Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 141.

nomachine

member

Activity: 462

Merit: 24

Quote from: alek76 on September 26, 2023, 01:06:00 AM

Quote from: nomachine on September 25, 2023, 08:38:55 AM

Use @alek76 github link....It is exactly the same thing forked from Jean-Luc PONS. (I removed Printing and command line options from my binaries..)

git clone https://github.com/alek76-2/VanitySearch.git

TO make it work add in Random.cpp

#include (should be changed there in source)

You have in README.md how to compile exe in Windows.

p.s.
this is still in the testing phase

It's not the same! You should look carefully at the GPUEngine.cu code. Which functions were prohibited for use, and which were fixed and allowed, and why this was done.
The Y coordinate is calculated, so only the __device__ void ComputeKeys() function is used, and this is due to the prohibition of reuse of _GetHash160Comp() - to increase speed. It is better to calculate the Y coordinate once than to calculate hash160 twice (in which there are 2 functions sha256 + 1 time Ripemd160).
So what will be faster???
You need to look at someone else’s code carefully before drawing such conclusions. Is this the same thing or not?

Binary build using CUDA 10.2 Available for downloads https://github.com/alek76-2/VanitySearch/tree/main/bin

NO testing phase Grin

Well, if you ask why I removed the endomorphism? It is only effective for 256-bit keys, because... k1 and k2 are half the length of 256 bits (this is how they get the speedup). In this case, it is useless for solving the 32 BTC Puzzle.
With endomorphism you will search in space for 128 bits for heating an apartment with a video card Grin

Sorry, but I really didn't look.I don't have a GPU here (ADLINK Ampere Altra 128-core ) so I don't even care about that part (removed all CUDA code in my version). I'm only interested in the CPU how to speed up in a specific environment targeting platform specific compiler ...I have to admit that Open SSL is very good. Cool

alek76

member

Activity: 93

Merit: 16

Quote from: nomachine on September 25, 2023, 08:38:55 AM

Use @alek76 github link....It is exactly the same thing forked from Jean-Luc PONS. (I removed Printing and command line options from my binaries..)

git clone https://github.com/alek76-2/VanitySearch.git

TO make it work add in Random.cpp

#include (should be changed there in source)

You have in README.md how to compile exe in Windows.

p.s.
this is still in the testing phase

It's not the same! You should look carefully at the GPUEngine.cu code. Which functions were prohibited for use, and which were fixed and allowed, and why this was done.
The Y coordinate is calculated, so only the __device__ void ComputeKeys() function is used, and this is due to the prohibition of reuse of _GetHash160Comp() - to increase speed. It is better to calculate the Y coordinate once than to calculate hash160 twice (in which there are 2 functions sha256 + 1 time Ripemd160).
So what will be faster???
You need to look at someone else’s code carefully before drawing such conclusions. Is this the same thing or not?

Binary build using CUDA 10.2 Available for downloads https://github.com/alek76-2/VanitySearch/tree/main/bin

NO testing phase Grin

Well, if you ask why I removed the endomorphism? It is only effective for 256-bit keys, because... k1 and k2 are half the length of 256 bits (this is how they get the speedup). In this case, it is useless for solving the 32 BTC Puzzle.
With endomorphism you will search in space for 128 bits for heating an apartment with a video card Grin

Woz2000

jr. member

Activity: 82

Merit: 2

@albert0bsd

Trying to understand...

Why would endomorphism not work with BSGS if I am searching the entire space?

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

I already know these things, I should provide real examples,
What I have been working on is this :
34771879058060 /897125896 = 38759.1966892236
Of course the integer above is supposedly unknown, but dividing it would make it small, now if I know with which value should I divide n to reach that bolded part, then we could just brute force "38759" keys as the representation of bolded part on curve to be our start range, then brute forcing 38759 keys should 100% give us our target, also note that our k in this example is unknown, so you can't calculate anything based on your knowledge about the key.

mcdouglasx

member

Activity: 239

Merit: 53

New ideas will be criticized and then admired.

