is there any recognized occasion of assault in follow ?
No. In cryptography, we attempt to cease utilizing constructions/protocols lengthy earlier than they’re real looking to carry out.
And whereas no 80-bit collision assault is thought to have been carried out, we do have proof of a computation that carried out a a number of of the quantity of labor wanted for one: the totality of Bitcoin’s proof of labor as of Might 1st 2023 is estimated to be over 294 SHA256 hashes. The {hardware} produced and used for Bitcoin mining can’t be used for collision assaults on Bitcoin deal with creation, nevertheless it does present that quantity of computation is theoretically inside attain of humanity.
Additionally what addresses are legitimate to make use of, if individual what to keep away from 80-bit collision assaults ?
To start with, this assault is one on the creation of multiparty addresses. For instance, once you’re developing a multisig deal with along with another person, that different celebration could attempt to provide you with a key such that when mixed along with your key yields an deal with that they’ll spend on their very own. It isn’t relevant to addresses which solely contain a single celebration for spending. In reality, for such single-party addresses, 160-bit addresses are overkill even and 128-bit addresses would suffice.
For multi-party addresses, in settings the place the collision assault really applies, P2WSH and P2TR have sufficiently giant (in bits) commitments to the keys/script used to make this assault infeasible.