Pages:
Author

Topic: Standard Check Numbers (checksums for addresses) - page 3. (Read 3135 times)

legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
I often double/triple check addresses and I think what I'm asking for is just to give me piece of mind. I feel especially uneasy when sending an address via IRC, I think it would be nice to be able to do the following;

IRC Chatlog:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check FF4857EB

Me: confirmed

This would give me confidence that the address that was enter into the wallet by the other person is indeed the address I wanted to send to them.




donator
Activity: 1218
Merit: 1079
Gerald Davis
31uEbMgunupShBVTewXjtqbBv5MndwfXhb

And compare it with this one:

31uEbMguoupShBVTewXjtqbBv5MndwfXhb

Neither of those are valid addresses.

However the following address is:
1Gt4PGm6HNDSMvQh3fTNfDSxE9tW26XXNv

If you tried to send fund to this address by mistake the transaction would fail because it is not a valid address
1Gt4PGm6HNBSMvQh3fTNfDSxE9tW26XXNv

The probability of mistyping and still producing a valid address is roughly one in 4 billion.   If you mistype 1 million addresses in your lifetime there is still a 99.97% chance that none of the typos in your lifetime will produce a wrong but valid address.
legendary
Activity: 3514
Merit: 4895
Yes, the address has a checksum built in, but not one designed to catch transcription errors. There's a 1-in-232 chance that a random typo will still create a "valid" address.
I'm not sure how CRC32 works, but wouldn't CRC32 also have a 1-in 232 chance that a random typo will create the recognized/displayed checksum? If so, it sounds like you are just arguing for using more bits from teh SHA256 hash that is currently used as a checksum.  Perhaps it would be satisfactory to you to use the first 8 bytes instead of the first 4 (creating a 64 bit checksum)?  Personally I'm ok with 32 bits.  The odds that I'll make a typo are slim to start with.  Multiply the odds that I make a typo by the odds that the typo will generate a valid checksum and it quickly becomes something that isn't of concern to me.


. . . Using a checksum scheme that is guaranteed to catch common somebody-typing-an-address-from-paper mistakes . . .
Define "guaranteed".  No matter what method you use, there will always be some sort of chance that the address entered (verification method chosen) will match on an incorrectly entered address.  If 32 bits isn't enough, do we need 128? 256?
donator
Activity: 1218
Merit: 1079
Gerald Davis
Yes, the address has a checksum built in, but not one designed to catch transcription errors. There's a 1-in-232 chance that a random typo will still create a "valid" address. Using a checksum scheme that is guaranteed to catch common somebody-typing-an-address-from-paper mistakes

No an additional checksum won't "guarantee" anything. It will still have some probability based on the size of the checksum and the algorithm used to fail (especially with double transposed errors).  Worse if it requires optional or manual verification the chances of it catching anything significantly decrease.  The built in checksum provides 99.9999999767% probability that a typo will not produce a valid address.   

My guess it the OP is unaware that all Bitcoin addresses have a built in checksum.  Honestly I have never heard of anyone losing funds to a typo.  Not once.  Ever.  Plenty of reports of hacked accounts, corrupt wallet files, malware attacks, stupid mistakes (formatting computer and no backup of wallet.dat), and the occasional "oh shit I sent wrong amount" or "I sent funds to wrong (but valid) address". 
pc
sr. member
Activity: 253
Merit: 250
Yes, the address has a checksum built in, but not one designed to catch transcription errors. There's a 1-in-232 chance that a random typo will still create a "valid" address. Using a checksum scheme that is guaranteed to catch common somebody-typing-an-address-from-paper mistakes (like transposing characters, hitting a nearby key on common keyboards, or entering in a letter with the wrong case) may make sense for some applications. I don't think CRC32 is the best choice, since it's designed for wire transmission errors, not for human typo errors. I don't know if a standard of just showing the checksum next to the address is the best approach, or if we want to invent a new address version, but it'd be nice to do something.

Though if we move to a future where all addresses are encoded via QR codes or sent through a payment protocol, so humans never see addresses anymore, it might not be worth the effort of doing.
legendary
Activity: 3514
Merit: 4895
This may have been suggested before, but I would like to propose that all bitcoin addresses should be displayed with a 'standard' checksum associated with it. Why? Because I think it is far too easy to make a transcription error, for example, take the following address:

31uEbMgunupShBVTewXjtqbBv5MndwfXhb

And compare it with this one:

31uEbMguoupShBVTewXjtqbBv5MndwfXhb

You could be forgiven for not noticing they are not the same. But, if we used a 'Standard Check Number' (in this case CRC32) that is displayed with the address then the difference is obvious.

Address: 31uEbMgunupShBVTewXjtqbBv5MndwfXhb
Check:   FF4857EB

Address: 31uEbMguoupShBVTewXjtqbBv5MndwfXhb
Check:   1855F17C

Of course it doesn't have to use CRC32, but in order for it to work a standard for 'Check Numbers' would have to be decided upon. They can then be compared across all bitcoin software and services and reduce the chances of payments being sent to the wrong addresse.

Thoughts?

(Mod note: not sure if this is the correct section to post this in  Huh please move if not)
Except that bitcoin addresses have a 'standard' checksum built in to them, so a transcription error will almost certainly result in an invalid address that the client and network won't accept.  Every case I've seen so far of someone reporting that they sent to the "wrong addressee" was due to them pasting/entering a valid address that they got elsewhere and not from a transcription error.

The last 4 bytes of every address are the first 4 bytes of a double SHA256 hash of the rest of the address.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
This may have been suggested before, but I would like to propose that all bitcoin addresses should be displayed with a 'standard' checksum associated with it. Why? Because I think it is far too easy to make a transcription error, for example, take the following address:

31uEbMgunupShBVTewXjtqbBv5MndwfXhb

And compare it with this one:

31uEbMguoupShBVTewXjtqbBv5MndwfXhb

You could be forgiven for not noticing they are not the same. But, if we used a 'Standard Check Number' (in this case CRC32) that is displayed with the address then the difference is obvious.

Address: 31uEbMgunupShBVTewXjtqbBv5MndwfXhb
Check:   FF4857EB

Address: 31uEbMguoupShBVTewXjtqbBv5MndwfXhb
Check:   1855F17C

Of course it doesn't have to use CRC32, but in order for it to work a standard for 'Check Numbers' would have to be decided upon. They can then be compared across all bitcoin software and services and reduce the chances of payments being sent to the wrong addresse.

Thoughts?

(Mod note: not sure if this is the correct section to post this in  Huh please move if not)
Pages:
Jump to: