Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: x (Read 398 times)

bob123
legendary
Activity: 1624
Merit: 2481
x
June 07, 2018, 05:13:32 AM
#24
Quote from: _oh_no_stop_this_ on June 06, 2018, 01:00:17 PM
So to make 101% sure only the receiver gets the "coins" I should either (a) send it to his public key, or (b) create a Pay To Script Hash (but here I would also use his public key that will be the satisfying parameter for accepting this transaction as valid)?


For your coins to arrive properly, just create a transaction to the correct address provided by the receiver.
Nothing else is required on your part.

It doesn't matter whether you are using P2PKH (what you might be refering to with (a) ?) or P2SH.

_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 06, 2018, 01:00:17 PM
#23
Quote from: bob123 on June 06, 2018, 05:47:11 AM
Quote from: _oh_no_stop_this_ on June 06, 2018, 02:44:20 AM
So to make it clear for me:
2 different private keys may have the ability (although the possibility that happens is extremely low) to prove ownership of coins assigned to the single "wallet" (e.g. hashed public key)?

It depends.

If the outputs are in P2PKH format, then yes. If both (different) public keys do match the same hash this is possible. That would be a hash collision.
If the outputs are in P2SH format, then no. Since it is not possible for two different private keys resulting in the same public key, which would be required to be able to successfully redeem them.


Aha, thank you, this is interesting.
So to make 101% sure only the receiver gets the "coins" I should either (a) send it to his public key, or (b) create a Pay To Script Hash (but here I would also use his public key that will be the satisfying parameter for accepting this transaction as valid)?
bob123
legendary
Activity: 1624
Merit: 2481
Re: x
June 06, 2018, 05:47:11 AM
#22
Quote from: _oh_no_stop_this_ on June 06, 2018, 02:44:20 AM
So to make it clear for me:
2 different private keys may have the ability (although the possibility that happens is extremely low) to prove ownership of coins assigned to the single "wallet" (e.g. hashed public key)?

It depends.

If the outputs are in P2PKH format, then yes. If both (different) public keys do match the same hash this is possible. That would be a hash collision.
If the outputs are in P2SH format, then no. Since it is not possible for two different private keys resulting in the same public key, which would be required to be able to successfully redeem them.
mindphuq
member
Activity: 187
Merit: 20
Re: x
June 06, 2018, 05:08:23 AM
#21
Quote from: _oh_no_stop_this_ on June 06, 2018, 02:44:20 AM
I suspect you are a programmer Smiley

So to make it clear for me:
2 different private keys may have the ability (although the possibility that happens is extremely low) to prove ownership of coins assigned to the single "wallet" (e.g. hashed public key)?

No, public keys are generated from the private key and each private key creates exactly one public key whose hash is the 160-bit public address. So with owning the private key (backup, paperwallet ect) you can always and at any time (re)create your public address. So two different privkeys can not prove ownership to the other's public address. The wallet does that with picking the correct privkey from it's internal database (which is a mere key->value pair).

And actually there are no "coins" and the "wallet" is, as said, just a piece of software that helps you operating your keys. All that exists is an entry on the blockchain that says "address X sends to addres Y w.z coins" and if address x can prove, that they have gotten at least w.z coins before and that this amount was unspend, the network will know that address Y now can sign a transaction of at least w.z coins to a third address.
_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 06, 2018, 02:44:20 AM
#20
Quote from: bob123 on June 06, 2018, 01:41:42 AM
Quote from: _oh_no_stop_this_ on June 05, 2018, 09:49:06 AM
So just to make it clear:
1. I send bitcoin to your hashed public key
2. It is being assigned to your real public key
3. When you send it you sign transaction with your private key

How does it go from [1] to [2] ? Since you only reveal your public key only when you sign transactions.


In the first step you are creating new UTXO's. For someone to use this UTXO, he has to meet conditions inside the script of the UTXO.
If i then want to create a new transaction with this UTXO, i have to supply a corresponding screept that meets these condition (e.g. scriptSig). This requires to reveal the public key and using the private key to sign.



Quote from: _oh_no_stop_this_ on June 05, 2018, 09:49:06 AM
And you don't sign anything when you receive coins; therefore, leaving public key secret.

Yes, thats correct.



Quote from: _oh_no_stop_this_ on June 05, 2018, 09:49:06 AM
Are you sure coins are assigned to the real public key, not to the hashed public key?

Coins arent really assigned. They exist as unspent transaction outputs (UTXO).
To claim the ownership and combining their value into new UTXO(s), you have to prove ownership.

