I understand how Ethereum addresses are generated. This thread has a great explanation: How are ethereum addresses generated?
However, what this explanation is missing is why a hash is used.
There is a related post with no convincing answer:
Relationship between Ethereum Address and public key
Aside from the point that addresses based on hashes are shorter, a commonly given argument is that the hashing provides additional security in case of a compromisation of the elliptic curve cryptography. In case of Bitcoin, I can sort of see the point of that (as it discourages address reuse), but in Ethereum, addresses are designed to be reused and public keys are revealed with every transaction, so "hiding" them using hashes seems rather pointless.
Even in this post by a Bitcoin Core Developer it is argued that hashing is probably unnecessary.
Disregarding the potentially increased usability of shorter addresses, if one were to design a new blockchain, is there any reason to use addresses based on hashes instead of compressed public keys?
Best Answer
Indeed, ethereum's address reuse renders the "protection against an ecc public key attack" argument null.
For externally owned accounts, using the public key directly would likely not result in any issues, or major security problem.
The only reason I can think of where hashing is helpful is to maintain parity between externally owned accounts and internal accounts (contracts). Contracts are not linked to private keys, and the contract address is instead calculated as a hash based on the creating address and the transaction nonce.
For a naive case, this could be replaced by a hash of a public key and nonce, but contracts can be deployed by other contracts, which would not easily expose a public key.
At this point, it is more of a design choice than a security choice.