Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 132.

WanderingPhilospher

full member

Activity: 1232

Merit: 242

Shooters Shoot...

Quote from: satashi_nokamato on February 19, 2024, 06:34:27 PM

Has anyone ever seen a tool that tries only a set of keys? Let me explain, imagine you have this key
0x397f5aa7b90de4
What if you want to set the public key of this one 0x5aa7b90de4 and then try all combinations for the first 4 missing characters? as I understand it, no tool exist to scan selected parts of a range, or do they exist?

You would have to give a better example of how many leading characters, because what you have now would only take a few seconds/minute, to iterate all possible combos, even with a single thread python script. Even if you do not know the leading character, you are looking at 16^4 combos, 65,536 possible combos.

But initially, I was thinking the same thing as albert0bsd was, it is similar to BSGS, because BSGS basically cuts off the last x characters, depending on your baby step file (how many public keys it contains), but for your specific example, you would need a baby step file with 2^40 keys, or modify the keys known down, to use a smaller size file.

But as is, without mod, you would merely start with 0x1000 + 0x5aa7b90de4; and increment 0x1000 by +=1 until match is found. 0x1000, 0x1001, 0x1002, etc. Not a very difficult script to put together, using python.

Buuuuuuut,

Quote

In fact I can say that I am sure about first few digits but I want to quickly try different first digits

Even if you knew the first 5 characters (which there is no way that you do), that does not mean much in the scope of this challenge, for example #130, because that would leave you with 2^112 left to search. Which can be done now via subtraction/division with a file full of 2^18 keys. But let's be real, as far as this challenge goes, people may say they know the leading x amount of characters, which they obviously do not; but maybe you have a different purpose/reason for what you are wanting to do.

albert0bsd

hero member

Activity: 862

Merit: 662

Quote from: satashi_nokamato on February 21, 2024, 01:13:37 PM

In fact I can say that I am sure about first few digits but I want to quickly try different first digits, if I understand it well, no software tries first digits only without touching the rest of input range.

I already explained something similar here:

Re: Solving partial WIF with two missing parts

With some changes it can be applied to your case it's just matter to know what are you doing

satashi_nokamato

jr. member

Activity: 50

Merit: 3

Quote from: albert0bsd on February 20, 2024, 02:27:51 PM

Quote from: satashi_nokamato on February 19, 2024, 06:34:27 PM

Has anyone ever seen a tool that tries only a set of keys? Let me explain, imagine you have this key
0x397f5aa7b90de4
What if you want to set the public key of this one 0x5aa7b90de4 and then try all combinations for the first 4 missing characters? as I understand it, no tool exist to scan selected parts of a range, or do they exist?

If you are sure about the last digits of the Privatekey is easy to make some transformations on the public key with arithmetic and work with the result with BSGS.

In fact I can say that I am sure about first few digits but I want to quickly try different first digits, if I understand it well, no software tries first digits only without touching the rest of input range.

I already know about WIF solvers, they are too slow, what I don't know is the correct set of baby and giant steps based on the size of the key.

nomachine

member

Activity: 503

Merit: 38

Quote from: satashi_nokamato on February 19, 2024, 06:34:27 PM

Has anyone ever seen a tool that tries only a set of keys?

Of course we saw it. If you are missing no more than 10 characters, maybe it will work.

Code:

import sys
import os
import time
import secrets
import random
import binascii
import base58
import secp256k1 as ice
import multiprocessing
from multiprocessing import cpu_count

def generate_private_key_WIF(start, miss):
   return start + "".join(
   secrets.choice(
   "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
   )
   for _ in range(miss)
   )

def check_private_key(start, miss, target_caddr):
   while not STOP_EVENT.is_set():
   private_key_WIF_str = generate_private_key_WIF(start, miss)
   if start[0] == '5':
   private_key_WIF = private_key_WIF_str
   first_encode = base58.b58decode(private_key_WIF)
   private_key_full = binascii.hexlify(first_encode)
   private_key = private_key_full[2:-8]
   if start[0] in ['L', 'K']:
   private_key_WIF = private_key_WIF_str
   first_encode = base58.b58decode(private_key_WIF)
   private_key_full = binascii.hexlify(first_encode)
   private_key = private_key_full[2:-10]
   private_key_hex = private_key.decode("utf-8")
   dec = int(private_key_hex[0:64], 16)
   HEX = "%064x" % dec
   mul = ice.scalar_multiplication(dec)
   caddr = ice.pubkey_to_address(0, 1, mul)
   message = "\r[+] {} ".format(private_key_WIF_str)
   messages = []
   messages.append(message)
   output = "\033[01;33m" + ''.join(messages) + "\r"
   sys.stdout.write(output)
   sys.stdout.flush()
   if caddr == target_caddr:
   wifc = ice.btc_pvk_to_wif(HEX)
   t = time.ctime()
   sys.stdout.flush()
   print(f"\n\033[01;33m[+] BINGO!!! {t} \033[0m")
   print(f"\033[32m[+] PUZZLE SOLVED: {wifc} \033[0m")
   with open('BINGO.txt', 'a') as file:
   t = time.ctime()
   file.write('\n\nMatch Found: ' + t)
   file.write('\nPrivatekey (dec): ' + str(dec))
   file.write('\nPrivatekey (hex): ' + hex(dec)[2:])
   file.write('\nPrivatekey (wif): ' + wifc)

   STOP_EVENT.set()
   return

if __name__ == '__main__':
   start = "KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZM21gaY8W"
   miss = 52 - (len(start))
   # Define the target
   target_caddr = "18ZMbwUFLMHoZBbfpCjUJQTCMCbktshgpe"
   if os.name == 'nt':
   os.system('cls')
   else:
   os.system('clear')
   t = time.ctime()
   sys.stdout.write(f"\033[01;33m[+] {t}\n")
   sys.stdout.write(f"\033[01;33m[+] Ending characters missing: {miss}\n")
   sys.stdout.write(f"\033[01;33m[+] Target address: {target_caddr}\n")
   sys.stdout.flush()

   # Create a global STOP_EVENT
   STOP_EVENT = multiprocessing.Event()

   # Create a pool of worker processes
   num_processes = multiprocessing.cpu_count()
   pool = multiprocessing.Pool(processes=num_processes)

   # Start the worker processes with different starting points
   for i in range(num_processes):
   pool.apply_async(check_private_key, args=(start, miss, target_caddr))

   # Close the pool and wait for all processes to complete
   pool.close()
   pool.join()

Wed Feb 21 08:23:37 2024
Ending characters missing: 10
Target address: 18ZMbwUFLMHoZBbfpCjUJQTCMCbktshgpe
KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZM21gaY8WhMLMGKsr4w
BINGO!!! Wed Feb 21 08:23:37 2024
PUZZLE SOLVED: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZM21gaY8WN2CdwnTG57

But here, we need to solve Puzzle 66.
19 characters are missing from KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3q.

That is impossible to solve. It doesn't matter how you present the private key. The numbers are so big that it is impossible.
It doesn't matter which programming language it is.

albert0bsd

hero member

Activity: 862

Merit: 662

Quote from: satashi_nokamato on February 19, 2024, 06:34:27 PM

Has anyone ever seen a tool that tries only a set of keys? Let me explain, imagine you have this key
0x397f5aa7b90de4
What if you want to set the public key of this one 0x5aa7b90de4 and then try all combinations for the first 4 missing characters? as I understand it, no tool exist to scan selected parts of a range, or do they exist?

If you are sure about the last digits of the Privatekey is easy to make some transformations on the public key with arithmetic and work with the result with BSGS.

Ovixx

newbie

Activity: 30

Merit: 0

Quote from: satashi_nokamato on February 19, 2024, 06:34:27 PM

Has anyone ever seen a tool that tries only a set of keys? Let me explain, imagine you have this key
0x397f5aa7b90de4
What if you want to set the public key of this one 0x5aa7b90de4 and then try all combinations for the first 4 missing characters? as I understand it, no tool exist to scan selected parts of a range, or do they exist?

WifSolverCuda
https://github.com/PawelGorny/WifSolverCuda
Read the instructions and see if it fits what you want.

