1.2.1 comment

[ataratics]

Source File: 102-WalletCreation

Requirement 1.2.1 Requires that for Level 1 compliance with the standard: "Unique addresses must be generated by the wallet for every transaction." While I understand both the potential privacy and security benefits of this, there are obvious business use cases where it is not only impractical but not necessarily beneficial. While I think it is a valid consideration of the standard, it seems like it would better serve as perhaps a Level 3 (or at very least a 2) where there is the need for a higher level of paranoia regarding addressing.

[P3B]

This is a very valid point as a unique address per transaction poses a number of operational complexity challenges. Addresses may be re-used for segregation of assets and accounting purposes.

Agreed with reclassification to L3.

[ronaldstoner]

I agree with the challenge for Level 1 systems. Reclassification makes sense to me, but maybe at L2 instead of L3. Currently, the control applies to all levels. Reclassifying to L2 makes one change, while L3 requires relaxing the control back two levels. Since L2 and L3 are for the "more paranoid" levels of security, I think it should still apply to L2.

[jlopp]

If we want to be thorough we might also want to mention that address re-use makes funds more vulnerable to quantum computing attacks, which is clearly an L3 consideration.

We might also want to recommend L1 as not re-using change addresses while L2 / L3 could be not re-using receive addresses. I can't think of any good reason to re-use change addresses.