generating and guessing BTC-adresses

[vlom]

Hi

i have some questions concerning BTC-addresses.

when i generate a new address e.g. with multiunit HD.
- my wallets knows all the addresses that have been generated yet?
- are theses addresses saved in the blockchain?
- as far as i know the address is saved in the blockchain when it was used. you can generate an address offline, right?
- if two persons generate the same address offline and then start to use it. what will happen?
- is it possible to guess a specific address? and when my guess is correct and this wallet is not encrypted.

thanks for answers.

[shorena]

Hi

i have some questions concerning BTC-addresses.

when i generate a new address e.g. with multiunit HD.

Multibit HD?

- my wallets knows all the addresses that have been generated yet?

No.

- are theses addresses saved in the blockchain?

No.

- as far as i know the address is saved in the blockchain when it was used. you can generate an address offline, right?

Yes, used addresses are stored in the blockchain (to some extend) and yes you can generate an address offline. In fact thats the normal way to do it.

- if two persons generate the same address offline and then start to use it. what will happen?

If two persons generated the same address they share the funds. Each of them can spend everything.

- is it possible to guess a specific address? and when my guess is correct and this wallet is not encrypted.

thanks for answers.

Yes, is possible to "guess" a private key to an address and be able to spend someone elses funds. But its in the realm humans usually call impossible. Its the same realm where all the air molecules collect into a corner of your room and you die.

I think you assume somehow that its checked whether or not an address was already generated. Thats not the case. There are so many possible private keys (2²⁵⁶) for so many possible different addresses (2¹⁶⁰) that I can sit at home generating a 36 million private keys and addresses per second and still cant find one that has funds on them. Everyone on earth could do this and the chances are still so small you are more likely to hit the lotto jackpot several weeks in a row.

[Crypt0Ninja]

Hi

i have some questions concerning BTC-addresses.

when i generate a new address e.g. with multiunit HD.
- my wallets knows all the addresses that have been generated yet?
- are theses addresses saved in the blockchain?
- as far as i know the address is saved in the blockchain when it was used. you can generate an address offline, right?
- if two persons generate the same address offline and then start to use it. what will happen?
- is it possible to guess a specific address? and when my guess is correct and this wallet is not encrypted.

thanks for answers.

I'm pretty sure you wont hit any dublicates, since the system will not allow it.

[iram66680]

Hi

i have some questions concerning BTC-addresses.

when i generate a new address e.g. with multiunit HD.
- my wallets knows all the addresses that have been generated yet?
- are theses addresses saved in the blockchain?
- as far as i know the address is saved in the blockchain when it was used. you can generate an address offline, right?
- if two persons generate the same address offline and then start to use it. what will happen?
- is it possible to guess a specific address? and when my guess is correct and this wallet is not encrypted.

thanks for answers.

I'm pretty sure you wont hit any dublicates, since the system will not allow it.

Most wallets are not designed to check for the address collision as it is impossible. A weak random number generator can make private keys guessable or if the random number generator is bugged and it can generate the same address everytime. See the most recent incident in blockchain.info android app.

[shorena]

Hi

i have some questions concerning BTC-addresses.

when i generate a new address e.g. with multiunit HD.

Multibit HD?

i uses this wallet:

https://multibit.org

If two persons generated the same address they share the funds. Each of them can spend everything.

anybody know if this already happened?

It did, but only because the wallets did not use the whole range of possible private keys. Due to a bug on android devices the range was limited to 2³² or 4294967296 which is quite small compared to 2¹⁶⁰ or 1.4615016373309029182036848327163 * 10⁴⁸ which is a number with 49 decimal digits.

[achow101]

Most wallets are not designed to check for the address collision as it is impossible....

why is this impossible?

It would need to rescan the blockchain and every transaction to see if that address has been used before. It takes a lot of time to do that so that every time you want a new address, it would take hours for it to finish rescanning.

and how do i know that my newly generated address is really new? i never checked that. so possibly i generate an address and someone else had already generated this one. then you send me some coins. and uups a few weeks later this coins are gone because someone else received them to - by hazard - and spent them.

It is assumed. With a good random number generator, the likelihood of a collision is next to nothing. There have been cases where addresses have been generated multiple times on different devices but that was due to poorly written random number generators. You can check yourself if an address has been used before by just looking it up on a block explorer. However, to do this in a wallet is considered poor practice since it requires using an outside API, which may not be reliable and most good wallets don't want to rely on someone else to do the work.

[shorena]

@shorena: thank you. do you have a link/source?

-> https://bitcoin.org/en/alert/2013-08-11-android

[shorena]

-snip-
edit: a further questions:
i generated an address. then I encrypted my wallet. nobody can spent my coins even though this address will be generated in the future. right?

No, a private key is nothing more than a number. You encrypt it locally so no one can look at it. If however someone should guess the same number as you, their version is not encrypted and they can use it without the password.

[shorena]

-snip-
edit: a further questions:
i generated an address. then I encrypted my wallet. nobody can spent my coins even though this address will be generated in the future. right?

No, a private key is nothing more than a number. You encrypt it locally so no one can look at it. If however someone should guess the same number as you, their version is not encrypted and they can use it without the password.

  then bitcoin is really insecure.

If that is your conclusion, so is everything else. The connection to your online banking, to paypal, facebook, google and many other encrypted connections are secured by the same mathematical principles. Eliptic curves -> https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography and our limitation to check all these possibilities.

