Bitcoin Forum
November 20, 2017, 06:19:09 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Standard Check Numbers (checksums for addresses)  (Read 2825 times)
yogi
Legendary
*
Offline Offline

Activity: 947


Hamster ate my bitcoin


View Profile
January 15, 2013, 08:08:54 PM
 #21

Am I really the only one who makes detailed comparisons between bitcoin addresses to ensure they are the same?

I guess I must just be paranoid, maybe it's the irreversibility of a bitcoin transaction that scares me.
If this is true then you aren't going to be satisfied with the checksum you are requesting.  There is already a 32-bit checksum built in to the address.  If knowing that you still feel a need to make a detailed comparison between bitcoin addresses, then how is an additional 32-bit checksum going to keep you from feeling like you still need to make a detailed comparison between bitcoin addresses to ensure they are the same?

I think it would be quicker, for a human being, to make a cursory inspection of an address followed by a detailed inspection of a check number, as opposed to a detailed inspection of the full address.

But, as I'm the only one who compares bitcoin addresses I guess it's redundant.

Thanks all for the feedback.

1511158749
Hero Member
*
Offline Offline

Posts: 1511158749

View Profile Personal Message (Offline)

Ignore
1511158749
Reply with quote  #2

1511158749
Report to moderator
1511158749
Hero Member
*
Offline Offline

Posts: 1511158749

View Profile Personal Message (Offline)

Ignore
1511158749
Reply with quote  #2

1511158749
Report to moderator
"Bitcoin: the cutting edge of begging technology." -- Giraffe.BTC
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1050


View Profile WWW
January 15, 2013, 08:13:53 PM
 #22

I think it would be quicker, for a human being, to make a cursory inspection of an address followed by a detailed inspection of a check number, as opposed to a detailed inspection of the full address.

That is exactly the same thing as: making a cursory inspection of an address followed by a detailed inspection of the last few characters of the address (as an address can be considered to be the pubkeyhash with its own checksum appended).

aka sipa, core dev team

Tips and donations: 1KwDYMJMS4xq3ZEWYfdBRwYG2fHwhZsipa
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
January 15, 2013, 08:50:11 PM
 #23

I don't know but you are the only one who asks a question, gets 3 answers, ignores them and then asks the same question again. 

Bye.
Agreed.  I'm not sure if Yogi is incapable of comprehension or simply not paying attention, but at this point I give up.

marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2436



View Profile
January 15, 2013, 08:54:31 PM
 #24

I think it would be quicker, for a human being, to make a cursory inspection of an address followed by a detailed inspection of a check number, as opposed to a detailed inspection of the full address.

That is exactly the same thing as: making a cursory inspection of an address followed by a detailed inspection of the last few characters of the address (as an address can be considered to be the pubkeyhash with its own checksum appended).


Thank you Pieter for explaining to yogi what the condescending others were trying to say to the poor guy without actually spelling out what he needs to do.

Specifically, closely check THE LAST FOUR CHARACTERS of the bitcoin address, there is your built-in checksum.

eg:
12YgtanvDic1y5ZcgW5wCrwwBzSWrSUgXE


I just eyeball the first 4-6 but closely check the last 4-6 ... and never had an issue, hope this helps yogi.

https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses

DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
January 15, 2013, 09:04:06 PM
 #25

. . . Specifically, closely check THE LAST FOUR CHARACTERS of the bitcoin address, there is your built-in checksum.

eg:
12YgtanvDic1y5ZcgW5wCrwwBzSWrSUgXE

I just eyeball the first 4-6 but closely check the last 4-6 ... and never had an issue, hope this helps yogi.

That won't help the OP.  As he has already explained that he is concerned that he might have made a typo in the other characters.  How is looking at the last 4 characters going to tell you if you made a typo elsewhere in the address?

. . . Thank you Pieter for explaining to yogi what the condescending others where trying to say to the poor guy without actually spelling out what he needs to do . . .
I've been trying hard to not be condescending. But each time I try to explain the situation, the same question keeps coming back.  I simplify the explanation further and try harder to understand the use-case that the OP is concerned about. Still, the same question.

At this point is isn't a matter of condescension, it's just a matter of running out of ways to explain it, and the user refusing to offer a single real life use-case that they are concerned about.


