I just checked my bitcoin wallet and I see that I received 0.00000001 BTC from some random bitcoin address. So I go an check that address and I see this.
https://blockchain.info/address/1BSmartoUnHz32AAdPKcc7cGGC3DiA4RShNow as you can see the address is sending small amounts to a bunch of different addresses. I would like to know why someone is doing this. An explanation would be great.
Oh crap. I knew it was an effort to track users, but today I was elbows-deep in the source code and I just figured out exactly how it works.
Somebody is using this to figure out who (which IP address) owns (or once owned, since the wallet doesn't throw away old addresses) what txOuts.
Here's what's going on.
- First, they send a tiny txOut to the address on the block chain whose owner (or former owner) they want to know.
- Second, they connect to a bunch of different nodes and send them bogus transactions that spend that txOut without fees. Repeatedly.
- They don't know the address's private key, so they can't provide a good signature for that tx. But they don't need to.
- If they've connected to a machine that has the wallet containing the original txOut whose owner they're trying to find, that node will disconnect them as a misbehaving node, because the keys provided don't match.
- If they've connected to a machine that doesn't have the wallet containing the original txOut, That node will just reject the transaction due to penny-flooding prevention and no fees.
- Because they can tell which thing happened, they can tell whether the node at this IP address owns the original txOut.
and
THAT , I'm pretty sure, would be why Satoshi said to use an address once and discard it.
