Bitcoin Forum

Bitcoin => Bitcoin Discussion => Topic started by: ggbitcoin000 on July 04, 2016, 12:11:12 AM


Title: reasoning behind frequent new address generation
Post by: ggbitcoin000 on July 04, 2016, 12:11:12 AM
i am seeing my bitcoin wallet (any wallet I known) periodically generates new address whenever i do a transaction after a while. I am wondering why the reason behind it, is it due to safety? I also studied the bitcoin internals quite a lot and my guesstimating that the answer lies in the elliptic curve algorithm being used.

Title: Re: reasoning behind frequent new address generation
Post by: achow101 on July 04, 2016, 12:19:37 AM
Quote from: ggbitcoin000 on July 04, 2016, 12:11:12 AM
i am seeing my bitcoin wallet (any wallet I known) periodically generates new address whenever i do a transaction after a while. I am wondering why the reason behind it, is it due to safety? I also studied the bitcoin internals quite a lot and my guesstimating that the answer lies in the elliptic curve algorithm being used.
In theory you should be generating a new address for every transaction. The point of address reuse is explained at https://en.bitcoin.it/wiki/Address_reuse

Title: Re: reasoning behind frequent new address generation
Post by: Btcvilla on July 04, 2016, 12:22:36 AM
Its much more secured to use a new address every transaction. Its much harder to track someone if they are always switching address's.

Title: Re: reasoning behind frequent new address generation
Post by: ggbitcoin000 on July 04, 2016, 02:17:33 AM
thanks!

Title: Re: reasoning behind frequent new address generation
Post by: andytoshi on July 13, 2016, 11:20:31 AM
HI ggbitcoin,

There are a couple "security" reasons this is worth doing:
  • When you reuse addresses, all observers of the blockchain can see that different transaction outputs are owned by the same person. This weakens not only your own privacy, but that of everybody else, whose anonymity set is smaller.
  • When you create an address and receive coins there, the only thing exposed is a hash of an ECDSA pubkey. After you spend those coins the pubkey itself is exposed; so in the future if somebody is able to break ECDSA, address reuse gives them a much larger window of time in which they know your pubkey. (Honestly I don't think this scenario is worth thinking about; if ECDSA is broken it'll be either subtly enough to give everyone time to switch off, or dramatically enough that these scales of time windows won't matter. And I don't think either are likely to happen before we have a concrete timeframe for quantum computing and we have to switch off anyway.)

But there is a deeper conceptual reason that addresses should not be reused: the purpose of addresses is to identify transaction outputs, which otherwise have no other identifying feature (until after you see the transaction and it has a known txid, of course). This means that when receiving payments, in order to identify what came from where, you need to give each expected payment a unique address (or unique value, but this can get difficult). It's better to think of addresses as something like invoice numbers rather than locations. ]b]Addresses identify payments, not people.[/b]

A secondary conceptual reason is that if you think about addresses as location, this can lead to other confusions such as from addresses (https://en.bitcoin.it/wiki/From_address), which is an especially dangerous idea because it "usually makes sense" except when they cause people to lose money.


Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines