Pages:
Author

Topic: [ANN] #takebobbysbitcoin Ballet REAL BITCOIN Wallets (Read 1523 times)

hero member
Activity: 687
Merit: 562
Nobody dies a virgin… Life fucks us all.
This challenge is great news. I personally love the Ballet Wallets and, in addition to storing some of my own stack on them, I use them to give Bitcoin to people (the cheaper ones). I think they should be mentioned more often in the public as "Best Wallets" on the market, but I never see them discussed in articles or on Reddit. I'm pulling for this to help with PR.

Also, the new coin wallet is cool. I am not buying it because it isn't really a collectible, but this is one of the items Ballet has put out that I have seen people mentioning in public. I'm hoping this new product will lead to some BTCC style limited versions in the future. 

Agree! Ballet is next best after making your own keys ✊🏼
sr. member
Activity: 1164
Merit: 268
Byzantine Generals' Problem solved,Prosperity Next
This challenge is great news. I personally love the Ballet Wallets and, in addition to storing some of my own stack on them, I use them to give Bitcoin to people (the cheaper ones). I think they should be mentioned more often in the public as "Best Wallets" on the market, but I never see them discussed in articles or on Reddit. I'm pulling for this to help with PR.

Also, the new coin wallet is cool. I am not buying it because it isn't really a collectible, but this is one of the items Ballet has put out that I have seen people mentioning in public. I'm hoping this new product will lead to some BTCC style limited versions in the future. 
newbie
Activity: 2
Merit: 0
I maybe a long way off or I could be very close, but some guidance would be fantastic.

I have been able to generate a few Intermediate Codes from the information provided for #2

The issue I am having is, do I continue along the same path or am I heading in the opposite direction to where I should be going.

From the BIP38 Passphrase I am able to get the Intermediate Code, from this I can generate a Bitcoin Address, Confirmation Code and Encrypted Private Key (but the Confirmation Code and the Bitcoin Address are not the same as what was given, do I spent days clicking "Generate" or am I doing something wrong and way off base.)

Thank you in advance for any help provided.
sr. member
Activity: 845
Merit: 267
I believe you would need access to an AI infused Quantum computer running 24/7
full member
Activity: 231
Merit: 146
So we all agree that this isn't any puzzle or real challenge, but marketing. It's fun though, and I agree that these Ballet Wallets are a nice way to introduce a BTC paper money solution that's easy for people to use. A third party must be trusted, but I trust Bobby doesn't want to go to jail, and the system generating 2 entropies in different places is a fair enough security measure.

Just for fun, I'll share some calculations (let me know if I missed something):

About the first wallet (the second one is just as difficult as guessing any random wallet and makes no sense to be considered a game challenge at all):
He gives us for free the "-" characters, so we just need to guess 20 characters (uppercase and numbers) so we have 36^20 possible outcomes. In decimal, it is: 13367494538843734067838845976576 (1.34 * 10^31).
The nearest power of 2 is: 2^103 = 10141204801825835211973625643008  ("low" compared to the 2^256 of the second wallet)

Let's compute how many guesses per second we need to crack this wallet for sure in 10 years:
Code:
total_possibilities = 36**20
time_in_years = 10
time_in_seconds = time_in_years * 365 * 24 * 60 * 60
guesses_per_second = total_possibilities / time_in_seconds

print(f'Guesses per second needed: {guesses_per_second}')
Guesses per second needed: 4.2388047117084395e+22

Instead, to crack it on average within 10 years, we just divide by 2: 2.1194023558542198e+22 guesses per second.
I think Bobby can sleep well.



  SO true it is indeed quite impossible to crack. I placed this stamp online in 2017 with an exposed public and private keys!

   The private addy is BIP38 encrypted and the password must be over 100 characters as I just randomly punched the keyboard.

    It was loaded with 0.02BTC and still is...nobody has every swept it!

     
In your case, the entropy from a human randomly punching keys might be easier to crack. I believe some methods could assist in guessing pseudo-random human keyboard punching, although 100 characters are quite a lot, haha. You can sleep well too!
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
To give you some perspective, with current technology, brute forcing a 20-character password with a mix of upper  case letters, numbers, could take an incredibly long time, likely beyond the lifetime of the universe. No luck there at all.  Grin

  SO true it is indeed quite impossible to crack. I placed this stamp online in 2017 with an exposed public and private keys!

