Skip to content

IPv6 Bitcoin-Certified Addresses

[Recommend my two-volume book for more reading]:

BIT & COIN:  Merging Digitality and Physicality

Mathieu Ducroux of nChain published a paper entitled IPv6 Bitcoin-Certified Addresses.


A pivotal feature of IPv6 is its plug-and-play capability that enables hosts to integrate seamlessly into networks. In the absence of a trusted authority or security infrastructure, the challenge for hosts is generating their own address and verifying ownership of others. Cryptographically Generated Addresses (CGA) solves this problem by binding IPv6 addresses to hosts’ public keys to prove address ownership. CGA generation involves solving a cryptographic puzzle similar to Bitcoin’s Proof-of-Work (PoW) to deter address spoofing. Unfortunately, solving the puzzle often causes undesirable address generation delays, which has hindered the adoption of CGA. In this paper, we present Bitcoin-Certified Addresses (BCA), a new technique to bind IPv6 addresses to hosts’ public keys. BCA reduces the computational cost of generating addresses by using the PoW computed by Bitcoin nodes to secure the binding. Compared to CGA, BCA provides better protection against spoofing attacks and improves the privacy of hosts. Due to the decentralized nature of the Bitcoin network, BCA avoids reliance on a trusted authority, similar to CGA. BCA shows how the PoW computed by Bitcoin nodes can be reused, which saves costs for hosts and makes Bitcoin mining more efficient.

The work is both beautiful and important.

Bitcoin-Certified Addresses (BCA) is superior to Cryptographically Generated Addresses (CGA) by orders of magnitude measured by computational time and costs.

This is not Bitcoin coming to IPv6’s surprise with a self-recommendation of new things to do (although that certainly has its long-term future), but Bitcoin coming to IPv6’s own problem with a solution that is a million times more efficient and cost-effective to an existing problem.

This may become a critical component of the future Internet integrating blockchain and IPv6. The future of IoT will depend on it.

A host can register its public key on the Bitcoin blockchain by generating a Bitcoin transaction. The binding between the blockchain-registered public key and the Bitcoin addresses is secured by the search performed by Bitcoin nodes for a valid block header, rather than the search by the host for a valid modifier in CGA.

This substitution has profound implications. It pitches illegal attackers against the powerful law-obeying Bitcoin nodes, not the individual hosts (users) with CGA.

It is game-changing.

In addition to the direct practical applications, it also elucidates certain POVs in the philosophy of Bitcoin:

(1) It is another excellent example proving that PoW is superior to other consensuses. PoW is already proven superior even when the puzzle-solving work has no utility other than PoW itself. But now, even the work previously considered wasteful has an excellent utility case.

(2) It illustrates, by analogy, the superiority of the SWN of the miners to the mesh network of nonmining users. BCA proves that professionalized PoW SWN, with its open economic competition and transparency, trumps the amateur ‘proof of existence’ hobbyist network. With BCA, the IPv6-based New Internet will have its ultimate protective armor, efficient and powerful enough to defeat even the most organized attackers. It gains superiority not by the sheer power of technology as a commodity (which is neutral), but by economics, which is inherently asymmetric between illegal attackers and law-obeying nodes due to the nature of PoW.

[Recommend my two-volume book for more reading]:

BIT & COIN:  Merging Digitality and Physicality