HI ggbitcoin,
There are a couple "security" reasons this is worth doing:
- When you reuse addresses, all observers of the blockchain can see that different transaction outputs are owned by the same person. This weakens not only your own privacy, but that of everybody else, whose anonymity set is smaller.
- When you create an address and receive coins there, the only thing exposed is a hash of an ECDSA pubkey. After you spend those coins the pubkey itself is exposed; so in the future if somebody is able to break ECDSA, address reuse gives them a much larger window of time in which they know your pubkey. (Honestly I don't think this scenario is worth thinking about; if ECDSA is broken it'll be either subtly enough to give everyone time to switch off, or dramatically enough that these scales of time windows won't matter. And I don't think either are likely to happen before we have a concrete timeframe for quantum computing and we have to switch off anyway.)
But there is a deeper conceptual reason that addresses should not be reused: the purpose of addresses is to identify transaction outputs, which otherwise have no other identifying feature (until after you see the transaction and it has a known txid, of course). This means that when receiving payments, in order to identify what came from where, you need to give each expected payment a unique address (or unique value, but this can get difficult). It's better to think of addresses as something like invoice numbers rather than locations. ]b]Addresses identify payments, not people.[/b]
A secondary conceptual reason is that if you think about addresses as location, this can lead to other confusions such as
from addresses, which is an especially dangerous idea because it "usually makes sense" except when they cause people to lose money.