Quote from: digaran on September 25, 2023, 02:41:52 PM

Quote from: mcdouglasx on September 25, 2023, 09:50:08 AM

It is difficult to know which division is a fraction or not, because the curve sees them as integers.

Of course it's difficult, that's one reason to love bitcoin and be assured of it's security, I don't deny that. My goal is to find out what is the remainder of a fraction for different values and if there is a way to find that out, like 4501/230 =
19.56956522, and I want to know how to detect .56956522 and extract it's representation on the curve, we have 4500/230 = 19.56521739, I want to know how we could find curve representations of :
.56956522 and
.56521739 difference between them is : .434783
Now if we could find .434783 on the curve we can potentially determine the range to solve 4501.

The representation in the curve in decimals is obtained by dividing N:

N = 115792089237316195423570985008687907852837564279074904382605163141518161494337

1/2= 0.5

N/2= 0.5

1/4= 0.25

N/4= -0.25

then its sequence is

(N/2)+1= 1.5
(N/2)+2= 2.5
(N/2)+1000= 1000.5

Any division of N that is less than N/2 will show its result as negative in ECC.

N/4= -0.25

you transfer it to positive like this:

N-(N/4)

additional info.

if you want to find any pubkey reflection

NM1= 115792089237316195423570985008687907852837564279074904382605163141518161494336
NM1_pub= 0379be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 (or -1)

pk= 5

pub-key= 022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4

N-pk (if you use numbers)

N-pk= 115792089237316195423570985008687907852837564279074904382605163141518161494332
N-pk pub=032f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4

or

(NM1_pub - pub-key) + 1 #(ECC)

_Counselor

member

Activity: 107

Merit: 61

Quote from: digaran on September 25, 2023, 02:41:52 PM

Quote from: mcdouglasx on September 25, 2023, 09:50:08 AM

It is difficult to know which division is a fraction or not, because the curve sees them as integers.

Of course it's difficult, that's one reason to love bitcoin and be assured of it's security, I don't deny that. My goal is to find out what is the remainder of a fraction for different values and if there is a way to find that out, like 4501/230 =
19.56956522, and I want to know how to detect .56956522 and extract it's representation on the curve, we have 4500/230 = 19.56521739, I want to know how we could find curve representations of :
.56956522 and
.56521739 difference between them is : .434783
Now if we could find .434783 on the curve we can potentially determine the range to solve 4501.

Everything is much simpler than it seems if you forget about decimal fractions and work with it as with simple fractions.

4501/230 = 19 ¹³¹/₂₃₀ Fraction part = 131/230 or 131*modinv(230) on curve

4500/230 = 19 ¹³⁰/₂₃₀ = 19 ¹³/₂₃

⁴⁵⁰¹/₂₃₀- ⁴⁵⁰⁰/₂₃₀ = ¹/₂₃₀ => difference on curve = 1*modinv(230)

If you really need to find decimal fraction, just convert it to simple fraction:
0.5 = 5/10 = 1/2 = 1 * modinv(2) (or 5*modinv(10) - doesn't matter).
0.434783 = 434783/1000000 = 434783*modinv(1000000)

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: mcdouglasx on September 25, 2023, 09:50:08 AM

It is difficult to know which division is a fraction or not, because the curve sees them as integers.

Of course it's difficult, that's one reason to love bitcoin and be assured of it's security, I don't deny that. My goal is to find out what is the remainder of a fraction for different values and if there is a way to find that out, like 4501/230 =
19.56956522, and I want to know how to detect .56956522 and extract it's representation on the curve, we have 4500/230 = 19.56521739, I want to know how we could find curve representations of :
.56956522 and
.56521739 difference between them is : .434783
Now if we could find .434783 on the curve we can potentially determine the range to solve 4501.

albert0bsd

hero member

Activity: 862

Merit: 662

Quote from: mcdouglasx on September 25, 2023, 09:50:08 AM

The results with fractions or float (floating point number) are represented on the curve with integers.

