It is my understanding that until the Bitcoin community upgrades the encryption, we should not keep coins in an address from which we already have an outgoing transaction.
But my set-up makes it a bit cumbersome, primarily because I buy coins from some licensed exchanges, and they require me to prove ownership by initiating an outgoing transfer from my Trezor wallet address. That means, to withdraw from the exchange, I had to expose my public key.
So I have a few questions
Are Other Addresses Safe?
As in, generated from the same XPUB, but a brand new address. Is it safe to keep my sats there? Or, an outgoing transfer renders the whole XPUB is vulnerable?
Protect Existing Sats
I have a decent fraction of a coin, all concentrated in one address (offered by my Trezor one), which is known to the exchange. So it means those coins are extremely vulnerable. Does Trezor offer any easy way to transfer them to a new address that is mine? I can probably generate another address and copy paste, then transfer the whole stack. But I am kinda scared, if something goes wrong, my whole stack is gone.
Doing Small Spendings
As I see, each spending will expose at least one public key, which makes the address vulnerable. If so, it just makes the process a bit cumbersome and error prone, although seems like the following can be automated very easily by a software during each spending. That is, for spending any amount, the wallet software should
- Select the UTXOs necessary to cover the amount+fee
- Empty the addresses holding the UTXOs
- Send the specific spending amount to the external destination address
- Put the balance in a newly generated internal address (covered by the same XPUB)
Is my reasoning correct? And is it a feature offered by Trezor or any wallet software? Seems they should, in light of the quantum threat?
But if not, what are you guys suggesting if I spend