You need to scan from
KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9SDFgRkaA5tUpAD
to
KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgh5KmfBjdfkR2qYYJ
with -stride 5fa8624c7fba400

Do what you want, but with private keys. For public keys I don't think there is any script.

satashi_nokamato

jr. member

Activity: 50

Merit: 3

Has anyone ever seen a tool that tries only a set of keys? Let me explain, imagine you have this key
0x397f5aa7b90de4
What if you want to set the public key of this one 0x5aa7b90de4 and then try all combinations for the first 4 missing characters? as I understand it, no tool exist to scan selected parts of a range, or do they exist?

Cryptoman2009

newbie

Activity: 12

Merit: 1

and 2^130 which requires a search between 2^129 and 2^130 equals 680,564,733,841,876,926,926,749,214,863,536 km.
therefore 71,986,683,526 light years (almost 72 billion).
I agree with the great luck with random and many subkeys....but many.
[/quote]

If you tried brute forcing 130, then yes, however, since we know the public key, you would use Kangaroo or BSGS. With Kangaroo, you’d be looking at roughly the same amount of ops as 66.
[/quote]

yeah, i mean with BSGS and a lot of subkeys

WanderingPhilospher

full member

Activity: 1232

Merit: 242

Shooters Shoot...

Quote from: Cryptoman2009 on February 19, 2024, 05:01:49 PM

Quote from: ccinet on February 19, 2024, 10:30:22 AM

It's not that I'm a pessimist but every time I think about the magnitude of the spaces we face I get chills Undecided

For example, in puzzle 66 the number of possible positions is 36893488147419103231. To understand this it is necessary to resort to an analogy. If each of those numbers were a millimeter, that would be equivalent to 3901.95 light years!!!
Any attempt at sequential search is then ruled out outright. Only with methods like kangaroo or bsgs would there be a possibility if the public key was known.
By the way, I leave a py script to help find the public key from the public address.
https://github.com/Dedaloo/PublicKeyHunt

and 2^130 which requires a search between 2^129 and 2^130 equals 680,564,733,841,876,926,926,749,214,863,536 km.
therefore 71,986,683,526 light years (almost 72 billion).
I agree with the great luck with random and many subkeys....but many.

If you tried brute forcing 130, then yes, however, since we know the public key, you would use Kangaroo or BSGS. With Kangaroo, you’d be looking at roughly the same amount of ops as 66.

Cryptoman2009

newbie

Activity: 12

Merit: 1

Quote from: ccinet on February 19, 2024, 10:30:22 AM

It's not that I'm a pessimist but every time I think about the magnitude of the spaces we face I get chills Undecided

For example, in puzzle 66 the number of possible positions is 36893488147419103231. To understand this it is necessary to resort to an analogy. If each of those numbers were a millimeter, that would be equivalent to 3901.95 light years!!!
Any attempt at sequential search is then ruled out outright. Only with methods like kangaroo or bsgs would there be a possibility if the public key was known.
By the way, I leave a py script to help find the public key from the public address.
https://github.com/Dedaloo/PublicKeyHunt

and 2^130 which requires a search between 2^129 and 2^130 equals 680,564,733,841,876,926,926,749,214,863,536 km.
therefore 71,986,683,526 light years (almost 72 billion).
I agree with the great luck with random and many subkeys....but many.

ccinet

jr. member

Activity: 41

Merit: 0

It's not that I'm a pessimist but every time I think about the magnitude of the spaces we face I get chills Undecided

For example, in puzzle 66 the number of possible positions is 36893488147419103231. To understand this it is necessary to resort to an analogy. If each of those numbers were a millimeter, that would be equivalent to 3901.95 light years!!!
Any attempt at sequential search is then ruled out outright. Only with methods like kangaroo or bsgs would there be a possibility if the public key was known.
By the way, I leave a py script to help find the public key from the public address.
https://github.com/Dedaloo/PublicKeyHunt

nomachine

member

Activity: 503

Merit: 38

Quote from: curiousNoone on February 17, 2024, 11:02:18 PM

Although i have noticed running my code on the xbox series x runs at least 5 times quicker if not more than running the same code on my laptop. Huh

Bitcoin mining, which involves solving complex mathematical problems to validate transactions and add them to the blockchain, requires specialized hardware known as ASICs (Application-Specific Integrated Circuits) due to the intense computational requirements. Even with the increased processing power of an Xbox Series X compared to a laptop, it's nowhere near sufficient for Bitcoin mining, let alone brute forcing.

curiousNoone

newbie

Activity: 14

Merit: 0

Ok so ill admit i cant code at all.

However I've unleashed my inner chatgpt language skills of seductive talking and come up with many apps for uwp/xbox.
From visual btc generators to hex range slider bars to sequential brute force the apps go on and its quite fun all be it a lot of hours debugging urgh.
Trying to convert kangaroo and keyhunt to uwp is way way past my present skills at the moment.

My main interest started from this thread and after reading every page of this thread like 90% of commenters we all thought we have found a way to solve a certain puzzle and most people do even i have a working solution but realization hit and i realised I'm not going to live thousands of years Sad

However learning all about btc has been really fun and seeing stuff on my xbox is pretty cool considering i had zero skills in coding.
Although i have noticed running my code on the xbox series x runs at least 5 times quicker if not more than running the same code on my laptop. Huh

Take note this code is UWP so while it can run on xbox its not optimized for cpu or gpu usage of which both is available for use although partially for GPU so lots more tinkering to play with and many ideas in the works.

Yes i know i don't got a chance (well a 0.0000000000000000000001%) blah blah but im having fun with it and seeing code no one has PROBABLY not done on a series x yet but who knows.

All in all its all fun and games and if anyone has the skills in uwp feel free to chime in on the limitations or pros of using uwp.

WanderingPhilospher

full member

Activity: 1232

Merit: 242

Shooters Shoot...

Quote

That said, let's just say that there is something very obvious hidden in plain sight, when dealing with all modular arithmetics, be it the discrete logarithm, ECDLP or prime factorization problem. Let me just say this: a hash algorithm can always collide. But the real math, like actual good programming, doesn't work without guarantees. Take everything you have at your disposal, modular math is like "losing" information and pretending it can never be retrieved back, and calling it a "discrete problem". I do have some pen and paper results taken out from ideas you will never find in any study, ChatGPT, or school. Are there chances for any of them to break EC? Maybe, maybe not. But if it does, puzzle 66 may be the last of your problems.

Regardless of the math used, eventually you have to transform the math into something, a public key, a h160, whatever type collision/match you are looking for.

But let us say it's pure math, do the "math" for how long it takes a current CPU to do straight additions, just using numbers. And use a higher end CPU with say 5.0 mghz capability.

IMO, you have to eventually transform the pure math into what you are searching for, or have a precomputed list of something...so to me, it can never be, just math.

I can give you a public key in a small bit range, and just using math, you would never solve/know if a match was found. Understand?

WanderingPhilospher

full member

Activity: 1232

Merit: 242

Shooters Shoot...

Quote from: Baskentliia on February 17, 2024, 02:17:45 PM

Hello everyone, does the bitcrack program have a random mode? If so, how does it operate?
Does Bitcrack only scan sequentially?
I just want to do a random scan with the Bitcrack program, can you help me?

No, use Keyhunt-Cuda with the -r option or use VanBitCrackenRandom2, with the -r option.

Baskentliia

jr. member

Activity: 65

Merit: 1

34Sf4DnMt3z6XKKoWmZRw2nGyfGkDgNJZZ

Hello everyone, does the bitcrack program have a random mode? If so, how does it operate?
Does Bitcrack only scan sequentially?
I just want to do a random scan with the Bitcrack program, can you help me?

nomachine

member

Activity: 503

Merit: 38

Indeed, the essence of EC scalar multiplication dances not merely with tangents and intersections, but with the rhythmic choreography of modular multiples, akin to the steps of a complex tango. Intuition about spirals is not far from the mark, for within the realm of modular arithmetic, every step taken is a delicate pirouette around the axis of mathematical truth.

Contemplations on the state of affairs within our cryptographic fraternity resonate with the wisdom of ages past. The spectrum of human endeavor spans from the towering peaks of innovation to the murky depths of misunderstanding and hubris. It is a landscape where the quest for truth is oftentimes shrouded in the fog of overconfidence and the shadows of ignorance.