Totally agree with you and not only that.

All negative numbers (Result of some subtractions) are still represented by positive values.
All numbers can be fractions or integers. x/(N-1) where N is the Order of the curve
Negative odd values are posive even values.

And the other way around is also valid, The lats point is also some important because we can't know if a subtraction result is negative or posive, odd or even.

IMO After 3 years of learning all that I can, I reached the conclusion that there is not an Arithmetic operation with the public key that can lead in any bit disclosure.

Quote from: tetaeridanus on September 22, 2023, 10:12:24 PM

is this puzzle still unsolved to date?

Not all, just some of them, the challenge still have 956.5 BTC

mcdouglasx

member

Activity: 239

Merit: 53

New ideas will be criticized and then admired.

Quote from: digaran on September 24, 2023, 05:41:38 PM

Quote from: mcdouglasx on September 24, 2023, 12:04:44 PM

It is difficult to specify which result is integer or not because they are all within the same curve, and can be represented by several pk.

1/2= 57896044618658097711785492504343953926418782139537452191302581570759080747169
3/2= 57896044618658097711785492504343953926418782139537452191302581570759080747170

1/2= 0.5
Secp256k1 curve, 1/2=
57896044618658097711785492504343953926418782139537452191302581570759080747169

3/2= 1.5
Secp256k1 curve, 3/2=
57896044618658097711785492504343953926418782139537452191302581570759080747170

When you operate mod n, 1.5 turns into 0.5+1, or half of n +1. This is true for 1 up to n-1. Like 11/2 is just n/2+5.
So what about 51/2? It's n/2+25, how about 701/2? It's n/2+350. How about 1001/2? It's n/2+500.

Now moving forward, 10001/85= 117.65882
1/85= 0.011764706
Subtracting 0.011764706 - 117.65882 = 117.64706, not integer, now we want to know how to find 0.65882 of n, because 1/85 didn't give us 0.65882, it gives us 0.011764706, but subtracting them gave us some clues, the answer is n.64706th+117. We don't want our result to be a fraction, so we need to find the remainder of division mod n.
Now going bigger, 1000001/85= 11764.718, 1000002/85=
11764.729, 1000003/85= 11764.741, 1000004/85=
11764.753.

See what happened?
0.011764706 1/85
0.011764718 1million and one/85, I added 0.0 - .
0.011764729 1million and two/85, added 0.0 - .
0.011764741 1m and three/85
0.011764753 1m and four/85
If you remove 0.0 from above fractions, you get the correct answer.

51/2 = 25 + 57896044618658097711785492504343953926418782139537452191302581570759080747169

701/2 =350 + 57896044618658097711785492504343953926418782139537452191302581570759080747169

1001/2 =500 + 57896044618658097711785492504343953926418782139537452191302581570759080747169

The results with fractions or float (floating point number) are represented on the curve with integers.

example:

1000001/4 =250000.25

on the curve

86844066927987146567678238756515930889628173209306178286953872356138621370753

publickey

02cdf3e53adf60ad168bccaaed5922ff0a8846de887ca1112bf4a36ae114b32f6b

The longer the fractions, the more difficult it is to calculate their representation in integers on the curve.

It is difficult to know which division is a fraction or not, because the curve sees them as integers.

nomachine

member

Activity: 462

Merit: 24

dextronomous

full member

Activity: 431

Merit: 105

nomachine

member

Activity: 462

Merit: 24

Quote from: alek76 on September 22, 2023, 03:50:22 PM

Hello everyone, and especially those who still remember me)
Has anyone used OpenSSL to generate keys?
Probably not..

main.cpp (*Int class require some code changes within the SECP256k1 library to support BIGNUM* directly.)

