Author: StJohn Piano
This page is subject to change at any time. It is not signed by its author or by Edgecase Datafeed.
6 minute read (5 pages)



Brief Summary


The only way to be certain that bitcoin can be transferred out of an address is to test it. To test an address, move a small amount of bitcoin into and then out of it.






Contents


- Brief Summary
- Contents
- Introduction
- The disadvantage of testing a Bitcoin address
- Testing a new standard address from a standard address
- Testing a new standard address from a nonstandard address
- More information






Introduction


No matter how much analysis is performed, it is always possible that there may be an error / bug in the code + hardware stack that generates the Bitcoin address from the private key. If such an error exists, and an address is incorrectly calculated from a private key, and bitcoin is transferred to this address, it will not be possible to retrieve this bitcoin. It will now be controlled by an unknown private key.

The only way to be certain that bitcoin can be transferred out of an address is to test it. To test an address, move a small amount of bitcoin into and then out of it.

Note: The transaction that moves bitcoin out of the address should be created on an offline computer.

Once an address has been tested, a larger amount of bitcoin can now be moved into this address and the owner can be certain that it can be retrieved. Even if the owner later discovers an error in the code + hardware stack used to create and sign a transaction, they know that eventually this error could be fixed and a valid transaction could be created. The owner would only risk a temporary lack of access to the bitcoin, not its permanent loss.






The disadvantage of testing a Bitcoin address


One notable aspect of the Bitcoin cryptosystem is that an address contains a hash of the public key, not the public key itself. This means that if bitcoin has been transferred to an address, but not spent from it, then an adversary only knows the hash of the public key.

Any transaction that spends bitcoin from this address will include the public key in its scriptSig. This means that as soon as bitcoin has been spent from an address, an adversary knows the public key.

Testing an address necessarily means that some bitcoin will be spent from it, revealing the public key.

Some terms:
- "hidden-key addresses" = "addresses from which no bitcoin has ever been spent"
- "known-key addresses" = "addresses from which bitcoin has been spent at least once"

If a weakness in the ECDSA cryptosystem were discovered in the future, then bitcoin stored in hidden-key addresses would still be secure, but bitcoin stored in known-key addresses might be insecure.

So: Testing an address means that you can be sure that you can retrieve bitcoin from it, but sacrifices some protection against the potential future discovery of a weakness in the ECDSA cryptosystem.

This trade-off is worth considering only for single-use long-term storage addresses.

For a more detailed examination of this issue, see the "Does the hash in a Bitcoin address provide any protection?" part of the Thoughts section of the article Using a transaction to validate a Bitcoin address.






Testing a new standard address from a standard address


Let the existing address be address_1. This address must already hold some bitcoin.

Let the new standard address be address_2. This is the address that is being tested.

Create a standard transaction that transfers a small amount of bitcoin from address_1 to address_2. Follow the page How to create and sign a Bitcoin transaction. Broadcast the transaction and wait for it to be mined and receive 6 confirmations.

Create a second standard transaction that transfers the available bitcoin back from address_2 to address_1. Broadcast the transaction and wait for it to be mined and receive 6 confirmations.

Address_2 has now been tested. You can now transfer more bitcoin to this address and be certain that you will be able to retrieve it in the future.






Testing a new standard address from a nonstandard address


Bitcoin exchanges will give you a receiving address at which you can receive a payment to your exchange account. Often this is a standard address, which will start with the character '1'. However, some exchanges will give you a P2SH address, which will start with the character '3'.

Let your current receiving address on the Bitcoin exchange be address_1.

Let the new standard address be address_2. This is the address that is being tested.

When you transfer bitcoin out of an exchange into one of your addresses, the exchange will create a transaction that spends from their address(es) and will include your transfer.

Use the exchange's interface to transfer a small amount of bitcoin to address_2. Wait for the exchange's transaction to be mined and receive 6 confirmations. The Other services page should list an active block explorer, which you can use to check the status of a Bitcoin transaction.

If your receiving address is P2SH, then create a nonstandard transaction that transfers the available bitcoin back from address_2 to address_1. Follow the page How to create and sign a Bitcoin transaction. Broadcast the transaction and wait for it to be mined and receive 6 confirmations.

Address_2 has now been tested. You can now transfer more bitcoin to this address and be certain that you will be able to retrieve it in the future.






More information


Projects that involved the testing of a standard address from a Bitcoin exchange:
- Browse to the article Using a transaction to validate a Bitcoin address.