Bitcoin Forum
November 11, 2024, 01:19:21 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Poll
Question: Sentiments?
You're an idiot, don't do this! - 154 (47.2%)
I don't like this, but I agree we need to move forward with it. - 27 (8.3%)
We should have waited longer, but I guess it needs to move forward now. - 26 (8%)
Great, it's about time! - 44 (13.5%)
You're a hero, let's get this deployed everywhere ASAP! - 49 (15%)
If it's from Luke, it can't be any good. - 26 (8%)
Total Voters: 326

Pages: « 1 2 [3] 4 5 6 7 8 9 10 11 12 13 14 15 »  All
  Print  
Author Topic: Miners: Time to deprioritise/filter address reuse!  (Read 51827 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
btc4ever
Sr. Member
****
Offline Offline

Activity: 321
Merit: 250


View Profile
November 15, 2013, 08:13:41 AM
 #41

yeah, I think we should all put gmaxwell's post in our sigs for all to see.   ;-)

Psst!!  Wanna make bitcoin unstoppable? Why the Only Real Way to Buy Bitcoins Is on the Streets. Avoid banks and centralized exchanges.   Buy/Sell coins locally.  Meet other bitcoiners and develop your network.   Try localbitcoins.com or find or start a buttonwood / satoshi square in your area.  Pass it on!
Luke-Jr (OP)
Legendary
*
Offline Offline

Activity: 2576
Merit: 1186



View Profile
November 15, 2013, 08:20:49 AM
 #42

So you mean BTC is mainly adopted by people wants 100% privacy?  On the contrary, it's possible that the majority haven't adopt BTC just because of the anonymity. Most of people heard of BTC but haven't convinced to use them because they think the government will not allow such things to exist. The main objective of BTC foundation is not to increase its anonymity, but to explain to the authority that it's not as anonymous as they think.
This isn't about anonymity.
If the government wants to know who you are, they'll subpoena your landlord to tell them.
Are you saying the majority of people want the unknown to-be-rapist down the street to know their every purchase, telling him where you've been and what you buy?
They want the pedophile-to-be to know when and where they drop their children off at childcare?

BitThink
Legendary
*
Offline Offline

Activity: 882
Merit: 1000



View Profile
November 15, 2013, 08:25:07 AM
 #43

So you mean BTC is mainly adopted by people wants 100% privacy?  On the contrary, it's possible that the majority haven't adopt BTC just because of the anonymity. Most of people heard of BTC but haven't convinced to use them because they think the government will not allow such things to exist. The main objective of BTC foundation is not to increase its anonymity, but to explain to the authority that it's not as anonymous as they think.
This isn't about anonymity.
If the government wants to know who you are, they'll subpoena your landlord to tell them.
Are you saying the majority of people want the unknown to-be-rapist down the street to know their every purchase, telling him where you've been and what you buy?
They want the pedophile-to-be to know when and where they drop their children off at childcare?

Why will they know my every purchase, and where I've been?  I don't understand. Just because I put a fixed receiving address on the mining pool?  Many people on this forum put their btc address in their signature for tips, what kind of privacy they lose?

It only happens when they are using that address to buy something requiring name and shipping address, right? I believe no one will use public address to pay for something they don't want others know anyway.
gmaxwell
Moderator
Legendary
*
Offline Offline

Activity: 4270
Merit: 8805



View Profile WWW
November 15, 2013, 08:27:42 AM
 #44

No one asks you to make your btc addresses public. You can keep it as secret as you will. You can always choose to generate one-time receiving address if you want. But is there any reason to stop others to use one address as their public address if they think they don't mind?
Because reusing addresses makes it open to everyone, not just the relevant parties you'd like (or have been ordered to) disclose them to. Worse, your lack of privacy make everyone you transact with and everyone they transact with less private.  Your comments about "always choose" are empty promises in the face of proposals to have black and white lists which will limit your ability to transact, and empty in the face of privacy losses created by people who you've transacted with.

I can turn everything you've said right around— there is nothing preventing you from privately identifying yourself and registering your addresses. You can always do this and the parties you transact with can to. Nothing about requiring privacy preserving behavior in the public network prevents you from separately having information disclosed about you, nothing can prevent investigations from happening. But the converse is not true, the lack of privacy in the public network very easily prevents people from choosing to be private at all, and it very easily can make Bitcoin worthless as a money like good.
niothor
Hero Member
*****
Offline Offline

Activity: 826
Merit: 501


in defi we trust


View Profile
November 15, 2013, 08:29:03 AM
 #45

Somebody please explain to me the following situation..
I have a business like a gas station or a fast food, in order to actually serve all my customers and have the bitcoins in my account (transaction confirmed) with this limit of 1/block or 250/day I would have to use multiple addresses. Won't this just put more pressure on the blockchain when people we'll try to cash out?

What will happen if you have 1000 customers a day ?


             ▄          ▄▄▄▄    ▄
            ███      ▄██████▀  ▀█▀
            ███     ▄██▀
            ███     ███        ▄█▄   ▄█▄ ▄█████▄▄         ▄▄██████▄      ▄█▄ ▄█████▄▄         ▄▄█████▄▄        ▄▄█████▄▄
    ▄▄▄▄▄▄  ███     ███        ███   ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ▄███▀▀▀▀▀███▄
  ▄████████▄███  ▄█████████▄   ███   ████▀      ▀███   ▄██▀       ▀██▄   ████▀      ▀███   ▄██▀       ▀█▀   ▄██▀       ▀██▄
▄███▀    ▀█████   ▀▀███▀▀▀▀    ███   ███         ███   ███         ███   ███         ███   ███              ███████████████
███   ▄▄   ▀███     ███        ███   ███         ███   ███         ███   ███         ███   ███              ███▀▀▀▀▀▀▀▀▀▀▀
███   ▀▀   ▄███     ███        ███   ███         ███   ███         ███   ███         ███   ███         ▄    ███         ▄
▀███▄    ▄█████     ███        ███   ███         ███    ███▄▄   ▄▄████   ███         ███    ███▄▄    ▄███    ███▄▄   ▄▄███
  ▀████████▀███     ███        ███   ███         ███     ▀████████▀███   ███         ███     ▀█████████▀      ▀█████████▀
    ▀▀▀▀▀▀   ▀       ▀          ▀     ▀           ▀         ▀▀▀▀▀   ▀     ▀           ▀         ▀▀▀▀▀            ▀▀▀▀▀

       ▄▄▄▄▄▄▄
   ▄▄▀▀       ▀▀▄▄
  █               █ ▄
 █   █▀▄ ▀█▀ ▀█▀   █ ▀▄
 █   █▀▄  █   █    █  ▀▄
  █  ▀▀   ▀   ▀   █    █
▄▀ ▄▄           ▄▀    ▄▀
 ▀▀  ▀▀▄▄▄▄▄▄▄▀▀      ▀▄
        ▀▄▄      ▄▄▀▀▄▄▀
           ▀▀▀▀▀▀

                      ▄▄▄
  ▄█▄              ▄███████▄
  ▀████▄▄         ██████▀██████▀
    ▀▀▀████▄▄     ███████████▀
    ▀██▄███████▄▄███████████
     ▄▄▄▀██████████████████
      ▀████████████████████
▀█▄▄     ▀████████████████
  ▀████████████████▀█████
    ▀████████████▀▄▄███▀
       ▀▀██████████▀▀
           ▀▀▀▀▀

               ▄▄   ▄▄
              ▄▀ ▀▀█  █
             ▄▀     ▀▀
         ▄▄▄▄█▄
     ▄█▀▀▀▀▀▀▀▀▀▀█▄
 ▄▀▄▀              ▀▄▀▄
█  █   ▄█▄    ▄█▄   █  █
 ▀█    ▀█▀    ▀█▀    █▀
  █                  █
   █   ▀▄      ▄▀   █
    ▀▄   ▀▀▀▀▀▀   ▄▀
      ▀▀▄▄▄▄▄▄▄▄▀▀
New Age of DEFI
A Non-Code Platform for
Decentralized Trading Instruments

   ▄▄███████████████▄▄
 ▄█████████████████████▄
▄██████████████▀▀███████▄
████████████▀▀    ███████
█████████▀▀   ▄   ███████
██████▀▀     █    ███████
████▀       █     ███████
█████▄▄   ▄█      ███████
████████ ██▄      ███████
▀████████ ▀▄███▄▄███████▀
 ▀█████████████████████▀
   ▀▀███████████████▀▀

     ▄              ▄
   ▄███▄          ▄███▄
   █████▄  ▄▄▄▄  ▄█████
  ▄████████████████████▄
 ▄██████████████████████▄
 ████████████████████████
██████▀▀          ▀▀██████
█████▀   ▄      ▄   ▀█████
 ████   ███    ███   ████
  ████   ▀      ▀   ████
   ▀████▄▄▄▄▄▄▄▄▄▄████▀
     ▀▀████████████▀▀

   ▄▄████████████████▄▄
 ▄█████▀▀▀██████▀▀▀█████▄
▄████▀  ▀▀▀    ▀▀▀  ▀████▄
████▀                ▀████
███▀                  ▀███
███       ▄    ▄       ███
██▀      ███  ███      ▀██
██       ▀█▀  ▀█▀       ██
██▄     ▄        ▄     ▄██
▀██▄     ▀▀▄▄▄▄▀▀     ███▀
 ▀███▄▄▄▄▄▄████▄▄▄▄▄▄███▀
   ▀▀████████████████▀▀
gmaxwell
Moderator
Legendary
*
Offline Offline

Activity: 4270
Merit: 8805



View Profile WWW
November 15, 2013, 08:31:06 AM
 #46

Somebody please explain to me the following situation..
I have a business like a gas station or a fast food, in order to actually serve all my customers and have the bitcoins in my account (transaction confirmed) with this limit of 1/block or 250/day I would have to use multiple addresses.
You already have to use one address per purchase (/customer) or you cannot tell who paid you. This is already the universal practice in Bitcoin payment processing.

Quote
Won't this just put more pressure on the blockchain when people we'll try to cash out?
No, a payment is a payement is a payment. There are no accounts or balances in the blockchain itself— it's completely blind to things like addresses.
niothor
Hero Member
*****
Offline Offline

Activity: 826
Merit: 501


in defi we trust


View Profile
November 15, 2013, 08:32:50 AM
 #47

Somebody please explain to me the following situation..
I have a business like a gas station or a fast food, in order to actually serve all my customers and have the bitcoins in my account (transaction confirmed) with this limit of 1/block or 250/day I would have to use multiple addresses.
You already have to use one address per purchase (/customer) or you cannot tell who paid you. This is already the universal practice in Bitcoin payment processing.

Quote
Won't this just put more pressure on the blockchain when people we'll try to cash out?
No, a payment is a payement is a payment. There are no accounts or balances in the blockchain itself— it's completely blind to things like addresses.

Thanks for the info


             ▄          ▄▄▄▄    ▄
            ███      ▄██████▀  ▀█▀
            ███     ▄██▀
            ███     ███        ▄█▄   ▄█▄ ▄█████▄▄         ▄▄██████▄      ▄█▄ ▄█████▄▄         ▄▄█████▄▄        ▄▄█████▄▄
    ▄▄▄▄▄▄  ███     ███        ███   ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ▄███▀▀▀▀▀███▄
  ▄████████▄███  ▄█████████▄   ███   ████▀      ▀███   ▄██▀       ▀██▄   ████▀      ▀███   ▄██▀       ▀█▀   ▄██▀       ▀██▄
▄███▀    ▀█████   ▀▀███▀▀▀▀    ███   ███         ███   ███         ███   ███         ███   ███              ███████████████
███   ▄▄   ▀███     ███        ███   ███         ███   ███         ███   ███         ███   ███              ███▀▀▀▀▀▀▀▀▀▀▀
███   ▀▀   ▄███     ███        ███   ███         ███   ███         ███   ███         ███   ███         ▄    ███         ▄
▀███▄    ▄█████     ███        ███   ███         ███    ███▄▄   ▄▄████   ███         ███    ███▄▄    ▄███    ███▄▄   ▄▄███
  ▀████████▀███     ███        ███   ███         ███     ▀████████▀███   ███         ███     ▀█████████▀      ▀█████████▀
    ▀▀▀▀▀▀   ▀       ▀          ▀     ▀           ▀         ▀▀▀▀▀   ▀     ▀           ▀         ▀▀▀▀▀            ▀▀▀▀▀

       ▄▄▄▄▄▄▄
   ▄▄▀▀       ▀▀▄▄
  █               █ ▄
 █   █▀▄ ▀█▀ ▀█▀   █ ▀▄
 █   █▀▄  █   █    █  ▀▄
  █  ▀▀   ▀   ▀   █    █
▄▀ ▄▄           ▄▀    ▄▀
 ▀▀  ▀▀▄▄▄▄▄▄▄▀▀      ▀▄
        ▀▄▄      ▄▄▀▀▄▄▀
           ▀▀▀▀▀▀

                      ▄▄▄
  ▄█▄              ▄███████▄
  ▀████▄▄         ██████▀██████▀
    ▀▀▀████▄▄     ███████████▀
    ▀██▄███████▄▄███████████
     ▄▄▄▀██████████████████
      ▀████████████████████
▀█▄▄     ▀████████████████
  ▀████████████████▀█████
    ▀████████████▀▄▄███▀
       ▀▀██████████▀▀
           ▀▀▀▀▀

               ▄▄   ▄▄
              ▄▀ ▀▀█  █
             ▄▀     ▀▀
         ▄▄▄▄█▄
     ▄█▀▀▀▀▀▀▀▀▀▀█▄
 ▄▀▄▀              ▀▄▀▄
█  █   ▄█▄    ▄█▄   █  █
 ▀█    ▀█▀    ▀█▀    █▀
  █                  █
   █   ▀▄      ▄▀   █
    ▀▄   ▀▀▀▀▀▀   ▄▀
      ▀▀▄▄▄▄▄▄▄▄▀▀
New Age of DEFI
A Non-Code Platform for
Decentralized Trading Instruments

   ▄▄███████████████▄▄
 ▄█████████████████████▄
▄██████████████▀▀███████▄
████████████▀▀    ███████
█████████▀▀   ▄   ███████
██████▀▀     █    ███████
████▀       █     ███████
█████▄▄   ▄█      ███████
████████ ██▄      ███████
▀████████ ▀▄███▄▄███████▀
 ▀█████████████████████▀
   ▀▀███████████████▀▀

     ▄              ▄
   ▄███▄          ▄███▄
   █████▄  ▄▄▄▄  ▄█████
  ▄████████████████████▄
 ▄██████████████████████▄
 ████████████████████████
██████▀▀          ▀▀██████
█████▀   ▄      ▄   ▀█████
 ████   ███    ███   ████
  ████   ▀      ▀   ████
   ▀████▄▄▄▄▄▄▄▄▄▄████▀
     ▀▀████████████▀▀

   ▄▄████████████████▄▄
 ▄█████▀▀▀██████▀▀▀█████▄
▄████▀  ▀▀▀    ▀▀▀  ▀████▄
████▀                ▀████
███▀                  ▀███
███       ▄    ▄       ███
██▀      ███  ███      ▀██
██       ▀█▀  ▀█▀       ██
██▄     ▄        ▄     ▄██
▀██▄     ▀▀▄▄▄▄▀▀     ███▀
 ▀███▄▄▄▄▄▄████▄▄▄▄▄▄███▀
   ▀▀████████████████▀▀
Luke-Jr (OP)
Legendary
*
Offline Offline

Activity: 2576
Merit: 1186



View Profile
November 15, 2013, 08:32:56 AM
 #48

I have a business like a gas station or a fast food, in order to actually serve all my customers and have the bitcoins in my account (transaction confirmed)
Why do you need that? Do you accept credit cards? Do you wait for them to confirm as well (6 months)?
with this limit of 1/block or 250/day I would have to use multiple addresses.
You have to use multiple addresses anyway.
"Addresses" are badly named: "invoice id" would be more accurate.
What will happen if you have 1000 customers a day ?
If you use the same address all the time, it'll be impossible to know which of the 10 or so paying-right-now customers failed to pay their bill.

niothor
Hero Member
*****
Offline Offline

Activity: 826
Merit: 501


in defi we trust


View Profile
November 15, 2013, 08:40:35 AM
 #49

I have a business like a gas station or a fast food, in order to actually serve all my customers and have the bitcoins in my account (transaction confirmed)
Why do you need that? Do you accept credit cards? Do you wait for them to confirm as well (6 months)?
with this limit of 1/block or 250/day I would have to use multiple addresses.
You have to use multiple addresses anyway.
"Addresses" are badly named: "invoice id" would be more accurate.
What will happen if you have 1000 customers a day ?
If you use the same address all the time, it'll be impossible to know which of the 10 or so paying-right-now customers failed to pay their bill.

Thanks for the response.
So the only inconvenience will be if you use the same address to pay for something you'll have to wait two block.
This is not as bad as it seems for the average user.

But , what will happen if the next pool decides to raise this for 1 to 100?
I'm more concern about what this could lead to that what it actually does , to be sincere.



             ▄          ▄▄▄▄    ▄
            ███      ▄██████▀  ▀█▀
            ███     ▄██▀
            ███     ███        ▄█▄   ▄█▄ ▄█████▄▄         ▄▄██████▄      ▄█▄ ▄█████▄▄         ▄▄█████▄▄        ▄▄█████▄▄
    ▄▄▄▄▄▄  ███     ███        ███   ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ▄███▀▀▀▀▀███▄
  ▄████████▄███  ▄█████████▄   ███   ████▀      ▀███   ▄██▀       ▀██▄   ████▀      ▀███   ▄██▀       ▀█▀   ▄██▀       ▀██▄
▄███▀    ▀█████   ▀▀███▀▀▀▀    ███   ███         ███   ███         ███   ███         ███   ███              ███████████████
███   ▄▄   ▀███     ███        ███   ███         ███   ███         ███   ███         ███   ███              ███▀▀▀▀▀▀▀▀▀▀▀
███   ▀▀   ▄███     ███        ███   ███         ███   ███         ███   ███         ███   ███         ▄    ███         ▄
▀███▄    ▄█████     ███        ███   ███         ███    ███▄▄   ▄▄████   ███         ███    ███▄▄    ▄███    ███▄▄   ▄▄███
  ▀████████▀███     ███        ███   ███         ███     ▀████████▀███   ███         ███     ▀█████████▀      ▀█████████▀
    ▀▀▀▀▀▀   ▀       ▀          ▀     ▀           ▀         ▀▀▀▀▀   ▀     ▀           ▀         ▀▀▀▀▀            ▀▀▀▀▀

       ▄▄▄▄▄▄▄
   ▄▄▀▀       ▀▀▄▄
  █               █ ▄
 █   █▀▄ ▀█▀ ▀█▀   █ ▀▄
 █   █▀▄  █   █    █  ▀▄
  █  ▀▀   ▀   ▀   █    █
▄▀ ▄▄           ▄▀    ▄▀
 ▀▀  ▀▀▄▄▄▄▄▄▄▀▀      ▀▄
        ▀▄▄      ▄▄▀▀▄▄▀
           ▀▀▀▀▀▀

                      ▄▄▄
  ▄█▄              ▄███████▄
  ▀████▄▄         ██████▀██████▀
    ▀▀▀████▄▄     ███████████▀
    ▀██▄███████▄▄███████████
     ▄▄▄▀██████████████████
      ▀████████████████████
▀█▄▄     ▀████████████████
  ▀████████████████▀█████
    ▀████████████▀▄▄███▀
       ▀▀██████████▀▀
           ▀▀▀▀▀

               ▄▄   ▄▄
              ▄▀ ▀▀█  █
             ▄▀     ▀▀
         ▄▄▄▄█▄
     ▄█▀▀▀▀▀▀▀▀▀▀█▄
 ▄▀▄▀              ▀▄▀▄
█  █   ▄█▄    ▄█▄   █  █
 ▀█    ▀█▀    ▀█▀    █▀
  █                  █
   █   ▀▄      ▄▀   █
    ▀▄   ▀▀▀▀▀▀   ▄▀
      ▀▀▄▄▄▄▄▄▄▄▀▀
New Age of DEFI
A Non-Code Platform for
Decentralized Trading Instruments

   ▄▄███████████████▄▄
 ▄█████████████████████▄
▄██████████████▀▀███████▄
████████████▀▀    ███████
█████████▀▀   ▄   ███████
██████▀▀     █    ███████
████▀       █     ███████
█████▄▄   ▄█      ███████
████████ ██▄      ███████
▀████████ ▀▄███▄▄███████▀
 ▀█████████████████████▀
   ▀▀███████████████▀▀

     ▄              ▄
   ▄███▄          ▄███▄
   █████▄  ▄▄▄▄  ▄█████
  ▄████████████████████▄
 ▄██████████████████████▄
 ████████████████████████
██████▀▀          ▀▀██████
█████▀   ▄      ▄   ▀█████
 ████   ███    ███   ████
  ████   ▀      ▀   ████
   ▀████▄▄▄▄▄▄▄▄▄▄████▀
     ▀▀████████████▀▀

   ▄▄████████████████▄▄
 ▄█████▀▀▀██████▀▀▀█████▄
▄████▀  ▀▀▀    ▀▀▀  ▀████▄
████▀                ▀████
███▀                  ▀███
███       ▄    ▄       ███
██▀      ███  ███      ▀██
██       ▀█▀  ▀█▀       ██
██▄     ▄        ▄     ▄██
▀██▄     ▀▀▄▄▄▄▀▀     ███▀
 ▀███▄▄▄▄▄▄████▄▄▄▄▄▄███▀
   ▀▀████████████████▀▀
BitThink
Legendary
*
Offline Offline

Activity: 882
Merit: 1000



View Profile
November 15, 2013, 08:41:22 AM
 #50

No one asks you to make your btc addresses public. You can keep it as secret as you will. You can always choose to generate one-time receiving address if you want. But is there any reason to stop others to use one address as their public address if they think they don't mind?
Because reusing addresses makes it open to everyone, not just the relevant parties you'd like (or have been ordered to) disclose them to. Worse, your lack of privacy make everyone you transact with and everyone they transact with less private.  Your comments about "always choose" are empty promises in the face of proposals to have black and white lists which will limit your ability to transact, and empty in the face of privacy losses created by people who you've transacted with.

I can turn everything you've said right around— there is nothing preventing you from privately identifying yourself and registering your addresses. You can always do this and the parties you transact with can to. Nothing about requiring privacy preserving behavior in the public network prevents you from separately having information disclosed about you, nothing can prevent investigations from happening. But the converse is not true, the lack of privacy in the public network very easily prevents people from choosing to be private at all, and it very easily can make Bitcoin worthless as a money like good.

Could you provide a concrete example to explain why reusing addresses by A will affect B if B always carefully choosing address. and how both A and B never reusing addresses prevent it? I'm still not so clear about it.

Since the drawbacks are very apparent, IMHO you need a very clear explanation about the benefit and why the benefit is far more important than the drawbacks.

 
BitThink
Legendary
*
Offline Offline

Activity: 882
Merit: 1000



View Profile
November 15, 2013, 08:45:16 AM
Last edit: November 15, 2013, 08:57:42 AM by BitThink
 #51

I have a business like a gas station or a fast food, in order to actually serve all my customers and have the bitcoins in my account (transaction confirmed)
Why do you need that? Do you accept credit cards? Do you wait for them to confirm as well (6 months)?
with this limit of 1/block or 250/day I would have to use multiple addresses.
You have to use multiple addresses anyway.
"Addresses" are badly named: "invoice id" would be more accurate.
What will happen if you have 1000 customers a day ?
If you use the same address all the time, it'll be impossible to know which of the 10 or so paying-right-now customers failed to pay their bill.

Thanks for the response.
So the only inconvenience will be if you use the same address to pay for something you'll have to wait two block.
This is not as bad as it seems for the average user.

But , what will happen if the next pool decides to raise this for 1 to 100?
I'm more concern about what this could lead to that what it actually does , to be sincere.



I think client can help in this case. Whenever you are sending out BTC from an address, all unspent BTC are spent and send to a newly generated change address. In this case, no one will send out BTC with the same address more than once.

I just don't agree on forbidding one address to accept BTC for multiple times. That makes many things complicated and brings no apparent advantage. It will be enough to restrict an address to be used again once its balance is spent.

This could significantly reduce the frequency people have to change their donation address, tip address, and mining income address. But still it invalidates some useful applications, such as MasterCoin and maybe ColorCoin.
gmaxwell
Moderator
Legendary
*
Offline Offline

Activity: 4270
Merit: 8805



View Profile WWW
November 15, 2013, 08:57:18 AM
 #52

Could you provide a concrete example to explain why reusing addresses by A will affect B if B always carefully choosing address. and how both A and B never reusing addresses prevent it? I'm still not so clear about it.
A always reuses addresses. Blockchain.info uses this to display their name and IP address along with their transactions, everyone else they've ever transacted with knows who they are, anyone can identify who they are with a simple google search, etc. Because A reuses so often even if A sometimes doesn't reuse, the coins they receive inevitably get mixed up with the non-reused one. A is entirely public.

Now B is super careful and paranoid... and we're not even in a world where blacklisting or whitelisting prevents B from comfortably using his paranoid practices. He never reuses.  Someone is trying to figure out who B is because they want to defraud him.  Initially they are thwarted by B's pratices but then they see that B initially received his coins from A. Everyone knows who A is. Moreover, they see when they did so. From that alone they've learned a ton of information about B, beyond that they can now go ask A to tell them— they could coerce A, or just trick him, as we've already established that A is pretty happy go lucky and not very cautious.   Beyond that it isn't just A,  B also transacts with other people who are not hygienic and those all potentially leak information too.

This actually works in practice, too... A nice whitehat hacker on IRC was playing around with brainwallet cracking and hit a phrase with ~250 BTC in it.  We were able to identify the owner from just the address alone, because they'd been paid by a Bitcoin service that reused addresses and he was able to talk them into giving up the users contact information. He actually got the user on the phone, they were shocked and confused— but grateful to not be out their coin.  A happy ending there. (This isn't the only example of it, by far ... but its one of the more fun ones).

Uh. We've gone pretty far offtopic here, perhaps these posts should be split from this thread?
deepceleron
Legendary
*
Offline Offline

Activity: 1512
Merit: 1036



View Profile WWW
November 15, 2013, 09:11:30 AM
 #53

Could you provide a concrete example to explain why reusing addresses by A will affect B if B always carefully choosing address. and how both A and B never reusing addresses prevent it? I'm still not so clear about it.

Since the drawbacks are very apparent, IMHO you need a very clear explanation about the benefit and why the benefit is far more important than the drawbacks.

http://blockexplorer.com/address/1Lukejrwhew7sj4TvWCKksaVo7aLpedHDt

Follow the coins back ~12 hops to where they were generated, then follow forward where they were sent to "A". Easy to identify the recipient and owner. Backwards, not so much.

Now if B's next payment with the change from that transaction is to "free Tibet", buy "recreational substances", or pay a hitman to whack a business partner, association with the transaction A may reveal identity. When A is shared and reused, as in "this is the donation address for Eligius", any separate-channel information about someone making a donation to Eligius can be used with this known address to reveal a path to their money.
BitThink
Legendary
*
Offline Offline

Activity: 882
Merit: 1000



View Profile
November 15, 2013, 09:18:34 AM
 #54

Could you provide a concrete example to explain why reusing addresses by A will affect B if B always carefully choosing address. and how both A and B never reusing addresses prevent it? I'm still not so clear about it.
A always reuses addresses. Blockchain.info uses this to display their name and IP address along with their transactions, everyone else they've ever transacted with knows who they are, anyone can identify who they are with a simple google search, etc. Because A reuses so often even if A sometimes doesn't reuse, the coins they receive inevitably get mixed up with the non-reused one. A is entirely public.

Now B is super careful and paranoid... and we're not even in a world where blacklisting or whitelisting prevents B from comfortably using his paranoid practices. He never reuses.  Someone is trying to figure out who B is because they want to defraud him.  Initially they are thwarted by B's pratices but then they see that B initially received his coins from A. Everyone knows who A is. Moreover, they see when they did so. From that alone they've learned a ton of information about B, beyond that they can now go ask A to tell them— they could coerce A, or just trick him, as we've already established that A is pretty happy go lucky and not very cautious.   Beyond that it isn't just A,  B also transacts with other people who are not hygienic and those all potentially leak information too.

