MinAddress : Now remember your addresses easily

[betterchoice]

 this is helpful for sure, thx for you nice work!

[1714309600]

1714309600

[1714309600]

1714309600

[tspacepilot]

Address reuse is the single largest internal threat to the long term viability of Bitcoin.  It is the single largest threat that we can do something about within the Bitcoin community.  ...

I wish the protocol enforced these rules.  If it were possible to make this change it is the only change to the protocol I personally would support at this time.

This seems like hyperbole.  Can you really link my reuse of a vanity address to a concrete threat on the longterm viability of Bitcoin and the Bitcoin community?

You can read one of my many rants on this subject, which is very dear to my heart as you may have noticed, just check out my signature.

Post #58 in this very thread:

https://bitcointalk.org/index.php?topic=774741.msg8758673#msg8758673

Hi again BurtW.  Thanks for the link to your "rant" on this topic.  I admit I had to look up the meaning of "fungibility".  I think I understand your argument that loss of privacy for one party is related to a loss of privacy for another party who transacts with the first.  However, I don't yet see how this is generalized to the whole network.  You say "by extrapolation", but I'm not convinced (yet).  In principle, couldn't you have a situation in which some users are "tainted" in this way by recursively interacting with someone who is "tainted" but others who are not?  Couldn't the careful among us (you'd obviously be in this group) avoid transacting with anyone who was tainted?

The second part of your argument was that loss of privacy leads to loss of fungibility.  Can you show that connection more concretely?  Maybe you already have in another thread somewhere else.

Cheers!

[arnuschky]

Pretty nice idea. Sure, there's the re-using issue, but many people don't re-use anyways (webwallets anyone).
Furthermore, there are many applications of fixed-addresses (businesses and charities for example).

Not sure though if this userbase it enough to make min-addresses a success. I would suspect that
it's an either-or issue - I don't want to check for every address into which format I need to convert
it, and how. If it's of course picked up automatically by all major clients, different topic.

The re-usage issue can maybe also countered with a client "registering" every address in the blockchain
before usage by sending a small amount to it. Hello blockchain bloat (but that seems to be the
latest trend in cryptoland anyways, unfortunately  )

[DannyHamilton]

Isn't any balance you have at the moment waiting to be stolen in the same way that my past used addresses are?

Perhaps, but if I give you an address and tell you to send bitcoins there, then whatever happens to those bitcoins is my responsibility and my loss.  On the other hand, if you use a bitcoin address that you "assume" is still okay to use, then the responsibility and loss are much messier to figure out (unless of course I've always made it clear that you should never "assume" that an old address is okay to use, in which case it becomes much less messy).

On the other hand, what you said here:

note the fact that we all have a "btc address" field in our bitcointalk profile info.

Note that there isn't any btc address field when you look at my profile.

seems just plain snippy.

Didn't mean for it to sound snippy.  You used the phrase "we all have", and I was just pointing out that we don't all have it.  The option is there because the site administrator hasn't forced the issue on others, but the fact that the website allows something doesn't necessarily mean that it is recommended (or even a good idea).  Note that the website also allows users to buy and sell user accounts.

I referenced the btc address field of our profiles as evidence that your philosophy isn't necessarily shared by all (or even the majority).

I haven't seen a reliable unbiased poll that determines what the "majority" think about the matter or if they even understand it.  I will agree though it is rather obvious that many choose to re-use addresses and some wallets even encourage it.

This seems like hyperbole.

No, it really doesn't.

This remark is similarly terse and not really helpful.  Care to elaborate?

hyperbole - exaggerated statements or claims not meant to be taken literally.

BurtW's statement:

Address reuse is the single largest internal threat to the long term viability of Bitcoin.  It is the single largest threat that we can do something about within the Bitcoin community.  ...

I wish the protocol enforced these rules.  If it were possible to make this change it is the only change to the protocol I personally would support at this time.

This is not exaggerated and is meant to be taken literally.

 

[CIYAM]

@DannyHamilton and @BurtW I think your "black and white" view of things here doesn't reflect *the real world*.

