Hacker News new | past | comments | ask | show | jobs | submit login

It appears that they are finding the private keys for transactions that already occurred. Reusing an address is not part of Bitcoin's design and it was never intended for people to do that. By not reusing addresses (not reusing private keys) I think one would be immune to this attack. The article doesn't seem to have much detail; anyone have more detail on this?

Edit: The details are in the URL posted by alphydan; it looks like address reuse does not matter with their method.




Even more important, by reusing addresses you are making more signatures using the same private key. This has proven to be a vulnerability where one can deduce the private key from these signatures (though limited to a bad implementation) but it's worth considering.


[flagged]


> You clearly don't understand what you're talking about.

Please don't be rude in HN comments.


You have ignored the difference between an address with has never spent anything and an address which is being reused. Since you know everything, why not address this directly?

edit: Though unrelated to this article, here is a case where address reuse (and software bugs) led to vulnerable wallets: http://www.nilsschneider.net/2013/01/28/recovering-bitcoin-p...


An address which never spent anything can still be the recipient of a transaction.

Those are the addresses which are being attacked here.


There's actually a public key that isn't the address and it's revealed when spending




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: