If you have a public address and you reuse this address to send BTC from multiple times, my understanding is that your public address is more susceptible to being hacked (ie. easier for somebody to generate the private key from your public address). From what I have read, if you send BTC from your public address and you keep any leftover coins in that public address, your public address is only protected by ECDSA. I have also read that the more you reuse the same address to send BTC, the more your address is susceptible to being hacked.
So let's say I am using a public address. I send a portion of my BTC from my public address to somebody else but the leftover BTC remains in my public address (doesn't Electrum keep your leftover BTC in the same address by default?). I use this same public address to send BTC from over the next several weeks. In total, I have sent from this address 4 or 5 times over several weeks. Several weeks later, after I am done sending my BTC, I backup my wallet and my private key, uninstall Electrum and decide to let my leftover BTC sit there in my public address.
With today's technology, how long would it take to hack this public address? Is this something I don't have to worry about for the next 10 years? The next 5 years? The next 1 year?
It's unknown. The advice against address-reuse is based on the general risk of future breaks against ECDSA, which cannot be ruled out. It's certainly not susceptible to brute-forcing, since that is on the order of 2
255, which is effectively infinite (more than the number of particles in the universe, etc. etc.) But if some clever mathematician figures out a cryptographic break against ECDSA that weakens ECDSA keys, it would be necessary to sweep funds from wallets secured only by ECDSA to something else. P2PKH/P2WPKH resolves this issue by publishing only the key-fingerprint instead of the entire pubkey. Even if there is a break against ECDSA, there is no short-term risk of your coins being stolen. Coins in long-term cold storage (timelocked), for example, need this feature.
That's not really true, its easy to harvest all used addresses in history, easy-peasy
Then you create bloom filter and mark all seen addresses, and then decide how you want to attack btc, either by was of generating deterimistic keys, or brute-intelligent force forward by big-step/baby-step, ...
When you have all the addresses its just like having the public keys, for all the private-key guesses no matter your ALGO, you simple generate a pubkey and then generate say 8192 addresses for every pubkey and check the bloom-table if one of those addresses are hot
U can also hash all the X values from ecdsa into a hash-table and use that to correspond to known addresses,
Then you can watch R values on the block chain, and look for patterns to make a guess to the private-key
It really blows me away how the majority here always say "that can't be done", oh but they have a caveat that a real smart math guy will solve the discrete-log problem tomorrow and sweep all the coin, thus they know it can be done
People who have studied SECP256k1(ECDSA) long enough see the patterns,
But getting back to your question, the public-key isn't required, its easy use a DISCRETE-LOG algo to run through private-keys generated and then super easy to test the priv-key with a function that uses a bloom-table on all known addresses with balance, right now there are +3 million of the puppys
IMHO the founders are scared to death, but the majority are just bots who repeat the mantra u know "BITCOIN is Safe", nothing is safe in life, not walking across the street.
I can say this targeting a PRISTINE address is not easy, but I think that throwing lots of shit on the wall using intelligent ideas from the discrete-log papers, and then testing your X's that come back with public-key hash tests which are super easy, is all doable
WRT to that mathematician who solves the discrete-log problem, IMHO most mathematicians are too pure to stoop to the low level of 'hacking' to resolve this problem, so it probably will not be solved by your math guy, it will be solved by a teenager in Burma, using a low tech chrome-book running crouton
Nothing is SAFE, never its always been this way,
But the above said, BTC is amazing in its general safety, I think the majority will always be safe,
Lastly, studying this stuff, actually improves your knowledge and ability to protect your own coins,
IMHO the NSA created BITCOIN, They're just watching and waiting to see who & how breaks this stuff first, like DES, or SHA, or anything that comes out of NSA, they always have a backdoor, never seen otherwise, thus in a way BTC is real nice way to have everybody on earth hitting their code and then they can keep one step ahead of the best hackers on earth, ...