Thank you all for helping me understand the above.  It was super insightful!!

Thank you again!

Is there a better way of accumulating Bitcoin (ie. going fiat => Bitcoin)?  As far as I know, this is the only on-ramp to the blockchain.

Thank you all for the quick replies!  The info above has been incredibly helpful and I think I finally understand the relationship between k and signed transaction output.  I suppose I need to get out of the habit of having a stored address in my exchange account and get more comfortable with changing it all the time.   

It sounds like the way Trezor and Ledger generate k is secure enough, where I don't need to rebuild my wallet from scratch all over again?  I have had fewer than 10 transactions so far. 

Or do you all recommend I go through the whole new wallet creation again?  What if I were to swap funds between the two wallets?  Eg. send the balance from the trezor to the next child address of the ledger and vice versa?  would that essentially reset my anonymity going forward?

Thank you again for the help so far!

Hi everyone,

I am new to the forum (and Bitcoin in general) so apologies if this is a stupid question.  I still have a lot to learn  

I have a technical question related to address reuse, which I'm struggling to find a clear answer to.  In the past few months I have been using the same address when withdrawing from my exchange to cold storage (I use both a Trezor and a Ledger).  Both Ledger and Trezor claim that reusing an address is only a privacy concern and not a security concern:
Trezor: https://wiki.trezor.io/Address_reuse
Ledger: https://support.ledger.com/hc/en-us/articles/4404389453841-Receive-crypto-assets?docs=true
Similarly, Andreas only seems to think this is a privacy concern: https://www.youtube.com/watch?v=4A3urPFkx8g&ab_channel=aantonop
Not sure I entirely understand the privacy argument completely, either though.  For example, if each time I transfer from the exchange to a new address, in theory the exchange now has a list of various addresses which all belong to me, so I am still not anonymous.  

Anyways, my primary question is about security.  I recently came across these threads:
https://bitcoin.stackexchange.com/questions/20621/is-it-safe-to-reuse-a-bitcoin-address
https://bitcointalk.org/index.php?topic=2669689
https://bitcointalk.org/index.php?topic=5325956.0

As far as I understand, the TLDR seems to be: If you use the same address and the wallet you use signs transactions using weak signatures (I probably don't understand this, but the wallet signs transactions with R or K which are generated deterministically?), then you can reverse engineer the private key for the address.  I assume it is the child private key and not the extended private key?

I am currently using Segwit for my addresses.  My questions:

• Is this still a problem today or has it been patched, as one of the responders suggested?  A lot of posts related to this issue date back to 2013-2017
• Do Ledger / Trezor produce weak signatures (ie. deterministic R or K)?  I cannot find this info anywhere...
• Given that every time you generate a transaction, the unspent transaction output gets sent to a new address, doesn't that automatically mean your coins now live in another address?  Is it still possible for someone reverse engineer your private key then?
• Given that I have been using the same Segwit address, should I consider it compromised and move everything over into a new wallet?  Ie. are both my privacy and security compromised or is it just a privacy issue?

Thank you so much in advance!  I know the above is a lot to digest!