Replying to Avatar Alex Waltz

Did you know #Bitcoin used DOUBLE hashing everywhere?

Why do we use Double-Hashing(SHA256) in Bitcoin?

Where is it used?

What is the benefit?

SHA256 is designed & patented (released royalty-free), by the NSA.

Even though paranoia is a minimal requirement in cryptography, I don't think there are backdoors here.

Satoshi may have had his doubts.

Whenever hashing is performed in Bitcoin is done 2 times.

The most obvious use of SHA256 is when doing the PoW, but it is used a a LOT of other places.

All of the done 2 times.

The theory is that Satoshi though it prevents certain( length extension attacks) attacks.

But the reality is it does not really add any benefits.

Even though this fact became more obvious, the double-hashing trend continued with future things that were built.

It seemed it was easier to subscribe to the "superstition", rather than convenience people that hashing once is safe.

The "modern" changes use single hashing, and in some cases, hashing was dropped altogether.

The design choices made by Satoshis are consensus-breaking, which means that changing them would cause a fork, so they will probably stay like this forever.

Thanks for reading and like & repost, if you liked it. :D

Follow for more #Bitcoin facts like this every day!

And the #BitcoinFactOfTheDay was brought to you by BitBox !🇨🇭🔑
Avatar
CryptoDrew 1y ago

A similar reason for why the secp256k1 elliptic curve was chosen over the secp256r1 curve for DSA signatures.

Although, that does not mean that any of those are immune to future discoveries of vulnerabilities or backdoors or being broken.

And if/when that day comes, then the community will have to accept a hard fork. Fingerprinting all the accepted block history, and using new hashing or signing algorithms for future blocks.

Could Satoshi have added a small cryptographic spec to each transaction to detail the hashing and signing algo, allowing them to be changed w/out a fork? Or would that come with its own risks of the blockchain's security being subverted if it is made too easy to update such things.

Reply to this note

Please Login to reply.

Discussion

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

supposedly secp256k1 is "insecure" *cough* yes that's why bitcoin's got the highest market cap

check out safecurves... there is a big margin of opinion in cryptographic security that needs to be understood

lukechampine is a cryptographer i respect for his brutal honesty about his opinions about things, after reading his great piece on CSPRNGs

bruce schneier is also great but the dude has been compromised by the woke crowd and he is biased against bitcoin so anything he might say against sha256 or secp256k1 needs to be taken with a grain of salt

there is a fashion for a few years now that edwards twisted curves are "superior" to other types of elliptic curves, and BLS12-381 is very popular with shitcoiners

but, being that neither of these two targets even taken as a mass represent a worthy cryptanalysis attack target worth studying, or that most such crappy people who would try to do things like this are usually a bit retarded

my opinion is that if sha256 was weak and secp256k1 was weak then why is it still secure?

Avatar
CryptoDrew 1y ago

There's also credence for secp256k1 given how widely it is now used without any notable cracks to date. That is to say as long as wallets practice safe signing. E.g., don't reuse nonce values.

Avatar
Alex Waltz 1y ago

Well one reason might be the "r", because you can't really know the NUMS are really NUMS, i think.

If bitcoin needs a new hashing algorithm its most prolly fucked, and the chaos a change would cause it think it would die.

Avatar
CryptoDrew 1y ago

Also, there have been suggestions that the NSA has a backdoor for the secp256r1 curve.

As for bitcoin being fucked if it ever were to ever need a new hashing algo, I'm not sure. I would imagine that several forks would come out of it as a result, and one or more would likely have a fair amount of success. Only time will tell.