The idea of decentralised money managed on a blockchain is foreign to most of us, so we tend to apply the same mental model of the fiat money systems we use and project them onto Bitcoin. While it can be a helpful frame of reference, to begin with, it can leave you exposed if you do not take the next steps, which is to delve into how Bitcoin works.
I think that anyone putting money into Bitcoin has an obligation to learn about the network they choose to store their wealth in; the more you know, the more questions you pose to the network, the more conviction you will tend to have in its monetary and security properties.
One issue I see new users struggle with is the concept of key management. Bitcoin works with public and private key cryptography, but I’ll only be focusing on the pubic side of it, which is where I’ve seen some clear misunderstandings of how to use a public key.
What is a Bitcoin public key?
A public key is a cryptographic code created using asymmetric-key encryption algorithms and is used to convert a message into an unreadable format. In simple terms, the wallet software you’re using takes your private key and uses it to generate a public key linked to it.
Once you generate a public key, you will use it to receive Bitcoin to the wallet you created. A public key can be used once or several times to receive funds, and this all depends on your use case for Bitcoin.
A public key will look something like this:
Note: This is an active public key, but I do not recommend sending any Bitcoin to it unless you want to give me free money.
This is a newly generated address with no history of transactions (UTXOs).
Misunderstandings of your public key
I’ve met several Bitcoiners who have a hot wallet or cold wallet and re-use the same address. This is usually in the form of a key they use for donations or a key they’ve submitted to an exchange to regularly withdraw funds from the service they use to buy Bitcoin.
Now there is nothing technically wrong with re-using a public key address, it will work just fine, but there are some privacy and safety concerns you may want to consider when managing your public key.
A Bitcoin public key is NOT like a bank account routing number; it is not a unique identifier for your account. It is simply a unique path towards your wallet.
Think of it as a secure one-way path into your account that maintains ALL the history of that path on a public ledger. Yes, every time you use an address, the record of that address is updated for anyone to see.
You can copy the address and paste it into a block explorer and review all the incoming and outgoing transactions from that specific address.
Remember I mentioned you have a private and public key?
How Bitcoin public keys work.
The Bitcoin network and its underlying blockchain work with an unprecedented level of transparency that most people are not used to dealing with in the fiat world. All Bitcoin transactions are public, traceable, and permanently stored in the Bitcoin network. Bitcoin addresses are the only information used to define where bitcoins are allocated and where they are sent.
These addresses are created privately by each user’s wallets. However, once public key addresses are used, they become tainted by the history of all transactions they are involved with to and from that address. Anyone can see the balance and all transactions of any address.
Since users usually have to reveal their identity to receive services or goods from centralised merchants or exchanges who require KYC, these Bitcoin addresses cannot remain fully anonymous. As the blockchain is permanent, it’s important to note that something not traceable currently may become trivial to trace in the future.
For these reasons, it is recommended that your Bitcoin address should only be used once, and users must be careful not to disclose their addresses.
Why you should use a new public key address to receive Bitcoin payments.
To protect your privacy, you should use a new Bitcoin address each time you receive a new payment. Additionally, you can use multiple wallets for different purposes. Doing so allows you to isolate each of your transactions so that it is not possible to associate them all together. People who send you money cannot see what other Bitcoin addresses you own and what you do with them. This is probably the essential advice you should keep in mind.
Be careful with public spaces.
Unless your goal is complete transparency when let’s say, receiving public donations or payments, then publishing a Bitcoin address on any public space such as a website or social network is not great for privacy.
Since you’ve publically attacked your identity to this specific address, it can always be used as a jumping-off point to follow your transaction history. If you choose to dox your address by re-using it with your identity, always remember that even if you move any funds from this address to one of your other addresses, they will be publicly tainted by the history of your first public address.
That is why it’s essential to be careful not to publish information about your transactions and purchases that could allow someone to identify your Bitcoin addresses.
Your IP address can be logged via Bitcoin transactions.
Because the Bitcoin network is a peer-to-peer network, it is possible to listen for transactions’ relays and log their IP addresses. Full node clients relay all users’ transactions just like their own. If you are re-using addresses with the same device or similar devices, you’re providing additional publicly identifiable information to anyone with the will to monitor it.
Being your bank comes with responsibilities.
Getting into Bitcoin, especially as early as we are now, presents plenty of future risk for holders. As your relative wealth increases, you do not want to make it known to anyone how much Bitcoin you’re holding. Holding 1 BTC in 2012 may not have been all that much to be concerned about, but keeping 1 BTC in 2022 or 2032 could be a tasty target for all sorts of interested parties.
The Bitcoin network continues to grow and is the most powerful network on the planet; trying to hack it becomes more complex each year as the network grows, but targetting individuals on the network remain far easier.
You are the biggest threat to your Bitcoin, and providing parties with additional data on you, could open up threats, like phishing attacks parties who find out which exchanges you use public data like your email and public key you’ve put out online to get you to compromise your security.
You also make yourself a target for governments who may become hostile to Bitcoin and look to exact measures on holders in your country.
As NGU (number go up) continues, your holdings become more valuable and require better privacy practice and key management. You’ve worked hard to stack those sats, work as hard to secure them for the long run.
Bitcoin is not about flexing your wealth; it’s about protecting your wealth.
A great reminder to upgrade your safe Bitcoin practices here – with hardware wallets, it is a lot easier to just create a new address as the software does it all for you. Just hope people don’t continuously dox themselves really!