Bitcoin address re-usage can lead to theft of private keys

[Majestic-milf]

Its no longer news of how cyber crimes is slowly creeping in on digital currencies and to this end, Bitcoin experts advise that the usage of Bitcoin addresses should be done once as it helps to curb the risk of users giving up vital information that could prove costly in the future.
 Continuous use of this addresses can prove to be a bad idea for three reasons:

 1. It is quite harmful to one's privacy and becomes an impediment to BTC censorship resistance
 2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.
 3. Quantum computers could extract private keys if these addresses are re used.
 Citing an instance of the Ronin network incidence in March, where $540m worth of cryptocurrency was carted away by thieves hopefully by finding a collision of randomly picked message digest of 2¹³⁰+1 input of hashes causing possible collides by examining the square root of the number of possible output. Making re-use of Bitcoin addresses risky considering the chances of possible collisions even though the entire process might be time consuming hackers might choose to patiently wait till a collision is found just like the case of Ronin network..https://www.google.com/url?q=https://support.bitcoin.com/en/articles/3542797-reusing-addresses&sa=U&ved=2ahUKEwjh___X4934AhUNVfEDHQ7dBCoQFnoECAsQAg&usg=AOvVaw1hWrSxapVVOACYyKI8RwcX

[JeromeTash]

1. It is quite harmful to one's privacy

This is the only reason I know why address Reuse is not a good idea

2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.

Can you tell us how this is done?

3. Quantum computers could extract private keys if these addresses are re used.
 Citing an instance of the Ronin network incidence in March, where $540m worth of cryptocurrency was carted away by thieves hopefully by finding a collision of randomly picked message digest of 2¹³⁰+1 input of hashes causing possible collides by examining the square root of the number of possible output. Making re-use of Bitcoin addresses risky considering the chances of possible collisions even though the entire process might be time consuming hackers might choose to patiently wait till a collision is found just like the case of Ronin network..

Or maybe Ronin network just messed up and gave away their private keys to the hackers otherwise if this was possible, Don't you think so many addresses holding large amounts of Bitcoin would have been hacked by now?

[jackg]

2 doesn't make sense, you can't extract a private key from a signature because there isn't one there.

Your private key encrypts what is meant to be signed (which can then be decrypted by your public key - which is provided in the transaction). The only way your private key could be bruteforced would be by number 3, which is a future concern but currently isn't as long as the private keys were created properly.

[edgycorner]

AFAIK, the ronin network was compromised because it wasn't truly decentralized. There were only 9 validators, and the "hacker" got access to 5 of them. 4 from Sky Mavis system, which was used to push the withdrawal and was signed by another compromised fifth validator(Axie DAO, which had a vulnerability in their gas-free RPC node).
It has nothing to do with just "private keys" being hacked. It was an internal play 100%

As for Quantum computers, they are not at that level yet. There's no way  

[Stalker22]

Its no longer news of how cyber crimes is slowly creeping in on digital currencies and to this end, Bitcoin experts advise that the usage of Bitcoin addresses should be done once as it helps to curb the risk of users giving up vital information that could prove costly in the future.

What experts? Can you cite the sources on the basis of which you came to this conclusion?

Continuous use of this addresses can prove to be a bad idea for three reasons:

Number one (privacy) is the only valid reason as far as I am concerned. Two and three are complete nonsense.

[PrimeNumber7]

2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.

This is not actually possible. Many people frequently reuse addresses, including businesses that hold billions of dollars worth of coin.

3. Quantum computers could extract private keys if these addresses are re used.

QC may allow for the private keys to be calculated from the signature, but this is still far away. In fact, it may be possible for QC to calculate the private key in less time than it takes for a transaction to get confirmed, but again, this is something that is far away, probably decades, but when it is here, the lack of reusing addresses is not going to prevent your money from being lost.

[DaveF]

Its no longer news of how cyber crimes is slowly creeping in on digital currencies and to this end, Bitcoin experts advise that the usage of Bitcoin addresses should be done once as it helps to curb the risk of users giving up vital information that could prove costly in the future.
 Continuous use of this addresses can prove to be a bad idea for three reasons:

 1. It is quite harmful to one's privacy and becomes an impediment to BTC censorship resistance
 2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.
 3. Quantum computers could extract private keys if these addresses are re used.
 Citing an instance of the Ronin network incidence in March, where $540m worth of cryptocurrency was carted away by thieves hopefully by finding a collision of randomly picked message digest of 2¹³⁰+1 input of hashes causing possible collides by examining the square root of the number of possible output. Making re-use of Bitcoin addresses risky considering the chances of possible collisions even though the entire process might be time consuming hackers might choose to patiently wait till a collision is found just like the case of Ronin network..

