Question about sha256

[vendip65]

Hi guys, it's my first time posting but I have been following the forum for a while, even my knowledge of bitcoin it's still really low

I have a question/doubt regarding bitcoin and sha256, I just have finished seen a documentary about bitcoin & crypto and I'd like to ask you about, to see if any of you know the answer

For what I have seen and what I understand bitcoin uses double sha256, but what I didn't knew is that sha256 (the normal, not double) is used for governments, banks and others. In my opinion this is good for bitcoin because it's much more secure than all the other information in the world (double>single). But I also see a bad part in this, since, what would happen if someone found a vulnerability in sha256 which made possible to find the original hash?

If the algorithm is used for every important information on the net, chances are higher than if only was used in bitcoin and other cryptocurrencies. I am right or I am missing something here? Because if sha256 is "broke", would be only a matter of time that double sha256 became broke too, right?

So, who should be noticed in that case? If sha256 was used only in bitcoin I understand would be the bitcoin foundation or some of the first people who became miners and owners of bitcoin. But being sha256 something global, who should be contacted about this and would manage this situation?

Thank you and let me know if there is something unclear

[1715292535]

1715292535

[1715292535]

1715292535

[1715292535]

1715292535

[1715292535]

1715292535

[pooya87]

well if we start thinking like that then we shouldn't do anything anymore because there is always a chance that something bad happens!

SHA256 is math that existed for many years (17 to be exact) and reviewed. it is safe to assume that chances of it being "broken" because of some vulnerability are very little. and if someday it happens we should act fast and simply upgrade the hashing algorithm that bitcoin uses.

https://en.wikipedia.org/wiki/SHA-2

[mu_enrico]

CMIIW

Actually, bitcoin security --if your only concern is about someone's ability to steal your "balance"-- is not in the sha256, but it's in the secp256k1. Let's say someone could find the original message/phrase, then he could only get public keys from bitcoin addresses. He then has to crack the secp256k1 to get the private key.

However, bitcoin security --if we talk about mining and difficulty-- would greatly be impacted by the sha256 vulnerability. If we could predict what's the hash outcome, then, there is no such this as mining, and someone could rehash all blocks from the genesis block.

[vendip65]

well if we start thinking like that then we shouldn't do anything anymore because there is always a chance that something bad happens!

SHA256 is math that existed for many years (17 to be exact) and reviewed. it is safe to assume that chances of it being "broken" because of some vulnerability are very little. and if someday it happens we should act fast and simply upgrade the hashing algorithm that bitcoin uses.

https://en.wikipedia.org/wiki/SHA-2

Yes, I know there's always a chance to something bad happened, but I also saw that something similar happened with MD5 and SH1, besides more than 15 years in computer worlds, seems like a lot of time to me

Thank you for your answer

[vendip65]

CMIIW

Actually, bitcoin security --if your only concern is about someone's ability to steal your "balance"-- is not in the sha256, but it's in the secp256k1. Let's say someone could find the original message/phrase, then he could only get public keys from bitcoin addresses. He then has to crack the secp256k1 to get the private key.

However, bitcoin security --if we talk about mining and difficulty-- would greatly be impacted by the sha256 vulnerability. If we could predict what's the hash outcome, then, there is no such this as mining, and someone could rehash all blocks from the genesis block.

Hello, thank you for your answer

No, I'm not worried about the balance because for what I've seen, there are more letters than A-F in the bitcoin accounts and passwords

It worries me, about the consequences that would be in bitcoin, and also in the Internet world. As I see it, if sha256 is replaced by for example sha512 would be hard to mine, but what would happen in the transition?

I mean, it has to be really complicated to change both (bitcoin, and all the sensitive information with sha256 all over the Internet), so my question and what concerns me, is who would manage this change? who would organize the change between sha256 and the new secure hash algortihm?

[BrewMaster]

...so my question and what concerns me, is who would manage this change? who would organize the change between sha256 and the new secure hash algortihm?

anybody with programming knowledge who is also familiar with bitcoin protocol can do it. it doesn't matter what language either but you would prefer doing it on top of already used applications such as bitcoin core, so C++. you change the code, make a proposal and if enough of the network follow that proposed change, then the hashing algorithm used by bitcoin would change.
that is how decentralized network works. based on consensus

[bitfocus]

the best read about sha256 is the wiki artice, there are a lot of good documents and documentaries on web, also.
https://en.wikipedia.org/wiki/SHA-2

[vendip65]

Thank you all for your answers

Is it more clear now!