pull down to refresh
135 sats \ 9 replies \ @DarthCoin 12 Dec \ on: How worried do I need to be about public key when sending an on-chain transfer? bitcoin
No risk. Read here #804883
pub key is literally PUBLIC so is already revealed. Important is to not link it with your real identity (always use aliases and decoys).
Please watch this short explanation about "QC doom scenario" and please keep calm, nothing will happen.
pub key is literally PUBLIC so is already revealed
Not true.
When receiving a P2PKH payment, what is revealed is the pubkey hash, the pubkey stays hidden. The pubkey is only revealed when the unlocking script gets to the mempool and stays revealed on the blockchain when the transaction is confirmed.
So, if for some remote chance QC is able to break ECDSA (i.e. find the private key from the pubkey), your UTXO could be "hijacked" only when the attacker finds your pubkey, which is only when you try to spend it and the spending transaction arrives to the mempool.
This means the attacker has around 10 minutes to do it (could be longer), or else the transaction would be confirmed and the UTXO is no longer "hijackable" since it's already spent.
This is another reason to not re-use addresses (remember, a P2PKH address has the pubkey hash in it).
IMHO QC will never break ECDSA, but I could be wrong.
reply
yeah I don't know why people still reuse addresses and even using old legacy ones.
reply
if people never re-use an address, won't that mean having to potentially do a shitton of utxo consolidation at some point ?
reply
Those are not related:
-
Every time you receive a payment, you get a new UTXO regardless of the address you gave to receive the payment
-
Every time you pay you could get a new UTXO (your change, if any) regardless of the address you use to receive the change
Re-using addresses does not reduce (or increment) the number of UTXOs
reply
i have to admit, there's always something extra to confuse me about utxos, thanks for explaining though.
so far, my utxo consolidation has been sending to a new address , i only did it once.
as an example, say i i do my monthly dca of 100k sats
over 12 months i have 12 addresses in my ledger that each have 100k sats
my understanding is that i can make a new address, send each of those 12 balances there and i have now consolidated.
is this new recipient address now consolidated, or did i just make ton more utxo addresses?
reply
You don't consolidate addresses, you consolidate UTXOs.
Your assumption is correct, you get 1 new UTXO every month, and at the end of the year you consolidate 12 UTXOs into 1.
The above is true if you use 13 different addresses, the same address for every UTXO or even a mix: it doesn't matter.
This site is excellent explaining Bitcoin:
https://learnmeabitcoin.com/technical/transaction/utxo/
reply
That is another reason not to reuse addresses.
Also could be a target for the so called "dust attack".
reply
Satoshi's coins are locked to his pubkey (P2PK), not to the pubkey hash, because P2PKH was "invented" later. This means an attacker will first go for Satoshi coins, where he has all the time in the world (instead of 10 minutes) to try to steal the coins.
So, if someday some of the Satoshi's coins move, we should start worrying. Until then is business as usual.
reply
too bad Andreas isn't on SN. so i suppose we would just have to move our funds a new type of quantum secure address.
this brings up another question for me actually related to kyc btc that i will post in a different thread.
out of curiosity, what effect would quantum computing have on the lightning network?
reply