Is it the case that Ethereum requires the spender to provide the private key for an address so that it can prove ownership when spending ETH?
If so, is there some mechanism where each spend actually creates a new address with a new private key, and invalidates the old address, to avoid someone else knowing the private key and taking the Ether?
I've googled for a while to look this up, but the search terms I'm using are probably not right, as I don't find any good hits. ("does spending ether expose the private key" and many variants.)
Also, if this is already answered in this very SO, I'd love a link!
Best Answer
The private key isn't ever revealed, ownership is proven through a digital signature that proves that the owner knows the private key without actually revealing it.
Here is an overview:
The digital signature on Bob's transaction, crucially, allows everyone to verify that Bob's private key has "endorsed" the transaction, without him ever needing to reveal the private key itself.