New idea ~Need your thoughts!

1 reply 257 views
im_lynxHero Member
Posts: 515 · Reputation: 2161
#1Oct 23, 2023, 01:48 AM
I get that clipboard malware exists and copy-paste attacks are a thing. Since Bitcoin addresses already have a partial SHA256 checksum, I’m wondering why we need what you’re suggesting. I mean, checking just 4 hex characters is kinda simple, but I don't see how much security that really adds for confirming the copy-pasted address. People get scammed for not double-checking their addresses. Are we really saying we need this extra limited checksum to compensate for users’ laziness or lack of awareness about Bitcoin addresses? I’m not buying it as a necessary fix. I make it a habit to always check the first 6-7 characters and the last few of any public address, and sometimes even a couple from the middle. That usually does the trick because if the address isn’t copied right, the checksum won’t match. Everyone should be doing this if not, they’re just asking for trouble. Any software where you paste Bitcoin addresses should be able to check if the address is valid. The error checking for Bech32 and Bech32m is actually better than the old types.
2 Reply Quote Share
im_apeHero Member
Posts: 629 · Reputation: 3824
#2Oct 23, 2023, 06:43 AM
First of all what you are doing is not encrypting (SHA256 is also not an encryption algorithm). It is called computing checksum. Secondly, since this checksum is very small (2 bytes) and the algorithm (single SHA256 hash of UTF8 string) is too fast (inexpensive) so it is not that hard to brute force and create a fake address with the same checksum. I computed this address in less than a second with the same checksum. Of course this is just a concept to show how easy it is to find a "collision" when the checksum is very small. In practice the attacker needs the key to the malicious address which means they have to perform a process similar to generating a "vanity address", an address that has the same starting characters. The extra 16 bit checksum is definitely adding an extra layer for authenticity check but but it doesn't slow down that process enough to be impactful. P.S. Maybe the checksum algorithm could be changed into something far more expensive to make brute forcing harder. For example using a memory expensive KDF like scrypt with high iteration count.
0 Reply Quote Share

Related topics