I guess I'm just asking, are there other things ECDSA is used for on the network where it's not protected by a hash? – Elliot Gorokhovsky – 2016-06-06T14:04:16.440

Also, I think you're wrong... the person who sent me the transaction knows my pubkey, so if ECDSA were broken they could send the bitcoins back to themselves after I've rendered them a service or given them a product. – Elliot Gorokhovsky – 2016-06-06T14:07:01.610

No there aren't other things using ECDSA except for the signing. And no, the person that's sending you the transaction does NOT know the pubkey unless you tell them off-band. They only know the hash160 of the pubkey, which is encoded in your bitcoin address. – Jimmy Song – 2016-06-06T16:02:45.630

Oh that's right! Then what's the point of the signing? Why cant I just announce to the network, "I can prove this transaction was sent to me since can reverse the hash. Now send the coins to address X please." – Elliot Gorokhovsky – 2016-06-06T16:08:37.617

To prove that you have the preimage of a hash, you would have to reveal the the preimage itself. Once someone has a preimage, they can then create their own transaction to supplant their own. Miners, for example, could then change transactions to give themselves the bitcoins. You need public key cryptography to stop this sort of manipulation. – Jimmy Song – 2016-06-06T19:17:28.540

Ok, so all hashing does is reduce the time an attacker has to break your pubkey from as long as you have the coins to the time it takes a transaction to get verified. So then, what's the point? If there were an attack that could break a public key in an hour we would move away from ECDSA anyway, so why care if the attacker has a year or just an hour? – Elliot Gorokhovsky – 2016-06-06T20:24:09.960