21
7
I am wondering whether each bitcoin address is unique. I would assume yes. Then how is this enforced (distributed address generation)?
As I understand it each time, an address is generated a new key-pair is also generated. On what basis is this done? The address is a hash of the public half of the key-pair would also allow (at least theoretically) multiple public keys to having the same hash.
5
By the pigeonhole principle yes, there could be two bitcoin addresses that are the same.
The Pigeonhole Principle states, that if there are N items for M spots with N > M then there must be at least 2 of the N items in one of the M spots.
For Bitcoin this means we want/need but might never reach an infinite amount of addresses for an infinite amount of transactions. (but we can reuse addresses; I dont want to get into that) But each addresses is mapped into a space. The space is a certain size (however long addresses are). So by the principle above N = number of transactions/needed addresses = trending to infinity (if bitcoin goes on forever) and M = the size of the address space.
Well, fitting infinity into a finite space means, there would be two of the same addresses. But our finite space is so large that it will take us a long time to fill it up, and the possibility of filling a space of M twice is so small in this case, it's for all intents and purposes zero.
2The pidgeon hole principle is a bad fit here, because N is not anywhere close to the size of M, let alone actually larger. The only part of the answer that actually addresses the question is the last sentence which remains vague. – Murch – 2016-08-24T22:41:12.687
23
TL;DR: There are so many addresses that it is improbable that anyone will ever generate a duplicate of another address in use – as long as random number generators work as they should.
Bitcoin addresses consist of an alphanumerical string with a length of up to 34 characters, excluding the capital "O", the capital "I" and the lowercase "l", as well as the number "0". This would allow for 58^34 possible combinations, however, as some of the positions are used for a checksum this is reduced to 2^160 valid addresses. The checksum on the other hand allows to detect mistyped addresses as invalid, so that it is highly unlikely to accidentally input another valid address.
Even if we generously assume that at some point there will be one trillion addresses (approx. 160 for each of this planet's population), according to the simple approximation formula for the Birthday attack given on Wikipedia, the chance is 3.42*10^(-27) that any two of those Bitcoin addresses collide. In comparison, the figure of addresses that were ever used to receive bitcoins was just over 13 million in May 2013.
Especially as the protocol at any point could be adapted to accept even longer addresses, we can say, yes, it is theoretically possible, but unlikely enough that we can assume for our purposes that it will never happen.*
To answer your other question: For each address there apparently are 2^96 different private keys whose corresponding public key will map to the same address. So to actually try to pursue Bitcoin theft, it would be much more sensible to just generate random private keys and hope to find one that has a corresponding address with money on it. In all likelihood the power for such calculations would cost more than anyone could earn with such a scheme.
*As long as certain random number generators work as well as they should... :)
I haven't checked the math on that but I feel that this image visualizes the immensity of 2^256 pretty well: All energy of our sun from now until burning out wouldn't suffice to count to 2^256 in thermodynamically optimal circumstances.
10
It is enforced simply having such an enormous number of addresses, that generating one equal to another one is so unlikely it can be considered as good as impossible.
2So, what would be the chance of two addresses to be the same? – dexter – 2013-03-28T10:47:48.313
@dexter so small it's irrelevant. If you want actual figures there are plenty of threads asking that, you may search for them if you like. – o0'. – 2013-03-28T10:51:24.973
1Actually, if your random number generator provider is flawed (hello Debian and most recently NetBSD) it might occur that two generated addresses collide. – Stéphane Gimenez – 2013-03-28T14:52:29.977
Does bitcoin use the system rng? Sounds dangerous. – alamar – 2013-03-28T15:09:21.190
@StéphaneGimenez so what? If something is broken, it will damage something else. That happens, like, everywhere? – o0'. – 2013-03-28T16:53:46.507
1@dexter If this answer solved your question, you should click the checkmark next to it to show that this answer solved your question (that's how this site works). – stommestack – 2013-05-18T12:29:36.647
@dexter an address is a 160-bit number (so 2^160 possible addresses). Given the birthday paradox, if I didn't screw the math the probability of a collision givien n addresses is 1 - (2^160)! / (2^160 - n)! / (2^160)^n.
If you are afraid someone will find your key, spread your wealth among several different addresses you control. – zundi – 2017-11-22T06:52:19.347