1) 1/2 false. It does hurt one's privacy but it does not matter to censorship. If a service wants to block you or an address it will. They will have an easier time if you keep using the same address but all you need to do is generate a new address or a few thousand new addresses.

2) Nope it does not work this way. There are always people talking about it, but it's not something to worry about.

3) A has nothing to do with B. If quantum computers ever get to the point of being able to do something like that (probably not in our lifetimes) the entire encryption of BTC would be broken. Would not matter if it's one transaction or 1000s of transactions to and from an address. And Roniis is a side chain of an altcoin. Has nothing to do with BTC.

-Dave

[darkv0rt3x]

This is one of those questions... Just compute the number of addresses that can ever exist and use one address per transaction. There is no need to reuse addresses multiple times. There are companies dedicated to blockchain analysis and there are already sites measuring the level of privacy of addresses/transactions and mentioning the most probable reasons for lower scores!

[franky1]

here is the thing

satoshi had funds on a public key, not a public key hash. but a public key(the deemed riskier of the lot)
(see his coin reward in block 9)
https://www.blockchain.com/btc/address/12cbQLTFMXRnSzktFkuoG3eHoMeFtpTu3S?page=11

he spent the funds and returned left over change of funds to the same key.. and then spent them again.. and again
meaning there are about  5-6 signatures that exist associated with that public key..

here is the thing.. no one in 12 years has been able to brute that public key..
and there are funds that still remain on it, even today. not spent since 2009

as for privacy.. even now people still dont know who satoshi is

if anyone is game/up for it.. give it a shot.. there are 18coins up for grabs on that key that has a few signatures publicly available to try to use as a brute source of info from.... have a go.. see how realistic it is to brute a re-used address.
(hint many have tried)

[tranthidung]

1. It is quite harmful to one's privacy and becomes an impediment to BTC censorship resistance

It is why we have changed addresses and there is advice to use changed addresses and avoid to reuse addresses.

• Address reuse
• Change address
• Check privacy with blockchair.com: https://blockchair.com/bitcoin/privacy-o-meter (I don't recommend you to paste your address there to check, it is risky because your data will be collected by them)
  
  • Another alternative: https://blockstream.info/

2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.

Do you know that a process from Private key > Public Key > Public (Receiving) address is a one-way process.

3. Quantum computers could extract private keys if these addresses are re used.

Quantum computers are things used to spread fear about Bitcoin. It started years ago and now still can not break Bitcoin private keys. Do you really think that Bitcoin protocol won't be upgraded over time in order to be better for itself and to protect itself from potential attacks, exclusively Quantum computers.

[BlockchainMentors]

By the strength of encryption, knowing the bitcoin address does not give access to the bitcoins associated with the address. Only the private key can be used to access bitcoins. This is why you never give your private keys to anyone else. It is like an email address. The private key is the password for your email address. Anyone can send email to your email address and it's publicly visible, but only someone who holds the email address password can send email from that account. This is called public-key encryption.

[pooya87]

The short answer is you are wrong.
The fundamentals of asymmetric cryptography is based on the fact that you can and should reveal your public key and signature without any risk of your private keys being compromised specially if ECDSA is used. If there were any risks then it would make the whole system obsolete not just reused addresses.
The only serious issue with reused addresses is a privacy related one.

[bittraffic]

Heard of this before which its become an issue when public key is exposed where the Quantum computer can also hack the private key. I don;t really believe it but because there are many knowledgeable users recommend not reusing BTC address, it won't hurt doing so. Centralize platform though is not allowing us to generate new addresses every time.

Quantum computers are things used to spread fear about Bitcoin. It started years ago and now still can not break Bitcoin private keys. Do you really think that Bitcoin protocol won't be upgraded over time in order to be better for itself and to protect itself from potential attacks, exclusively Quantum computers.

I find the pattern already that every bear market, a topic like this comes on top in the forum. Must be the users spreading the fud.

[Darker45]

While we've always been advised not to reuse addresses, I'm not sure if there's anybody here who's religiously doing that. I guess even the ones who are giving that reminder reused addresses themselves. And if it's true that reusing an address could lead to theft of private keys, then theft of Bitcoin would have been as common as reusing an address. It's clear it's not the case.

Whatever happened to that Ronin Network, whether or not it proved that reusing an address indeed leads to theft of private keys, it doesn't matter; Ronin network is not Bitcoin network.

[Cookdata]

 1. It is quite harmful to one's privacy and becomes an impediment to BTC censorship resistance
 3. Quantum computers could extract private keys if these addresses are re used.

I think the Author is somehow misleading, if I want to re-use a wallet address multiple times for transactions, it doesn't give me any security harm to my private keys, also we have not seen any computers who have done that currently except for Quantum computers that have been making news but it is still hypothetical, nothing has been done so far. However, address reuse is a big concern when it comes to privacy, you cannot preserve privacy by using a single address for incoming and outgoing transactions every time, the chain surveillance are watching the network, and the moment you do that, you can easily be detected as the owner of the address and the big problem is that you wouldn't be able to combine it with other UTXOs as soon as that address becomes expose to chain analysts.
So, technically, don't use an address more than once.

2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.

A node can carry out a transaction Malleabity by changing your transaction ID on the network but they don't have the strength to extract the signature from a transaction, this point is kind of too off.

[asimi.io]

Through the power of encryption, knowing the bitcoin address does now not give get entry to to the bitcoins associated with the cope with. Simplest the private key may be used to get admission to bitcoins. There are groups devoted to blockchain analysis and there are already web sites measuring the level of privateness of addresses/transactions and mentioning the maximum probable reasons for lower ratings!

[witcher_sense]

The fundamentals of asymmetric cryptography is based on the fact that you can and should reveal your public key and signature without any risk of your private keys being compromised specially if ECDSA is used. If there were any risks then it would make the whole system obsolete not just reused addresses.
The only serious issue with reused addresses is a privacy related one.

Perhaps, the author is refering to the problem described here: https://web.archive.org/web/20160308014317/http://www.nilsschneider.net/2013/01/28/recovering-bitcoin-private-keys.html ?  

As far as I understand, when the same address is reused, signatures are created with the same private key. This private key can be calculated if, and only if, the k-value (random integer) is either not-so-random (deterministic or weak entropy) or the said k-value is also reused. We are interested in the latter case because the former case doesn't require the reuse of addresses. So, if the wallet software in question is compromised, malicious, flawed, or outdated, or the user himself is trying to sign a transaction using a custom, poorly written ECDSA signature algorithm, it may result in a private key vulnerable to theft. If a wallet uses the same k-value each time it signs a transaction, an attacker can take advantage of this vulnerability and steal all the coins that still are on a reused address.

[TheBeardedBaby]

just a side note here, bitcoin.com is not the real home for bitcoin, just to know that the link there describing the advantages of their bitcoin wallet is not the real bitcoin wallet, it's just the Rorger Ver's altcoin.

[tranthidung]

just a side note here, bitcoin.com is not the real home for bitcoin, just to know that the link there describing the advantages of their bitcoin wallet is not the real bitcoin wallet, it's just the Rorger Ver's altcoin.

Two screenshots ^{by pooya87} from the past, in early days of Roger Ver's scam efforts. There are better sites to learn about Bitcoin, read news about Bitcoin.

• Make sure you get legit bitcoin and its wallets, resources

[Smartvirus]

1. It is quite harmful to one's privacy and becomes an impediment to BTC censorship resistance
 2. It can leave one open to niche attacks and one becomes vulnerable to these cyber thieves who will extract private keys from signatures after a transaction has been made.
 3. Quantum computers could extract private keys if these addresses are re used.

On the count of 1 as at above, talking about privacy, of course. The public keys were never to be private, that's why its called a public key. It was made to be opened to checks and verifications on transactions done on it but still, remains private as per the identity of whom is behind the address. Although, it puts it directly in the way of an attack to use an address way too often as the loads of coins on it makes it a target for hackers. This you can mitigate by simply generating new address as the need arises.

On the count of 2&3, there isn't a way for which, private keys or seed phrase would be extracted from the public address nor the transaction signatures as these are just a means to the authenticity of transactions done on the blocks and have no links to the keys of the addresses behind.
About quantum computers, of course they've got high processors and are relatively very smart but not up to the task of generating or guessing private keys just yet.