   The private addy is BIP38 encrypted and the password must be over 100 characters as I just randomly punched the keyboard.

    It was loaded with 0.02BTC and still is...nobody has every swept it!

     
member
Activity: 503
Merit: 38
To give you some perspective, with current technology, brute forcing a 20-character password with a mix of upper  case letters, numbers, could take an incredibly long time, likely beyond the lifetime of the universe. No luck there at all.  Grin
legendary
Activity: 1456
Merit: 1242
be VERY careful... newbies posting code.... or anyone for that matter.... could be malicious.... i would not use it, but if you do... do it at your own risk.

STILL LIVE AFTER 3+ YEARS!!  Just about $60k as i type this....

Good luck!
member
Activity: 503
Merit: 38
copper member
Activity: 672
Merit: 113
Agree, im a big fan of Ballet, I hand them out loaded to my employees all the time ,  when a newbie holds a loaded ballet wallet during a bull run it creates and instant orange pill lol
sr. member
Activity: 1164
Merit: 268
Byzantine Generals' Problem solved,Prosperity Next
Saying this for the first time. I have always thought Ballet is the best, easiest wallet to use and I give them to beginners because of this. However, I never mention this because of the fud I see anytime Ballet comes up (not here, but on other public places like Reddit, etc.). This hack challenge is a great idea and will give some concrete verification to the security when it comes up in the future.
newbie
Activity: 5
Merit: 0
Code:
 import itertools
import sys
import string
import datetime
import scrypt
import threading
from binascii import unhexlify
from Crypto.Cipher import AES
from simplebitcoinfuncs import normalize_input, b58d, hexstrlify, dechex, privtopub, compress, pubtoaddress, b58e, multiplypriv
from simplebitcoinfuncs.ecmath import N
from simplebitcoinfuncs.hexhashes import hash256


def simple_aes_decrypt(msg, key):
    assert len(msg) == 16
    assert len(key) == 32
    cipher = AES.new(key, AES.MODE_ECB)
    msg = hexstrlify(cipher.decrypt(msg))
    while msg[-2:] == '7b':  # Can't use rstrip for multiple chars
        msg = msg[:-2]
    for i in range((32 - len(msg)) // 2):
        msg = msg + '7b'
    assert len(msg) == 32
    return unhexlify(msg)


def bip38decrypt(password, encpriv, outputlotsequence=False):
    password = normalize_input(password, False, True)
    encpriv = b58d(encpriv)
    assert len(encpriv) == 78
    prefix = encpriv[:4]
    assert prefix == '0142' or prefix == '0143'
    flagbyte = encpriv[4:6]
    if prefix == '0142':
        salt = unhexlify(encpriv[6:14])
        msg1 = unhexlify(encpriv[14:46])
        msg2 = unhexlify(encpriv[46:])
        scrypthash = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 64))
        key = unhexlify(scrypthash[64:])
        msg1 = hexstrlify(simple_aes_decrypt(msg1, key))
        msg2 = hexstrlify(simple_aes_decrypt(msg2, key))
        half1 = int(msg1, 16) ^ int(scrypthash[:32], 16)
        half2 = int(msg2, 16) ^ int(scrypthash[32:64], 16)
        priv = dechex(half1, 16) + dechex(half2, 16)
        if int(priv, 16) == 0 or int(priv, 16) >= N:
            if outputlotsequence:
                return False, False, False
            else:
                return False
        pub = privtopub(priv, False)
        if flagbyte in COMPRESSION_FLAGBYTES:
            privcompress = '01'
            pub = compress(pub)
        else:
            privcompress = ''
        address = pubtoaddress(pub, '00')
        try:
            addrhex = hexstrlify(address)
        except:
            addrhex = hexstrlify(bytearray(address, 'ascii'))
        addresshash = hash256(addrhex)[:8]
        if addresshash == encpriv[6:14]:
            priv = b58e('80' + priv + privcompress)
            if outputlotsequence:
                return priv, False, False
            else:
                return priv
        else:
            if outputlotsequence:
                return False, False, False
            else:
                return False
    else:
        owner_entropy = encpriv[14:30]
        enchalf1half1 = encpriv[30:46]
        enchalf2 = encpriv[46:]
        if flagbyte in LOTSEQUENCE_FLAGBYTES:
            lotsequence = owner_entropy[8:]
            owner_salt = owner_entropy[:8]
        else:
            lotsequence = False
            owner_salt = owner_entropy
        salt = unhexlify(owner_salt)
        prefactor = hexstrlify(scrypt.hash(password, salt, 16384, 8, 8, 32))
        if lotsequence is False:
            passfactor = prefactor
        else:
            passfactor = hash256(prefactor + owner_entropy)
        if int(passfactor, 16) == 0 or int(passfactor, 16) >= N:
            if outputlotsequence:
                return False, False, False
            else:
                return False
        passpoint = privtopub(passfactor, True)
        password = unhexlify(passpoint)
        salt = unhexlify(encpriv[6:14] + owner_entropy)
        encseedb = hexstrlify(scrypt.hash(password, salt, 1024, 1, 1, 64))
        key = unhexlify(encseedb[64:])
        tmp = hexstrlify(simple_aes_decrypt(unhexlify(enchalf2), key))
        enchalf1half2_seedblastthird = int(tmp, 16) ^ int(encseedb[32:64], 16)
        enchalf1half2_seedblastthird = dechex(enchalf1half2_seedblastthird, 16)
        enchalf1half2 = enchalf1half2_seedblastthird[:16]
        enchalf1 = enchalf1half1 + enchalf1half2
        seedb = hexstrlify(simple_aes_decrypt(unhexlify(enchalf1), key))
        seedb = int(seedb, 16) ^ int(encseedb[:32], 16)
        seedb = dechex(seedb, 16) + enchalf1half2_seedblastthird[16:]
        assert len(seedb) == 48  # I want to except for this and be alerted to it
        try:
            factorb = hash256(seedb)
            assert int(factorb, 16) != 0
            assert not int(factorb, 16) >= N
        except:
            if outputlotsequence:
                return False, False, False
            else:
                return False
        priv = multiplypriv(passfactor, factorb)
        pub = privtopub(priv, False)
        if flagbyte in COMPRESSION_FLAGBYTES:
            privcompress = '01'
            pub = compress(pub)
        else:
            privcompress = ''
        address = pubtoaddress(pub, '00')
        try:
            addrhex = hexstrlify(address)
        except:
            addrhex = hexstrlify(bytearray(address, 'ascii'))
        addresshash = hash256(addrhex)[:8]
        if addresshash == encpriv[6:14]:
            priv = b58e('80' + priv + privcompress)
            if outputlotsequence:
                if lotsequence is not False:
                    lotsequence = int(lotsequence, 16)
                    sequence = lotsequence % 4096
                    lot = (lotsequence - sequence) // 4096
                    return priv, lot, sequence
                else:
                    return priv, False, False
            else:
                return priv
        else:
            if outputlotsequence:
                return False, False, False
            else:
                return False


def testPassword(pwd):
    try:
        if bip38decrypt(pwd, encryptedSecret) != False:
            pwdLenth = 22 + len(pwd)
            print("\n\n" + "#" * pwdLenth + "\n## PASSWORD FOUND: {pwd} ##\n".format(pwd=pwd) + "#" * pwdLenth + "\n")
            global flag
            flag = 1
    except:
        pass
    finally:
        td.release()


if __name__ == '__main__':
    COMPRESSION_FLAGBYTES = ['20', '24', '28', '2c', '30', '34', '38', '3c', 'e0', 'e8', 'f0', 'f8']
    LOTSEQUENCE_FLAGBYTES = ['04', '0c', '14', '1c', '24', '2c', '34', '3c']

    encryptedSecret = "6PnQmAyBky9ZXJyZBv9QSGRUXkKh9HfnVsZWPn4YtcwoKy5vufUgfA3Ld7"
       

    threadNum = 32

    pwdCharacters = string.ascii_uppercase + string.digits
    maxCombination = 20 
    maxLength = 23 
    positions = [4, 9, 14, 19]

    td = threading.BoundedSemaphore(int(threadNum))
    threadlist = []

    print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'))

    num = 0
    flag = 0
    for pwd in itertools.product(pwdCharacters, repeat=maxCombination):
        if flag == 1:
            break

        password = "".join(pwd)
        if len(password) <= int(maxLength):
            formatted_pwd = list(password)
            for pos in positions:
                formatted_pwd.insert(pos, '-')
            formatted_pwd = ''.join(formatted_pwd)

            num += 1
            msg = 'Test Password {num} , {password}'.format(num=num, password=formatted_pwd)
            sys.stdout.write('\r' + msg)
            sys.stdout.flush()
            td.acquire()
            t = threading.Thread(target=testPassword, args=(formatted_pwd,))
            t.start()
            threadlist.append(t)
    for x in threadlist:
        x.join()

    print(datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'))


if you're interested in finding the password for challenge #1, I'll leave a simple code here.this code will search for 36^20 combinations sequentially. good luck.
newbie
Activity: 9
Merit: 0
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.

But how do we know that one of the workers doesn't have it? Just because they didn't take it today or tomorrow.... It just confirms that they haven't gone rogue yet.

Nobody really knows. So far so good and let's hope it stays that way. But let's not put too much stock in these marketing gimmicks.

And 2BTC? Seriously? A reward for ants?  

a reward for ants?? hell 1 btc would save my life rn lol :/
legendary
Activity: 2254
Merit: 2419
EIN: 82-3893490
i sent u a email showing you where i tried the other passphrase u told me it was and it also didnt work. and i showed u how i got the intermediate code:)

I saw and that makes sense - however you still not use it to get the key.
newbie
Activity: 9
Merit: 0
i sent u a email showing you where i tried the other passphrase u told me it was and it also didnt work. and i showed u how i got the intermediate code:)
legendary
Activity: 2254
Merit: 2419
EIN: 82-3893490
i have found the confirmation code for the top one just dont know how to derive the bip38 passphrase from it with the privaye key. also i have scanned the qrs u posted and in app it lets me verify the wallet that u shared the passphrase on but it only works with the entropy of it if i try to vrify with whole passphrase it tells me its incorrect. can u follow up pls ty. could reallt use the btc rn have been trying hard as hell to crack both of these :/

based on the screen shot you sent me - you messed up part of the passphrase.

I would like to know how you came across the intermediate code.
newbie
Activity: 9
Merit: 0
i have found the confirmation code for the top one just dont know how to derive the bip38 passphrase from it with the privaye key. also i have scanned the qrs u posted and in app it lets me verify the wallet that u shared the passphrase on but it only works with the entropy of it if i try to vrify with whole passphrase it tells me its incorrect. can u follow up pls ty. could reallt use the btc rn have been trying hard as hell to crack both of these :/
legendary
Activity: 1456
Merit: 1242
Over 4.5 months and still going......
legendary
Activity: 2254
Merit: 2419
EIN: 82-3893490
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.

But how do we know that one of the workers doesn't have it? Just because they didn't take it today or tomorrow.... It just confirms that they haven't gone rogue yet.

Nobody really knows. So far so good and let's hope it stays that way. But let's not put too much stock in these marketing gimmicks.

And 2BTC? Seriously? A reward for ants?  


And for those with that concern there is the pro series  - the real series are really just to get people started and should not be used as a permanent hodl location. I have heard Bobby say something similar.

Also worth noting no one has made a claim that their funds have been taking - this is same risk as a casa or lealana coin or any of the other prefunded or items with the private key already in place. You have to have trust for the maker
full member
Activity: 183
Merit: 111
no one is going to crack the passphrase for the one or the private key for the other - unless one of the workers has access but per Bobby all that data is deleted so that means no one is gonna get it.

But how do we know that one of the workers doesn't have it? Just because they didn't take it today or tomorrow.... It just confirms that they haven't gone rogue yet.

Nobody really knows. So far so good and let's hope it stays that way. But let's not put too much stock in these marketing gimmicks.

And 2BTC? Seriously? A reward for ants?  
Pages:
Jump to: