|
colinistheman (OP)
|
 |
August 18, 2013, 04:26:11 PM |
|
Is it safe to re-use a paper wallet BTC address after spending it all? I spent it all in one transfer, so there was no "change" to be sent back to me. Does this make it safe to use this wallet again? I know for a fact that this private key is safe because I generated and printed it on an offline computer.
Does the mere fact of me having done a spend transfer with it on the blockchain make it less secure?
|
|
|
|
|
|
|
"Your bitcoin is secured in a way that is physically impossible for others to access, no matter for what reason, no matter how good the excuse, no matter a majority of miners, no matter what." -- Greg Maxwell
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
shawshankinmate37927
|
|
August 18, 2013, 05:11:25 PM |
|
Is it safe to re-use a paper wallet BTC address after spending it all? I spent it all in one transfer, so there was no "change" to be sent back to me. Does this make it safe to use this wallet again? I know for a fact that this private key is safe because I generated and printed it on an offline computer.
Does the mere fact of me having done a spend transfer with it on the blockchain make it less secure?
Why not generate a new paper wallet, just in case? |
"It is well enough that people of the nation do not understand our banking and monetary system, for if they did, I believe there would be a revolution before tomorrow morning." - Henry Ford
|
|
|
|
nameface
|
|
August 18, 2013, 05:39:30 PM |
|
You will relate future transactions to previous transactions by reusing your public key. The effect is diminished anonymity, it's not really a security concern.
|
|
|
|
|
|
Birdy
|
|
August 18, 2013, 05:54:49 PM |
|
Is it safe to re-use a paper wallet BTC address after spending it all? I spent it all in one transfer, so there was no "change" to be sent back to me. Does this make it safe to use this wallet again? I know for a fact that this private key is safe because I generated and printed it on an offline computer.
Does the mere fact of me having done a spend transfer with it on the blockchain make it less secure?
You had to import the private key somewhere to spend the Bitcoins from the paper wallet, so it's as secure as the place you've used it on. |
|
|
|
|
|
superduh
|
|
August 18, 2013, 05:55:13 PM |
|
this should be a technical answer as opposed to the o so common paranoia
|
ok
|
|
|
|
colinistheman (OP)
|
|
August 18, 2013, 09:28:09 PM |
|
You had to import the private key somewhere to spend the Bitcoins from the paper wallet, so it's as secure as the place you've used it on.
Ah, that's a good point. Thanks this should be a technical answer as opposed to the o so common paranoia
Yes, I'm looking for the technical reasons. I just want to fully understand how it works so I can truly make the best decision for myself. |
|
|
|
|
colinistheman (OP)
|
|
August 18, 2013, 09:30:01 PM |
|
You will relate future transactions to previous transactions by reusing your public key. The effect is diminished anonymity, it's not really a security concern.
Thanks for the answer. Yes, however I suppose it could be if the place where I used my private key ever got hacked or leaked it based on Birdy's answer. Looks like it's generating new keys for me. |
|
|
|
|
2_Thumbs_Up
|
|
August 18, 2013, 09:42:42 PM |
|
Well, re-using keys makes you vulnerable to flawed RNGs.
|
|
|
|
|
|
colinistheman (OP)
|
|
August 19, 2013, 01:49:51 AM |
|
Well, re-using keys makes you vulnerable to flawed RNGs.
What are RNGs? |
|
|
|
grue
Legendary
 Offline
Activity: 2058
Merit: 1431
|
|
August 19, 2013, 01:52:32 AM |
|
Well, re-using keys makes you vulnerable to flawed RNGs.
What are RNGs? random number generators. see: the recent issue with android based wallets. |
|
|
|
|
Valle
|
|
August 19, 2013, 03:48:08 AM |
|
Flawed RNG == random number generator what returns only one number every time. Happened once in the history on a dumb hardware wallet.
|
|
|
|
|
|
Valle
|
|
August 19, 2013, 03:53:26 AM |
|
When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.
|
|
|
|
|
Dabs
Legendary
Offline
Activity: 3416
Merit: 1912
The Concierge of Crypto
|
|
August 19, 2013, 05:23:45 AM |
|
Notice that satoshi dice uses the same address over and over. As do many other block chain based games. Most vanity addresses are reused. Some mining pools reuse the same address for sending your mining income, directly or indirectly. Donation addresses are usually reused.
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1233
May Bitcoin be touched by his Noodly Appendage
|
|
August 19, 2013, 10:24:04 AM |
|
When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.
Congratulations for posting the only technical post. ECDSA is indeed enough. If an EC becomes broken, Bitcoin won't be the first target. |
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc. |
|
|
|
colinistheman (OP)
|
|
August 19, 2013, 03:14:21 PM |
|
When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.
Thank you for the explanation! |
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3374
Merit: 4606
|
|
August 20, 2013, 05:55:31 AM |
|
Notice that satoshi dice uses the same address over and over. As do many other block chain based games. Most vanity addresses are reused. Some mining pools reuse the same address for sending your mining income, directly or indirectly. Donation addresses are usually reused.
The fact that others make poor decisions isn't evidence that the decisions aren't poor. |
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3374
Merit: 4606
|
|
August 20, 2013, 05:58:41 AM |
|
When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.
Congratulations for posting the only technical post. ECDSA is indeed enough. If an EC becomes broken, Bitcoin won't be the first target. While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly. As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue. |
|
|
|
|
|
colinistheman (OP)
|
|
August 20, 2013, 10:44:03 AM |
|
When you don't reuse addresses, your bitcoins are protected by ECDSA (Elliptic Curve Digital Signature Algorithm), SHA-256 and RIPEMD-160. On a first transaction you publish your public key, so only ECDSA lefts. However, I believe that it is still pretty secure.
Congratulations for posting the only technical post. ECDSA is indeed enough. If an EC becomes broken, Bitcoin won't be the first target. While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly. As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue. Awesome. Another great technical reason. This is exactly what I need to hear. I feel like i actaully understand the benefits of not re-using a key now. Thank you everyone |
|
|
|
Kouye
Sr. Member
Offline
Activity: 336
Merit: 250
Cuddling, censored, unicorn-shaped troll.
|
|
August 20, 2013, 01:06:27 PM |
|
While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly.
As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue.
Forgive the intrusion, but I'm curious, Danny. Do you really discard the private keys once you cleared the unspent output, as you state on your BTC trading post? Or do you keep them in archive wallets "just in case"? |
[OVER] RIDDLES 2nd edition --- this was claimed. Look out for 3rd edition! I won't ever ask for a loan nor offer any escrow service. If I do, please consider my account as hacked. |
|
|
DannyHamilton
Legendary
Offline
Activity: 3374
Merit: 4606
|
|
August 20, 2013, 01:36:34 PM |
|
While ECDSA is "enough" when used properly, there are issues that can arise that reduce your security when it is not used properly.
As an example, if the random number generator that is used to generate the k value when singing a transaction isn't sufficiently "random" it becomes possible for someone to use multiple signatures from the same private key to compute that private key and steal your bitcoins. If you use a new address for each transaction, then you never have multiple signatures from the same private key, so this is no longer an issue.
Forgive the intrusion, but I'm curious, Danny. Do you really discard the private keys once you cleared the unspent output, as you state on your BTC trading post? Or do you keep them in archive wallets "just in case"? It is safest to assume that I discard them regardless of what I actually do. No harm at all can come from accepting that I discard them. |
|
|
|
|
|
