Bitcoin Forum
April 19, 2024, 03:45:34 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Bitcoin Discussion / Re: Bitcoin Address Collisions on: February 23, 2010, 04:17:56 PM
Are you referring to the private key which is generated the first time a person runs Bitcoin? If someone were to successfully duplicate someone else's key then after they downloaded all the blocks, they would have the same balance as the person with the original key. That's what you're saying, right?

Yes, that is correct. They would share the wallet, and it becomes a race on spending the money first.

I was referring to the custom Bitcoin addresses which you can label with the name of the person who is going to send you bitcoins so that you know from whom the payment came. I think these addresses are generated from the private key mentioned previously. I'm wondering about collisions because although they are very unique, they are easily generated over and over again by all by all bitcoin clients.

If I read the source code correctly, keys are always made in pairs. That means, every address has an associated private key. When you click "New Address", you call GenerateKey in main.cpp, which generates a new key pair. So the duplicate address is ultimately a duplicate public key. Which is very unlikely.

While keys still are "easily generated", you should have to generate a whole lot of keys before a collision. While I am not certain, it seems that the keys generated have a space of 256 bits, which is a lot more than the 122 bits put in perspective in the wikipedia article on uuids. Remember, 123 bits have half the probability of collision as 122 bit, 124 half of that again etc.
2  Bitcoin / Bitcoin Discussion / Re: Bitcoin Address Collisions on: February 23, 2010, 08:25:17 AM
For two addresses to be equal, two identical private/public elliptical curve (ec Smiley) keys have to be generated. Without looking at the source code, let's assume the probability for this is 2^(-128) for a keyspace of 128 bits. See here for a perspective on how probable it is with a 122 bit collision.

However, if something similar to the Debian ssl-scandal happens, similar keys could indeed be generated. The effect of an individual generating an existing key, is (if I understand it correctly) in effect to make a copy of wallet.dat. Not good at all, but not devastating for all the members of the p2p network.
3  Economy / Marketplace / Re: New exchange (Bitcoin Market) on: February 17, 2010, 08:33:34 AM
Site is back up at


One way to establish trust from users could be to publish your sourcecode (e.g. to github or similar) for others to review for security. You might also get patches and new features for free. Furthermore, it would make it easier for other to start similar exchanges, strengthening the bitcoin currency.

I really hope to see more work like this, so keep it up! Smiley

Edit: I have two comments to your implementation so far: 1) When a wrong username/password pair is entered, you should not indicate witch one is wrong, as it reveals information. 2) You should set up a https server using a self-signed certificate (or one signed at cacert), as connections over TOR are almost certainly sniffed.
4  Bitcoin / Development & Technical Discussion / Re: URI-scheme for bitcoin on: February 16, 2010, 09:09:40 PM
An URI-scheme could also be of use for implementing a mobile wallet with QR-codes, so that your buddy who wants to pay you X bitcoins don't have to enter your bitcoin-address manually, but only need to photograph the screen of your mobile phone.
5  Bitcoin / Development & Technical Discussion / URI-scheme for bitcoin on: February 16, 2010, 08:51:42 PM
Hi, intrigued by the bitcoin-system, I have an idea:

The bitcoin addresses could be improved by implementing an URI-scheme like e.g. torrent magnet links.

So instead of 1Nu6wZC7JSuh6h8nfKkSTZ4kp9U4f83hhZ, we could more unambiguous say bitcoin:?addr=1Nu6wZC7JSuh6h8nfKkSTZ4kp9U4f83hhZ, and even configure browsers to redirect clicks on such links to a bitcoin client. This would allow one to implement "donate buttons" on homepages, "pay buttons" on webshops etc.

If an IP should be included, URIs allow this as bitcoin://HOST_OR_IP:PORT?addr=1Nu6wZC7JSuh6h8nfKkSTZ4kp9U4f83hhZ. If wanted an amount could be specified as bitcoin:?amount=42.00;addr=1Nu6wZC7JSuh6h8nfKkSTZ4kp9U4f83hhZ (of course for the user to verify in the secure bitcoin-client).

Just my 0.02 ฿ (return them to bitcoin:?addr=1Nu6wZC7JSuh6h8nfKkSTZ4kp9U4f83hhZ if you don't like them Wink)
6  Economy / Marketplace / Re: We accept Bitcoins on: February 16, 2010, 09:38:51 AM
you should state some info about your service on the page.
couldn't find anything about up/download speeds or traffic limits.

Thank you for your interest! My server sits on a 100MBit network, but I guess the bandwidth is somewhat limited by TOR, so it's "unlimited". Actually, the 1GB "limit" isn't enforced for this reason either Smiley

While I will do my best to keep my server on line, I of course don't expect anyone to trust me, and I therefore suggest that other people set up similar services and let people have multiple backups at different places (maybe combined with unionfs-fuse or similar).

I of course can't compete with dropbox etc, but this should be an excellent place to back up sensitive (your encrypted bitcoin wallet?) data limited in size.
7  Economy / Marketplace / Re: We accept Bitcoins on: February 15, 2010, 09:50:18 PM
I have started an experimental service for anonymous storage using encfs, sshfs and TOR:


Please let me know what you think  Smiley
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!