MinAddress : Now remember your addresses easily

[oceans]

I actually did not expect something like this to be honest with you however, it does seem like an idea and a good one at that as long as it's proved to be quite safe. I for one am always forgetting my address so this would be ideal for me.

[1714325981]

1714325981

[Bitcoinpro]

Isn't re-using the same address not regarded as questionable?
i.e not the recommended best practice?

Well it's not recommended as the best practice but I don't see anything dangerous in doing so. I think it's just a precautionary measure. I'm sure DannyHamilton will now tell me otherwise, though hehe.

You mean because of this ?

Do not re-use an address I've given you in the past. I use a new address for every transaction and I discard the private keys once I send/spend the bitcoins that I received at an address. Therefore it is very important that you get a new address from me and do not re-use an address to send bitcoins to me in the future if we ever engage in another transaction.

[BurtW]

I actually did not expect something like this to be honest with you however, it does seem like an idea and a good one at that as long as it's proved to be quite safe. I for one am always forgetting my address so this would be ideal for me.

You try to remember your address?  Wow, that is something I have never even dreamt of attempting.  On the other hand since Bitcoin addresses are (for all practical purposes) impossible to memorize that make them safer.  If you were to memorize 12e4f-1mine you might transpose or in some other way mess it up when you recite or write it down - possibly leading to disastrous results.

[BurtW]

Isn't re-using the same address not regarded as questionable?
i.e not the recommended best practice?

Well it's not recommended as the best practice but I don't see anything dangerous in doing so. I think it's just a precautionary measure. I'm sure DannyHamilton will now tell me otherwise, though hehe.

You mean because of this ?

Do not re-use an address I've given you in the past. I use a new address for every transaction and I discard the private keys once I send/spend the bitcoins that I received at an address. Therefore it is very important that you get a new address from me and do not re-use an address to send bitcoins to me in the future if we ever engage in another transaction.

I think it is kind of harsh to actually delete the private keys once the transaction is done.  I am one of the biggest opponents of address reuse you will find here on this forum but even I keep all my previous private keys just in case someone accidently sends BTC to one of my old addresses.  There is no privacy or security issue with keeping all your old private keys just in case - just never reuse those addresses for new transactions.  I just archive them.

This is why I think deterministic wallets are the greatest Bitcoin invention to date.  The Trezor or any deterministic wallet:

1) Uses a different receive address every time (but all old addresses are still valid and useable even if by mistake)
2) Uses a different change address every time
3) Can reconstruct every single receive and change address every used and calculate every address that will ever be used from one seed.

No need to muck about backing up, creating or deleting private keys.  They are all derived from the one seed.

[leannemckim46]

I actually did not expect something like this to be honest with you however, it does seem like an idea and a good one at that as long as it's proved to be quite safe. I for one am always forgetting my address so this would be ideal for me.

The only way this could potentially be implemented is if you were to trust this company with your private keys. There are too many instances when this turned out to be a bad idea and people lost a lot of money.

It also forces you to reuse your address which is something that you generally should not do. Even if you do reuse addresses you sometimes may eventually use a new address for a specific transaction.

[BurtW]

The only way this could potentially be implemented is if you were to trust this company with your private keys. There are too many instances when this turned out to be a bad idea and people lost a lot of money.

This could not be farther from the truth.  This (and Firstbits) can easily be (are) implemented with out any reference at all to anyone's private keys.

It also forces encourages you to reuse your address which is something that you generally should not do.

This is true.  Address reuse is very bad for the long term viability of the entire Bitcoin experiment.

[DannyHamilton]

Isn't re-using the same address not regarded as questionable?
i.e not the recommended best practice?

- snip -
I don't see anything dangerous in doing so.
- snip -
I'm sure DannyHamilton will now tell me otherwise, though hehe.

You mean because of this ?
- snip -

I think it is kind of harsh to actually delete the private keys once the transaction is done.
- snip -

He was referencing several posts of mine.

Here is an example:

- snip -
Do not re-use an address I've given you in the past.  I use a new address for every transaction and I discard the private keys once I send/spend the bitcoins that I received at an address.  Therefore it is very important that you get a new address from me and do not re-use an address to send bitcoins to me in the future if we ever engage in another transaction.
- snip -

I include that paragraph (or one like it) whenever I provide anyone with a bitcoin address to send bitcoins to me.

[BurtW]

Good point.  Carry on and good luck.

[jbrnt]

I actually like this idea, but the shortened address is still not very easy to remember. If I have to copy it down or send it to someone via email, I could just use the full address.

[awesome31312]

The whole point of a long address was increased security. Would you really be willing to exchange it for convenience?

[BurtW]

The whole point of a long address was increased security. Would you really be willing to exchange it for convenience?

There is no security difference between a full Bitcoin address and the proposed MinAddress.  MinAddress is just a way to look up the full Bitcoin address in the blockchain so, same amount of security as the Bitcoin address itself.

There is just a small loss of error checking of the address itself but if you are careful then that is minor.

[leannemckim46]

The whole point of a long address was increased security. Would you really be willing to exchange it for convenience?

There is no security difference between a full Bitcoin address and the proposed MinAddress.  MinAddress is just a way to look up the full Bitcoin address in the blockchain so, same amount of security as the Bitcoin address itself.

There is just a small loss of error checking of the address itself but if you are careful then that is minor.

You would likely have a lot of people scamming by creating addresses that are similar to popular addresses to send money to. It would also make it easy for people to fall for this scam because they would be more likely to look up an address with this service rather then look it up and verify it independently

[awesome31312]

Unfortunately, if you got someone "shortening" or "rerouting" your addresses, then it should have a similar effect to what the bit.ly URL shortening services has on your link, that is, their piece of the $$$

Please correct me if I'm misunderstood, is this a security flaw?

[DannyHamilton]

You would likely have a lot of people scamming by creating addresses that are similar to popular addresses to send money to.

This would be very difficult to do.

You would need to predict ahead of time which addresses would become popular before they become popular. You would need to see the address as soon as it is used in a transaction and before that transaction is confirmed. Then you would need to create a vanity address that is similar to that address before the transaction confirms.  You would then need to send a transaction to your newly created vanity address and your transaction confirmed in the exact same block as the transaction with the address that you are trying to spoof.

Even if you manage to do all that, the user of the MinAddress could create a new transaction, get it confirmed in a new block, and use the new block as the first part of his MinAddress.  This means that you'd need to monitor every address that you ever want to try to copy and make sure that every time any of those addresses receives a transaction, you get a transaction to your spoof address confirmed in the same block.
 

It would also make it easy for people to fall for this scam because they would be more likely to look up an address with this service rather then look it up and verify it independently

Since the creation of the address is an open and publicly known protocol, it would be possible for many services to all create identical addresses.  Furthermore, it would be possible for wallet software to create MinAddresses if they become popular.  As such, you wouldn't be forced to rely on any particular service to be trustworthy.

[DannyHamilton]

Unfortunately, if you got someone "shortening" or "rerouting" your addresses, then it should have a similar effect to what the bit.ly URL shortening services has on your link, that is, their piece of the $$$

Since the protocol for creating a MinAddress is open and publicly known, competition would prevent any particular service from significantly overcharging.  MinAddresses could even be built into wallets if they become popular.

Personally, I don't like the idea of re-using a bitcoin address, at all, ever.  Therefore, I find that the MinAddress would be useless to me, and would interfere with the fungibility of bitcoin if it becomes popular.  As such, I hope this idea fails.  However, if it does fail it won't be because of a service charging to much for it or because of security issues.

Please correct me if I'm misunderstood,

You're misunderstood.

is this a security flaw?

No.

[CIYAM]

Also I would like to know the number of users ( if any as I am not aware) who have lost bitcoins due to address reuse. We all know a lot of users have entered incorrect address at one time or other leading to loss of bitcoins.

This is something I would agree with and for simple "tips" or "donations" it is always going to be easier to have an address link in your sig vs asking people to contact you (or use a website) in order to get a never used before address from you.

BTW - what would my 1ciyam firstbits address look like with this scheme?

[CIYAM]

Your MinAddress: 2adfd-1ci

You may also use 2adfd-1ciyam if you like

I think 1ciyam-2adfd would probably "look nicer" myself.

that way I can change my "sig" to look like this:
1ciyam3htJit1feGa26p2wQ4aw6KFTejU-2adfd

[CIYAM]

Since the address part can be extended so it was put later, but I agree some people will prefer this pattern so for them, this format can be implemented [keeping the original unchanged] by changing the - symbol to @ so your address will become :

1ci@2adfd or 1ciyam@2adfd or  1ciyam3htJit1feGa26p2wQ4aw6KFTejU@2adfd

What do you think?

Nicer but @ might get confused with email - perhaps $ instead?

(or if $ is going to be controversial then ! or : would be okay)

1ciyam3htJit1feGa26p2wQ4aw6KFTejU!2adfd
1ciyam3htJit1feGa26p2wQ4aw6KFTejU:2adfd

[CIYAM]

Ok, will add this soon to minaddress.info

Let me know when it is added and I'll even change the address in my sig to include it.

1ciyam3htJit1feGa26p2wQ4aw6KFTejU:2adfd

[DannyHamilton]

MinAddress will use one to one correspondence between MinAddress and Full Address to make the MinAddress mistake proof [to be implemented]. So that MinAddress can have 3 levels of checks,
>Block must exist
>Address must be uniquely present in block
>Block should be the first block where the address was used.

Thus one full address will always have one MinAddress.

I just don't see the benefit of this requirement.  Perhaps I'm overlooking something, but that seems overly restrictive.  I prefer BurtW's recommendation that the rules dictate how to get a Bitcoin address from a MinAddress, and not the other way around.

- Extraneous, useless, bold tag removed -

I think this issue is put here out of context. "I can say no one should create more than one bitcoin address as it increases the chance of address collision by 100% compared to if the user has one bitcoin address". It is true but does not matter as the the base value is so small that even a 100% increase results in insignificant value.

I don't see the analogy.  I'm not sure what you are trying to say here.

Similarly this service is aimed at new users who find the wallet address too long / users who need to carry out random small transactions and need an address handy / users who cannot/donot like using QR code so need a easy way to type the address and so on. This service is not for users who make large bitcoin transactions on a regular basis.

My statement has nothing to do with "large bitcoin transactions on a regular basis".  I stated my opinion.  Clearly you don't like my opinion, but I never expected you to like it.  If you did, you wouldn't have created this MinAddress in the first place.

I dont think address reuse poses any serious security or fungibility issue in this case.

You are mistaken. Address re-use significantly reduces both privacy and fungibility.

Also I would like to know the number of users ( if any as I am not aware) who have lost bitcoins due to address reuse.

Who said anything about losing bitcoins.  The issue is lost privacy, and lost fungibility.  Not lost bitcoins.

That being said, there are people that have made false assumptions about "sending addresses" and attempted to re-use those to send bitcoins to someone that they previously received bitcoins from. This has resulted in lost bitcoins.

Furthermore, if anyone ever re-uses an address that they used in the past to send bitcoins to me, the bitcoins WILL be lost, since I delete the private keys after I spend the bitcoins that were received at an address.

For that matter, now that I think about it, I have seen people report that they accidentally re-used an address from an old wallet that they no longer had and wanted to know if there was a way to recover the bitcoins. I guess it happens after all.

We all know a lot of users have entered incorrect address at one time or other leading to loss of bitcoins.

Yes, but I don't know of a single one that lost bitcoins due to a typo. Every one of them that I know about lost bitcoins due to either:

• Using copy and paste and not realizing that they had the wrong address in their clipboard
• Being given the wrong bitcoin address by the receiver
• Misunderstanding which address they were supposed to use when presented with multiple addresses to choose from

MinAddresses will not solve any of these three issues.  It might make it a bit easier to tell someone an address vocally, and they may be able to write it down with pencil and paper a bit faster, but if they are given the wrong address, or choose the wrong address from multiple choices, or copy and paste an address that is sent to them, then they will be just as likely to have a problem with MinAddress as they would with traditional addresses.