Why does Qt Wallet send change to new, hidden addresses?

[Steve Flow]

Hi all!

First, I apologize if this question has already been asked.
I DID search the forums, but was unable to find an answer.
Still, if I missed it, please just point me in the right direction?

Anyway, I'm wondering: Why does Qt Wallet send change to new, hidden addresses?
This seems to make things extra confusing, but maybe there's a good reason for it?
Depending on the replies, I may have a follow up question.

Thanks!

Steve

[Meuh6879]

https://en.bitcoin.it/wiki/Main_Page

bitcoin-core ... or android wallet ?

[Exergy]

When you spend the coins in an address, the public key is fully revealed. This decreases the strength of the encryption used, and so to mitigate this effect the Bitcoin Core wallet (and pretty much all wallets) will by default send the "change" from a transaction to a fresh address which hasn't previously spent any coins. This change address is still maintained within your wallet (i.e. your wallet holds the private key for the new address). This is the reason why you need to backup your wallet each time you spend. Your previous backup potentially won't include the private key for the newly generated change address if the original pool of addresses generated when you first created your wallet has been exhausted.

You can overwrite this behaviour, but obviously it isn't recommended as why would you want to consciously increase the chances that your coins could be brute forced?

[ShameOnYou]

Once an address has been used, the public key is exposed. It is most secure to use newly generated addresses for subsequent transactions. So this is done by default when you are shown your default bitcoin address.

[Steve Flow]

Hi Meuh6879: It's a wallet on my laptop computer, and all it says in the "about" section is "Qt".

Hi Exergy & ShameOnYou: Thanks for the great explanations. Exergy mentioned that "pretty much all wallets" perform this function, however, I'm also using a wallet on my iPhone called bitWallet, and it doesn't seem to do this (i.e. it appears that it sends change back to the main address that I spent from). With this in mind, would you recommend that I use a different iPhone wallet instead?

[ShameOnYou]

Hi Meuh6879: It's a wallet on my laptop computer, and all it says in the "about" section is "Qt".

Hi Exergy & ShameOnYou: Thanks for the great explanations. Exergy mentioned that "pretty much all wallets" perform this function, however, I'm also using a wallet on my iPhone called bitWallet, and it doesn't seem to do this (i.e. it appears that it sends change back to the main address that I spent from). With this in mind, would you recommend that I use a different iPhone wallet instead?

Change addresses are a different thing. Generally you will get change back to one of the input addresses in the transaction. It wouldn't make sense to generate a new address for change, since the public key would then be exposed anyway.

[Steve Flow]

Change addresses are a different thing. Generally you will get change back to one of the input addresses in the transaction. It wouldn't make sense to generate a new address for change, since the public key would then be exposed anyway.

Thanks for the info, but now I'm thoroughly confused.
Correct me if I'm wrong, but this is how I understand things right now...

When I'm using Qt Wallet on my laptop, and I spend some Bitcoin from its main address, the change gets sent back into a new change address.
When I'm using bitWallet on my iPhone, and I spend some Bitcoin from its main address, the change gets sent back into the same main address.

What am I getting wrong?

Thanks again!

[Coef]

Once an address has been used, the public key is exposed. It is most secure to use newly generated addresses for subsequent transactions. So this is done by default when you are shown your default bitcoin address.

If you have used the address to receive bitcoin but not yet spent it, your public key isn't exposed yet.
But once you have spent it, your public key of that address will be known to the world.

[Coef]

Thanks for the info, but now I'm thoroughly confused.
Correct me if I'm wrong, but this is how I understand things right now...

When I'm using Qt Wallet on my laptop, and I spend some Bitcoin from its main address, the change gets sent back into a new change address.
When I'm using bitWallet on my iPhone, and I spend some Bitcoin from its main address, the change gets sent back into the same main address.

What am I getting wrong?

Thanks again!

Nothing wrong.

Apart from the "public key" problem, there is another advantage I can think of for using new change addresses, which is privacy.
For example, if I send 3 btc to someone's address and 2 btc "change" to a new change address, you can see my tx on any blockchain explorers but you won't know which one (the 3 btc or the 2 btc) is the change.

[Steve Flow]

Apart from the "public key" problem, there is another advantage I can think of for using new change addresses, which is privacy.

Cool, thanks!
So then, if I want the extra privacy that I already get with Qt Wallet on my laptop, maybe it's a good idea for me to use a different iPhone wallet besides bitWallet, so one that also uses change addresses? Any recommendations?
Thanks again!

[nexxan]

Apart from the "public key" problem, there is another advantage I can think of for using new change addresses, which is privacy.

Cool, thanks!
So then, if I want the extra privacy that I already get with Qt Wallet on my laptop, maybe it's a good idea for me to use a different iPhone wallet besides bitWallet, so one that also uses change addresses? Any recommendations?
Thanks again!

I am not sure exactly about iPhone, but I always liked the fact that blockchain had multiple clients and your wallet was accessible from any device in case you ever lost/broke/stolen this one. Although this does step away from keeping the wallet all to yourself. Blockchain's wallet is quite secure.

[Light]

If you have used the address to receive bitcoin but not yet spent it, your public key isn't exposed yet.
But once you have spent it, your public key of that address will be known to the world.

Per se, at the moment security wise there is nothing with reusing addresses, as provided that when you generated your private key there was enough entropy it is difficult to compromise with repeated usage. So unless you prefer to have anonymity, then using addresses repeatedly doesn't really present a major issue at the moment.

[Chef Ramsay]

This question sounds like a caller on Free Talk Live the other night right out of the gate.

[Steve Flow]

This question sounds like a caller on Free Talk Live the other night right out of the gate.

Yes, good ear!
Indeed, I was that caller.
They recommended that I check out this website, and so I have. 

If anonymity is NOT a major concern for me, then perhaps I should be using a different desktop wallet instead of Qt; that way, I only have to worry about one address there, and not several change addresses.

Any good recommendations for a different Windows desktop wallet that also updates the full blockchain constantly?

Sorry for all the questions, and thanks again for the help!

[Coef]

If you have used the address to receive bitcoin but not yet spent it, your public key isn't exposed yet.
But once you have spent it, your public key of that address will be known to the world.

Per se, at the moment security wise there is nothing with reusing addresses, as provided that when you generated your private key there was enough entropy it is difficult to compromise with repeated usage. So unless you prefer to have anonymity, then using addresses repeatedly doesn't really present a major issue at the moment.

True, and so some clients use a new change address every time and some don't by default, and bitcoiners can choose according to their own preferences.