You are viewing a single comment's thread from:

RE: Simple Guide to Creating a Bitcoin Paper Wallet/Cold Storage.

in #bitcoin8 years ago

This is good to know. I guess it is true that once you use the private key to spend from the address it is potentially compromised. It is not my understanding that this key can change, though, not allowing one to spend from said address. The key is set in the blockchain. Am I missing something here?

Sort:  

Your private key is never transmitted to the network for any reason. The next question is how the network can validate that a transaction is "yours". This is possible because Bitcoin uses Public Key Cryptography (also know as asymetric cryptopgraphy).

Your addresses consist of a pair of keys which are mathematically linked. It is easy to determine the public key from the private key but impossible to determine the private key from the public key. It is more accurate to say it is computationally infeasible to determine the private key from the public key unless there is some cryptographic flaw.

Your public key is included in the transaction (along with destination and amount). The entire transaction is then signed with your private key. The signature is unique based on your private key and the contents of the transaction. Someone can't re-use a signature because it is only valid for a unique transaction.

When the network detects a transaction it will verify it by comparing the signature and public key to the transaction. While an attacker knows the public key he would need to know the private key to generate a valid signature.

Sorry, I thought you were someone else, so my first reply didn't make sense. If the private key is never exposed to the network, why in your original comment did you say that

you should withdraw all funds only once, spending everything. This
is because in the process of unlocking and spending funds, you ex‐
pose the private key

?

We have been describing creating and spending a paper wallet as if it were a top secret Area 51 procedure. It is wise to be secure around money. One needs to use the Private Key for a cryptographic signature in order to sweep the paper wallet of bitcoin. Someone could be looking over your shoulder. If you imported the Private Key to an online wallet, a hacker might grab it. If you sweep the account on a bitcoin wallet client, there is the danger that a hacker is recording your keystrokes, moves faster and sweeps your account before you do.

The mere fact the Private Key exists means it can ultimately be compromised.