Old txn formula - from to same address

[MikeJ_NpC]

If you have a wallet where the txn is to the same address as the sender ... without any change address... what was the formula to be able to derive the key from it ?

So from 123abc --->  to 123abc  ...
If you had 2 of these you would be able to pull the key from it from what i recall...

This really doesnt apply now since change addresses are used but if anyone knows  the format i would appreciate it... 

Thanks.

[hd49728]

If you have a wallet where the txn is to the same address as the sender ... without any change address... what was the formula to be able to derive the key from it ?

So from 123abc --->  to 123abc  ...
If you had 2 of these you would be able to pull the key from it from what i recall...

Derive the key from it, pull the key from it, what did you mean?

Do you want to derive a private key from a public address?

It is impossible because if it is possible, your bitcoin will be stolen, my bitcoin will be stolen and bitcoin will have zero value.

Mastering Bitcoin (Keys, Addresses - chapter 4)

https://github.com/bitcoinbook/bitcoinbook/raw/develop/images/mbc2_0401.png

Private Key > Public Key (By Elliptic Curve Multiplication) > Bitcoin Address (By Hash Function, One-way).

You can not go from Bitcoin Address > Public Key > Private Key.

[o_e_l_e_o]

So from 123abc --->  to 123abc  ...
If you had 2 of these you would be able to pull the key from it from what i recall...

I assume, since you are talking about 2 or more transactions, you are referring to the situation where a wallet would reuse k values. If you have two transactions spending coins from the same address and therefore using the same private key, and these two transactions also use the same k value (and therefore have the same r value), then it is possible to calculate the private key for that address.

However, this situation is a well known vulnerability, and there is no current wallet software I am aware of which utilizes reused k values. If there was, all its users would fairly rapidly have their coins stolen. Most good wallets will generate the k value deterministically using RFC 6979, ensuring a different k value for each transaction.

[BlackHatCoiner]

It is impossible to work out the private key of such transaction, unless k value is reused as said above. No matter how many times you use an address, you only reveal the public key and the respective signature.

firstly there is no point making a transaction to send all funds to the same address..

You might want to leave a message. So, you burn 0 coins with OP_RETURN and send the rest to the same address.

and while you say that stuff pre 6979 is a risk.. again satoshi has respends of same address and 14 years of opportunity.. no one has bruted his funds

Reusing k value is irrelevant to Satoshi's P2PK funds. Just because he didn't it doesn't mean you can't create such transaction.

[o_e_l_e_o]

What a classic insane piece of franky1 rambling nonsense.

topic title is about OLD transactions
you saying about stuff after 2013.. becomes redundant

Reused k values are possible with any transaction since day 1 of bitcoin.

and while you say that stuff pre 6979 is a risk

Nope, never said that.

so its not as vulnerable as you think

I never said it was.

one of the many great things satoshi done was leave funds on keys he used as it helps prove the security of even the most basic of transaction formats

I never said that old transactions were vulnerable.

the old stuff is not a case of "rapidly have their coins stolen"

Nope, didn't say that either.

so cool down on the "rapidly stolen" ability of things you dont understand

Maybe you should try reading what I wrote rather than just launching in to one of your usual diatribes arguing against random strawmen.

All that I stated was that if you reuse a k value, your coins will be stolen. This is a simple fact. I made no statement whatsoever regarding old transactions being vulnerable or anything pre-6979 being vulnerable. This is all nonsense you made up simply to argue against.

[MikeJ_NpC]

Sorry guys i should of been more clear...  
not talking about a reuse aspect nor do i want people to argue over the question... i just recall something along these lines of old txns prior to change addresses being mandated.

Correct me if i am wrong .. but if you send payments to yourself without a change address, wasnt it possible to have a leak sorta speak..
Not referring to the reused R value which is not present...





or something where you use the rsz to narrow down the results.. etc ...

[BlackHatCoiner]

i just recall something along these lines of old txns prior to change addresses being mandated.

What you're asking in the OP is if somebody could work out the key from a reused address, as far as I understand; that's what it essentially is, a reused address (for no obvious reason).

If you meant the private key, then no. Nobody could work it out with just a transaction which empties an output to the same address. If you meant the public key, then every transaction reveals it, regardless of whether it reuses addresses or not.