Code:

#include "SECP256k1.h"
#include "Int.h"
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 

const int numThreads = 4; // You can adjust this number based on your CPU cores

// Function to generate a random private key using BIGNUM
BIGNUM* generateRandomPrivateKey(const BIGNUM* minKey, const BIGNUM* maxKey) {
    BIGNUM* randomPrivateKey = BN_new();
    BN_rand_range(randomPrivateKey, maxKey);

    // Ensure the generated key is within the desired range
    while (BN_cmp(randomPrivateKey, minKey) < 0) {
        BN_rand_range(randomPrivateKey, maxKey);
    }

    return randomPrivateKey;
}

// Function to convert a BIGNUM to Int
Int bignumToBigInt(const BIGNUM* bignum) {
    char* bignumStr = BN_bn2dec(bignum);
    Int bigInt;
    bigInt.SetBase10(bignumStr);
    OPENSSL_free(bignumStr);
    return bigInt;
}

// Function to generate keys and check for a specific address
void generateKeysAndCheckForAddress(BIGNUM* minKey, BIGNUM* maxKey, std::shared_ptr secp256k1, const std::string& targetAddress) {
    while (true) {
        BIGNUM* randomPrivateKey = generateRandomPrivateKey(minKey, maxKey);

        // Convert the BIGNUM private key to an Int
        Int privateKey = bignumToBigInt(randomPrivateKey);

        // Continue with the rest of the address generation and checking logic
        Point publicKey;
        std::string caddr;
        std::string wifc;

        publicKey = secp256k1->ComputePublicKey(&privateKey);
        caddr = secp256k1->GetAddress(0, true, publicKey);
        wifc = secp256k1->GetPrivAddress(true, privateKey);

        // Display the generated address
        std::string message = "\r\033[01;33m[+] " + caddr;
        std::cout << message << "\e[?25l";
        std::cout.flush();

        // Check if the generated address matches the target address
        if (caddr.find(targetAddress) != std::string::npos) {
            time_t currentTime = std::time(nullptr);

            // Format the current time into a human-readable string
            std::tm tmStruct = *std::localtime(¤tTime);
            std::stringstream timeStringStream;
            timeStringStream << std::put_time(&tmStruct, "%Y-%m-%d %H:%M:%S");
            std::string formattedTime = timeStringStream.str();

            std::cout << "\n\033[32m[+] PUZZLE SOLVED: " << formattedTime << "\033[0m" << std::endl;
            std::cout << "\033[32m[+] WIF: " << wifc << "\033[0m" << std::endl;

            // Append the private key information to a file if it matches
            std::ofstream file("KEYFOUNDKEYFOUND.txt", std::ios::app);
            if (file.is_open()) {
                file << "\nPUZZLE SOLVED " << formattedTime;
                file << "\nPublic Address Compressed: " << caddr;
                file << "\nPrivatekey (dec): " << privateKey.GetBase10();
                file << "\nPrivatekey Compressed (wif): " << wifc;
                file << "\n----------------------------------------------------------------------------------------------------------------------------------";
                file.close();
            }

            // Free the BIGNUM and break the loop
            BN_free(randomPrivateKey);
            break;
        }

        // Free the BIGNUM
        BN_free(randomPrivateKey);

        // Convert the max key to an Int
        Int maxInt;
        maxInt.SetBase10(BN_bn2dec(maxKey));

        if (privateKey.IsGreater(&maxInt)) {
            break;
        }
    }
}


int main() {
    // Clear the console
    std::system("clear");

    time_t currentTime = std::time(nullptr);
    std::cout << "\033[01;33m[+] " << std::ctime(¤tTime) << "\r";
    std::cout.flush();

    BIGNUM* minKeyBN = BN_new(); // Initialize minKeyBN
    BIGNUM* maxKeyBN = BN_new(); // Initialize maxKeyBN

    // Configuration for the Puzzle
    // Set minKeyBN and maxKeyBN using the provided base 10 values
    BN_dec2bn(&minKeyBN, "62079069358943824031");
    BN_dec2bn(&maxKeyBN, "67079069358943924031");
    std::string targetAddress = "13zb1hQbWVsc2S7ZTZnP2G4undNNpdh5so";

    // Initialize SECP256k1
    std::shared_ptr secp256k1 = std::make_shared();
    secp256k1->Init();

    // Create threads for key generation and checking
    std::vector threads;

    for (int i = 0; i < numThreads; ++i) {
        threads.emplace_back(generateKeysAndCheckForAddress, minKeyBN, maxKeyBN, secp256k1, targetAddress);
    }

    // Wait for all threads to finish
    for (std::thread& thread : threads) {
        thread.join();
    }

    // Cleanup BIGNUM variables
    BN_free(minKeyBN);
    BN_free(maxKeyBN);

    return 0;
}

Code:

SRC = Base58.cpp IntGroup.cpp main.cpp Random.cpp Timer.cpp \
      Int.cpp IntMod.cpp Point.cpp SECP256K1.cpp \
      hash/ripemd160.cpp hash/sha256.cpp hash/sha512.cpp \
      hash/ripemd160_sse.cpp hash/sha256_sse.cpp Bech32.cpp

OBJDIR = obj

OBJET = $(addprefix $(OBJDIR)/, \
        Base58.o IntGroup.o main.o Random.o Int.o Timer.o \
        IntMod.o Point.o SECP256K1.o \
        hash/ripemd160.o hash/sha256.o hash/sha512.o \
        hash/ripemd160_sse.o hash/sha256_sse.o Bech32.o)

CXX = g++
CXXFLAGS = -m64 -mssse3 -Wno-write-strings -O2 -I.

LFLAGS = -lpthread -lssl -lcrypto

$(OBJDIR)/%.o : %.cpp
	$(CXX) $(CXXFLAGS) -o $@ -c $<



VanitySearch: $(OBJET)
	@echo Making Lottery...
	$(CXX) $(OBJET) $(LFLAGS) -o LOTTO.bin && chmod +x LOTTO.bin

$(OBJET): | $(OBJDIR) $(OBJDIR)/hash

$(OBJDIR):
	mkdir -p $(OBJDIR)

$(OBJDIR)/hash: $(OBJDIR)
	cd $(OBJDIR) &&	mkdir -p hash

clean:
	@echo Cleaning...
	@rm -f obj/*.o
	@rm -f obj/hash/*.o

Yes...

But it is still slow. Even 5M keys/s per core muscles is not enough for such a large range. Undecided

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: mcdouglasx on September 24, 2023, 12:04:44 PM

It is difficult to specify which result is integer or not because they are all within the same curve, and can be represented by several pk.

1/2= 57896044618658097711785492504343953926418782139537452191302581570759080747169
3/2= 57896044618658097711785492504343953926418782139537452191302581570759080747170

1/2= 0.5
Secp256k1 curve, 1/2=
57896044618658097711785492504343953926418782139537452191302581570759080747169

3/2= 1.5
Secp256k1 curve, 3/2=
57896044618658097711785492504343953926418782139537452191302581570759080747170

When you operate mod n, 1.5 turns into 0.5+1, or half of n +1. This is true for 1 up to n-1. Like 11/2 is just n/2+5.
So what about 51/2? It's n/2+25, how about 701/2? It's n/2+350. How about 1001/2? It's n/2+500.

Now moving forward, 10001/85= 117.65882
1/85= 0.011764706
Subtracting 0.011764706 - 117.65882 = 117.64706, not integer, now we want to know how to find 0.65882 of n, because 1/85 didn't give us 0.65882, it gives us 0.011764706, but subtracting them gave us some clues, the answer is n.64706th+117. We don't want our result to be a fraction, so we need to find the remainder of division mod n.
Now going bigger, 1000001/85= 11764.718, 1000002/85=
11764.729, 1000003/85= 11764.741, 1000004/85=
11764.753.

See what happened?
0.011764706 1/85
0.011764718 1million and one/85, I added 0.0 - .
0.011764729 1million and two/85, added 0.0 - .
0.011764741 1m and three/85
0.011764753 1m and four/85
If you remove 0.0 from above fractions, you get the correct answer.

mcdouglasx

member

Activity: 239

Merit: 53

New ideas will be criticized and then admired.

Quote from: digaran on September 23, 2023, 10:39:15 PM

Quote from: alek76 on September 23, 2023, 09:44:29 PM

144M private keys are a drop in the ocean of keys. What's the point of generating public keys from private keys (it takes a long time). You need to add and multiply and divide public keys (XY coordinates). The process can of course be speeded up if you use C++. Not a single Python script has yet found complex solutions to a puzzle.
You have some unique creative designs from Jean Luc Pons, this is the highest level of programming skill and experience. Everything else can only be modified, new algorithms and new functions can be added to the C++ code. Look in the wrong direction... It's better to find the correct divisor for the unknown private key. Correct - this means the remainder of the division is zero!!! This is a good task, then there will be a result.

144 million keys using python script? Yeah it will take a few hours, at least for me.
I'm not sure about the highest programming skills since kangaroo is outdated, and in practice useless for large keys/ranges.
Also there is a script in python which divides a point by a start/end range, it's really useful to find the divisor, I have both scalar version and point version posted on project development board, there is also a version which operates with 2 targets and divides them by the set range, and on top of that there is a subtraction function to sub the results of division, I suggest you play around with scalar version and change the range, also change the last digit of your targets to at least have 10 keys ending with 0 through 9 and then repeat divide ranges with all of them.

Start by subtracting 2^129 from a known k in puzzle 130 range and then use fake #130 as first, and the result of subtraction as second target, start your range from 2, 32 and keep increasing it the next time, 32, 256, then 256, 2048 and so on, try to check the index number, if you see your scalar divided by 48 results in an integer, then that's your divisor. Set multiples of 48 as start, end range and solve the key.

I'm working on a method to determine with 100% accuracy whether a point divided by a number results in an integer or not. Stay tuned.😉

It is difficult to specify which result is integer or not because they are all within the same curve, and can be represented by several pk.

1/2= 57896044618658097711785492504343953926418782139537452191302581570759080747169
3/2= 57896044618658097711785492504343953926418782139537452191302581570759080747170

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: alek76 on September 23, 2023, 09:44:29 PM

144M private keys are a drop in the ocean of keys. What's the point of generating public keys from private keys (it takes a long time). You need to add and multiply and divide public keys (XY coordinates). The process can of course be speeded up if you use C++. Not a single Python script has yet found complex solutions to a puzzle.
You have some unique creative designs from Jean Luc Pons, this is the highest level of programming skill and experience. Everything else can only be modified, new algorithms and new functions can be added to the C++ code. Look in the wrong direction... It's better to find the correct divisor for the unknown private key. Correct - this means the remainder of the division is zero!!! This is a good task, then there will be a result.

144 million keys using python script? Yeah it will take a few hours, at least for me.
I'm not sure about the highest programming skills since kangaroo is outdated, and in practice useless for large keys/ranges.
Also there is a script in python which divides a point by a start/end range, it's really useful to find the divisor, I have both scalar version and point version posted on project development board, there is also a version which operates with 2 targets and divides them by the set range, and on top of that there is a subtraction function to sub the results of division, I suggest you play around with scalar version and change the range, also change the last digit of your targets to at least have 10 keys ending with 0 through 9 and then repeat divide ranges with all of them.

Start by subtracting 2^129 from a known k in puzzle 130 range and then use fake #130 as first, and the result of subtraction as second target, start your range from 2, 32 and keep increasing it the next time, 32, 256, then 256, 2048 and so on, try to check the index number, if you see your scalar divided by 48 results in an integer, then that's your divisor. Set multiples of 48 as start, end range and solve the key.

I'm working on a method to determine with 100% accuracy whether a point divided by a number results in an integer or not. Stay tuned.😉

alek76

member

Activity: 93

Merit: 16

Quote from: Kostelooscoin on September 23, 2023, 02:19:53 PM

this python script generates about 144M private keys with the X and Y keys, which takes a long time to generate, so I'd like to know if it would be possible to speed up the process by keeping the calculation method used in the script, even if it's just a matter of generating the private keys while keeping the calculation method?

144M private keys are a drop in the ocean of keys. What's the point of generating public keys from private keys (it takes a long time). You need to add and multiply and divide public keys (XY coordinates). The process can of course be speeded up if you use C++. Not a single Python script has yet found complex solutions to a puzzle.
You have some unique creative designs from Jean Luc Pons, this is the highest level of programming skill and experience. Everything else can only be modified, new algorithms and new functions can be added to the C++ code. Look in the wrong direction... It's better to find the correct divisor for the unknown private key. Correct - this means the remainder of the division is zero!!! This is a good task, then there will be a result.

Kostelooscoin

member

Activity: 206

Merit: 16

this python script generates about 144M private keys with the X and Y keys, which takes a long time to generate, so I'd like to know if it would be possible to speed up the process by keeping the calculation method used in the script, even if it's just a matter of generating the private keys while keeping the calculation method?

addressgeneration.py

Code:

from ecdsa import SigningKey, SECP256k1
import sha3
from binascii import unhexlify
import hashlib
from base58 import b58encode
import bech32
from cashaddress import convert
import datetime

def PrivateKeyComputation(p1: int, p2: int, p3: int, base: int, n: int):
    order = (2 ** 6) * 3 * 149 * 631 * p1 * p2 * p3
    prod = p1 * p2 * p3
    g = pow(base, prod, order + 1)
    privateSet = [None] * n

    for i in range(n):
        if i == 0:
            privateSet[0] = hex(g)
        else:
            k = (g * int(privateSet[i - 1], 16)) % (order + 1)
            privateSet[i] = hex(k)

    return privateSet

def CosetPrivateKeyComputation(p1: int, p2: int, p3: int, base: int, n: int):
    print("Coset PrivateKey Computation started at", datetime.datetime.now())
    prod = p1 * p2 * p3
    h = (2 ** 6) * 3 * 149 * 631
    order = h * prod
    g = pow(base, prod, order + 1)
    privateSet = [None] * n * 8

    for i in range(n):
        if i == 0:
            privateSet[0] = hex(g)
        else:
            k = (g * int(privateSet[i - 1], 16)) % (order + 1)
            privateSet[i] = hex(k)

    pows = [h, h*p1, h*p2, h*p3, h*p1*p2, h*p1*p3, h*p2*p3]

    for j in range(len(pows)):
        g = pow(base, pows[j], order + 1)
        for i in range(n):
            value = (g * int(privateSet[i], 16)) % (order + 1)
            privateSet[(j+1)*h+i] = hex(value)
    print("Coset PrivateKey Computation finished at", datetime.datetime.now())
    return privateSet

def CosetKeysFile(n: int, privateSet):
    print("Writing on txt file started at", datetime.datetime.now())
    f = open("secp256k1_keys.txt", "r+")
    f.seek(0)
    f.write('\t\tPrivateKey  \t\t\t\t\t\t\t\t\t\t  PublicKey-x \t\t\t\t\t\t\t\t\t\t   PublicKey-y  \n')

    for i in range(8*n):
        k = int(privateSet[i], 16).to_bytes(32, "big")
        k = SigningKey.from_string(k, curve=SECP256k1)
        K = k.get_verifying_key().to_string()

        f.write(str(i) + ')\t' + privateSet[i] + '\t' + K.hex()[0:64] + '\t' + K.hex()[64:128] + '\n')

    f.truncate()
    f.close()
    print("Writing on txt file finished at", datetime.datetime.now())

def UncompressedPublicKeyComputation(x, y):
    publicKey = '04' + str(x) + str(y)
    return publicKey

def CompressedPublicKeyComputation(x, y):
    if int(y, 16) % 2 == 0:
        publicKey = '02' + str(x)
    else:
        publicKey = '03' + str(x)