Maged
Legendary
*
Offline Offline

Activity: 1260


View Profile
January 15, 2013, 09:39:18 PM
 #26

I often double/triple check addresses and I think what I'm asking for is just to give me piece of mind. I feel especially uneasy when sending an address via IRC, I think it would be nice to be able to do the following;

IRC Chatlog:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check FF4857EB

Me: confirmed

This would give me confidence that the address that was enter into the wallet by the other person is indeed the address I wanted to send to them.
So, to simplify things even further...
IRC Chatlog, v2:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Me: *looks generally over the address, then specifically checks the last 4 characters* confirmed

That's all there is to this. Someone would have to specially go out of the way to bruteforce a typo that wouldn't be caught by doing this easy check.

DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
January 15, 2013, 09:42:37 PM
 #27

So, to simplify things even further...
IRC Chatlog, v2:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Me: *looks generally over the address, then specifically checks the last 4 characters* confirmed

That's all there is to this. Someone would have to specially go out of the way to bruteforce a typo that wouldn't be caught by doing this easy check.
And the check isn't even necessary since the address won't work in the Bitcoin client that "Other" is using unless it is valid in the first place.

marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2436



View Profile
January 16, 2013, 09:40:58 PM
 #28

So, to simplify things even further...
IRC Chatlog, v2:

Me: Here's my address 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Other: check 31uEbMgunupShBVTewXjtqbBv5MndwfXhb

Me: *looks generally over the address, then specifically checks the last 4 characters* confirmed

That's all there is to this. Someone would have to specially go out of the way to bruteforce a typo that wouldn't be caught by doing this easy check.
And the check isn't even necessary since the address won't work in the Bitcoin client that "Other" is using unless it is valid in the first place.

We shouldn't assume that, this is a development thread not technical support.

John (John K.)
Global Troll-buster and
Legendary
*
Offline Offline

Activity: 1190


Will read PM's. Have more time lately


View Profile
January 17, 2013, 03:21:54 AM
 #29

I do a cursory review over the first 4 characters after the 1, and the last 4 characters whenever I send or copy addresses. That's enough to prevent my coins from falling in wrong hands, unless the situation DannyHamilton outlined in the past page occurs.(and no coins would be lost in this case anyway, just a delay in receiving/sending the coins)

My BTC Tip Jar: 1Pgvfy19uwtYe5o9dg3zZsAjgCPt3XZqz9 , GPG ID: B3AAEEB0 ,OTC ID: johnthedong
Escrow service is available on a case by case basis! (PM Me to verify I'm the escrow!)

grue
Global Moderator
Legendary
*
Offline Offline

Activity: 2030



View Profile
January 17, 2013, 03:34:16 AM
 #30

. . . Specifically, closely check THE LAST FOUR CHARACTERS of the bitcoin address, there is your built-in checksum.

eg:
12YgtanvDic1y5ZcgW5wCrwwBzSWrSUgXE

I just eyeball the first 4-6 but closely check the last 4-6 ... and never had an issue, hope this helps yogi.

That won't help the OP.  As he has already explained that he is concerned that he might have made a typo in the other characters.  How is looking at the last 4 characters going to tell you if you made a typo elsewhere in the address?
you're not getting it, are you? if the last 4 characters match, there's a 99.999999976716935634613037109375% chance that there wasn't a typo in the rest of the address. what's the difference between an address that is 4 chars shorter + 4 char checksum and a standard address (with 4 char checksum built-in)? obviously, there's no point in adding a checksum for a checksum.

if the lack of a checksum really bothers you that much, simply split each address you see into two parts: with the last 4 being the "checksum" and the rest being the "address"

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
January 17, 2013, 03:45:16 AM
 #31

. . . Specifically, closely check THE LAST FOUR CHARACTERS of the bitcoin address, there is your built-in checksum.

eg:
12YgtanvDic1y5ZcgW5wCrwwBzSWrSUgXE

I just eyeball the first 4-6 but closely check the last 4-6 ... and never had an issue, hope this helps yogi.

That won't help the OP.  As he has already explained that he is concerned that he might have made a typo in the other characters.  How is looking at the last 4 characters going to tell you if you made a typo elsewhere in the address?
you're not getting it, are you? . . .
No, you don't get it.

Here . . .
Without entering it into a bitcoin client, can you tell me if I made I typo in the following address?

1DEoPhZz8JEePTZHSMB1KxYBEwYL5rp3eK

If I've just given you this address to send me coins later, but you don't have access to a bitcoin client right now, how can we both be sure that I didn't make a typo when I entered the address here?

Note: I can confirm that the last 4 characters definitely match the last 4 characters of the address that I intended to enter.  Does this mean that I typed the rest of the address correctly?

grue
Global Moderator
Legendary
*
Offline Offline

Activity: 2030



View Profile
January 17, 2013, 03:52:14 AM
 #32

No, you don't get it.

