Question about addresses - different addresses controlled by single private key

[overtorment2]

To my understanding, I can generate 3 (4??) different addresses from my private key:

* Legacy address  1ABCDE..... (plus one in uncompressed format)
* Segwit P2SH address   3ABCDE....
* Segwit Bech32 address  bc1ABCDE....
* P2SH multisig address (1-out-of-1)   3ABCDE.... - unsure

I can send coins to all of those addresses, and to 3rd party observer that will look like balances on different unrelated addresses.
If I'm correct, are there any flaws or security risks in this?
And if I'm importing private key to some kind of wallet software, how wallet determines which address to scan on blockchain and which balance to consider as wallet's balance?

Thank you for your answers, I realize there are chances this is a pretty dumb question :-)

[1714133872]

1714133872

[1714133872]

1714133872

[1714133872]

1714133872

[1714133872]

1714133872

[1714133872]

1714133872

[1714133872]

1714133872

[RGBKey]

And if I'm importing private key to some kind of wallet software, how wallet determines which address to scan on blockchain and which balance to consider as wallet's balance?/

I believe it depends on the wallet software. So older wallets will be looking for outputs on your legacy outputs, wallets with segwit support will probably scan segwit P2SH addresses (possibly also legacy outputs, depending on the wallet, I don't think many do, if any). So far, the latest version of Electrum is the only wallet I know that supports Bech32, although I might be wrong/outdated on that. And as far as multisig, your wallet would definitely have to be explicitly looking for multisig funds.

AFAIK there shouldn't be any security risks from using the same private key for multiple types of addresses, as the key is just a way to sign a transaction for an output where it can provide the required information to spend with. That said, I still wouldn't do it because it just feels wrong to me. If you want to look into it more, [ur=https://en.bitcoin.it/wiki/Script]here is the page on the Bitcoin wiki detailing the script system[/url]. It explains how standard (legacy) transactions work, and also script transactions, and all the various opcodes. It's good reading if the technical details are interesting to you.

[achow101]

I can send coins to all of those addresses, and to 3rd party observer that will look like balances on different unrelated addresses.
If I'm correct, are there any flaws or security risks in this?

Not necessarily.

P2PKH (legacy) and P2WPKH (bech32) addresses contain the same data, the hash160 of your public key. So anyone scanning the blockchain will immediately know that if a P2PKH output and a P2WPKH output have the same hash160, then the owner is the same person.

Regarding security risks, there are none.

And if I'm importing private key to some kind of wallet software, how wallet determines which address to scan on blockchain and which balance to consider as wallet's balance?

It doesn't know. Currently, if you import a WIF format private key (as is the current standard), most wallets will interpret it as the private key for a P2PKH address. Some wallets may have settings that let you tell it to make a P2WPKH or P2SH-P2WPKH address, but there is no standard for that. It is currently up to the implementations.

However the creator of the bech32 standard is currently working on a similar encoding for private keys. This encoding would specify the type of witness output that a private key is for so wallets can use that to determine what address to create and scan for.

[DannyHamilton]

how wallet determines which address to scan on blockchain and which balance to consider as wallet's balance?

There is no bitcoin protocol for how to determine balances.  That decision is left up to the individual implementation of the wallet.  Therefore, there could be various different implementations of various efficiencies depending on what wallet software you are using.

Generally however...

Wallets typically wouldn't "scan addresses".  Instead they scan unspent outputs (the UTXO).  For each unspent output, the wallet determines if it knows how to spend that output.  If it does, then it adds the value of that unspent output to the balance that it displays to the user and continues scanning.  If it does not, then it skips the output and continues scanning.  Once the wallet has scanned all unspent outputs, it the total balance shown will be the balance that the wallet believes it knows how to spend.