Pay to public key hash (P2PKH) does require to create a script: OP_DUP OP_HASH160 OP_EQUALVERIFY OP_CHECKSIG.
To spend these coins you have to provide the public key and a matching signature.

A P2SH UTXO does include the hash of the spending condition (instead of the condition itself).
To spend these coins you are providing the redeem script itself, which is then being checked and evaluated against the redeem script hash during a transaction.




I suspect you are a programmer Smiley

So to make it clear for me:
2 different private keys may have the ability (although the possibility that happens is extremely low) to prove ownership of coins assigned to the single "wallet" (e.g. hashed public key)?
bob123
legendary
Activity: 1624
Merit: 2481
Re: x
June 06, 2018, 01:41:42 AM
#19
Quote from: _oh_no_stop_this_ on June 05, 2018, 09:49:06 AM
So just to make it clear:
1. I send bitcoin to your hashed public key
2. It is being assigned to your real public key
3. When you send it you sign transaction with your private key

How does it go from [1] to [2] ? Since you only reveal your public key only when you sign transactions.


In the first step you are creating new UTXO's. For someone to use this UTXO, he has to meet conditions inside the script of the UTXO.
If i then want to create a new transaction with this UTXO, i have to supply a corresponding screept that meets these condition (e.g. scriptSig). This requires to reveal the public key and using the private key to sign.



Quote from: _oh_no_stop_this_ on June 05, 2018, 09:49:06 AM
And you don't sign anything when you receive coins; therefore, leaving public key secret.

Yes, thats correct.



Quote from: _oh_no_stop_this_ on June 05, 2018, 09:49:06 AM
Are you sure coins are assigned to the real public key, not to the hashed public key?

Coins arent really assigned. They exist as unspent transaction outputs (UTXO).
To claim the ownership and combining their value into new UTXO(s), you have to prove ownership.

Pay to public key hash (P2PKH) does require to create a script: OP_DUP OP_HASH160 OP_EQUALVERIFY OP_CHECKSIG.
To spend these coins you have to provide the public key and a matching signature.

A P2SH UTXO does include the hash of the spending condition (instead of the condition itself).
To spend these coins you are providing the redeem script itself, which is then being checked and evaluated against the redeem script hash during a transaction.


_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 05, 2018, 09:49:06 AM
#18
Quote from: bob123 on June 05, 2018, 05:46:13 AM
Quote from: _oh_no_stop_this_ on June 05, 2018, 04:06:21 AM
Quote from: bob123 on June 05, 2018, 03:08:55 AM
The number of possible private keys is indeed 2^256 (A private key is a 256 bit random number).
But there are 2^160 addresses possible (An address is the RIPEMD-160 hash of a SHA256 hash of the public key -> 160 bit long).

There are 2^96 private keys which match one address ON AVERAGE. This is simply due to the fact that the input dictionary (256 bit) is bigger than the output dictionary (160 bit).

Note that this does NOT impose any security risks.

So let's say I have 1 wallet with 2 private keys pointing to it. If someone sends me a coin to this wallet, then any of my private keys can spend it!?


No. A 'wallet' is simply a piece of software which handles private-/public- keypairs.


When creating an 'address' your doing it this way:

1. Create random number (private key)
2. Calculate public key out of private key
3. Hash the public key with RIPEMD-160(SHA256(public_key)) = Address

Now, theoretically there are 2^96 different private keys which do all 'create' the same address (on average).
This means that it is theoretically(!) possible to create two different private keys, which do refer to the same address. (Practically this won't happen, ever.)

Note that addresses do NOT exist on a technical level. They are just an abstractions for us humans making it easier to read.


Coins can not be send 'to a wallet'. The UTXO's are being assigned to public keys. And you will be able to spend these UTXO's using the corresponding private key.



Thanks for explanation, I was referring "wallet" to the hashed public key, sorry for confusion.
So just to make it clear:
1. I send bitcoin to your hashed public key
2. It is being assigned to your real public key
3. When you send it you sign transaction with your private key

How does it go from [1] to [2] ? Since you only reveal your public key only when you sign transactions.
And you don't sign anything when you receive coins; therefore, leaving public key secret.
Are you sure coins are assigned to the real public key, not to the hashed public key?
bob123
legendary
Activity: 1624
Merit: 2481
Re: x
June 05, 2018, 05:46:13 AM
#17
Quote from: _oh_no_stop_this_ on June 05, 2018, 04:06:21 AM
Quote from: bob123 on June 05, 2018, 03:08:55 AM
The number of possible private keys is indeed 2^256 (A private key is a 256 bit random number).
But there are 2^160 addresses possible (An address is the RIPEMD-160 hash of a SHA256 hash of the public key -> 160 bit long).