Here . . .
Without entering it into a bitcoin client, can you tell me if I made I typo in the following address?

1DEoPhZz8JEePTZHSMB1KxYBEwYL5rp3eK

If I've just given you this address to send me coins later, but you don't have access to a bitcoin client right now, how can we both be sure that I didn't make a typo when I entered the address here?

Note: I can confirm that the last 4 characters definitely match the last 4 characters of the address that I intended to enter.  Does this mean that I typed the rest of the address correctly?
so you want a checksum implementation that can be done quickly using mental math (why else wouldn't you have access to a bitcoin client?), and can detect errors with a reasonable amount of certainty? pretty sure that's impossible because there are 40+ characters in a bitcoin address and a human's short term memory isn't long to even cover a forth of that, let alone any intermediate values.

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
January 17, 2013, 03:55:08 AM
 #33

1DEoPhZz8JEePTZHSMB1KxYBEwYL5rp3eK

If I've just given you this address to send me coins later, but you don't have access to a bitcoin client right now, how can we both be sure that I didn't make a typo when I entered the address here?

Without a client how are you going to compute the "external checksum"?

Still even if you didn't have access to the client if there is a typo then all but 1 in 2^32 times when you DO go to enter it into the Bitcoin client it will notify you that the address is invalid.

So what was the problem again?


Hell someone make "IsThisBitcoinAddressGood.Com?" with a simple javascript checksum validator so we can cross this non-existent problem off the list.
nybble41
Full Member
***
Offline Offline

Activity: 152


View Profile
January 17, 2013, 03:55:43 AM
 #34

Without entering it into a bitcoin client, can you tell me if I made I typo in the following address?
so you want a checksum implementation that can be done quickly using mental math (why else wouldn't you have access to a bitcoin client?), and can detect errors with a reasonable amount of certainty?

Exactly. For any checksum to work, the sender would need software to generate the checksum, and the receiver would need software to validate it. A "mental checksum" is infeasable for addresses of the necessary complexity to ensure security. You might as well use the Bitcoin client, or simplified special-purpose software which merely validates addresses, without any extra "check numbers".

Note that bitcoind even includes a "validateaddress" RPC command for just this purpose.
CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 17, 2013, 03:56:12 AM
 #35

If the problem is really one of "typing" the address (rather than copying and pasting) then I'm guessing the point is *not* that you could end up sending to the wrong address but that you can't send BTC at all because you have mistyped the address (isn't this what the OP was trying to discuss?).

If so it would make some sense to have a CRC32 displayed somewhere so you can then use the standard crc32 tool (or something equivalent for Windoze) to be certain you didn't make a typo (although I have never typed in a full Bitcoin address myself - always copy and paste and check the first 4 after the 1 and the last four as others have mentioned).

And of course if you have Bitcoin running then you can immediately test whether the address is valid using it (so would seemingly only make sense if you did not have Bitcoin running but needed to record an address and *did* have CRC32 handy).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
January 17, 2013, 04:01:28 AM
 #36

If the problem is really one of "typing" the address (rather than copying and pasting) then I'm guessing the point is *not* that you could end up sending to the wrong address but that you can't send BTC at all because you have mistyped the address (isn't this what the OP was trying to discuss?).

If so it would make some sense to have a CRC32 displayed somewhere so you can then use the standard crc32 tool (or something equivalent for Windoze) to be certain you didn't make a typo (although I have never typed in a full Bitcoin address myself - always copy and paste and check the first 4 after the 1 and the last four as others have mentioned).

Wait so someone will have access to a CRC32 tool but not the Bitcoin client.

I mean isn't the most common scenario:
Quote

you: send 100 BTC to 1DEoPhZz8JEePTZHSMB1KxYBEwYL5rp3e

[me entering into Bitcoin client] beep beep boop boop. <ERROR>
me:  Hey man that isn't a valid address.  I know because my handy dandy Bitcoin client (which has a better checksum than any dubious manual checksum scheme), says so.

you: oops I left the last digit off. It is 1DEoPhZz8JEePTZHSMB1KxYBEwYL5rp3eK

me: Gotcha.  100 BTC sent.  here is the tx id: ....

you: Good thing Satoshi was one smart dude and built a checksum right in otherwise I would have lost 100 BTC.


me: Yeah or to avoid that we would have had to do some dubious and error prone manual checksum which we send back and forth over IRC like a bunch of idiots.  Being manual and involving humans there is a good chance we would still frak it up.

you: Yup!