If a newbie was given an address by Danny for Escrow and wrote it down and then thought he'd lost it so asked for another one but then accidentally ended up pasting in the first address seemingly Danny is now going to "burn his funds on principle".

IMO that is just silly and won't help the adoption of Bitcoin at all (and would likely end Danny's Escrow service).

Sorry guys - but the world isn't black and white and you don't get to make the rules "just because you think a perfect world should work your way".

In the real world people make mistakes and we all do our best to ensure that no-one is getting hurt needlessly (and I know this from the actual experience of nearly losing 100 BTC through a stupid mistake which luckily a pool decided to refund mostly back to me).

[ticoti]

is there any chance(although it is really low) that there is a coincidence of two addreses with this method?

[BurtW]

I once had a vanity address that I used for everything, thought I was so cool.  I will dig up the thread and even the specific posts by Greg Maxwell and Death & Taxes that convinced me that this privacy/fungibility issue is as important as I say.

In a nutshell the crux of the entire Bitcoin experiment is can we create and maintain a trustless decentralized currency?  Decentralization meaning no central authority of any type.   Dollars are fungible, diamonds are not.  If someone pays you in dollars you can just accept them because a dollar is a dollar is a dollar.  However if someone pays you in diamonds you do not know how much they are worth without appealing to a grading authority.  Do you see where this is going?  I suggest we have commandeered this thread long enough and we should move to another thread on the topic of how address reuse will enable and lead to the eventual destruction of the fungible, decentralized and trustless aspects of Bitcoin.

I will post a link to the thread later today when I find it again.

[DannyHamilton]

@DannyHamilton and @BurtW I think your "black and white" view of things here doesn't reflect *the real world*.

I disagree.  There is nothing but stubbornness and lack of education that is forcing *the real word* to re-use addresses.

If a newbie was given an address by Danny for Escrow and wrote it down and then thought he'd lost it so asked for another one but then accidentally ended up pasting in the first address seemingly Danny is now going to "burn his funds on principle".

And if they accidentally paste some other address that isn't mine from their clipboard?  Either way they are pasting an invalid address. I haven't "burned his funds".  He did when he chose (intentionally or accidentally) to paste the wrong bitcoin address from his clipboard.

IMO that is just silly and won't help the adoption of Bitcoin at all (and would likely end Danny's Escrow service).

IMO it is not silly, and deletion of used private keys is an important part of the security and privacy that my escrow service provides. My escrow is provided as a free service to the community.  If people aren't comfortable with my practices, they are welcome to go elsewhere.

Sorry guys - but the world isn't black and white and you don't get to make the rules "just because you think a perfect world should work your way".

I agree, but you don't get to choose how I handle my private keys either "just because you think I should keep them".

In the real world people make mistakes and we all do our best to ensure that no-one is getting hurt needlessly (and I know this from the actual experience of nearly losing 100 BTC through a stupid mistake which luckily a pool decided to refund mostly back to me).

Yes, people make mistakes.  Some of those mistakes can be expensive (sending to an incorrect address).  Sometimes we get lucky and are able to recover from our mistakes without significant loss (paying an excessively high transaction fee).

[BurtW]

is there any chance(although it is really low) that there is a coincidence of two addreses with this method?

I don't think so.  I think the method is sound and will produce a one to one correspondence between MinAddress and full Bitcoin addresses.

[DannyHamilton]

I will dig up the thread and even the specific posts by Greg Maxwell and Death & Taxes that convinced me that this privacy/fungibility issue is as important as I say.

I don't value the opinions of those that don't understand the protocol or its implications.

I do value the opinions of those that have put in the time and effort to learn how and why this all works. This includes CIYAM even though I happen to disagree with him on this particular matter.

Greg Maxwell and Death&Taxes are two others whose opinions I value on such matters.

It would be interesting to put together a list of people who have a reputation for understanding these details and then list out which of them are against the concept of address re-use and which are in favor of it.

[CIYAM]

I do value the opinions of those that have put in the time and effort to learn how and why this all works. This includes CIYAM even though I happen to disagree with him on this particular matter.

And I likewise do value your opinion but I just find the extreme position a bit "hard to swallow" (in particular when we are hoping for more adoption of Bitcoin).

Certainly I do understand the issues of privacy (and potentially security) but I don't quite see how "fungibility" gets into this. Just because an address has been used doesn't make the funds "less spendable" (unless you guys are wanting to make it so - in which case you are the ones destroying fungibility IMO).

[DannyHamilton]

I do value the opinions of those that have put in the time and effort to learn how and why this all works. This includes CIYAM even though I happen to disagree with him on this particular matter.

And I likewise do value your opinion but I just find the extreme position a bit "hard to swallow" (in particular when we are hoping for more adoption of Bitcoin).

Certainly I do understand the issues of privacy (and potentially security) but I don't quite see how "fungibility" gets into this. Just because an address has been used doesn't make the funds "less spendable" (unless you guys are wanting to make it so - in which case you are the ones destroying fungibility IMO).

If I recall correctly, when this first became a heated topic about a year ago or so, there was talk about blacklisting and whitelisting addresses.  If addresses are re-used, then it is becomes possible to choose addresses and state that they are "blacklisted" (or whitelisted) for any reason that a group of people might want to blacklist them.

If addresses are not re-used, then it is impossible to know what addresses will exist in the future, and therefore impossible to create a blacklist (or whitelist).

The ability to create a blacklist (or whitelist) destroys fungibility since coins that are received at, stored at, and sent from a blacklisted (or whitelisted) address are seen as somehow different than those that are not associated with an address on the list.

From there, additional conversations popped up discussing various other concerns about address re-use, but that was the concept that first turned many people away from thinking that address re-use was a good thing.

[CIYAM]

If I recall correctly, when this first became a heated topic about a year ago or so, there was talk about blacklisting and whitelisting addresses.  If addresses are re-used, then it is becomes possible to choose addresses and state that they are "blacklisted" (or whitelisted) for any reason that a group of people might want to blacklist them.

Oh - okay - yes I remember that horrible stuff.

In any case - in general I would always use new address for each tx but I have found that for some things (such as not at home and don't have my own computer but need to receive funds for a face to face trade for example) a firstbits can be handy (I really have used this in the past back when blockchain.info supported firstbits).

Certainly I would not want people to ever use stupid black/white/orange lists.

In terms of "scaring off newbies" I think that one should educate them "one step at a time" and not expect them to be able to do "best practice" from the get-go.

[DannyHamilton]

If I recall correctly, when this first became a heated topic about a year ago or so, there was talk about blacklisting and whitelisting addresses.  If addresses are re-used, then it is becomes possible to choose addresses and state that they are "blacklisted" (or whitelisted) for any reason that a group of people might want to blacklist them.

Oh - okay - yes I remember that horrible stuff.

In any case - in general I would always use new address for each tx but I have found that for some things (such as not at home and don't have my own computer but need to receive funds for a face to face trade for example) a firstbits can be handy (I really have used this in the past back when blockchain.info supported firstbits).

Certainly I would not want people to ever use stupid black/white/orange lists.

In terms of "scaring off newbies" I think that one should educate them "one step at a time" and not expect them to be able to do "best practice" from the get-go.

If the protocol were changed as BurtW has suggested so that address re-use is not possible, then newbies will stop making the mistake of thinking of an address as an "account number" or "wallet" or "personal identifier", and will start thinking of it more like an invoice number (as they should).

Imagine someone saying "but I want to re-use invoice numbers. It's so much easier not to have to remember to use a new invoice number every time I pay a new invoice".  And someone else saying, "the world isn't as black and white as you might want it to be.  People should be able to re-use invoice numbers for multiple payments on multiple purchases".

Now tell me which one sounds silly?

[CIYAM]

Imagine someone saying "but I want to re-use invoice numbers. It's so much easier not to have to remember to use a new invoice number every time I pay a new invoice".  And someone else saying, "the world isn't as black and white as you might want it to be.  People should be able to re-use invoice numbers for multiple payments on multiple purchases".

Now tell me which one sounds silly?

True - but that is not how Bitcoin works (and not how *everyone was taught it works*) so that argument doesn't really work for me sorry.

[DannyHamilton]

Imagine someone saying "but I want to re-use invoice numbers. It's so much easier not to have to remember to use a new invoice number every time I pay a new invoice".  And someone else saying, "the world isn't as black and white as you might want it to be.  People should be able to re-use invoice numbers for multiple payments on multiple purchases".

Now tell me which one sounds silly?

True - but that is not how Bitcoin works (and not how *everyone was taught it works*) so that argument doesn't really work for me sorry.

People have formed some bad habits and have taught those bad habits to others.

I'm in support of BurtW's opinion that this is the one of two forking changes to the protocol that I'd be most in support of.

Then it will be how it works.

[CIYAM]

I'm in support of BurtW's opinion that this is the one of two forking changes to the protocol that I'd be most in support of.

Then it will be how it works.

Good luck with that but I somehow don't see it happening any time soon but in the meantime it is of course a good idea to educate people about "smarter and safer" ways to do Bitcoin transactions.

Also I think that ideas along the lines of "stealth addresses" might hold more promise for the dealing with the issues of traceability.

[BurtW]

Here is the thread:

https://bitcointalk.org/index.php?topic=334316.0;all

Luke made a modest proposal:  in order to gently move everyone away from address reuse lets make it a bit more costly (in time not BTC).  In other words you can reuse addresses but your transaction confirmations will take a bit longer.  As far as the opinions of the "general Bitcoin public" on this issue check out the poll in this thread.

My first response in this thread:

Knee Jerk Reaction.

One of my later responses shows my change of heart and will give you some good posts to read:

what's so bad about address reuse anyway?

It is not about address reuse.  The issue is fungibility.

There are many posts above that explain the issue.  Just read them.

Try this one:

https://bitcointalk.org/index.php?topic=334316.msg3588908#msg3588908

Then this one:

https://bitcointalk.org/index.php?topic=334316.msg3589252#msg3589252

and the one after it for starters.

This entire thread is a gold mine for the issue at hand with good posts on all sides of the issue.

And yes, this entire Luke Jr thread is a gold mine for seeing my change of heart, good posts on the issue, and good links to other threads on the same subject.

One final note on blockchain.info:  On the one hand they are by far the single worst source of address reuse in the Bitcoin system given that their wallet encourages address reuse and they have so many customers. On the other hand they were the first to implement the coinjoin protocol proposed by gmaxwell and offer this service very cheaply (0.0005 BTC per mixing round) to their customers.  I applaud their efforts to help rectify the privacy dilution they helped to create.

And an ad:  bitmixer.io is the best mixing service I have found so far.  They can handle mixing amounts up to 2K BTC.  I tried to invest but they are not taking investors at this time.

[CIYAM]

Again the "fungibility" issue doesn't really come into it unless we start talking about *choose your favourite colour* lists.

I hadn't noticed Luke's proposal before and maybe it isn't a bad idea - but you don't think something like "stealth" is actually a *better solution* all around?

[BurtW]

Again the "fungibility" issue doesn't really come into it unless we start talking about *choose your favourite colour* lists.

I hadn't noticed Luke's proposal before and maybe it isn't a bad idea - but you don't think something like "stealth" is actually a *better solution* all around?

Yes, I think that stealth addresses are a huge part of the solution and should fix the whole static address for charities, billboards, and even tipping addresses in your signature here on bitcointalk.org issues.  We need full and widespread adoption of stealth addresses as soon as is safely possible.

BTW Peter is one of my favorite people in the whole world.  Not only for his work on stealth addresses but because of this post:

https://bitcointalk.org/index.php?topic=563925.0

where he (hopefully) singled handedly wiped out all past, current and future shit/crap/junk/scam/pump-and-dump alt coins that do not implement his (or a similar) method of initial alt coin distribution.  His proposal will hopefully clean up the cesspool of alt coins once and for all.  I am not holding my breath but I am cautiously optimistic.