Miners: Time to deprioritise/filter address reuse!

[BurtW]

"New address for each payment" is a logic bomb

So TLDR; you think that a collision could occur? Yes it could, but it won't.

Obviously u didn't read it.

I did.  So tl;dr:  People will try to discredit Bitcoin.

But they already do that so this is not new.

I started out not liking the proposal, got up on the fence, now fully support it.  In fact I now see it as only a first step in the right direction.

I now believe that we must do everything we can think of to protect the fungibility of Bitcoin.  Any attack on the fungibility of Bitcoin is a direct attack on Bitcoin itself.  In fact, I now believe that attacking the fungibility of Bitcoin may be the most expedient, cost effective and preferred method of attack by anyone who wishes to destroy it.

Thanks to everyone who is on top of this.  We should be behind this proposal and considering additional proposals.

[1715079887]

1715079887

[1715079887]

1715079887

[1715079887]

1715079887

[soy]

Addresses have always been considered single-time-use since Satoshi released the whitepaper.
While the community has tolerated reuse for things like donation addresses due to lack of convenient alternatives, it looks like the time is here early that this needs to stop.
I had hoped to defer anything in this area until wide deployment of the payment protocol (which should make such things unnecessary), but our hands¹ are perhaps² being forced³ to act sooner⁴.

I am hereby announcing the first release of a the first patch for miners to filter address reuse:
unique_spk_mempool for bitcoind 0.8.5
For now, since this is still somewhat common, this just deprioritises it to one reuse per block.
If I have time, I plan to write patches to be more and less aggressive that miners can choose between (or maybe others will beat me to it!).

If you want to support this move, encourage your favourite mining pool to adopt this or a similar policy change, or use a decentralised pool that lets you apply it yourself.

In collaboration with wizkid057, the Eligius mining pool (15% of total network hashing) is now the first to deploy this change on an experimental basis.

This would seem to be an objection to whitelisting addresses.  Read of that recently.  Mellon, of the banking industry I think it was.  Wants to whitelist addresses that don't want silkroad besmerchment.  Except for making oneself banking industry targetable by them having one's identity it seems like a good idea.  I'd ignore it rather than work against it.

[Schleicher]

Ok, let's assume that BIP0032 will be used.
Is it possible to create new addresses with PHP or Javascript, without access to a bitcoin client?

[DeathAndTaxes]

Ok, let's assume that BIP0032 will be used.
Is it possible to create new addresses with PHP or Javascript, without access to a bitcoin client?

Yes. 

[P_Shep]

So a Q... As a miner with a static address on my pools... how do we deal with that?

[Nuprator]

Ok question from relative noob... What if someone ,,inseminate'' my holding adress with 0.001 BTC? Do it mean I ll have problems to use this adress in future ? Sorry if the problem was answered earlier and I didn't noiticed.

[P_Shep]

Ok question from relative noob... What if someone ,,inseminate'' my holding adress with 0.001 BTC? Do it mean I ll have problems to use this adress in future ? Sorry if the problem was answered earlier and I didn't noiticed.

How would anyone know your address before you use it?

[Nuprator]

https://bitcointalk.org/index.php?topic=254615.0

[luv2drnkbr]

I voted for "don't do this".  While we should definitely encourage people to use bitcoin in privacy-friendlier ways, we should not force it upon them.  We should simply make it a default, but still an option.  People like vanity addresses.  Donations need single addresses.  If people want to give their privacy away by re=using addresses, we should let them and not de-prioritize them.  Privacy should come at the CHOICE of the user, not the FORCE of the miners.

[DeathAndTaxes]

I voted for "don't do this".  While we should definitely encourage people to use bitcoin in privacy-friendlier ways, we should not force it upon them.  We should simply make it a default, but still an option.  People like vanity addresses.  Donations need single addresses.  If people want to give their privacy away by re=using addresses, we should let them and not de-prioritize them.  Privacy should come at the CHOICE of the user, not the FORCE of the miners.

It is still a choice just a choice with consequences.

Donation addresses don't need to be static.  It is easier if static but easier isn't an absolute.  Any address can be made dynamic.  It will require support of sites and services providers but with no incentive no such system will ever take place.

For example Bitcointalk could have a field where user inputs their pubkey seed.  It would then generate the first address from that seed and as you receive a donation it would detect it and rotate the address to the next available one.   Sound like a lot of work, maybe but once implemented it would be copy and paste easy for all users to have a dynamic donation address.  Will it happen without some incentive?  Probably not.

To imply it is forced would imply that the patch makes address resuse impossible, that coins sent to a used address are permanently lost and that isn't the case.

[btcdrak]

I voted for "don't do this".  While we should definitely encourage people to use bitcoin in privacy-friendlier ways, we should not force it upon them.  We should simply make it a default, but still an option.  People like vanity addresses.  Donations need single addresses.  If people want to give their privacy away by re=using addresses, we should let them and not de-prioritize them.  Privacy should come at the CHOICE of the user, not the FORCE of the miners.

It is still a choice just a choice with consequences.

Donation addresses don't need to be static.  It is easier if static but easier isn't an absolute.  Any address can be made dynamic.  It will require support of sites and services providers but with no incentive no such system will ever take place.

For example Bitcointalk could have a field where user inputs their pubkey seed.  It would then generate the first address from that seed and as you receive a donation it would detect it and rotate the address to the next available one.   Sound like a lot of work, maybe but once implemented it would be copy and paste easy for all users to have a dynamic donation address.  Will it happen without some incentive?  Probably not.

To imply it is forced would imply that the patch makes address resuse impossible, that coins sent to a used address are permanently lost and that isn't the case.

It doesnt stop reuse, it just means they wont clear as fast. So what.

[DeathAndTaxes]

It doesnt stop reuse, it just means they wont clear as fast. So what.

Not sure what you point was.  The title is "DEPRIORITIZE" and that is exactly what it would do.  It creates a method for privacy and security minded individuals to create an incentive for like minded individuals.  Nothing more.  Nothing is being forced.  Nothing is being prevented.

[Luke-Jr]

I voted for "don't do this".  While we should definitely encourage people to use bitcoin in privacy-friendlier ways, we should not force it upon them.  We should simply make it a default, but still an option.

We've been doing this since Satoshi first released Bitcoin...
The problem now is that unless we force strengthen this good behaviour, other interests will start forcing the bad behaviour.

People like vanity addresses.

Great, vanitygen has a -k option just for this!

Donations need single addresses.

No, they don't.

Privacy should come at the CHOICE of the user, not the FORCE of the miners.

Address reuse forces non-privacy on other users.
If everyone is using Bitcoin correctly (ie, no address reuse), people can still choose to publish their transaction log.
That is, address reuse takes away the choice; forbidding it does not.

[BigJohn]

Not sure what you point was.  The title is "DEPRIORITIZE" and that is exactly what it would do.  It creates a method for privacy and security minded individuals to create an incentive for like minded individuals.  Nothing more.  Nothing is being forced.  Nothing is being prevented.

I know this is slightly off-topic, but why is it not being forced? Why not have that stuff as a fundamental part of the protocol? It seems that address reuse is causing nothing but harm, and after reading this thread, I don't see any legitimate reason why it's absolutely needed. So why not just eliminate address reuse altogether?

[DeathAndTaxes]

Not sure what you point was.  The title is "DEPRIORITIZE" and that is exactly what it would do.  It creates a method for privacy and security minded individuals to create an incentive for like minded individuals.  Nothing more.  Nothing is being forced.  Nothing is being prevented.

I know this is slightly off-topic, but why is it not? Why not have that stuff as a fundamental part of the protocol? It seems that address reuse is causing nothing but harm, and after reading this thread, I don't see any legitimate reason why it's absolutely needed. So why not just eliminate address reuse altogether?

Protocol change would mean a hard fork and getting consensus on even mundane changes (google threads about P2SH) is very tough.  Getting consensus (or super super majority) on a contraversial change to make a hard fork go smoothly is essentially DOA.

[luv2drnkbr]

I voted for "don't do this".  While we should definitely encourage people to use bitcoin in privacy-friendlier ways, we should not force it upon them.  We should simply make it a default, but still an option.

We've been doing this since Satoshi first released Bitcoin...
The problem now is that unless we force this good behaviour, other interests will start forcing the bad behaviour.

People like vanity addresses.

Great, vanitygen has a -k option just for this!

Donations need single addresses.

No, they don't.

Privacy should come at the CHOICE of the user, not the FORCE of the miners.

Address reuse forces non-privacy on other users.
If everyone is using Bitcoin correctly (ie, no address reuse), people can still choose to publish their transaction log.
That is, address reuse takes away the choice; forbidding it does not.

You know, you make it really hard for me to argue my side when you do nothing but make well-reasoned completely fair points.

[BigJohn]

Not sure what you point was.  The title is "DEPRIORITIZE" and that is exactly what it would do.  It creates a method for privacy and security minded individuals to create an incentive for like minded individuals.  Nothing more.  Nothing is being forced.  Nothing is being prevented.

I know this is slightly off-topic, but why is it not? Why not have that stuff as a fundamental part of the protocol? It seems that address reuse is causing nothing but harm, and after reading this thread, I don't see any legitimate reason why it's absolutely needed. So why not just eliminate address reuse altogether?

Protocol change would mean a hard fork and getting consensus on even mundane changes (google threads about P2SH) is very tough.  Getting consensus (or super super majority) on a contraversial change to make a hard fork go smoothly is essentially DOA.

I see. That's good I suppose. Otherwise Bitcoin could be changed too easily.

But this sounds like a worthy cause. Maybe this is something that should be tried in the future.

[Luke-Jr]

Not sure what you point was.  The title is "DEPRIORITIZE" and that is exactly what it would do.  It creates a method for privacy and security minded individuals to create an incentive for like minded individuals.  Nothing more.  Nothing is being forced.  Nothing is being prevented.

I know this is slightly off-topic, but why is it not being forced? Why not have that stuff as a fundamental part of the protocol? It seems that address reuse is causing nothing but harm, and after reading this thread, I don't see any legitimate reason why it's absolutely needed. So why not just eliminate address reuse altogether?

It could be forced, but existing clients couldn't cope with such a change very well.
Furthermore, in the meantime address reuse has gotten way too common for donations, so will need some gradual change.
Finally, it's uncertain and unlikely that 51+% of miners are willing to shutdown this tolerance entirely right away.
If there was a clear agreement from maybe 75% of miners that this needed to be done, though, it could be...

[AtlasONo]

Seeing as how it's common practice to re-use addresses I'd say the users have already decided. Why should you, the 15% mining pool host say otherwise?
 
Satoshi wrote it into the white paper as an additional privacy measure not as a mandate!!

""As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. ""

Who are you to penalize me based on your personal opinion?

[DeathAndTaxes]

Seeing as how it's common practice to re-use addresses I'd say the users have already decided. Why should you, the 15% mining pool host say otherwise?
 
Satoshi wrote it into the white paper as an additional privacy measure not as a mandate!!

""As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. ""

Who are you to penalize me based on your personal opinion?

Because miners can choose which tx to include in a block based on whatever criteria they decide?  If no other pool ever adopts a similar set of rules then at most the impact is 15% slower confirmation times.