You can read part 1 here, part 2 here, part 3A here, part 3B here, part 3C here, part 4A here, part 4B here, and part 4C here, and part 4D here, part 5 A here, part 5 B here, part 5 C here part 5 D here, and part 5 E here
Introduction: Part 6 A here
Already exposed public keys.
But before we get to that, there is another point that is often overlooked: Not only is the security of your personal BTC is important, but also the security of funds of other users. If others get hacked, the news of the hack itself and the reaction of the market to that news, would influence the market price. Or, if a big account like the Satoshi account were to be hacked and dumped, the dump itself, combined with the news of the hack, could be even worse. An individual does not have the control of other people’s actions. So even though one might make sure his public key is only registered in hashed form, others might not do so, or you might not even know their public key is exposed in certain cases, even though you never made transactions from your address.
This is also acknowledged by Andrew Poelstra in this interview. (40:00 and further) He even goes as far as explaining how public keys are exposed in several other ways besides sending transactions to such an extent that “basically all the public keys are exposed.” “If everybody else bitcoins are lost, then […] you have retained all these tokens that are worthless.” Which is an acknowledgment of the risk of value decline due to hacks of the percentage of BTC that is not on addresses with hashed public keys?
44:00 “It was never intended as quantum protection. It doesn’t function as quantum protection. There’s sort of this idea out there that it does, but it doesn’t. And even if it did, by the way, it’s very unclear how you would spend your coins again, because you have to reveal the public key to spend the coins.”
There are several reasons why a substantial amount of addresses actually have exposed full public keys:
- Only unused addresses are quantum secure, but in reality, there are a lot of people, who reuse addresses. (To clarify: with unused I mean an address that has only been used to deposit funds on, and not used to make transactions from. Because if you make a deposit, or if others transfer funds to your address as payments, your public key stays hidden, but if you make a transaction from that address to another address, your public key will be revealed. See for a detailed explanation, part 2.)
- Bitcoin transactions with P2PK UTXOs: these are the older addresses from the period that public keys were not hashed, but published in full. (about 1.77 million BTC fall into this category) (https://eprint.iacr.org/2018/213.pdfp. 7) This includes the Satoshi funds.
- Bitcoin users publishing their public key on a Bitcoin fork, e.g. Bitcoin Cash or Bitcoin Gold. (https://eprint.iacr.org/2018/213.pdf p. 7)
- Any other revealing of public keys, such as part of signed messages to ensure integrity, in forums, or in payment channels (e.g. Lightning Network ). (https://eprint.iacr.org/2018/213.pdf p. 7)
In total, about 36% of all BTC are on addresses with exposed public keys. About 20% of all BTC is on lost addresses see also here. This includes the Satoshi coins. See part 5 for an explanation about lost addresses and why these will never be secure against quantum hacks.
You can continue reading part 6 C here: Hijacking transaction