I mean someone would rather
1) Get an address but NOT use the client to validate it
2) Use CRC32 tool. 
3) Calculate the checksum. 
4) Send the checksum back to the sender.  
5) Sender verifies.  Find out the checksum is wrong.  
6) Sender and/or receiver notices error.  
7) Recalculate checksum.  
Cool Resend checksum to sender.  Verifies ok.  
..... then .....
9) enter it into the bitcoin client  which (drumroll) VALIDATES IT BEFORE SENDING USING THE BUILT IN CHECKSUM. Smiley
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 2030



View Profile
January 17, 2013, 04:03:37 AM
 #37

Hell someone make "IsThisBitcoinAddressGood.Com?" with a simple javascript checksum validator so we can cross this non-existent problem off the list.
even better: a mobile app with OCR/QR support

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 17, 2013, 04:08:05 AM
 #38

Wait so someone will have access to a CRC32 tool but not the Bitcoin client.

Of course I think such a situation would be a little strange but perhaps if you all you had was a smartphone, no internet access and you couldn't take a photo of the address because say you are getting it from someone who has called you from a landline *and* your smartphone does have the ability to display checksums via its File Manager or similar then it could make some sense.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
DannyHamilton
Legendary
*
Offline Offline

Activity: 1974



View Profile
January 17, 2013, 04:24:38 AM
 #39

so you want a checksum implementation that can be done . . .
Me??? No.  Take a look at this thread. I think you'll find that I was the very first person to explain to the OP that there is a checksum built in to the address.  I'm just trying to help people guess why the OP might want an additional checksum.  (See my previous guess at an imaginary scenario here.)

Without a client how are you going to compute the "external checksum"?
I don't run a client when I'm at work, but I can easily run:

Code:
echo "1bitcoinaddress" | my_favorite_checksum

So what was the problem again?
I have no idea, but I'm doing my best to be understanding and try to guess exactly what the OP's concern was.

Exactly. For any checksum to work, the sender would need software to generate the checksum, and the receiver would need software to validate it.
Which I think might be why the OP was requesting a "standard" checksum.  (meaning something he'd have available on most any computer even if a bitcoin client wasn't available)

A "mental checksum" is infeasable . . .
Clearly.  I don't think the OP ever said anything about a "mental checksum".

If the problem is really one of "typing" the address (rather than copying and pasting) then I'm guessing the point is *not* that you could end up sending to the wrong address but that you can't send BTC at all because you have mistyped the address (isn't this what the OP was trying to discuss?).

If so it would make some sense to have a CRC32 displayed somewhere so you can then use the standard crc32 tool (or something equivalent for Windoze) to be certain you didn't make a typo (although I have never typed in a full Bitcoin address myself - always copy and paste and check the first 4 after the 1 and the last four as others have mentioned).

And of course if you have Bitcoin running then you can immediately test whether the address is valid using it (so would seemingly only make sense if you did not have Bitcoin running but needed to record an address and *did* have CRC32 handy).
Exactly.  This is what I was getting at when I asked the OP if this scenario was what he was concerned about.

Wait so someone will have access to a CRC32 tool but not the Bitcoin client.
That appears to be the scenario the OP was asking about (as best as I can guess).

I mean someone would rather
1) Get an address but NOT use the client to validate it
2) Use CRC32 tool.  
3) Calculate the checksum.
4) Send the checksum back to the sender.  
5) Sender verifies.  Find out the checksum is wrong.  
6) Sender and/or receiver notices error.  
7) Recalculate checksum.  
Cool Resend checksum to sender.  Verifies ok.  
..... then .....
9) enter it into the bitcoin client  which (drumroll) VALIDATES IT BEFORE SENDING USING THE BUILT IN CHECKSUM. Smiley
If the OP isn't trolling, then apparently yes.


nybble41
Full Member
***
Offline Offline

Activity: 152


View Profile
January 17, 2013, 05:28:15 PM
 #40

Exactly. For any checksum to work, the sender would need software to generate the checksum, and the receiver would need software to validate it.
Which I think might be why the OP was requesting a "standard" checksum.  (meaning something he'd have available on most any computer even if a bitcoin client wasn't available)
There are no "standard" checksum programs which are always present by default regardless of your operating system, without going out of your way to install something, at which point you might as well just install software to validate standard Bitcoin addresses, or find a web site capable of the same, without bothering with a separate "check number".

Most desktop and server versions of Linux do include tools to calculate MD5 and SHA checksums, but if either side is using a Windows, Android, or iOS device then you're out of luck so far as a "standard" checksum is concerned. Even on Linux, manually calculating a checksum is less user-friendly (and more error-prone) than just pasting the address into a field on some Bitcoin address validation web site, and adds work for the sender rather than just the recipient.
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!