Difference between revisions of "Help talk:FAQ"

From Bitcoin Wiki
Jump to: navigation, search
(Why does my Bitcoin address keep changing?)
m (Why does my Bitcoin address keep changing?: Rephrase slightly)
Line 135: Line 135:
 
[[User:Silverdr|Silverdr]] ([[User talk:Silverdr|talk]]) 01:37, 31 October 2014 (UTC)
 
[[User:Silverdr|Silverdr]] ([[User talk:Silverdr|talk]]) 01:37, 31 October 2014 (UTC)
  
* Both of those are true; ie, when/if you lose bitcoins because you reused an address, it is ''your'' fault and not a bug. --[[User:Luke-jr|Luke-jr]] ([[User talk:Luke-jr|talk]]) 01:54, 31 October 2014 (UTC)
+
* Both of those are true; ie, when/if bitcoins are lost because of address reuse, it is the fault of whoever decided to reuse the address, and not a bug nor the fault of the other party. --[[User:Luke-jr|Luke-jr]] ([[User talk:Luke-jr|talk]]) 01:56, 31 October 2014 (UTC)

Revision as of 01:56, 31 October 2014

Remove SLL?

I want to suggest removing the "purchase Bitcoins via Paypal through virwox" suggestion from this page: faq#Can_I_buy_bitcoins_with_Paypal.3F

For the following reasons:

  1. .02 btc minimum purchase
  2. 24-48 hour btc withdraw hold for new accounts
  3. 5%+ fees for the two trades necessary
  4. Low volume / poor arbitrated markets (current buy/sell is ~547 / 535 with today's price being $513)
  5. Two trades needed means not easy to figure out buy/sell prices at a glance
  6. Arbitrarily limits on "fractions of USD" and SLL amounts means you will likely loose a dollar in their system (can't cash out completely).
  7. Not a good/straightforward experience for those new to Bitcoin

- Asperous (talk) 08:10, 27 August 2014 (UTC)

Why does my Bitcoin address keep changing?

Can we make one thing clear?

"Unlike postal and email addresses, Bitcoin addresses are designed to be used exactly once only, for a single transaction."

is a blatant lie. Now - do we want to be a source of objective and reliable information here? Or do we want to be an outlet for privacy/anonymity zealots' propaganda?

Facts are:

- nothing in the bitcoin protocol prevents addresses reuse, which clearly implies that they were NOT single-use by design. <-- period The single-use is being encouraged for very different reasons than incompatibility with bitcoin design.

- address reuse has advantages in numerous situations, which include but are not limited to:

  • passing the address only once over secure channel towards entities who are not constantly capable of secured information exchange
  • publication of addresses on static or semi-static web pages, without any backend integration need
  • using "mnemonical" addresses, which are relatively hard to obtain
  • ..

Instead of telling lies that "bitcoin addresses are /designed/ to be used exactly once only", which definitely is not true, people should be informed about what are good and what are bad sides of address reuse. If disadvantages outweigh the advantages - people will stop reusing the addresses (at least in most situations) by themselves, and after a thoughtful consideration, rather than due to being lied to and misinformed.

— Preceding unsigned comment added by Silverdr (talkcontribs) at 13:41, 27 October 2014‎ (UTC)

