0

I am not talking about the privacy related concerns just the security aspect and the ability for someone to 'break my private key'.

The addresses that my wallet generates are p2pkh addresses. If i use the bitcoin core and do 'validateaddress' i get a json blob back which includes 'pubkey'.

If i had a database that had a bunch of public keys, not p2pkh but the "pubkey" from validateaddress, and that database were to be breached, would all of the utxos at the original wallet be at risk? (Let's assume the wallet is in cold storage and not connected to the internet). The only thing in that database would be the pubkey(s).

If this is the case... why do we even go through the process of creating p2pkh addresses in the first place? Is it just for aesthetics, less bytes in the transaction, just for privacy, or is there an actual security reason?

Finally is this "pubkey" that validates an address, why would we even need a p2pk in the first place (unless it is literally for the equivalent reason of "improving" to a p2pkh from p2pk).

Thanks

THis is different from the question posted in the first comment as i am talking purely about security ramifications. IE.. there is nothing more inherent secure by using SHA256 +RipeMD to hash a public key then just using the public key itself.

user3554230
  • 145
  • 5
  • i've read that thread but it doesn't answer the question. As i pointed out the obvious privacy, size, convenience factor. That thread does not implicate anything as to the security ramifications. – user3554230 Jul 13 '18 at 10:19

1 Answers1

0

I provide my thoughts more on privacy than risk:

If i had a database that had a bunch of public keys... would all of the utxos at the original wallet be at risk?

AFAIK no, for P2PKH transactions. The bitcoin system has a locking and unlocking mechanism. The locking is done with the pubkey script: the author of a tx defines the target (to whom the tx shall go), and the spending condition(s). This is were in P2PKH tx the hash of the public key goes. The spending condition is then s.th. like this "you need to provide a value, that when hashed, equals the provided public key hash in this transaction". Usually this can only be provided by the original author of a transaction. With a lost database, anyone could now create such a transaction, but not sign it! When then the tx shall fulfill the spending condition, the tx needs to be signed (and the pubkey is provided in hex format).

So if your database is disclosed, the locking mechanism for P2PKH tx can be understood. However, the unlocking is in the sigscript of the transaction, and just with the stolen database you may not provide a valid signature, cause you need the corresponding private key for the signature.

More to the locking/unlocking e.g. in Andreas' book "Mastering Bitcoin" in section 6 "Transactions".

If this is the case... why do we even go through the process of creating p2pkh addresses in the first place? Is it just for aesthetics, less bytes in the transaction, just for privacy, or is there an actual security reason?

Next to the answer in the link from Pieter Wuille, I'd see P2PKH addresses help to keep the privacy up to the point, when the tx is finally spent, cause hashes are not reversible (as per today's knowledge).

pebwindkraft
  • 5,086
  • 2
  • 13
  • 34