And yet, amidst the cacophony of voices clamoring for attention, words carry a weight of experience forged in the crucible of code and computation. Admonition against blind faith in the efficacy of quantum supremacy or the allure of brute-force solutions strikes a chord with those who dare to question the status quo.

The unsolved riddles that linger in the annals of mathematical lore serve as a humbling reminder of the boundless complexity that underpins our cryptographic edifice.

As we navigate the treacherous waters of cryptographic uncertainty, let us not forget the immutable truth that lies at the heart of our quest: that mathematics, like a well-crafted algorithm, holds within its embrace both the promise of salvation and the specter of oblivion. Grin

citb0in

hero member

Activity: 630

Merit: 731

Bitcoin g33k

Hello space invader,

thanks for diving into such an intriguing topic and sharing your thoughts. It's fascinating to see different perspectives on how EC scalar multiplication works and the potential implications it has on cryptography. Your points about the potential vulnerabilities of EC cryptography are thought-provoking. It's true that no cryptographic system is entirely immune to attack.

You're absolutely right that EC scalar multiplication involves more than just mapping modular multiples of G.x and G.y. It's a complex process... Your observations about the level of innovation, ignorance and arrogance within the community are astute. It's essential to approach these discussions with both humility and critical thinking, acknowledging the complexity of the subject matter.

Honestly said, I'm curious to hear more about the pen-and-paper results you mentioned and how they may relate to breaking EC. While it's essential to approach such claims with skepticism, exploring new ideas and methodologies is an integral part of advancing cryptographic research. Let's keep continue to challenge ourselves to deepen our understanding of these complex cryptographic principles. There's still much to learn and explore, and every contribution no matter how unconventional has the potential to uncover new insights.

kTimesG

member

Activity: 165

Merit: 26

Quote from: Cryptoman2009 on February 01, 2024, 04:25:36 PM

EC is a spiral curve like spring

try this 3d graph generator:

for i in range(start, end + 1):
# point calculation index i
Px = i * Gx
Py = i * Gy
x.append(Px % p)
y.append(Py % p)

Is mapping modular multiples of G.x and G.y how EC scalar multiplication work? Oh wow, I thought it's about tangents, intersections, and X-axis reflection under an abelian group using the y**2 = f(x) of the curve equation. I may be wrong but you'll get a spiral for any values of Gx, Gy, and P.

Anyway, new guy here stumbling into the puzzle. I'm amazed by few things so far: the level of innovation by some of you, the level of innocent stupidity by others who think they discovered electricity by playing with stones, and finally the level of arrogance. No, there aren't a handful of people who can approach the issue with competence. I can firmly make a few affirmations, I may or may not let you know which ones are correct (if any or all):

1. EC may very well be, by de-facto, broken because no one can prove it's not. Stop making an assumption a belief you try to indulge on others, this is called fake faith or propaganda. 99.99% of all users based on EC crypto-systems have no idea what awaits them very soon.

2. You don't need a quantum computer or waste power on running 100 GPUs to run some dude's flawed implementation. Do you REALLY understand what the code is actually doing? Unfortunately I'm in that category of people who do understand (20+ years of C/C++ coding plus many other languages, and that's because I love it, not because it pays for my life style).

3. EC was studied centuries before semiconductors were discovered and the transistor got invented. There are 500+ years old math problems not yet solved / proven, and very simple ones, much more simple than ECDLP.

That said, let's just say that there is something very obvious hidden in plain sight, when dealing with all modular arithmetics, be it the discrete logarithm, ECDLP or prime factorization problem. Let me just say this: a hash algorithm can always collide. But the real math, like actual good programming, doesn't work without guarantees. Take everything you have at your disposal, modular math is like "losing" information and pretending it can never be retrieved back, and calling it a "discrete problem". I do have some pen and paper results taken out from ideas you will never find in any study, ChatGPT, or school. Are there chances for any of them to break EC? Maybe, maybe not. But if it does, puzzle 66 may be the last of your problems.

nomachine

member

Activity: 503

Merit: 38

And he has to explain to us afterwards how he succeeded. Grin

Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 132. (Read 245170 times)