Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: Statistical analysis of Bitcoin public key distribution
by
Phrenico
on 02/10/2014, 15:34:56 UTC
Quote from: DannyHamilton on September 25, 2014, 03:41:35 AM

You are wrong.  If you have a private key that generates a particular bitcoin address then you can spend all bitcoins that are received at that address, even if that private key isn't the same private key that was used by the intended recipient to originally generate the address.

(Note: The only way that you "could generate an address that is already done" with a different private key is if there is a flaw in ECDSA, SHA-256, or RIPEMD-160.  There are currently no known flaws that would cause this, and with nearly 6 years of use bitcoin has not ever had a recorded instance of this happening.)

Correct my misunderstanding then:

Private keys are intended to be one-to-one with public keys, so that would certainly be a flaw in ECDSA if two private keys correspond to one public key, but since you turn the 256 bit public key into a 160 bit digest, it would just be incredibly unlikely, not impossible, for an ideal hash function to map two different inputs 256 bit to a single 160 bit output.

What's wrong with my understanding?