The only thing that matters is the checksum, because who cares if the destination address is not currently in the blockchain. It is obviously possible to send BTC to a new address which is not already there.
Yeah this is a fairly poor article by an otherwise amazing blogger.
With that said the point stands that the likelihood of sending bitcoin to an unintended address due to a typo is very small. It's not as small as the article suggests, but it's still basically impossible (about 1 in 4.3 billion for a single character typo).
Perhaps the irony is that if you do happen to send bitcoin to an unintended address, you have a much greater chance of recovering it if that address belongs to a real person and is in use. If the address is not in use, then for all intents and purposes that bitcoin is lost forever.
There is functionally no chance of sending it to an address which is in use by accident.
The chance is about as high as the chance of generating the keys for a new wallet address and finding it has already been in use.
I wonder how much BTC has been sent to addresses that have no corresponding private key. Is it even possible to get that data? I guess not, by the nature of the thing…
In the alternative Mimblewimble protocol, there is no possibility of this happening, as not only the sender, but also the receiver has to sign for a transfer of funds.
Since bitcoin "addresses" are just public key hashes, is there any way for them to even be "in the blockchain" without sending them a payment?
No, it is just a namespace, and you can predict addresses that you control but haven’t generated yet
Or send to one that nobody has the key for
Additionally, you can prove you have the key completely offline if you want, which can suffice for collateral or pose authorizations
Most of these features of Bitcoin have been abstracted away for user friendliness, but are still accessible
if you know you know, solved problems (ratified protocols and standards) since 2012 or so
I can never understand why signing authorizations offline never took off.
If I can physically see the inputs and outputs, it doesn’t take much to have a pretty good idea that it’s not bidirectonally compromising the cold wallet machine before sneakerneting them back and forth on a printed QR code.
I think armory wallet was the big thing for this? It’s been a while.
Meanwhile the best approach people commonly have today is a “hard wallet” that plugs into a usb port (yuck!)
yeah its a lost art, and everyone’s/wallet’s default reliance on clearnet remote RPC basically kills all privacy
I hope this doesnt become like email, where self hosting everything winds up blacklisting you in various ways
Are people typing Bitcoin addresses by hand? Aren't they far more likely to c&p a spoofed Bitcoin address?
People use this against cryptocurrencies. It should be an argument against stupidity instead. You get a confirmation popup as well asking if you are sure about the address in many wallets.
No number of confirmation dialogs going to help anyone in determining that their 27+ digit address is mistyped.
Copy paste, and triple check the first and last 4 characters.
Not good enough, scammers will make copycat look-alike addresses that have the same first ~7 and last ~7 characters.
What does this mean in practice though? If you need to be certain, make sure you copy the right address.
What about something like VisualHostKey but for the bitcoin address?
Bad advice scammers/malware have huge tables of addresses they've generated that agree in the first N and last N characters. If a user is going to compare a subset they should make an effort to make it be an unpredictable subset.
Bad actors can easily pregenerate adresses that mach those ahead of time.
People are stupid, and there's no way around that. If bitcoin can't protect stupid people against themselves, then that's a pretty major flaw.
Even when I copy and paste, I triple check the beginning and end of the addresses shown.
Same. I triple check the beginning and the end. Just like I am supposed to when handling money. In cases of many cryptocurrencies, you should focus more on the last characters instead of the first. In terms of Bitcoin, it usually begins with "bc1" (yes, depends) and ends with whatever. Triple check either way. Sometimes I would clear my clipboard and copy paste anew.
Generating an evil wallet where the last six characters or so match the original is probably feasible. I heard of this being done to SSH host keys. Someone invented randomart images to make it easier for humans to compare binary strings [1], but I'm not sure how well they fare against similar attacks.
[1] https://bytes.zone/posts/what-is-the-randomart-image-for/
I have been targeted by scammers who generated wallet addresses with 15 of the same characters.
I am sure it is, but oh well. You always have to be careful about money.
There's a reason folks in ethereum use ENS. It supports BTC / Solana addresses too.
As someone who does follow cryptocurrency and still remains hopeful and optimistic that it can do good in this world (I know, I know) -- what a weird little article to pop up at this time. I had to double-check the date, because this is like a 5-10 year old type of issue, especially for BITCOIN as opposed to other cryptocurrencies.
You are far more likely to paste the wrong address than to type it. When dealing with multiple wallets and recipients it's an easy mistake.
> Each is at least 20 bytes (160 bits) long, with at least 4 bytes (32 bits) of checksum.
Not quite. More modern addresses have 30 bit checksums (so not at least 32 bits!), but rather than being a truncated cryptographic hash the check digits are a BCH code that guarantees any 4 or fewer substitution or transposition errors will always be detected (or 5 bitflips IIRC)... along with one in a billion or better detection of other kinds of errors.
So although the newer formats provides somewhat less protection against wildly incorrect, the protection against likely errors is much greater. The newer addresses are also case insensitive which was the biggest source of transcription errors in most contexts before.
Beyond being better for real errors the use of a error correction code also makes it impossible to intentionally generate 'fragile' addresses where there does exist a one character typo which is a valid address. It also makes it practical for wallet software to highlight the position of a likely typo, which can greatly speed things up when fixing a mistake. (The spec strenuously cautions against correcting errors, because any correction undermines detection strength).
And as hleszek's comment says, existing addresses don't help, generally addresses should not be reused-- they're not accounts, reusing addresses doesn't make the system work better. Early on in Bitcoin's life people created a scheme for shortened addresses where you used truncated addresses that were unmapped to the first user of that prefix. This obviously bad idea ran into immediate spoofing problems, and people quickly learned better.
> but address typos are not a major concern.
Yeah though malware that substitutes addresses in clipboards and copying the WRONG address are both real risks.
What you also might have heard is advice about _Ethereum_, which in spite of being created long after Bitcoin has addresses with no meaningful checksum and which has caused quite significant losses. (There is an optional very weak checksum using mixed case hex, but AFAICT it's not widely used).
Early on in Bitcoin's life, Satoshi had a clear plan for increasing blocksize as necessary, but you went and screwed that up with your buddies. Hope it was worth it for you per$onally. OGs will never forget.
Tell Satoshi hes a numpty. How could he not forsee the issues inherent in his design?
What an interesting flashback-- as of the last three days I'm starting to see again this sort of strange offtopic harassment following me around the internet.
In any case, what Satoshi remarks were you referring to? Perhaps his last related to the subject?
> Piling every proof-of-work quorum system in the world into one dataset doesn't scale. [...] Bitcoin users might get increasingly tyrannical about limiting the size of the chain so it's easy for lots of users and small devices
https://bitcointalk.org/index.php?topic=1790.msg28917#msg289...
I stopped working on some Bitcoin seven years ago after being burned out by harassment, threats, and an a literal trillion dollars worth hateful of vexatious litigation eating up my time. After all that I'm not intimidated by you. I reject your absurd accusations, but if they were true by this time you have only yourself to blame. If whatever you thought should have been done was doable and valuable, why didn't you do it and why isn't anyone using it? I certainly didn't stop you.
Source?
In any case, a fork of Bitcoin with bigger blocks has existed for years and the market doesn't prefer it despite all the big names and companies hyping it up at the time of the split.
Satoshi left Bitcoin so there wouldn't be an appeal to authority so maybe your argument isn't as strong as you think it is.
sounds very usable. who made it, a sadist?
Scan a displayed QR code of the address whenever possible.
Isn't that actually worse option? I mean, I don't know about BTC but there are multiple instances of attacks with fake QR codes placed over parking meters. And last time I was looking for QR code generator for some random website the first one I found one "looked to be working", but actually quietly replaced the URL with own link shortening service.
> there are multiple instances of attacks with fake QR codes placed over parking meters.
Sure, but if someone can change your QR code, they could change the address just as easily. With websites you can see if the URL looks like something legitimate, so URLs are slightly better, but Bitcoin addresses are just a long random string, so being able to see the address wouldn't actually help anything.
> Isn't that actually worse option?
When done correctly by a payment processor, the receiver's QR code for a Bitcoin payment varies for every transaction. It completely eliminates the risk of mistyping it. Granted, malware could replace it, but replacing it is a lot harder than replacing a simple address.
Hum, set aside anything who TYPE a BTC (or any crypto) address instead of mere copy/autoscanning it?
Reminds me lf that dev that sent $100k worth of coins to the wrong smart contract address and was never able to get them back.