Bitcoin Forum>Bitcoin>Bitcoin Discussion
Pages:
Author

Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 4. (Read 189853 times)

nomachine
member
Activity: 286
Merit: 15
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 21, 2024, 05:46:40 AM
#5086
Quote from: holy_ship on May 20, 2024, 03:17:15 PM
Quote from: nomachine on May 19, 2024, 03:13:53 AM
It takes a thousand GPUs to make something serious. Everything else is just kidding

Why GPU? BSGS works on CPU.

btw, what's more important RAM or CPU?

I've tried
AMD Ryzen 9 7950X - 4.5GHZ, 16c/32th + 128GB - 4ek on start, reaches 6ek after week
Intel Core i7-11700K 3.6GHZ, 8c/16th + 128GB - only 2ek, no growth
Intel Core i7-11700K 3.6GHZ, 8c/16th + 64GB - around 1ek, no growth

E5-2670v3 2.3 GHz 12c/24th + 256GB - 7ek on start

Why RAM ?

How much storage is required for a hash table for a search space of Puzzle 130?

Each entry in the hash table will contain a key (of 256 bits) and a pointer (of 80 bits) to the corresponding data.
So, each entry requires 256 bits + 80 bits = 336 bits.

Total bits required for hash table = 336 bits per entry * 2^130 entries
Total bits = 336 * 2^130

To convert bits to petabytes:
1 petabyte (PB) = 8 * 10^15 bits

So, total petabytes (PB) = (336 * 2^130) / (8 * 10^15)

Total petabytes (PB) ≈ 42 PB RAM

It is not possible to get such amount of ram in the next 80 years.
kTimesG
jr. member
Activity: 40
Merit: 6
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 21, 2024, 04:28:49 AM
#5085
Quote from: nomachine on May 21, 2024, 02:12:51 AM
Why use Bitcoin and ECDSA imports? They're so slow, it feels like a waste of time.

Instead, utilize ICE (import secp256k1 as ice) for this function and the Bitcoin address line:

def private_key_to_public_key(private_key):
    priv_int = int(private_key, 16)
    return ice.scalar_multiplication(priv_int)

and

bitcoin_address = ice.pubkey_to_address(0, True, public_key)


It's approximately 10 times faster than ECDSA. But even that is miserable if you attack the dinosaur numbers.

The more you delve into Python, the more apparent it becomes that searching for Puzzle 66 through it is pointless.
Is it non-pointless even if writing it in assembler? Some dick size updates: 11 million point additions/s (affine coords). There is a trick that even JLP's VanitySearch is missing which allows for some optimization on batch additions (8.5 Mkeys/s with that one). It's all about the branch processing.

Quote
https://github.com/iceland2k14/secp256k1

On my old Laptop with i7 4810 MQ CPU
With 3500000 continuous keys in 1 group call, we get 3.5 Miilion Key/s Speed with 1 cpu:
This is very misleading. We only get the result key, not 3.500.000, simply because it does 3500000 Jacobian additions and a single final affine conversion. I don't even need to disassemble the DLL to be 100% sure about this, because the fastest known algorithm to do an modular inversion on 256-bit numbers requires 4000 CPU cycles on my i9 13th gen CPU, which means it can never ever do more than around 1 million inversions per second. But Jacobian point additions? 8 million. But those intermediary points are useless since they do not have any invariant characteristic unless you actually reduce the fractions it holds (so, the expensive mod inverse).

Anyway, all this is completely irrelevant for puzzle 66, even if magically we can do an infinite amount of additions / second, it has zero impact on the speed, because all the hashing required is many times slower than any EC operation.
nomachine
member
Activity: 286
Merit: 15
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 21, 2024, 02:12:51 AM
#5084
Quote from: aminsolhi on May 20, 2024, 07:57:42 PM


i have a simple alghoritm with cpu in python , you can test it


Code:

import bitcoin
import ecdsa



def private_key_to_public_key(private_key):
    sk = ecdsa.SigningKey.from_string(bytes.fromhex(private_key), curve=ecdsa.SECP256k1)
    vk = sk.get_verifying_key()
    compressed_public_key = vk.to_string("compressed").hex()
    return compressed_public_key



        bitcoin_address = bitcoin.pubtoaddr(public_key)




Why use Bitcoin and ECDSA imports? They're so slow, it feels like a waste of time.

Instead, utilize ICE (import secp256k1 as ice) for this function and the Bitcoin address line:


def private_key_to_public_key(private_key):
    priv_int = int(private_key, 16)
    return ice.scalar_multiplication(priv_int)

and

bitcoin_address = ice.pubkey_to_address(0, True, public_key)


It's approximately 10 times faster than ECDSA. But even that is miserable if you attack the dinosaur numbers.

The more you delve into Python, the more apparent it becomes that searching for Puzzle 66 through it is pointless.

Perhaps someone knowingly obscures things by selling Python scripts as the ultimate solution.  Grin

aminsolhi
newbie
Activity: 9
Merit: 0
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 20, 2024, 07:57:42 PM
#5083
keyhunt not good

i get a test with key hunt


you can test it.  key hunt speed in my pc is  60 Mk/s


i search for  this addrrss   1E5V4LbVrTbFrfj7VN876DamzkaNiGAvFo
this privatekey is  200000000000f4240

search start of 20000000000000000


this private key is 1,000,000 key of start

in fact keyhunt must be find in 2 sec , but fin at 100 Sec

In the Cuda programming, an algorithm is executed in parallel, and in fact, this search operation in each core performs a similar task in parallel, and the cores do not help each other's process to increase the search speed, but each of them works as an island exactly the same way. They do something else and that's why this program has problems

i have a simple alghoritm with cpu in python , you can test it


Code:
# -*- coding: utf-8 -*-

"""
Created on Thu Mar 14 17:50:54 2024

1000 Bitcoin Puzzle Scanner for 2^66 ~ 2^67

@author: Amin Solhi , Contacts =>  email: [email protected] , +9891111842779
"""
import bitcoin
import ecdsa
import secrets
from timeit import default_timer as timer   
import datetime

global target_address
global output_file
global rng
global private_key
global ks
global start
global random_mode


target_address = "13zb1hQbWVsc2S7ZTZnP2G4undNNpdh5so"
output_file = "data.txt"
rng = 20 # int(input("Enter Random Space Number 1 ~ 100 :"))
private_key="20000000000000000"
ks=0
start = timer()
random_mod = True # True or False

print ("\nBTCGEN Bitcoin Puzzle #66 Scanner \n")
print ("BTC Address : ",target_address)
print ("OutPut File : ",output_file)
print ("Randome Mod : ",f"{str(random_mod)}")
if (random_mod):
    print ("Random Key  : ",f'per {rng}K key')
print ("Device      :  CPU")
print ("Global Start: ",private_key)
print ("Global END  :  40000000000000000")

print('\n')



def remove_zeros(input_string):
    result = ""
    zero = ""
    for char in input_string:
        if char != "0":
            zero = "finish"
        if zero =="finish" :
            result += char
    return result


t=""
t +="0"*47

def h(a):
    #a = a[:1] + '0' + a[1:]   
    if (len(a) < 64):
        #a = a[:1] + '0' + a[1:]
        a = '0' + a[:]
        if (len(a) < 64):
           a = h(a)           
    return a 

def generate_random_priv():
    p=str(secrets.choice(range(2, 4)))
    return (p+secrets.token_hex(8))


def generate_private_key(num_hex):
    num_decimal = int(num_hex, 16)
    num_decimal += 1
    num_hex = h(str(f'{num_decimal:x}'))
    return (num_hex)

def private_key_to_public_key(private_key):
    sk = ecdsa.SigningKey.from_string(bytes.fromhex(private_key), curve=ecdsa.SECP256k1)
    vk = sk.get_verifying_key()
    compressed_public_key = vk.to_string("compressed").hex()
    return compressed_public_key

def onmain():
    #start = timer()
    global private_key
    global rng
    global ks
    global start
    global target_address
    global i
    for _ in range(rng*1000):#while True:
        ks+=1
        private_key = generate_private_key(private_key)#secrets.randbelow(32))  # Generate a random private key
        public_key = private_key_to_public_key(private_key)  # Convert private key to compressed public key       
        #print (private_key)
        #print(i,"--- ",timer()-start,"seconds ---" ,)
        # Generate Bitcoin address from public key
        bitcoin_address = bitcoin.pubtoaddr(public_key)
        if (bitcoin_address == target_address):
            f = open(output_file, "a")
            f.write('\nprivate key int: '
                    + private_key
                    +'\nBitcoin address: '
                    + bitcoin_address+'\n_________\n')
            f.close()
                   
            print(f"\nFound matching Bitcoin address for private key: {private_key}")
            input("")
    print(f"\r[Total : {(ks/1000000)} Mk/{int(timer()-start)}s] [Private key hex: {(remove_zeros(private_key))}]  ", end="")     


def onmain_random():
    #start = timer()
    global private_key
    global rng
    global ks
    global start
    global target_address
    global i
    global random_str
    for _ in range(rng*1000):#while True:
        ks+=1
        private_key = generate_private_key(private_key)#secrets.randbelow(32))  # Generate a random private key
        public_key = private_key_to_public_key(private_key)  # Convert private key to compressed public key       
        #print (private_key)
        #print(i,"--- ",timer()-start,"seconds ---" ,)
        # Generate Bitcoin address from public key
        bitcoin_address = bitcoin.pubtoaddr(public_key)
        if (bitcoin_address == target_address):
            f = open(output_file, "a")
            f.write('\nprivate key int: '
                    + private_key
                    +'\nBitcoin address: '
                    + bitcoin_address+'\n_________\n')
            f.close()
                   
            print(f"\nFound matching Bitcoin address for private key: {private_key}")
            input("")
    print(f"\r[{str(datetime.timedelta(seconds=int(timer()-start)))}] [Total : {(ks/1000000)} Mk] [R: {i}] [Private key hex: {(remove_zeros(private_key))}]  ", end="")     

def main():
    global private_key
    global i
    global random_str
    random_str =""
    i=0
    if (random_mod):
        while True:
            i+=1
            private_key=generate_random_priv()
            onmain_random()
    else:
        while True:
            i+=1
            onmain()
       

if __name__ == "__main__":
    main()
   
Cryptoman2009
newbie
Activity: 12
Merit: 1
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 20, 2024, 05:11:55 PM
#5082
for keyhunt
both, cpu and ram
holy_ship
jr. member
Activity: 111
Merit: 1
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 20, 2024, 03:17:15 PM
#5081
Quote from: nomachine on May 19, 2024, 03:13:53 AM
It takes a thousand GPUs to make something serious. Everything else is just kidding

Why GPU? BSGS works on CPU.

btw, what's more important RAM or CPU?

I've tried
AMD Ryzen 9 7950X - 4.5GHZ, 16c/32th + 128GB - 4ek on start, reaches 6ek after week
Intel Core i7-11700K 3.6GHZ, 8c/16th + 128GB - only 2ek, no growth
Intel Core i7-11700K 3.6GHZ, 8c/16th + 64GB - around 1ek, no growth

E5-2670v3 2.3 GHz 12c/24th + 256GB - 7ek on start
2×E5-2680v4 2.4 GHz 28c/56th + 256GB - 9.5ek on start
nomachine
member
Activity: 286
Merit: 15
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 19, 2024, 03:13:53 AM
#5080
Quote from: maylabel on May 19, 2024, 12:09:05 AM

Quote from: nomachine on May 18, 2024, 04:02:07 AM
That's why I strongly believe #130 will be found next, not #66. Much more room for breakthroughs and exploration there, and while the complexity seems similar it runs WAY, way faster (no hashing nonsense).

btw we need a ton of signatures to break ECDSA, we only have one here. And the nonces are deterministic (checked), so we're screwed.

can you explain more about? I didn't get it, sorry  Huh

Now I need go back to work... see you later

That's not my quote. But regardless, I can say that none of the puzzles will be solved soon. It takes a thousand GPUs to make something serious. Everything else is just kidding or when discussion derails into "who has bigger dick" babble  Grin
maylabel
newbie
Activity: 19
Merit: 0
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 19, 2024, 12:09:05 AM
#5079
Quote from: kTimesG on May 18, 2024, 10:28:03 AM
Quote from: maylabel on May 18, 2024, 05:40:04 AM
Not really, I discarded the first number one because is a testnet, so basically I didnt screw my statistics.

Did you account for the implicit "1"s I mentioned about?
E.g. in decimal if I give you the number "42" but you also know it's a 64-bit value, there are implicit "0"s in front of 42, if your goal is to make some stats on base10 digits of 64-bit values. Because it would not be fair to only count 0s in numbers such as "402", "420", "81505" and so on.

As I said,I didn't have time to take a look in running in decimals yet. It's in my to-do list, and I'm surely will take a look to see if any patterns emerged



Quote from: kTimesG on May 18, 2024, 10:28:03 AM
Same principle for a BTC address. For base58 the implicit symbol is "1" (the first symbol of base58).
This has nothing to do with the "1" which you actually see at the start of an address. And even more, if you have multiple "1"s at the start, all of them are just a convention that says "so many bytes at the start are 0x00", NOT "this so many digits at the front of the base58 representation are 1". So some work is involved here if you truly want to make a histogram on base58 usage (which I don't really understand why you would, it's much more direct and error-free if you just use the binary representation).


I believe you didnt get what I was pointing out:
Cryptography, as any most mathematical techniques, consist in change a one space to another space... we do this all the time, transform x,y,z in polar coordinates, exp and so on...

What I may didn't said is:
Any exchange of spaces has strength and drawbacks, they are the sides of the same coin.
Some pattern can and will emerge when you change spaces.
Initially, i imagined change for an log space, but now I see can have other functions fitting better with what I'm seeing.

But something similar happened when I worked as statistician in developing games for casinos:
We need to work hard to looks "most random as possible". It's way more complicated than you think.

The greatest problem is human perception of randomness is not the same as computer randomness, that's why most lottery game are made by functions like that and I proved decade ago this
(I was just a broke uni student, and I didn't had credit to put money where my mouth it is, unfortunately Grin)

That's why this puzzle really tickles me: I know I can do it, time and money is all I need tho




Quote from: Cryptoman2009 on May 18, 2024, 06:11:00 PM
Stop looking for logic, all the addresses of the puzzle are random.
And using python is 100% a waste of energy.
Don't dream idly.
Search in a small space (for 66 or 130) and hope for luck.

