Giszmo
commented
3 years ago This happens as the private key does not determine the address and the send logic tries to be private about your change output by sending the change to segwit if the recipient was segwit.
Understandably this scares an observer of the address but that's kind of a feature of avoiding address reuse.
We'll have to discuss what to do about this.
We had a support case, where a customer was very frightened, because after sending only a small part of his funds from a paper wallet with a legacy address (
1....) with mycelium/Cold-Spend, a block-explorer shows a much bigger spend for his address.He had multiple UTXOs on this wallet, and the cold-spend function choose one and spent the requested amount to the target address, but also sent the change output to the p2sh/segwit version (
3...) of the same private key.From the POV of the block-explorer (and the user who was monitoring his paperwallet always with it) it looked like the full UTXO got spent and the new balance of the address was very confusing for the user.
He effectively did not loose any funds, but it took quite a long time of support and explaining what happened and he already expected he made somehow a mistake and lost a hefty amount of coins.
Wouldnt it be more correct for the cold-spend function to always send back the change to the same kind of address which it spends the outputs from? (if its mixed, then you might default to p2sh)
Steps to reproduce:
1...paperwallet with 1BTC on it