[Lincoln6Echo]

-snip-
edit: a further questions:
i generated an address. then I encrypted my wallet. nobody can spent my coins even though this address will be generated in the future. right?

No, a private key is nothing more than a number. You encrypt it locally so no one can look at it. If however someone should guess the same number as you, their version is not encrypted and they can use it without the password.

  then bitcoin is really insecure.

Only because our brains ability to imagine possiblities when it comes to big numbers is very limited doesn't mean it is likley to happen.
If I remember correctly the adress space is something like 2^160, right? Good Luck finding a collision! 

[John (John K.)]

-snip-
edit: a further questions:
i generated an address. then I encrypted my wallet. nobody can spent my coins even though this address will be generated in the future. right?

No, a private key is nothing more than a number. You encrypt it locally so no one can look at it. If however someone should guess the same number as you, their version is not encrypted and they can use it without the password.

  then bitcoin is really insecure.

The number of possibilities is so much more that it'll take more then the energy then the heat death of the universe to generate it.

More background: http://stackoverflow.com/questions/4014090/is-it-safe-to-ignore-the-possibility-of-sha-collisions-in-practice

[vlom]

interesting. @John (John K.) thans for the background link. i think it is important to understand BTC if you want to use it.

[Was]

What if someone were to generate keypairs randomly while simultaneously scanning the blockchain for any addresses generated that have previous inputs? How unlikely is it to generate a 'used' address?

[USB-S]

What if someone were to generate keypairs randomly while simultaneously scanning the blockchain for any addresses generated that have previous inputs? How unlikely is it to generate a 'used' address?

If you're running several machines with full blast, I think you should get atleast 1 address in 10-20 years. I don't know the exact odds though.
Odds increase as more wallets are being created.
Sooner or later we do have to switch to a new algo because the rise of global computing power.

[achow101]

What if someone were to generate keypairs randomly while simultaneously scanning the blockchain for any addresses generated that have previous inputs? How unlikely is it to generate a 'used' address?

If you're running several machines with full blast, I think you should get atleast 1 address in 10-20 years. I don't know the exact odds though.
Odds increase as more wallets are being created.
Sooner or later we do have to switch to a new algo because the rise of global computing power.

I think your odds are very very very wrong. Do your research before posting.

There are 2^160 or about 1,460,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 possible addresses.
It is going to take a very very long time to exhaust all of those addresses. And the likelihood of a collision is so small that you won't be able to get a collision in 20 years.

[DannyHamilton]

What if someone were to generate keypairs randomly while simultaneously scanning the blockchain for any addresses generated that have previous inputs? How unlikely is it to generate a 'used' address?

If you run 1 billion computers that are each generating and checking the balance of 1 billion addresses per second, you would (at best) have a 1% chance of finding a 'used' address in about 2,190,476 years.

Lets look at the math.  It really isn't that difficult...

There are 2¹⁶⁰ possible addresses.

2¹⁶⁰ is approximately 1.46 X 10⁴⁸ total addresses.

If 1 billion computers are generating 1 billion addresses per second, that's:

1,000,000,000 X 1,000,000,000 = 1,000,000,000,000,000,000 (or 1 X 10¹⁸) addresses per second.

There are about 31,557,600 seconds in a year.

So if we multiply the number of seconds in a year by the number of addresses per second, you'll get about 3.16 X 10²⁵ addresses per year.

If we divide the total number of addresses possible by the number of addresses that can be checked per year, we find that it would take:

1.46 X 10⁴⁸ divided by 3.16 X 10²⁵ = 4.6 X 10²² years to check all the addresses.

Divide that number by 100, and we find that it will take 4.6 X 10²⁰ years to check 1% of the addresses.

There can never be more than 2,100,000,000,000,000 addresses storing a balance at any given moment in time.  Therefore, if we assume that bitcoins are spread out with exactly 1 satoshi in every address, we can divide the  4.6 X 10²⁰ years by the number of potential addresses...

4.6 X 10²⁰ divided by 2.1X10¹⁴ = 2,190,476 years.

[makcik]

Here are the answers according to what I think.
No, your wallet doesn't save all the addresses generated. In fact, it only saves address of your wallets which are you using currently. Nothing other than that. These addresses aren't saved in blockchain either. But, if someone in the future gets this address then, yes it will be saved on blockchain's server.
And two persons cannot generate the same address offline, its merely impossible for this to happen..
Such a long string of Numbers and alphabets can never be exactly the same.

[shorena]

Here are the answers according to what I think.
No, your wallet doesn't save all the addresses generated. In fact, it only saves address of your wallets which are you using currently. Nothing other than that. These addresses aren't saved in blockchain either.

Addresses that have been used in the past are indirectly stored in the blockchian as part of the TX data. Pubkey/script is stored; address is the hash.

But, if someone in the future gets this address then, yes it will be saved on blockchain's server.

Bitcoin is not a server client system, which server are you talking about?

And two persons cannot generate the same address offline, its merely impossible for this to happen..
Such a long string of Numbers and alphabets can never be exactly the same.

Not exactly, its just very unlikely see the answer by DannyHamilton direclty above your post.

[Was]

Help me get this straight... A single Public Key can have multiple private keys?

 I mean, can I use Vanitygen and input an exact address, in hopes of generating the keypair?

thanks

[Was]

Thanks for the clarification Danny, really appreciate your time and contribution. Great explanation