Sounds like you're misinformed. Nothing in the Bitcoin protocol prevents address reuse because 1) there is no such thing as addresses in the Bitcoin protocol, and 2) preventing address reuse is not something that can realistically be done. Regardless of the excuses for reusing them, the reality is that when it works, it does so only by accident. Addresses are in fact designed to be single-use, and when people reuse them it breaks that assumption, which is why many negative effects (to both themselves and others) result from it. People have had bitcoins stolen because they reused addresses. --Luke-jr (talk) 00:02, 28 October 2014 (UTC)
* "Nothing in the Bitcoin protocol prevents address reuse because 1) there is no such thing as addresses in the Bitcoin protocol, and 2) preventing address reuse is not something that can realistically be done"
So what you say is that designer(s) of Bitcoin couldn't realistically design Bitcoin to use addresses (sorry there are no addresses, right?) only once and reject transaction to the same address if it was used already before. Do I understand correctly that this means that Bitcoin was NOT designed to accept only one transaction to a particular address?
* "the reality is that when it works, it does so only by accident"
The reality is that when it works (always) it does so by "accident" of fulfilling all requirements for a valid transaction. If that is an accident then all this Bitcoin thing works actually only by accident. Please, please stop spreading FUD and replace it with solid information. This site gets some momentum and it is very disappointing to see what kind of information people get from it.
* "Addresses are in fact designed to be single-use"
Please also back your claim for a "fact" by something, which can be verified/falsified. Please show or point to the design, which shows clearly that it was /designed/ so. Even if that /design/ didn't take any measures to enforce itself. Without that, your words about "facts" and "design" are just empty, wishful words.
* "People have had bitcoins stolen because they reused addresses"
Yes, and a man who reused addresses fell off the stairs and broke his skull! Please - if this is not FUD then I really don't know what it is. When and where people had their coins stolen *because* they reused addresses, and not because the early implementations weren't secure enough and didn't take some cases into consideration? Or because they didn't understand things and lacked solid, reliable information. Or because of tons of other reasons, all of which you can read around the net? Even the all beloved, ever-address-changing (!) HD wallets are not secure in some edge cases for which they /were/ actually designed (the "H" part in HD). Why don't you tell this?! They do change the address, and.. ?
I really mean you are adding to the confusion of already many well confused, potential new users with this approach and this kind of quality of information. I am sorry to say that and I believe it's a great pity because it doesn't help them and doesn't help Bitcoin in general.
OK, you won. I am not going to change the section again. I know you'll put your (untrue) words back anyway and I have better things to do than push this back and forth on an idealistic crusade. But I try again and urge you to help people understand things by providing facts *ONLY*, rather than personal beliefs/wishes/opinions. Something backed with references to reliable sources, showing clearly, beyond doubt that your words provide a solid information.
Silverdr (talk) 20:20, 28 October 2014 (UTC)
While I agree that address reuse should be discouraged, saying that addresses were designed to be single-use is probably not true. See the following transactions, broadcast by Satoshi Nakamoto:
  • f4184fc596403b9d638783cf57adfe4c75c605f6356fbc91338530e9831e9e16 (the 10 BTC sent to Hal)
  • a16f3ce4dd5deb92d98ef5cf8afeaf0775ebca408f708b2146c4fb42b41e14be
  • 591e91f809d716912ca1d4a9295e70c3e78bab077683f79350f101da64588073
  • 12b5633bad1f9c167d523ad1aa1947b2732a865bf5414eab2f9e5ae5d5c191ba
  • 828ef3b079f9c23829c56fe86e85b4a69d9e06e5b54ea597eef5fb3ffef509fe
  • d71fd2f64c0b34465b7518d240c00e83f6a5b10138a7079d1252858fe7e6b577
Taras (talk) 22:24, 28 October 2014 (UTC)
Bitcoin was designed as a scripting-based consensus system. Payments were sent to a specific IP address: you would connect to the IP you wanted to pay, and it would give you a unique script to use for the pubkey-script in the Bitcoin consensus system. Manually-conveyed addresses were only later added on top of this as an abstractional hack until a proper solution could be found/implemented to solve the MITM attack it had earlier.
Address reuses does not always work, and you cannot assume it will work. Even when it works, it does not work correctly since it is insecure and harms the privacy of not only the users involved, but the whole network.
As for reference, please see section 10 of bitcoin.pdf, which focuses on privacy. For actual reuse-CAUSED losses, you can Google to find various incidents; the obvious case is when people pay an address they've paid before, but is no longer recognised by the recipient as valid: many with the address reuse misconception have tried to double-deposit to exchanges this way, to find their coins lost forever. Less obvious are the reused r/k constants in signatures, which allowed attackers to calculate the private key holding the rest of the bitcoins received by the addresses in question. There are other ways to lose bitcoins when addresses are being used, but I think these two cases cover both major risk vectors.
--Luke-jr (talk) 03:08, 29 October 2014 (UTC)


