P2PKH - Sharing a wallet address does not reveal my pub key?

1

Is it technically correct to say that if I share my address with the network, nobody has access to my pubkey still?

But if I share a valid signature to a P2PKH UTXO, someone can derive my pubkey and consequently spend my UTXO?

Pitchas

Posted 2018-09-04T19:12:15.910

Reputation: 83

Answers

2

Is it technically correct to say that if I share my address with the network, nobody has access to my pubkey still?

Yes, if your address is a standard address, then deriving the public key from an address is practically impossible (because it is hashed). But as soon as a transaction is made which spends funds sent to that address, then the public key is in the signature of the spending tx.

A P2PKH transaction contains:

scriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG
scriptSig: <sig> <pubKey>

So, once a P2PKH UTXO is spent, one can simply look at the script sig for the pubKey.

This is because in order to verify transaction signatures, nodes need the corresponding public key. For this reason, sometimes users will use different addresses for each transaction to help ensure more privacy.

JBaczuk

Posted 2018-09-04T19:12:15.910

Reputation: 6 172