Bitcoin Forum
December 13, 2024, 11:54:26 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Does Bitcoin address reuse concerns apply only to spends/outputs?  (Read 241 times)
Icygreen (OP)
Legendary
*
Offline Offline

Activity: 1464
Merit: 1136



View Profile
October 13, 2019, 05:35:56 AM
Merited by DdmrDdmr (1)
 #1

 I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.  
NeuroticFish
Legendary
*
Offline Offline

Activity: 3878
Merit: 6623


Looking for campaign manager? Contact icopress!


View Profile
October 13, 2019, 06:31:18 AM
 #2

I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.  



First of add, adding Trezor into the equation doesn't change anything, it just makes it harder to understand for the newbies. Keep in mind that a hardware wallet only keeps the private keys for signing the transactions.

So, let's go for the main problem.
From what I know, any transaction contains the receiver address (public info) and a signature (based on the private key!) of the sender address.
So it doesn't matter how many times you send money to an address, only its public info is shown. But as soon as you send out money from there, you need the private key, which can be a security risk.
About the privacy, it depends where those inputs come from, since one can link this way multiple addresses you may not want to "tell" they're all yours.

███████████████████████
████▐██▄█████████████████
████▐██████▄▄▄███████████
████▐████▄█████▄▄████████
████▐█████▀▀▀▀▀███▄██████
████▐███▀████████████████
████▐█████████▄█████▌████
████▐██▌█████▀██████▌████
████▐██████████▀████▌████
█████▀███▄█████▄███▀█████
███████▀█████████▀███████
██████████▀███▀██████████

███████████████████████
.
BC.GAME
▄▄▀▀▀▀▀▀▀▄▄
▄▀▀░▄██▀░▀██▄░▀▀▄
▄▀░▐▀▄░▀░░▀░░▀░▄▀▌░▀▄
▄▀▄█▐░▀▄▀▀▀▀▀▄▀░▌█▄▀▄
▄▀░▀░░█░▄███████▄░█░░▀░▀▄
█░█░▀░█████████████░▀░█░█
█░██░▀█▀▀█▄▄█▀▀█▀░██░█
█░█▀██░█▀▀██▀▀█░██▀█░█
▀▄▀██░░░▀▀▄▌▐▄▀▀░░░██▀▄▀
▀▄▀██░░▄░▀▄█▄▀░▄░░██▀▄▀
▀▄░▀█░▄▄▄░▀░▄▄▄░█▀░▄▀
▀▄▄▀▀███▄███▀▀▄▄▀
██████▄▄▄▄▄▄▄██████
.
..CASINO....SPORTS....RACING..


▄▄████▄▄
▄███▀▀███▄
██████████
▀███▄░▄██▀
▄▄████▄▄░▀█▀▄██▀▄▄████▄▄
▄███▀▀▀████▄▄██▀▄███▀▀███▄
███████▄▄▀▀████▄▄▀▀███████
▀███▄▄███▀░░░▀▀████▄▄▄███▀
▀▀████▀▀████████▀▀████▀▀
odolvlobo
Legendary
*
Offline Offline

Activity: 4522
Merit: 3426



View Profile
October 13, 2019, 07:19:27 AM
Merited by suchmoon (4)
 #3

I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.

The primary issue with address reuse is privacy, though there is also a small security risk. There is no benefit to reusing addresses, so why do it?

Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
elda34b
Sr. Member
****
Offline Offline

Activity: 910
Merit: 351


View Profile
October 13, 2019, 09:02:53 AM
 #4

Reusing an address will become a main security issue if a machine capable of brute-forcing that address within hours is affordable for the public.

I believe you can choose which output you want to use. Read https://bitcoin.stackexchange.com/questions/30149/how-do-i-spend-bitcoins-from-a-specific-address for more details. This way, you can avoid spending from your dedicated receive only address. But that also means you have to make sure there's another output that you could use.
timerland
Hero Member
*****
Offline Offline

Activity: 1526
Merit: 596


View Profile
October 13, 2019, 09:05:53 AM
 #5

Only problem with using an address over and over again is that people will be able to see all the transactions going through it, and basically stalk your account and it's balance, which if you don't care, you'll be fine.

It does make things a lot easier, you can just copy the address in your notes and send it to anyone, and also makes looking at your balance when you don't have access to your wallet a lot easier, personally do this myself Smiley.

Smiley
dothebeats
Legendary
*
Offline Offline

Activity: 3808
Merit: 1355


View Profile
October 13, 2019, 09:29:35 AM
 #6

It’s actually just the obvious privacy concern and nothing more. With the sheer amount of possible address combinations in the address space using RIPEMD-160 (2^160) for bitcoin, it’s totally advisable to just use change addresses for each transaction in order to mask up one’s origins for their funds. Collision is also highly unlikely for bitcoin, so why be so conservative and not use new addresses for each transaction anyways?

█████████████████████████████████
████████▀▀█▀▀█▀▀█▀▀▀▀▀▀▀▀████████
████████▄▄█▄▄█▄▄██████████▀██████
█████░░█░░█░░█░░████████████▀████
██▀▀█▀▀█▀▀█▀▀█▀▀██████████████▀██
██▄▄█▄▄█▄▄█▄▄█▄▄█▄▄▄▄▄▄██████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀███████████████████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██▀▀█▀▀█▀▀██████████▄▄▄██████████
██▄▄█▄▄█▄▄███████████████████████
██░░█░░█░░███████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
 Crypto Marketing Agency
By AB de Royse

████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
██████████████████████████████████████████████████████████████████████████████████████████████████
WIN $50 FREE RAFFLE
Community Giveaway