  • Address reuses does not always work,
Please give proper examples when it would not work.
  • and you cannot assume it will work.
Please explain why or add reliable references.
  • Even when it works, it does not work correctly
It does work correctly. The downside is that it is easier to de-anonymise the transactions and participants.
  • since it is insecure
Please explain why or add reliable references. Please use currently known security holes, which haven't been addressed yet.
  • and harms the privacy of not only the users involved, but the whole network.
Please explain why or add reliable references.
  • As for reference, please see section 10 of bitcoin.pdf, which focuses on privacy.
Of course. It says: "As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. Some linking is still unavoidable [...]". What if someone doesn't give a damn about his transactions being linked to a common owner (himself)?
  • For actual reuse-CAUSED losses, you can Google to find various incidents;
So far I couldn't find any, which would be caused by address reuse per-se. Misinformed people lose their coins in many ways. That's why it is important to give CORRECT and FULL information rather than unbacked opinions.
  • the obvious case is when people pay an address they've paid before, but is no longer recognised by the recipient as valid: many with the address reuse misconception have tried to double-deposit to exchanges this way, to find their coins lost forever.
Which is CAUSED by loss of private portion of the key pair. NOT by address reuse.
  • Less obvious are the reused r/k constants in signatures, which allowed attackers to calculate the private key holding the rest of the bitcoins received by the addresses in question.
Hasn't that been already addressed some time ago?
  • There are other ways to lose bitcoins when addresses are being used, but I think these two cases cover both major risk vectors.
As there are many other ways to lose them when addresses are NOT being [re]used. I believe that you know that the only real cause for loss of bitcoins is the loss or disclosure of private portion of a keypair. It doesn't matter at all for how many transactions the keypair has been used. If you lose the private key for an address that has been used only once, your coins are lost the same way as when the address has been used multiple times and vice-versa. It is NOT the number of transactions that causes losses (some implementation problems aside). It is the loss of private key, which causes them.
P.S. @Taras: yes. Very well said. And I fully agree: address reuse should be discouraged. By giving full and reliable information. Not by spreading FUD and misinformation. I tried already twice to change the words in the FAQ into something more correct and unbiased, only to find the changes reversed back the next moment. The problem is that those who try to learn and understand this very difficult for new users subject - are instead of facts, presented with opinions of little informational value (if not plainly untrue) with no explanations and no proper references to help them gather the important knowledge. Instead of explaining what really causes the coin losses, they are told that address reuse causes the loss and that sending coins to the same address works by "accident"... Silverdr (talk) 04:33, 29 October 2014 (UTC)

Since you don't seem to provide any support for them, can we eventually remove the false statements? luke-jr? Silverdr (talk) 14:51, 30 October 2014 (UTC)

  • There are no false statements. You may not remove the true ones simply because you wish they were not true. --Luke-jr (talk) 01:09, 31 October 2014 (UTC)

Luke-jr. I really don't understand why you are doing this. I didn't and don't want to remove the true ones. I only removed the untrue and you immediately reverted the changes. There is a number of statements, which are not true:

- "the addresses are designed to be single-use only" - "address reuse works by accident" - ...

plus a few more that could use less offensive and more informative language plus proper references. You can't give any backup to those claims and yet when other people try to improve this to be more accurate and factual rather than "wishful" or propaganda style, you bring back the claims which you can't support with evidence. Please prove me wrong and I will eat my greens all the way down. But if you can't, then please stop wasting/destroying other people's work because - I don't know - maybe you believe that you have a mission to save the world and you know how to steer people to do what you want them to do with false or at least not fully correct information on this wiki. I don't understand this approach of yours but I still kindly ask you to reconsider your practices and keep (or at least allow others to keep) the information quality standards that Bitcoin IMHO clearly deserves. Silverdr (talk) 01:37, 31 October 2014 (UTC)

  • Both of those are true; ie, when/if bitcoins are lost because of address reuse, it is the fault of whoever decided to reuse the address, and not a bug nor the fault of the other party. --Luke-jr (talk) 01:56, 31 October 2014 (UTC)