a detailed inspection of the full address.

But, as I'm the only one who compares bitcoin addresses I guess it's redundant.

Thanks all for the feedback.
legendary
Activity: 3514
Merit: 4895
Am I really the only one who makes detailed comparisons between bitcoin addresses to ensure they are the same?

I guess I must just be paranoid, maybe it's the irreversibility of a bitcoin transaction that scares me.
If this is true then you aren't going to be satisfied with the checksum you are requesting.  There is already a 32-bit checksum built in to the address.  If knowing that you still feel a need to make a detailed comparison between bitcoin addresses, then how is an additional 32-bit checksum going to keep you from feeling like you still need to make a detailed comparison between bitcoin addresses to ensure they are the same?
donator
Activity: 1218
Merit: 1079
Gerald Davis
Am I really the only one who makes detailed comparisons between bitcoin addresses to ensure they are the same?

I guess I must just be paranoid, maybe it's the irreversibility of a bitcoin transaction that scares me.

I don't know but you are the only one who asks a question, gets 3 answers, ignores them and then asks the same question again. 

Bye.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
Am I really the only one who makes detailed comparisons between bitcoin addresses to ensure they are the same?

I guess I must just be paranoid, maybe it's the irreversibility of a bitcoin transaction that scares me.
legendary
Activity: 3514
Merit: 4895
. . . They can then be compared across all bitcoin software and services and reduce the chances of payments being sent to the wrong addressee . . .
If this is your concern, I'd hope that by now you'd see that with the built in checksum, you really don't have to worry about a typo resulting in payments being sent to the wrong addressee.

On the other hand, if you are worried about giving out an address that is no good (can't be used because it is invalid), then I suppose I can imagine a few extremely unlikely situations where having the client/wallet display a separate checksum might be useful. (See my post here)

Unless you can give me a real world example of a situation you encountered where other methods wouldn't have been just as easy, I'm not sure that I'm convinced it is something that is worthwhile.
legendary
Activity: 1792
Merit: 1008
/dev/null
Am I the only one who makes comparisons between bitcoin addresses? Or do other people just paste & send without giving it a second look?

What are you comparing it to?  You do understand there is a CHECKSUM BUILT IN.  Take an address you own and leave off a letter, change the case of a letter, add a letter, replace a letter, etc and try to send a bitcent to it.  The client won't let you.  The address will be invalid.   The odds that you could mistype or copy an address and it still end up being valid but wrong is less than 1 in 4 billion.

no i think he dosnt...
donator
Activity: 1218
Merit: 1079
Gerald Davis
Am I the only one who makes comparisons between bitcoin addresses? Or do other people just paste & send without giving it a second look?

What are you comparing it to?  You do understand there is a CHECKSUM BUILT IN?  Take an address you own and leave off a letter, change the case of a letter, add a letter, replace a letter, etc and try to send a bitcent to it.  The client won't let you.  Keep trying.  Try a dozen, try a thousand. The addresses will all be invalid.  Even with a million attempts, the odds are <0.001% you will be able to randomly make an address which is valid.  If you want piece of mind try it right now.  Try to send bitcoins to a modified address (send a token amount like 0.01).

The odds that you could mistype or copy an address and it still end up being valid but wrong is less than 1 in 4 billion.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
Am I the only one who makes comparisons between bitcoin addresses? Or do other people just paste & send without giving it a second look?
legendary
Activity: 3514
Merit: 4895
If what you're looking for is that the address is actually from the person that you think it is from (particularly if it's coming through an insecure messaging system), than what you're looking for is for them to GPG-sign-and-encrypt the address first, and/or use the snazzy payment protocol that the devs are working on.
It sounds to me like what he's looking for is more of a way to ensure that the address is correct (no typo) when given to someone else (not when used to send the bitcoin).

Imagine this scenario:

You and I are both online at the same time right now.  You agree to send me some bitcoins later today (for some reason you don't have the bitcoins available right now).  I send you a bitcoin address, but make a typo as I enter it (for some reason I choose not to cut&paste).  We both go offline.

Later in the day (when you finally have access to your bitcoins) you attempt to send me what we agreed to but discover that the address I gave you is invalid.  Unfortunately you are leaving on a trip that evening and won't be back online for a month.

I get upset that I haven't received my bitcoins and declare you a scammer ruining your reputation.  When you get back you explain the situation and we resolve it, but not before a whole lot of anxiety, frustration, anger, etc.  All of which could have been avoided if just there was an easy way for you to confirm right away that the address I gave you was valid when I gave it to you.

How likely is a scenario like this? I don't know.
Why couldn't the sender attempt the send (and therefore discover the invalid address) while we were both online? I don't know.
Why couldn't I use cut&paste to ensure there were no typos when I gave you the address? I don't know

But if the presented scenario (or anything else where quick and easy confirmation of an address would be useful) is likely at all, then I suppose I could see some use in having a checksum that is not sent with the address visible in the client.  That way when you received the address, you could generate the checksum locally and send that result back to me.  I could confirm that the checksum you send me matches what I see in my client and therefore know that you don't have a messed up address.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
If what you're looking for is that the address is actually from the person that you think it is from (particularly if it's coming through an insecure messaging system), than what you're looking for is for them to GPG-sign-and-encrypt the address first, and/or use the snazzy payment protocol that the devs are working on.

No, what I'm looking for is a quick and simple way of checking that two addresses are indeed the same, without having to make a detailed comparison of all the characters in the two addresses.
pc
sr. member
Activity: 253
Merit: 250
If what you're looking for is that the address is actually from the person that you think it is from (particularly if it's coming through an insecure messaging system), than what you're looking for is for them to GPG-sign-and-encrypt the address first, and/or use the snazzy payment protocol that the devs are working on.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
Just to reiterate, I'm not suggesting that there are shortcomings with address validation. I just think it would give human beings piece of mind, and maybe save some time.
legendary
Activity: 1792
Merit: 1008
/dev/null
why not
Code:
bitcoind validateaddress 
therefore u will see if u made a typo or not!
pc
sr. member
Activity: 253
Merit: 250
. . . Using a checksum scheme that is guaranteed to catch common somebody-typing-an-address-from-paper mistakes . . .
Define "guaranteed".  No matter what method you use, there will always be some sort of chance that the address entered (verification method chosen) will match on an incorrectly entered address.  If 32 bits isn't enough, do we need 128? 256?

Sorry I wasn't clear. I meant "guaranteed to fail validation if only one common problem exists" for the common problems of character-with-wrong-case, transposition, etc. I don't know if it takes more than 32 bits to ensure all that, but I thought that there exist checksums designed for human input problems rather than random bit errors, and I was trying (and not very clearly) to suggest that if we want to change or improve the address checksum, we should use one of those. I'd agree that it's not clear that a better checksum is needed, especially with the work on a payment protocol and with more and more usage of QR codes which use their own checksum.
Pages:
Jump to: