Pages Menu
Categories Menu

Posted by on 6th May, 2013

Bitcoin address collision

Bitcoin address collision

A Bitcoin collision is when two different people in the world randomly generate the same Bitcoin address. They would both have access to any funds in that address. Is that even possible?

The answer: yes

However, the chances of that happening are pretty much nil. Read on.

A Bitcoin address consists of mainly two parts: an address (public key) and the key (private key) to that address. The address is the container for the funds and the key, well, opens the container.

How this works, is that when you generate a new Bitcoin address, you are really generating a key pair. That is a private key is created first and the corresponding address is then mathematically computed and derived from that private key, so that there can only be one address for each key.

Now, Bitcoin keys and corresponding addresses can be generated at will. Yes, you can create as many as you want. 100, 1000, 100.000? Go ahead, you can. In fact, when you create a wallet on many of the more popular Bitcoin clients, it comes with 100 addresses by default, even if you only ever use 1.

Keep in mind that if you own the private key, you can spend the coins that are in the address.

Now, I just told you that you can create as many keys (and corresponding addresses) as you want. So, the inevitable questions is: if I just create many, many private keys, eventually I will stumble upon an existing address that has bitcoins in it… and since I would have the key for it, I could just take them? Yes?

Yes, that is correct.

Wait a minute… that means that if someone happens to create a private key that matches mine and my address, they can empty my address and steal my coins. Yes, that is correct too. They could, if they were lucky enough to create the same private key. And “lucky” is the magic word here.

Bitcoin addresses are 160 bit hashes of the 256 bit private keys, so there are 2^160 or about 1,460,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 possible addresses.

Let’s say it’s 2045 and the world population is 9 billion. In an unrealistic scenario, every single person on the earth is using Bitcoin and each person has created and used 10 million addresses; yes let’s go overboard with this: that would mean a total of 90,000,000,000,000,000 addresses spent addresses.

So, the possibility of collision, in this scenario is:
90,000,000,000,000,000 / 2^160 = 0.00000000000000000000000000000000615%

You see, 2^160 is really a very large number. Very large. Much larger than our brains can comprehend.
Bitcoin collision

Yes, one could set up a super computer that is specifically build to do this reverse search and have it try cracking addresses all day long. In that case, it would be much more profitable to use that equipment for mining purposes, especially since the work being done is very similar. Your reward for the effort is much higher and that is the reason why it is not worth the effort or electricity cost.

David Perry explains this this way:

Lets say you build a super ASIC on 12nm (4 generations ahead of current tech) process that could create, validate, and steal one trillion key pairs per second (1 TK/s). That would be about 50,000x more powerful than faster GPU’s today. Lets also say you built a thousand of them and ran them continually with no downtime 24/7/365. In 1 year you could brute force 3*10^28 possible addresses.

If there are 1 quadrillion funded addresses you would still have a ~1% chance of colliding with a random funded address in the next 1,000 years.

Comparatively speaking, your odds of being struck by lightning are about 1 in 280,000, so you’re about 500,000,000,000,000,000,000 times more likely to be struck by lightning than to find an address within the first year. Since that’s also a big number, the odds are equivalent to being struck by lightning about 4.6 times in your lifetime.

So, is it possible? Yes. Unlikely? Extremely.

Go back to bed and don’t worry about this ever happening.