2

I understand that a bitcoin address is a combination or more than one kind of encryption and entropy, and I also understand how improbable it is that the same address will get generated at the same time.

Although the private keys will be different, this doesn't alleviate my concerns.

If person A sends a payer their public address, how will the network know not to send it to the person A and person B's address

Maybe I am just having a lapse in judgement here, and that the public key must be derived from the private key and hash160 and therefore a public address cannot be generated without the same private key

CQM
  • 1,590
  • 15
  • 29
  • possible duplicate of [What would happen if two public keys had the same Base58 hash?](http://bitcoin.stackexchange.com/questions/5747/what-would-happen-if-two-public-keys-had-the-same-base58-hash) – Nate Eldredge Nov 05 '14 at 03:09
  • You claim you already understand this, "*I also understand how improbable it is that the same address will get generated at the same time.*" How will the network know what to do if three asteroids hit the Earth at the same time? – David Schwartz Nov 05 '14 at 08:11
  • @David exactly :) If CQM says it doesn't alleviate his concerns, apparently he *doesn't* understand just how incredibly, astronomically improbable it is. – Madzi Konjo Nov 08 '14 at 10:16

3 Answers3

4

The network can't tell the difference. In the astronomically unlikely event that two different people have private keys whose public keys hash to the same public address, then both of them are able to spend any coins sent to that address, first-come-first-served.

To illustrate how unlikely this is: suppose every satoshi of every bitcoin ever to be generated was sent to its own unique private keys. The probability that among those keys there could be two that would correspond to the same address is roughly one in 100 quintillion.

Of course the probability is only "astronomically unlikely" if the private keys are truly randomly generated. If they are not, then there can be better chance of someone else being able to guess the private key. Anyone who does so can spend coins sent to that address. That was what happened with this vulnerability.

A fun activity, analogous to "leave a dollar bill on the street and see who picks it up", is to make yourself a private key that is a very small integer. Then send some trivial sum of money to the corresponding address. There seem to be a number of people watching such addresses so you can see who manages to grab it first (by spending it to a more secure address they control).

Nate Eldredge
  • 22,970
  • 3
  • 39
  • 80
2

As a fun fact I'd like to add that, if you take the null string as the public key and hash it, you'll get the address 1HT7xU2Ngenf7D4yocz2SAcnNLW7rK8d4E, which holds around 69.77 bitcoins. Unfortunately those are unspendable, as the address is generated probably by some software bug and doesn't likely have any private key associated with it.

Source: Elliptic Curve Cryptography in Practice, page 11

Bitswazsky
  • 212
  • 1
  • 8
  • That is cool, thanks for sharing that. Since a private key must be an integer >1 it'd seem many have assumed themselves out of Bitcoin! On a related note, /r/Buttcoin is burning BTC tips (the why doesn't concern me; politics) using 1BitcoinEaterAddressDontSendf59kuE, a valid Base58Check address -- https://blockchain.info/address/1BitcoinEaterAddressDontSendf59kuE – Wizard Of Ozzie Nov 08 '14 at 06:32
  • Private from null: 5KYZdUEo39z3FPrtuX2QbbwGnNP5zTd7yyr2SC1j299sBCnWjss - 661 transactions. – pbies Jun 19 '20 at 19:40
0

A public key corresponds to a private key, which is just a very large integer.

As far as the network is concerned, anyone who has the private key for funds at an address can spend them. The only proof of ownership is that because of how public key cryptography works, private key ==> public key/public address is fine, the reverse cannot be calculated.

If you hold the private key for funds at an address and by some random fluke a client gives out the same private key, you can spend the coins. Assuming random numbers though, this will never happen

Wizard Of Ozzie
  • 5,268
  • 4
  • 30
  • 63