Sunday, June 12, 2016

Private Keys in Blockchain Transactions

If we can answer the question "Where is private keys?" for a secure feature, we almost understand the security framework. How about the private keys in blockchain transactions?

A private key is used to derive a public key and to make a signature in a transaction. A wallet program can use the same private key for each transaction but it is not secure because it is easy to trace a user's behavior of transaction and it has a risk of being compromised.

Bitcoin Developer Guide states: "For both privacy and security, we encourage you to build your applications to avoid public key reuse and, when possible, to discourage users from reusing address."

Please image that there are 1000 different private keys generated if we have 1000 transactions. Do we need to store the all private keys? I consider the answer is No because the private key is useless after the transaction is finished. Therefore a wallet program can clean the unused private keys if it can generate a unique private key for each transaction.