99.99999999999999999% JUST FOR FUN

Of course, money is a great incentive (i never needed so much in my life like now) but is a great way to take the rust of my mathematical skills.
If you think is a waste of time, is your opinion and good luck for you.... is just not mine



Quote from: kTimesG on May 18, 2024, 10:28:03 AM
Quote from: maylabel on May 18, 2024, 05:40:04 AM
Furthermore, I didn't found any explanation why has this preferential for some letter if is a "random math base equation" even if you use other hexadecimals. Is this not defeat the entire propose of been random?

Modulus bias. It is not about the random function, it's about the domain size vs. the modulus (base in this case) which is used. base58 is just done like in any other case: divide a big integer, use remainder, repeat with quotient.

That's a high possibility, but again, when pattern emerges, even if is not a bijective function per say, the areas of search reduce considerabily




Quote from: kTimesG on May 18, 2024, 10:28:03 AM
Quote from: maylabel on May 18, 2024, 05:40:04 AM
Quote from: kTimesG on May 17, 2024, 06:24:39 PM
Maybe run the stats on the base2 160 bits instead?

That's a possibility, but when you have a bias, you have a weakness  Cool
The only bias here is about the bias of base58 representation, not on RIPEMD.

Quote from: maylabel on May 18, 2024, 06:11:48 AM
Quote from: nomachine on May 18, 2024, 04:02:07 AM
We need to develop a multi-threaded algorithm with the following structure:

Thread 1: This thread generates starting keys and stores them in a global array.
Thread 2: This thread retrieves keys from the global array, computes the corresponding points and RIPEMD-160 hashes, and then stores the resulting HASH160 values into another global array.
Threads 3 and 4: These comparator threads read several hundred addresses from a file and compare them with the HASH160 values stored in the global array.
Each thread operates independently without relying on the others, potentially improving overall performance. They will work separately.
Maybe it will be faster this way? I don't know. Grin

But i believe an better strategy:
3 threads - one produce addresses, the other just check the first 4 digits, and other comparing the pool generated by the second one.
Why? Because you save time by just run the first 4 letters.

I was watching a yt about a billion data points challenge and they run the analyzes in less than 3 sec with java! Cool


If someone can do this in rust/c/java, I will give a hug, please, i need it!
Because python....no,no,no... unless you want you house burn down

I did it in C. PrivKey (sequential) to PubKey to RIPEMD and then memcmp with the static constant target RIPEMD (which ofcourse returns false as soon as the first byte is different, come on...). You CAN't do it faster than this, and it can only scale linearly with thread count. But it's quickly obvious that it's unfeasible, I mean it's the only real way to do it without knowing the public key, but it's both a O(n) complexity AND it involves SHA256 + RIPEMD at every step.

I was searching yesterday about Bend and the Multi parallel processing for python, together with some other ideas:
- Instead to search for letters use the decimal code cuz been an integer is faster than base 58, around 30% of the speed
- KAN machine learning (maybe Huh ) still very new so IDK tbh, but is a possibility nevertheless.
- dedicated 2 mini pcs and only the list been for another computer Huh (mine is worse than a potato)
- use old phones to do some part of the search.... is not fast but is something




Quote from: nomachine on May 18, 2024, 04:02:07 AM
That's why I strongly believe #130 will be found next, not #66. Much more room for breakthroughs and exploration there, and while the complexity seems similar it runs WAY, way faster (no hashing nonsense).

btw we need a ton of signatures to break ECDSA, we only have one here. And the nonces are deterministic (checked), so we're screwed.

can you explain more about? I didn't get it, sorry  Huh

Now I need go back to work... see you later
Cryptoman2009
newbie
Activity: 12
Merit: 1
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 06:11:00 PM
#5078
Stop looking for logic, all the addresses of the puzzle are random.
And using python is 100% a waste of energy.
Don't dream idly.
Search in a small space (for 66 or 130) and hope for luck.

99.99999999999999999% JUST FOR FUN
jacky19790729
jr. member
Activity: 63
Merit: 8
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 11:11:38 AM
#5077
Quote from: kTimesG on May 18, 2024, 10:28:03 AM
btw we need a ton of signatures to break ECDSA, we only have one here. And the nonces are deterministic (checked), so we're screwed.