██████████████████████████████████████████████████████████████████████████████████████████████████
██████
██
██
██
██
██
██
██
██
██
██
██
██████
████████████████████████
██
██████████████████████
██████████████████▀▀████
██████████████▀▀░░░░████
██████████▀▀░░░▄▀░░▐████
██████▀▀░░░░▄█▀░░░░█████
████▄▄░░░▄██▀░░░░░▐█████
████████░█▀░░░░░░░██████
████████▌▐░░▄░░░░▐██████
█████████░▄███▄░░███████
████████████████████████
████████████████████████
████████████████████████
hv_
Legendary
*
Offline Offline

Activity: 2534
Merit: 1055

Clean Code and Scale


View Profile WWW
October 13, 2019, 10:44:39 AM
 #7

It’s actually just the obvious privacy concern and nothing more. With the sheer amount of possible address combinations in the address space using RIPEMD-160 (2^160) for bitcoin, it’s totally advisable to just use change addresses for each transaction in order to mask up one’s origins for their funds. Collision is also highly unlikely for bitcoin, so why be so conservative and not use new addresses for each transaction anyways?

I d say it is best practice to use always new addresses, and good wallets should just not implement anything else.

Best privacy comes from big blocks, many ppl using on chain txs and open scaling btw

Carpe diem  -  understand the White Paper and mine honest.
Fix real world issues: Check out b-vote.com
The simple way is the genius way - Satoshi's Rules: humana veris _
Icygreen (OP)
Legendary
*
Offline Offline

Activity: 1464
Merit: 1136



View Profile
October 13, 2019, 10:48:51 AM
Last edit: October 13, 2019, 11:06:44 AM by Icygreen
 #8

I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.

The primary issue with address reuse is privacy, though there is also a small security risk. There is no benefit to reusing addresses, so why do it?

Reusing a known address to receive funds can be useful as an easy reference through your notes as timerland has pointed out.
I understand the privacy concerns of reusing an address for payments from different senders and how association of addresses happens.

I'll receive multiple transactions for example from an exchange on to a single address. That exchange stores a record of that address and makes it easy for me to reuse without needing to get a new one from the wallet. I do not receive from any other party to that address
and always use a new address for different exchanges. My question was in essence, is this a safe practice where address reuse is regarded.

I believe NeuroticFish answered my question adequately, Thanks! (I'm intending to learn coin control and that was why I referenced trezor)
Mandoy
Sr. Member
****
Offline Offline

Activity: 644
Merit: 264


Aurox


View Profile
October 13, 2019, 03:17:34 PM
 #9

Reusing the same address over and over again is very risky especially if you have a large amount of bitcoin in your wallet. Aside from privacy issues the much bigger threat is the security issues. Wallets with large amount of bitcoins are usually target of hackers and of course you are in danger if you dont know how to combat such schemes. If you are not very technical and you want and address that changes each time you make transactions then use blockchain.info wallets since that web-wallet host website usually changes the wallet address every time you make transactions.

Aurox.
 
Designed to make
you money
|Proprietary Indicators
& Signals
|||                  ▄██▄▄▄▄▄
                ▄████████▀█▄▀
            ▄▄██████████▀
           ██████████▀██
          ███████████▄▄ ▄▄
         ██████████████ ▀▀█▄
     ▄▄████████████▀▄█▀   ▀▀
▄▀▀ ███████████▀▀▀ ██▀
▀▄▄▀ ██████▀ ▄▄
      ████▀ ██▀
     ███▀  █▀
     ▄█▌  ▐█▌
     ▀██   ▀▀
██████████████████████████████████████████
.
█████████████   ████

Get Started. FREE!
██   ████   ██████   ████████   ██████████████████████████

█████████████████████████████████████████████████████████████████████████
bL4nkcode
Copper Member
Legendary
*
Offline Offline

Activity: 2142
Merit: 1307


Limited in number. Limitless in potential.


View Profile
October 13, 2019, 06:16:58 PM
 #10

Wallets with a large amount of bitcoins are usually target of hackers and of course you are in danger if you dont know how to combat such schemes.
Just follow the basic principle of securing your wallet (which is don't save your recovery seed online, use HW if possible, use different strong passwords on every site/exchange) and you will be fine.

then use blockchain.info wallets since that web-wallet host website usually changes the wallet address every time you make transactions.
Where talking security matters, and blockchain.info/.com is out of the context here. Mobile wallets are way more secure than web wallet for sure.
fiulpro
Hero Member
*****
Offline Offline

Activity: 1890
Merit: 831


View Profile
October 13, 2019, 06:47:18 PM
 #11

I think it's more of the reason that you have higher chances of being discovered by someone who might be into you and after that you could actually be in problem since there isn't anywhere where you wouldn't find hackers and all therefore this is the reason this is always a problem..
Wintersoldier
Sr. Member
****
Offline Offline

Activity: 966
Merit: 274


View Profile
October 14, 2019, 06:14:19 PM
 #12

I understand that its not good security and privacy practice to reuse addresses after a spend due to the fact that the public key becomes available for that address during the spend and it essentially weakens the security and privacy.
Is an address still considered 100% secure for which has only ever seen inputs/deposits and has never seen a spend?

What if that input only address is on a hardware wallet like a trezor along with other addresses with balances?  If I understand this correctly, spending from a trezor could come from any one or multiple addresses which has spendable inputs in that wallet.  Once any spend on such a wallet occurs, it's not advisable to reuse any of the previous addresses for deposits.  


As long as we are not using our wallets to some illegal transaction or transaction that may break a protocol of some part that we are into, there's no reason to worry about it, cryptocurrencies are made to be personal for each ip address, meaning to say, that it is personal to each and every individual, it is better to utilize one wallet address, than to always try to be anonymous in the market by using multiple wallet address.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!