Probably just a simple sha256 hash to begin with for simplicity..
Public key hashes are generated by a ripemd-160 hash of the sha256 hash of the public key, and this is what SwapBill uses currently.
Using chained hash functions like this (or running more than one round of the same hash function) definitely seems like a good idea, as this gets you a whole lot of cryptographic future proofing at the expensive of just twice the hashing costs.
The exact secret hashing function used by SwapBill (in python) is as follows:
import hashlib
def publicKeyToPubKeyHash(publicKey):
assert type(publicKey) is type(b'')
assert len(publicKey) == 64
ripemd160 = hashlib.new('ripemd160')
ripemd160.update(hashlib.sha256(b'\x04' + publicKey).digest())
return ripemd160.digest()
Btw. I just found the following article from Vitalik Buterin, which is pretty relevant to this point:
http://bitcoinmagazine.com/6021/bitcoin-is-not-quantum-safe-and-how-we-can-fix/According to Vitalik, public key hashing is actually a lot stronger than the elliptic curve part with regards to stuff like potential future quantum computing based attacks, so it seems like the SwapBill secret hashing is actually pretty good.
But I'd like to see a list of hash options to choose from. That way clients can negotiate their hash method and choose the most appropriate.. Especially if different ALTcoins run with different hash methods.
Arg, yes, that's probably how it will all inevitably end up, I guess.
But if we *could* all standardise on one good secret hashing function it would make things a whole lot simpler and cleaner..