#130
only 1 rsz

r      =  0x9fca00d29192007648f7e4b525f15a00a5180833617a604ec6701833eb26e580
s      =  0x1f5ff38219a72080f77534b735badbcf57f503a33e91935ee7a859387abf5483
z      =  0x8d9ac8a5bc9b7ab8954e985fb9ebfc82e11c009fcccafcfb90934fb01a8c57ce
k     =  2^256
priv = 2^129  ~  2^130

Even with a large number of signatures, it still takes a lot of time...
I run https://github.com/iceland2k14/rsz LLL_nonce_leakage.py  ,  spend time log

CPU:    Intel i9-11900K                ( 2024/05/29 Update )
Code:
 K bit_length               spend time
---------------------------------------------------------------
200  bits                 20    seconds ( success to find private key )     8  rsz  
...
224  bits                207   seconds ( success to find private key )    12  rsz  
...
236  bits               1813   seconds ( success to find private key )    19  rsz  
...
240  bits               5021  seconds ( success to find private key )    23 rsz  
...
244  bits             12747   seconds ( success to find private key )   31  rsz  
245  bits             18146   seconds ( success to find private key )   33  rsz 
246  bits             36348   seconds ( success to find private key )   37  rsz
247  bits                                     
248  bits           142189  seconds ( success to find private key )   45  rsz 
249  bits           251375  seconds ( failed )   52  rsz   , need more rsz
250  bits           572073  seconds ( failed )   64  rsz   , need more rsz
251  bits
252  bits
253  bits
254  bits
255  bits
256  bits

kTimesG
jr. member
Activity: 40
Merit: 6
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 10:28:03 AM
#5076
Quote from: maylabel on May 18, 2024, 05:40:04 AM
Not really, I discarded the first number one because is a testnet, so basically I didnt screw my statistics.

Did you account for the implicit "1"s I mentioned about?
E.g. in decimal if I give you the number "42" but you also know it's a 64-bit value, there are implicit "0"s in front of 42, if your goal is to make some stats on base10 digits of 64-bit values. Because it would not be fair to only count 0s in numbers such as "402", "420", "81505" and so on.

Same principle for a BTC address. For base58 the implicit symbol is "1" (the first symbol of base58).
This has nothing to do with the "1" which you actually see at the start of an address. And even more, if you have multiple "1"s at the start, all of them are just a convention that says "so many bytes at the start are 0x00", NOT "this so many digits at the front of the base58 representation are 1". So some work is involved here if you truly want to make a histogram on base58 usage (which I don't really understand why you would, it's much more direct and error-free if you just use the binary representation).

Quote from: maylabel on May 18, 2024, 05:40:04 AM
Furthermore, I didn't found any explanation why has this preferential for some letter if is a "random math base equation" even if you use other hexadecimals. Is this not defeat the entire propose of been random?

Modulus bias. It is not about the random function, it's about the domain size vs. the modulus (base in this case) which is used. base58 is just done like in any other case: divide a big integer, use remainder, repeat with quotient.

Quote from: maylabel on May 18, 2024, 05:40:04 AM
Quote from: kTimesG on May 17, 2024, 06:24:39 PM
Maybe run the stats on the base2 160 bits instead?

That's a possibility, but when you have a bias, you have a weakness  Cool
The only bias here is about the bias of base58 representation, not on RIPEMD.

Quote from: maylabel on May 18, 2024, 06:11:48 AM
Quote from: nomachine on May 18, 2024, 04:02:07 AM
We need to develop a multi-threaded algorithm with the following structure:

Thread 1: This thread generates starting keys and stores them in a global array.
Thread 2: This thread retrieves keys from the global array, computes the corresponding points and RIPEMD-160 hashes, and then stores the resulting HASH160 values into another global array.
Threads 3 and 4: These comparator threads read several hundred addresses from a file and compare them with the HASH160 values stored in the global array.
Each thread operates independently without relying on the others, potentially improving overall performance. They will work separately.
Maybe it will be faster this way? I don't know. Grin

But i believe an better strategy:
3 threads - one produce addresses, the other just check the first 4 digits, and other comparing the pool generated by the second one.
Why? Because you save time by just run the first 4 letters.

I was watching a yt about a billion data points challenge and they run the analyzes in less than 3 sec with java! Cool


If someone can do this in rust/c/java, I will give a hug, please, i need it!
Because python....no,no,no... unless you want you house burn down

I did it in C. PrivKey (sequential) to PubKey to RIPEMD and then memcmp with the static constant target RIPEMD (which ofcourse returns false as soon as the first byte is different, come on...). You CAN't do it faster than this, and it can only scale linearly with thread count. But it's quickly obvious that it's unfeasible, I mean it's the only real way to do it without knowing the public key, but it's both a O(n) complexity AND it involves SHA256 + RIPEMD at every step. That's why I strongly believe #130 will be found next, not #66. Much more room for breakthroughs and exploration there, and while the complexity seems similar it runs WAY, way faster (no hashing nonsense).

btw we need a ton of signatures to break ECDSA, we only have one here. And the nonces are deterministic (checked), so we're screwed.
maylabel
newbie
Activity: 19
Merit: 0
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 08:08:09 AM
#5075
Quote from: nomachine on May 18, 2024, 07:06:42 AM
Quote from: maylabel on May 18, 2024, 06:11:48 AM
Quote from: nomachine on May 18, 2024, 04:02:07 AM
We need to develop a multi-threaded algorithm with the following structure:

Thread 1: This thread generates starting keys and stores them in a global array.
Thread 2: This thread retrieves keys from the global array, computes the corresponding points and RIPEMD-160 hashes, and then stores the resulting HASH160 values into another global array.
Threads 3 and 4: These comparator threads read several hundred addresses from a file and compare them with the HASH160 values stored in the global array.
Each thread operates independently without relying on the others, potentially improving overall performance. They will work separately.
Maybe it will be faster this way? I don't know. Grin

this is a pool, right? a pool of checking addresses. Undecided


https://tosc.iacr.org/index.php/ToSC/article/view/11282/10814

You can find the Git code for the 43-step differential comparator here:

https://github.com/Peace9911/ripemd160_attack

This is far better than gazing into a crystal ball or magic circle.  Grin

ohhhhh, i looooooooove papers, thanks. I will consume  Cheesy

Did you know also ECDSA has a great attack way not patched?
I didnt have time if is possible for btc but is worth it to read too
https://minerva.crocs.fi.muni.cz/

Anyways, i believe if we combine our minds we can arrive somewhere tho
nomachine
member
Activity: 286
Merit: 15
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 07:06:42 AM
#5074
Quote from: maylabel on May 18, 2024, 06:11:48 AM
Quote from: nomachine on May 18, 2024, 04:02:07 AM
We need to develop a multi-threaded algorithm with the following structure:

Thread 1: This thread generates starting keys and stores them in a global array.
Thread 2: This thread retrieves keys from the global array, computes the corresponding points and RIPEMD-160 hashes, and then stores the resulting HASH160 values into another global array.
Threads 3 and 4: These comparator threads read several hundred addresses from a file and compare them with the HASH160 values stored in the global array.
Each thread operates independently without relying on the others, potentially improving overall performance. They will work separately.
Maybe it will be faster this way? I don't know. Grin

this is a pool, right? a pool of checking addresses. Undecided


https://tosc.iacr.org/index.php/ToSC/article/view/11282/10814

You can find the Git code for the 43-step differential comparator here:

https://github.com/Peace9911/ripemd160_attack

This is far better than gazing into a crystal ball or magic circle.  Grin
maylabel
newbie
Activity: 19
Merit: 0
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 06:11:48 AM
#5073
Quote from: nomachine on May 18, 2024, 04:02:07 AM
We need to develop a multi-threaded algorithm with the following structure:

Thread 1: This thread generates starting keys and stores them in a global array.
Thread 2: This thread retrieves keys from the global array, computes the corresponding points and RIPEMD-160 hashes, and then stores the resulting HASH160 values into another global array.
Threads 3 and 4: These comparator threads read several hundred addresses from a file and compare them with the HASH160 values stored in the global array.
Each thread operates independently without relying on the others, potentially improving overall performance. They will work separately.
Maybe it will be faster this way? I don't know. Grin

this is a pool, right? a pool of checking addresses. Undecided

that's sometime I said wayyyyyy before...

The fact we are probably checking the same addresses is not that low if you are doing by sequence, but also if you do random and you need to shut down your computer, you just lost all your already checked addresses

But i believe an better strategy:
3 threads - one produce addresses, the other just check the first 4 digits, and other comparing the pool generated by the second one.
Why? Because you save time by just run the first 4 letters.

I was watching a yt about a billion data points challenge and they run the analyzes in less than 3 sec with java! Cool


If someone can do this in rust/c/java, I will give a hug, please, i need it!
Because python....no,no,no... unless you want you house burn down
maylabel
newbie
Activity: 19
Merit: 0
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 05:40:04 AM
#5072
Quote from: kTimesG on May 17, 2024, 06:24:39 PM
Quote from: maylabel on May 16, 2024, 09:21:44 PM
So theoretically we have base58 what means we can have 58 letter and number to choose, means the probability of each letter is 1/58, so 1.7241379%
Not really, you started off from a wrong premise.

RIPEMD: 160 bits. 2**160 choices.

2**160 does not divide by 58 so your probability doesn't take into account the bias for the last remainder (only 52 choices out of 58, hence fewer z w x... was this your secret information to keep for yourself lol?), and neither the implicit "1" characters found at the beginning, when the address is shorter than the maximum length (explaining fewer "1"s). Those leading zeros are actually the character "1" in base58. The leading "1" in the address is discardable since it's just a hint that the first byte of the number is 0, which is always true.

Not really, I discarded the first number one because is a testnet, so basically I didnt screw my statistics.
But basically you are wrong because you can run by yourself and see the average of all probabilitiess and nail at 1.7241379% in all decimals, means IT IS 1/58 regardless.
Furthermore, I didn't found any explanation why has this preferential for some letter if is a "random math base equation" even if you use other hexadecimals. Is this not defeat the entire propose of been random?

I mean, run the same statistics for range for 100k between 89f183007d3ce24269a66fb7fe4bc132a0ec877a0b145f6dbb5058f36921cfe3 to 89f1830088a1ec1b926f4b894b4e7b2c6b66dea05bd76434ab5058f36921cfe3 give the same 20 letters above the average of 0000000000000000000000000000000000000000000000020000000000000000 to 000000000000000000000000000000000000000000000003ffffffffffffffff... is very odd to say at least.

IDK but I believe is worth it to try, with more time and effort, and a better computer...
Anaconda is literally make my laptop give me 3 degree burn ngl because of the simulations i need to use a ice pack... that's how F up is my set up
 
Quote from: kTimesG on May 17, 2024, 06:24:39 PM
was this your secret information to keep for yourself lol?

Lol.... if is secret is a secret...just a hint, is not that... Grin
Has way more mathematical ways to explore this problem.
But I need to pay my rent first, otherwise I will sleep on the streets lol  Wink

Quote from: kTimesG on May 17, 2024, 06:24:39 PM
Maybe run the stats on the base2 160 bits instead?

Not bad idea...
I ran per letter/hexadecimal and the results were very, very, very wild

Quote from: kTimesG on May 17, 2024, 06:24:39 PM
base58 strings don't map 1:1 with any bitstring, since there is no power of 2 to divide 58, so their space lengths don't fill each other exactly, e.g. I can give you base58 "addresses" with a length identical to a correct one, but that will require more than 160 bits.

[LE] It's actually worse than this. Because there's 4 bytes of checksum added to the RIPEMD, and THEN it goes into the base58 encoder, we have 2**192 % 58 = 38 as a remainder. So this might explain your findings better. Last symbol is heavily biased, it only covers 2/3 of the possible choices.
That's a possibility, but when you have a bias, you have a weakness  Cool

Quote from: kTimesG on May 17, 2024, 06:24:39 PM
It is a known theorem that if two numbers do not divide each other, then bias occurs when using one of them to produce ranges in the other one. Take for example the hidden issues when (naively) doing something like this:
Code:
int r = random() % 7

A histogram on r will reveal pretty fast that (assuming random() is uniform) you will have a big bias between the range [0, n) and the range [n, 7}, where n = MAX_RAND % 7. Because there's more possibilities to choose from one range than the other one, due to the remainder.

That's something I commented way before: using the idea we are using pseudo-random number + a bias operation, this can, theoretically, reversible... at least for a range

But I need to check montecarlo first.... when I have time  Cheesy

If you have more ideas, I will love to listen
nomachine
member
Activity: 286
Merit: 15
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 18, 2024, 04:02:07 AM
#5071
We need to develop a multi-threaded algorithm with the following structure:

Thread 1: This thread generates starting keys and stores them in a global array.
Thread 2: This thread retrieves keys from the global array, computes the corresponding points and RIPEMD-160 hashes, and then stores the resulting HASH160 values into another global array.
Threads 3 and 4: These comparator threads read several hundred addresses from a file and compare them with the HASH160 values stored in the global array.
Each thread operates independently without relying on the others, potentially improving overall performance. They will work separately.
Maybe it will be faster this way? I don't know. Grin
kTimesG
jr. member
Activity: 40
Merit: 6
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 17, 2024, 06:24:39 PM
#5070
Quote from: maylabel on May 16, 2024, 09:21:44 PM
So theoretically we have base58 what means we can have 58 letter and number to choose, means the probability of each letter is 1/58, so 1.7241379%
Not really, you started off from a wrong premise.

RIPEMD: 160 bits. 2**160 choices.

2**160 does not divide by 58 so your probability doesn't take into account the bias for the last remainder (only 52 choices out of 58, hence fewer z w x... was this your secret information to keep for yourself lol?), and neither the implicit "1" characters found at the beginning, when the address is shorter than the maximum length (explaining fewer "1"s). Those leading zeros are actually the character "1" in base58. The leading "1" in the address is discardable since it's just a hint that the first byte of the number is 0, which is always true.

Maybe run the stats on the base2 160 bits instead? base58 strings don't map 1:1 with any bitstring, since there is no power of 2 to divide 58, so their space lengths don't fill each other exactly, e.g. I can give you base58 "addresses" with a length identical to a correct one, but that will require more than 160 bits.

[LE] It's actually worse than this. Because there's 4 bytes of checksum added to the RIPEMD, and THEN it goes into the base58 encoder, we have 2**192 % 58 = 38 as a remainder. So this might explain your findings better. Last symbol is heavily biased, it only covers 2/3 of the possible choices.