There are 2^96 private keys which match one address ON AVERAGE. This is simply due to the fact that the input dictionary (256 bit) is bigger than the output dictionary (160 bit).

Note that this does NOT impose any security risks.

So let's say I have 1 wallet with 2 private keys pointing to it. If someone sends me a coin to this wallet, then any of my private keys can spend it!?


No. A 'wallet' is simply a piece of software which handles private-/public- keypairs.


When creating an 'address' your doing it this way:

1. Create random number (private key)
2. Calculate public key out of private key
3. Hash the public key with RIPEMD-160(SHA256(public_key)) = Address

Now, theoretically there are 2^96 different private keys which do all 'create' the same address (on average).
This means that it is theoretically(!) possible to create two different private keys, which do refer to the same address. (Practically this won't happen, ever.)

Note that addresses do NOT exist on a technical level. They are just an abstractions for us humans making it easier to read.


Coins can not be send 'to a wallet'. The UTXO's are being assigned to public keys. And you will be able to spend these UTXO's using the corresponding private key.

TryNinja
legendary
Activity: 2758
Merit: 6830
Re: x
June 05, 2018, 05:28:00 AM
#16
Quote from: _oh_no_stop_this_ on June 05, 2018, 04:06:21 AM
So let's say I have 1 wallet with 2 private keys pointing to it. If someone sends me a coin to this wallet, then any of my private keys can spend it!?
No. But since your wallet consists of both private keys, the software will know (and use) which private key can spend the coins.

If you receive the coins in the address A and export the Address B private key, you won't be able to spend the coins. You will need the private key A.
_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 05, 2018, 04:06:21 AM
#15
Quote from: bob123 on June 05, 2018, 03:08:55 AM
Quote from: ?? on ??
Quote from: bitmover on June 03, 2018, 07:56:17 AM
Total number of possible privatekeys is 2^256 or in base 10 it would be 10^77.

Im not quite  sure but doesnt every address have only 1 private key? Cheesy


The number of possible private keys is indeed 2^256 (A private key is a 256 bit random number).
But there are 2^160 addresses possible (An address is the RIPEMD-160 hash of a SHA256 hash of the public key -> 160 bit long).

There are 2^96 private keys which match one address ON AVERAGE. This is simply due to the fact that the input dictionary (256 bit) is bigger than the output dictionary (160 bit).

Note that this does NOT impose any security risks.

So let's say I have 1 wallet with 2 private keys pointing to it. If someone sends me a coin to this wallet, then any of my private keys can spend it!?
bob123
legendary
Activity: 1624
Merit: 2481
Re: x
June 05, 2018, 03:08:55 AM
#14
Quote from: ?? on ??
Quote from: bitmover on June 03, 2018, 07:56:17 AM
Total number of possible privatekeys is 2^256 or in base 10 it would be 10^77.

Im not quite  sure but doesnt every address have only 1 private key? Cheesy


The number of possible private keys is indeed 2^256 (A private key is a 256 bit random number).
But there are 2^160 addresses possible (An address is the RIPEMD-160 hash of a SHA256 hash of the public key -> 160 bit long).

There are 2^96 private keys which match one address ON AVERAGE. This is simply due to the fact that the input dictionary (256 bit) is bigger than the output dictionary (160 bit).

Note that this does NOT impose any security risks.
LUKEEEEE
newbie
Activity: 10
Merit: 0
Re: x
June 05, 2018, 02:03:09 AM
#13
Number of possible addresses is 2^160. Number of public keys is 2^256.

Cca 2^96 public keys can share same address but cannot steal from each other. So effectively there are "2^256" addresses.
How is that possible? Simple, address is hashed public key.
_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 03, 2018, 02:16:04 PM
#12
Quote from: starmyc on June 03, 2018, 02:11:24 PM
Quote from: _oh_no_stop_this_ on June 03, 2018, 02:06:11 PM
Quote from: starmyc on June 03, 2018, 01:58:51 PM
Quote from: SwayStar123 on June 02, 2018, 11:38:49 AM
Most unique addresses ever used (idk how this fluctuates but thats what i found online) -1,054,711

1,054,711 / 1461501637330902918203684832716283019655932542976= 7.2166255e-43

FYI the number of all addresses ever used at least once on the bitcoin blockchain is more that 400M (The exact number I computed for all blk files from 0 to 1,275 is 401,407,598 - This number is getting bigger at each new block).

Did you compute this for yourself just once, or you have an API so others may get updated statistics? Wink

Did it myself for a friend with my own block parser, with a set of shell scripts.

Okay, that is an interesting statistical data that I haven't read about before. Maybe it could be useful for something... maybe when you generate another wallet you can check against that list to make sure it's unique..
starmyc
full member
Activity: 198
Merit: 130
Some random software engineer
Re: x
June 03, 2018, 02:11:24 PM
#11
Quote from: _oh_no_stop_this_ on June 03, 2018, 02:06:11 PM
Quote from: starmyc on June 03, 2018, 01:58:51 PM
Quote from: SwayStar123 on June 02, 2018, 11:38:49 AM
Most unique addresses ever used (idk how this fluctuates but thats what i found online) -1,054,711

1,054,711 / 1461501637330902918203684832716283019655932542976= 7.2166255e-43

FYI the number of all addresses ever used at least once on the bitcoin blockchain is more that 400M (The exact number I computed for all blk files from 0 to 1,275 is 401,407,598 - This number is getting bigger at each new block).

Did you compute this for yourself just once, or you have an API so others may get updated statistics? Wink

Did it myself for a friend with my own block parser, with a set of shell scripts.
_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 03, 2018, 02:06:11 PM
#10
Quote from: starmyc on June 03, 2018, 01:58:51 PM
Quote from: SwayStar123 on June 02, 2018, 11:38:49 AM
Most unique addresses ever used (idk how this fluctuates but thats what i found online) -1,054,711

1,054,711 / 1461501637330902918203684832716283019655932542976= 7.2166255e-43

FYI the number of all addresses ever used at least once on the bitcoin blockchain is more that 400M (The exact number I computed for all blk files from 0 to 1,275 is 401,407,598 - This number is getting bigger at each new block).

Did you compute this for yourself just once, or you have an API so others may get updated statistics? Wink
starmyc
full member
Activity: 198
Merit: 130
Some random software engineer
Re: x
June 03, 2018, 01:58:51 PM
#9
Quote from: SwayStar123 on June 02, 2018, 11:38:49 AM
Most unique addresses ever used (idk how this fluctuates but thats what i found online) -1,054,711

1,054,711 / 1461501637330902918203684832716283019655932542976= 7.2166255e-43

FYI the number of all addresses ever used at least once on the bitcoin blockchain is more that 400M (The exact number I computed for all blk files from 0 to 1,275 is 401,407,598 - This number is getting bigger at each new block).
_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 03, 2018, 01:37:56 PM
#8
Quote from: Rath_ on June 03, 2018, 01:09:14 PM
Quote from: _oh_no_stop_this_ on June 03, 2018, 12:39:39 PM
You can try to generate lots of addresses and maybe some will have balance on them Wink

Actually, it's not as easy as you might think. There is a group called LBC which aim so find private keys which correspond to addresses which have some bitcoins on them. As it turns out, it is not really profitable. You would better spend your money on mining either altcoins using GPUs or Bitcoin using ASICs. You can find more information about it in the link above.

Oh thank you! I used to have their website address but then lost it...
Maybe it can be profitable if someone will make an FPGA design specifically for that purpose... but I am not sure Wink anyways, it would be nice to think of some kind of protection mechanism... it seems to be impossible at the first sight, but maybe keeping funds on thousands of wallets? Could be an interesting idea for institutional investors...
Rath_
legendary
Activity: 1876
Merit: 3132
Re: x
June 03, 2018, 01:09:14 PM
#7
Quote from: _oh_no_stop_this_ on June 03, 2018, 12:39:39 PM
You can try to generate lots of addresses and maybe some will have balance on them Wink

Actually, it's not as easy as you might think. There is a group called LBC which aim so find private keys which correspond to addresses which have some bitcoins on them. As it turns out, it is not really profitable. You would better spend your money on mining either altcoins using GPUs or Bitcoin using ASICs. You can find more information about it in the link above.
_oh_no_stop_this_
full member
Activity: 183
Merit: 100
Re: x
June 03, 2018, 12:39:39 PM
#6
You can try to generate lots of addresses and maybe some will have balance on them Wink
bitmover
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Re: x
June 03, 2018, 08:38:09 AM
#5
Quote from: ?? on ??

Im not quite  sure but doesnt every address have only 1 private key? Cheesy

Yes.

That's the total number of possible addresses
2^256= 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936
Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: