reply on: How worried do I need to be about public key when sending an on-chain transfer? \ stacker news ~bitcoin

pull down to refresh

20 sats \ 7 replies \ @bordalix 12 Dec \ parent \ on: How worried do I need to be about public key when sending an on-chain transfer? bitcoin

pub key is literally PUBLIC so is already revealed

Not true.

When receiving a P2PKH payment, what is revealed is the pubkey hash, the pubkey stays hidden. The pubkey is only revealed when the unlocking script gets to the mempool and stays revealed on the blockchain when the transaction is confirmed.

So, if for some remote chance QC is able to break ECDSA (i.e. find the private key from the pubkey), your UTXO could be "hijacked" only when the attacker finds your pubkey, which is only when you try to spend it and the spending transaction arrives to the mempool.

This means the attacker has around 10 minutes to do it (could be longer), or else the transaction would be confirmed and the UTXO is no longer "hijackable" since it's already spent.

This is another reason to not re-use addresses (remember, a P2PKH address has the pubkey hash in it).

IMHO QC will never break ECDSA, but I could be wrong.

0 sats \ 6 replies \ @DarthCoin 12 Dec

yeah I don't know why people still reuse addresses and even using old legacy ones.

0 sats \ 4 replies \ @stack_harder OP 13 Dec

if people never re-use an address, won't that mean having to potentially do a shitton of utxo consolidation at some point ?

32 sats \ 2 replies \ @bordalix 13 Dec

Those are not related:

Every time you receive a payment, you get a new UTXO regardless of the address you gave to receive the payment
Every time you pay you could get a new UTXO (your change, if any) regardless of the address you use to receive the change

Re-using addresses does not reduce (or increment) the number of UTXOs

0 sats \ 1 reply \ @stack_harder OP 13 Dec

i have to admit, there's always something extra to confuse me about utxos, thanks for explaining though.

so far, my utxo consolidation has been sending to a new address , i only did it once.

as an example, say i i do my monthly dca of 100k sats

over 12 months i have 12 addresses in my ledger that each have 100k sats

my understanding is that i can make a new address, send each of those 12 balances there and i have now consolidated.

is this new recipient address now consolidated, or did i just make ton more utxo addresses?

0 sats \ 0 replies \ @bordalix 13 Dec

You don't consolidate addresses, you consolidate UTXOs.

Your assumption is correct, you get 1 new UTXO every month, and at the end of the year you consolidate 12 UTXOs into 1.

The above is true if you use 13 different addresses, the same address for every UTXO or even a mix: it doesn't matter.

This site is excellent explaining Bitcoin: https://learnmeabitcoin.com/technical/transaction/utxo/

10 sats \ 0 replies \ @DarthCoin 13 Dec

That is another reason not to reuse addresses. Also could be a target for the so called "dust attack".

0 sats \ 0 replies \ @bordalix 12 Dec

Satoshi's coins are locked to his pubkey (P2PK), not to the pubkey hash, because P2PKH was "invented" later. This means an attacker will first go for Satoshi coins, where he has all the time in the world (instead of 10 minutes) to try to steal the coins.

So, if someday some of the Satoshi's coins move, we should start worrying. Until then is business as usual.