160 bit hash in addresses provides enough security, and that's the important part.
Right now it does. But not eventually. Quantum computer can reduce that to 80 bits.
Public key is meant to be public otherwise if there were any risks in revealing your public key, the whole Bitcoin system falls apart. It doesn't matter what a single person does (like not reusing address).
Then why do you think Satoshi invented Pay to Public Key hash? It's not just to save disc space on the blockchain.
Where are you referring to? The BitcoinEater address? If so, it hasn't revealed its public key, since it's a burning address. You reveal your public key when you spend one of the outputs.
nope not that address. this one: 1P5ZEDWTKTFGxQjZphgWPQUpe554WKDfHQ As I mentioned, one day this person might wake up and realize all their bitcoins are gone. poof. vanished. sent somewhere else. i say that because it will be one of the top targets not only for traditional hackers but also for quantum computers.
if it's a company behind this address then I hope it's not an exchange I ever do business with since either they are really dumb (a person knows the private key and could steal all the money) or they are using some type of Shamir Secret Sharing on a single private key which is probably an awful idea too.
Yes, but public keys are supposed to be, well, public. If your security relies on keeping your public key secret, then your security is flawed.
That's why satoshi didn't just stop with the public key because he figured if someone ever broke the elliptic curve they would still have to break the hash functions. additional layer of security.
As garlonicon points out, there are so many scenarios in which your public key is revealed that this should be assumed to be the default position
assume at your own risk.
Thinking you are more secure because you think your public key is secret is a false sense of security. Unnecessary security at that.
You don't have to just "think" your public key is secret. You can make sure it is. and if you do that then it is more secure than if someone knows the public key. that's just a simple fact. I can have 256 bits of security if I use a particular address type or I can have 160 bits if I go with legacy. It's up to me. But if I do something stupid like re-use my bitcoin address, then it immediately goes down to 128 bits. Again just another fact.
So, if ECDSA is unsafe, then Bitcoin is unsafe, multisig is unsafe, Taproot is unsafe, and Lightning Network is unsafe. A lot of existing coins could be stolen if ECDSA would be broken.
They will be unsafe at some point. Maybe before people have time to react and some people might lost some bitcoin because of that. They have exascale computers now. Zettascale is coming after that. And probably Quantum Computers too.