is there any identified occasion of assault in follow ?
No. In cryptography, we attempt to cease utilizing constructions/protocols lengthy earlier than they’re lifelike to carry out.
And whereas no 80-bit collision assault is understood to have been carried out, we do have proof of a computation that carried out a a number of of the quantity of labor wanted for one: the totality of Bitcoin’s proof of labor as of Could 1st 2023 is estimated to be over 294 SHA256 hashes. The {hardware} produced and used for Bitcoin mining can’t be used for collision assaults on Bitcoin tackle creation, but it surely does present that quantity of computation is theoretically inside attain of humanity.
Additionally what addresses are legitimate to make use of, if individual what to keep away from 80-bit collision assaults ?
To begin with, this assault is one on the creation of multiparty addresses. For instance, whenever you’re establishing a multisig tackle along with another person, that different occasion could attempt to provide you with a key such that when mixed along with your key yields an tackle that they’ll spend on their very own. It’s not relevant to addresses which solely contain a single occasion for spending. The truth is, for such single-party addresses, 160-bit addresses are overkill even and 128-bit addresses would suffice.
For multi-party addresses, in settings the place the collision assault really applies, P2WSH and P2TR have sufficiently massive (in bits) commitments to the keys/script used to make this assault infeasible.