Risks when publishing 'static' bitcoin addresses on the web

[swinewine]

Hi Guys,

We am working a web app that will involve giving users a bitcoin address to receive coins. I am wondering what are the dangers of publishing a 'static' bitcoin address on the users profile page of our site. Should we dynamically create address's for our users for each transaction or is it would it be ok to just give them a static address? I would like to know what kind of difficulties (malicious attacks??) might arise should we use static addresses ....

Your knowledge and expertise on this topic would be greatly appreciated as I am relatively a bitcoin noob 

Thanks guys,

BC

[1714784681]

1714784681

[1714784681]

1714784681

[mndrix]

One risk of using a static address is that everyone knows how much has been sent to that address.  For example, one can see how much bitcoin has been donated to the EFF because they use a static address.  Each user has his own personal preference about such information being publicly available.

I'm also new to this, but I understand that no malicious attacks are possible given only a Bitcoin address.  Unless you consider free money malicious

[casascius]

Maybe someone can publish some sample code for producing a brand new address "on the fly" from a web site, then transmit the corresponding public/private key pair to the person who is supposed to receive the funds.  Example, it could e-mail that information, encrypted with a public key belonging to the intended recipient.  There would need to be a way in the bitcoin client to easily import that into the wallet.dat.

[davout]

What exactly are you trying to acomplish here ?

If you use the accounts feature of the bitcoin client you can generate as much addresses as you want for a given user.

If you want example code you should state which language you want the example in

[casascius]

What exactly are you trying to acomplish here ?

To put a donate button on a website that generates a brand new address on demand for everyone who wants to donate, so all the donors don't donate to a common address that can tie everyone together.

If there was a language of choice, perhaps it would be Javascript, so it happened all in the browser.  Of course there has to be some way to get the generated keypair to the recipient, like e-mail or whatever, but somebody else can figure that out.

[Gavin Andresen]

What exactly are you trying to acomplish here ?

To put a donate button on a website that generates a brand new address on demand for everyone who wants to donate, so all the donors don't donate to a common address that can tie everyone together.

If there was a language of choice, perhaps it would be Javascript, so it happened all in the browser.  Of course there has to be some way to get the generated keypair to the recipient, like e-mail or whatever, but somebody else can figure that out.

Simplest way:

Call getaccountaddress "charity_name"  when you generate the web page.  You'll get the same address over and over, until somebody donates.  Then you'll get a new address.

Then periodically call:
  getbalance "charity_name"
... and if the balance is greater than zero, call:
  sendfrom "charity_name" charity_real_bitcoin_address amount

... to send the charity the accumulated coins.

If you deal with several charities this way, AND you're bundling up several donations before forwarding the coins to the charity, then it'll be hard to connect donors to particular charities.

[FatherMcGruder]

If you deal with several charities this way, AND you're bundling up several donations before forwarding the coins to the charity, then it'll be hard to connect donors to particular charities.

What the receiver intends not merely to obfuscate the senders, but also his income?

[davout]

As soon as the person receiving donations spends the coins in larger amounts than the donations it will be possible to link the addresses together with the BBE.

[FreeMoney]

As soon as the person receiving donations spends the coins in larger amounts than the donations it will be possible to link the addresses together with the BBE.

Do you mean because coins will be sent from multiple addresses?

Can't this be avoided by spending exactly the amount received from one address?

Get 18BTC from 1Nk... and 10BTC from 1Lo... so you don't spend 20 because that will link them, you send 18 to mtgox then you send 10 to mtgox then you cash out 26 at some point later and sell 2 for USD or whatever.

Maybe I miss your point though.

[davout]

As soon as the person receiving donations spends the coins in larger amounts than the donations it will be possible to link the addresses together with the BBE.

Do you mean because coins will be sent from multiple addresses?

Can't this be avoided by spending exactly the amount received from one address?

Get 18BTC from 1Nk... and 10BTC from 1Lo... so you don't spend 20 because that will link them, you send 18 to mtgox then you send 10 to mtgox then you cash out 26 at some point later and sell 2 for USD or whatever.

Maybe I miss your point though.

No
You got my point perfectly ! Transferring to MtGox is a perfect counter measure since everything gets pooled.
However mt gox would then be aware of that. But that might be acceptable.

Just wanted to point out the fact that the one-address-per-payment solution is a good start but definitely sufficient to achieve a good level of anonymity