This actually works in practice, too... A nice whitehat hacker on IRC was playing around with brainwallet cracking and hit a phrase with ~250 BTC in it.  We were able to identify the owner from just the address alone, because they'd been paid by a Bitcoin service that reused addresses and he was able to talk them into giving up the users contact information. He actually got the user on the phone, they were shocked and confused— but grateful to not be out their coin.  A happy ending there. (This isn't the only example of it, by far ... but its one of the more fun ones).

Uh. We've gone pretty far offtopic here, perhaps these posts should be split from this thread?
https://bitcointalk.org/index.php?topic=334399.msg3589360#msg3589360
I've create a new topic and put my question there.
BitThink
Legendary
*
Offline Offline

Activity: 882
Merit: 1000



View Profile
November 15, 2013, 09:24:50 AM
 #55

Could you provide a concrete example to explain why reusing addresses by A will affect B if B always carefully choosing address. and how both A and B never reusing addresses prevent it? I'm still not so clear about it.

Since the drawbacks are very apparent, IMHO you need a very clear explanation about the benefit and why the benefit is far more important than the drawbacks.

http://blockexplorer.com/address/1Lukejrwhew7sj4TvWCKksaVo7aLpedHDt

Follow the coins back ~12 hops to where they were generated, then follow forward where they were sent to "A". Easy to identify the recipient and owner. Backwards, not so much.

Now if B's next payment with the change from that transaction is to "free Tibet", buy "recreational substances", or pay a hitman to whack a business partner, association with the transaction A may reveal identity. When A is shared and reused, as in "this is the donation address for Eligius", any separate-channel information about someone making a donation to Eligius can be used with this known address to reveal a path to their money.
A question of mine is posted in https://bitcointalk.org/index.php?topic=334399.msg3589360#msg3589360.
btcdrak
Legendary
*
Offline Offline

Activity: 1064
Merit: 1000


View Profile
November 15, 2013, 10:31:54 AM
 #56

I'd previously run something similar on my miners.

Beyond encouraging behavior that improves privacy for everyone and making censorship more of a non-starter, this has a benefit of giving naturally more equitable access to the shared resource of the blockchain:  If someone is self-identifying as a single user by using an address over and over again, why not use that information to give other transactions (which may all be from independent users) more equal access?

The specific details of what form the deprioritization takes are less clear. Right now this patch implements a hard prohibition on reuse that has a one block scope. E.g. if there are 10 transactions with 1APPLE and if all miners ran this patch it would take 10 blocks for them all to make it in.   I'd probably prefer something softer (e.g. treat reuse as having half or quarter the fee/priority), but with longer memory... but the important thing is to get it out there and explore the ideas and effects, and also clean up some of the Bitcoin ecosystem which was lazily reusing addresses constantly for no reason except nothing was incentivizing them to fix it.

We need to get some things (like BIP32) deployed to eliminate some of the sources of reuse, but it does no good if only the paranoids use it,  faster confirmations will be an added incentive for the changes than the amorphous and indirect benefits of inoculating our economy against censorship and loss of privacy.

The patch should be submitted to the main bitcoin project imo so it makes it into the next release.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
November 15, 2013, 10:45:50 AM
 #57

"New address for each payment" is a logic bomb
servowire
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
November 15, 2013, 11:56:45 AM
 #58



So TLDR; you think that a collision could occur? Yes it could, but it won't.

Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
November 15, 2013, 11:58:08 AM
 #59



So TLDR; you think that a collision could occur? Yes it could, but it won't.

Obviously u didn't read it.
n8rwJeTt8TrrLKPa55eU
Hero Member
*****
Offline Offline

Activity: 588
Merit: 500



View Profile
November 15, 2013, 02:01:00 PM
 #60

Thank you Luke and Greg and everyone else who is going to deploy this modification.

It's unfortunate that Satoshi did not have time to plug the privacy leaks in his design, and those leaks are now starting to be exploited by seedy individuals.  But this kind of countermeasure (and the CoinJoin pull request) makes me hopeful that the Bitcoin community can (and will) respond rapidly to mitigate major threats.  Or, worst case, that the developers and miners are quite capable of coming up with a less leaky architecture + hardcoded best practices that could be built-in to a new cryptocurrency from the get-go.

Pages: « 1 2 [3] 4 5 6 7 8 9 10 11 12 13 14 15 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!