It is a known theorem that if two numbers do not divide each other, then bias occurs when using one of them to produce ranges in the other one. Take for example the hidden issues when (naively) doing something like this:
Code:
int r = random() % 7

A histogram on r will reveal pretty fast that (assuming random() is uniform) you will have a big bias between the range [0, n) and the range [n, 7}, where n = MAX_RAND % 7. Because there's more possibilities to choose from one range than the other one, due to the remainder.
nomachine
member
Activity: 286
Merit: 15
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 17, 2024, 02:10:55 AM
#5069
Quote from: Tepan on May 16, 2024, 08:34:06 PM
all those transactions seem to have the same ways generate password/OP codes, too, so he would need to spend all of them at the same time.

If this is not a BS and is true....
He used used a custom method like: "Type 1 Deterministic Wallet" from here:
https://bitcointalksearch.org/topic/deterministic-wallets-19137
Masked with leading 000...0001 to set difficulty.

Bad news - if is Greg Maxwell creator of this puzzle password is 30 characters long and so complex that it will take you a couple of million years to crack.  Grin
maylabel
newbie
Activity: 19
Merit: 0
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 16, 2024, 09:21:44 PM
#5068
Quote from: Tepan on May 16, 2024, 08:34:06 PM
for your information guys, this puzzle has same pattern like this address doing the transaction.

1VayNert3x1KzbpzMGt2qdqrAThiRovi8

Total Received
25467612.38364991 BTC
$1,666,432,468,144

Total Sent
25467612.13780228 BTC
$1,666,432,452,057

all those transactions seem to have the same password, too, so he would need to spend all of them at the same time.

and back to 04/16/2023, that address was sending some amount to this address bc1quksn4yxlxp80tn929gqnh8xpnngqj0fqr99q4z (not directly), with some scrambled transaction involves many address.

guess who’s said no pattern ?

Quick update from my side  Wink

I have been work with statistics, and beside some hints, I manage to find some  Shocked odd to say at least

I was frustrated to the amount of convoluted in the scripts I needed to do to calculate P and Q and the sheer amount of bad explanations of the calculation of bitcoin without step by step (reminds me Butkov), so I worked backwards.

I did a script to run the statistics of each letter of the address and the probability of some letters to appear inspired in Kryptos.
(My personal theory is: if you add cryptography in top of cryptography several times, you eventually will arrive in a shortcut bypassing all the cryptography before)

So theoretically we have base58 what means we can have 58 letter and number to choose, means the probability of each letter is 1/58, so 1.7241379%

Even if I manage to find this, something quite stood out as a sore thumb:
Some letters  has more statistics appearance than others, in some cases up to 8% comparing to the average, and 13% compare with the other extreme of the tail.
It was significant more than I was looking for tbh

The really caveat is:
The top characters are always the same, like no randomization at all.
Its always the same group of letters.

And if you take a look deeper you will see in vastly majority of addresses are not 34 characters, but way less

a) you take the first number because is not relevant
b) you have a considerably amount of repetition inside of the same address. Like the vast majority has minimum of 1 pair of duplicates
c) the puzzle 66 have in reality only 20 characters if you take off the repetition.
d) this effect happening with most of the addresses

You will may say: Is just run more and the averages will pull to 1.72%, right?
Quite not, even increasing the size of the batches from 10k addresses to 100k the difference was negligible.
Of course I can go up, but my point is why this is so prominent?

Sorry but is color code for you see the relationship (https://imgur.com/a/9hpLpdi)

https://imgur.com/a/9hpLpdi

I tried to run different rules, like hexadecimals with a lot of number 3 or 4, and looks odd for some batches... kind of a fingerprint,maybe Huh

Some letters looks significant more relevant than others...
Could be a dead end, i know, but someone looked this before?
Someone with more experience in riped160 can tell me why this effect happened?

Why we don't have literally any other letter above 1.72% beside as follow

3C7N8ABDH6EM
PJK2F4G59LQ

I have more other specific analyzes for some areas but I rather save to myself tho Huh
I need go back to work, this already took 3 days non stop calculations.
Tepan
jr. member
Activity: 37
Merit: 1
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
May 16, 2024, 08:34:06 PM
#5067
for your information guys, this puzzle has same pattern like this address doing the transaction.

1VayNert3x1KzbpzMGt2qdqrAThiRovi8
proof of
https://www.blockchain.com/explorer/transactions/btc/9969603dca74d14d29d1d5f56b94c7872551607f8c2d6837ab9715c60721b50e
https://www.blockchain.com/explorer/transactions/btc/8c8baf2e0529c0193ad3a583306a16fcc3e9cd271ba625e12bfd74261a46ad7c

Total Received
25467612.38364991 BTC
$1,666,432,468,144

Total Sent
25467612.13780228 BTC
$1,666,432,452,057

all those transactions seem to have the same ways generate password/OP codes, too, so he would need to spend all of them at the same time.

and back to 04/16/2023, that address was sending some amount to this address bc1quksn4yxlxp80tn929gqnh8xpnngqj0fqr99q4z (not directly), with some scrambled transaction involves many address.
Pages:
Bitcoin Forum>Bitcoin>Bitcoin Discussion
Jump to: