Support not reusing addresses #10065

1. 
   RHavar commented at 6:34 pm on March 23, 2017: contributor

   An advanced wallet feature should be the ability to disable all address reuse. The attack this is designed to stop is if I know that the address 1BPmZt3kjnFffANNs6MCBBBKRYwRGGrXQZ is part of Alice’s wallet, it shouldn’t be possible to continually pepper it with dust and learn more about her as her wallet automatically keeps spend-linking it with her other outgoing transactions.

   I’m not exactly sure how the implementation of this would look, but I think a sensible route would be to make the lockunspent shit persistent (it’s already annoying that it’s not), and if the “-ignore-funds-from-reused-addresses” feature is enable, the wallet would automatically lock that output upon it being received.

   (It’s probably bad form: But I’m offering a 1 BTC bounty to anyone who can get such a feature merged in within 6 months of this posting).

2. jonasschnelli added the label Wallet on Mar 23, 2017
3. laanwj added the label Feature on Mar 25, 2017
4. jet0 referenced this in commit b971bb9e9a on Apr 19, 2017
5. 
   luke-jr commented at 8:06 pm on April 19, 2017: member

   Which of these interest you?

   1. optimisation: don’t check for used addresses in new blocks
   2. best practice: don’t show more than one payment made to each address 2b) or at least, don’t show payments made after coins sent to that address are spent
   3. privacy: don’t spend coins received by the same address in different transactions (requires 2)
6. 
   RHavar commented at 8:15 pm on April 19, 2017: contributor

   Option 3, privacy.

   Let’s say I know you sent money to 17p47toGLR5zBZw2pNzRDFh9yWKX2qxyaJ, and I don’t know who owns that address but I’m trying to figure it out. A pretty easy way now is to spray it with a bunch of dust. Then if who ever owns 17p47toGLR5zBZw2pNzRDFh9yWKX2qxyaJ is running a wallet like bitcoin core, it’ll automatically spend link all that dust. Eventually I should be able to figure out who owns that address, especially if it’s a service. And thus where you were sending your money.

   That’s a pretty big privacy hole that should be disable-able.

7. laanwj referenced this in commit 5f7575e263 on Jul 24, 2018
8. meshcollider referenced this in commit 44d8172323 on Jun 18, 2019
9. 
   kallewoof commented at 0:05 am on June 19, 2019: member

   @RHavar I believe #12257 and #13756 together address this problem. Please confirm.
10. 
    RHavar commented at 0:20 am on June 19, 2019: contributor

    Looks like it. Fantastic work! Keep it up 👍
11. RHavar closed this on Jun 19, 2019

    ---

12. 
    luke-jr commented at 1:56 am on June 19, 2019: member

    I don’t see how. I can still send you coins to the same address twice if I’m arbitrarily quick enough…
13. 
    RHavar commented at 2:00 am on June 19, 2019: contributor

    Yeah, but then both those outputs will be spent with the same transaction – so it’s not an issue.
14. 
    luke-jr commented at 2:52 am on June 19, 2019: member

    It’s still address reuse, and in some cases retains the problems of such reuse.
15. 
    kallewoof commented at 3:18 am on June 19, 2019: member

    What @luke-jr is talking about is orthogonal to the issue raised here, so I believe closing it was the correct decision. The issue @luke-jr is talking about is in #3266 and there is a PR open in #15987.
16. sidhujag referenced this in commit 6bcaa95d9d on Jun 19, 2019
17. Munkybooty referenced this in commit 3a9c562e6e on Jun 15, 2021
18. Munkybooty referenced this in commit c40f154def on Jun 15, 2021
19. Munkybooty referenced this in commit 0f644d5f5f on Jun 16, 2021
20. Munkybooty referenced this in commit e2bf529053 on Jun 22, 2021
21. Munkybooty referenced this in commit 82659a4eb8 on Jun 24, 2021
22. Munkybooty referenced this in commit 640b1ceea2 on Jun 24, 2021
23. MarcoFalke locked this on Dec 16, 2021

Contributors
RHavar luke-jr kallewoof

Labels
Feature Wallet