[bitcoin-dev] Human readable checksum (verification code) to avoid errors on BTC public addresses

Pieter Wuille bitcoin-dev at wuille.net
Sun Aug 29 14:42:07 UTC 2021

On Thursday, August 19th, 2021 at 1:02 PM, ts via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:

> > In any case --- the last 5 characters of a bech32 string are already a human-readable 5-digit code, with fairly good properties, why is it not usable for this case?

Side note: it's actually the last six characters.

> Well, because
> a) most people don't know that
> b) it is specific to bech32
> c) it is not easily readable being the last digits of a long address (although this could be

I think this is a misconception. For the purpose of verifying that you have the *right* address (rather than just a valid one), the checksum, or even the knowledge that a checksum is present, is completely irrelevant.

In honestly-generated addresses, every character except the prefix (the ~2 first characters for P2PKH and P2SH, and the ~4 first characters for BIP173/BIP350 native segwit addresses) has exactly the same amount of entropy. Instead of adding say a 4 character code, just tell people to compare any 4 characters of their choosing. Or more - I would hope people are already comparing (much) more than 4 characters already.

It doesn't matter if the characters being compared are checksum characters or data characters. In honestly-generated addresses, both are equally random.

Adding a special 4 character "external" checksum IMO would instead encourage people to perhaps just compare those 4 characters instead of the rest (or at least, focus mostly on those). That could easily worsen how well comparisons are done in practice...



More information about the bitcoin-dev mailing list