    return publicKey

def checksum_computation(string: str) -> hex:
    cs = hashlib.sha256(hashlib.sha256(unhexlify(string)).digest()).hexdigest()
    checksum = cs[:8]
    return checksum

def BitcoinClassicAddressComputation(publicKey):
    public_key_bytes = unhexlify(publicKey)

    sha256 = hashlib.sha256()
    sha256.update(public_key_bytes)
    hash_temp = sha256.digest()

    ripemd160 = hashlib.new('Ripemd160')
    ripemd160.update(hash_temp)
    hash2_temp = ripemd160.hexdigest()

    hash3_temp = '00' + hash2_temp

    checksum = checksum_computation(hash3_temp)

    hash_final = hash3_temp + str(checksum)
    hash_final_bytes = unhexlify(hash_final)
    address = b58encode(hash_final_bytes).decode("utf-8")
    return address

KeysFileGeneration.py

Code:

import AddressGeneration

p1 = 107361793816595537
p2 = 174723607534414371449
p3 = 341948486974166000522343609283189
base = 7
h = (2 ** 6) * 3 * 149 * 631


privateSet = AddressGeneration.CosetPrivateKeyComputation(p1, p2, p3, base, h)
PublicSet = AddressGeneration.CosetKeysFile(h, privateSet)

mcdouglasx

member

Activity: 239

Merit: 53

New ideas will be criticized and then admired.

Quote from: digaran on September 22, 2023, 10:31:31 PM

Quote from: tetaeridanus on September 22, 2023, 10:12:24 PM

is this puzzle still unsolved to date?

It's not one puzzle, there are 160 in total, some of them are already solved, #66 is not yet solved. #130 also not solved but these 2 are next in line.

Guys anyone here knows python? Of course you do, I'm stuck for days to make this happening, at first I wanted to have such function inside another script but I failed, so I thought of something else, the following script opens 2 text files, reads the keys in both and subtracts them from each other, that's the logic but whatever I did I couldn't get it to take public keys from each line of the files and do the subtraction with them all, it just reads the last line and returns only 1 result obviously, if you could provide a fix, it'd be great.

Code:

# secp256k1 curve parameters
p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
a = 0
b = 7
Gx = 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8
n = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141

# Point addition and subtraction functions
def point_add(P, Q):
    if P == Q:
        return point_double(P)
    if P is None:
        return Q
    if Q is None:
        return P
    lam = ((Q[1] - P[1]) * pow(Q[0] - P[0], p-2, p)) % p
    x = (lam * lam - P[0] - Q[0]) % p
    y = (lam * (P[0] - x) - P[1]) % p
    return (x, y)

def point_sub(P, Q):
    if Q is None:
        return P
    # instead of using p - Q[1], use -Q[1] % p to correctly compute y coordinate
    Q_neg = (Q[0], (-Q[1]) % p)
    return point_add(P, Q_neg)

# Point doubling function
def point_double(P):
    if P is None:
        return None
    lam = ((3 * P[0] * P[0] + a) * pow(2 * P[1], p-2, p)) % p
    x = (lam * lam - 2 * P[0]) % p
    y = (lam * (P[0] - x) - P[1]) % p
    return (x, y)

def is_valid_point(point):
    # Check that the point is not the point at infinity
    if point is None:
        return False
    
    x, y = point
    # Check that the coordinates are within the allowed range
    if x < 0 or x >= p or y < 0 or y >= p:
        return False
    
    # Check that the point lies on the curve
    return (y*y - x*x*x - a*x - b) % p == 0

def decompress_point(compressed_key):
    if compressed_key.startswith(b'\x02') or compressed_key.startswith(b'\x03'):
        x = int.from_bytes(compressed_key[1:], byteorder='big')
        y_sq = (x * x * x + a*x + b) % p
        y = pow(y_sq, (p+1)//4, p)
        if (y*y) % p == y_sq:
            return (x, y)
        else:
            return None
    else:
        return None

def compress_point(point):
    x, y = point
    prefix = b'\x02' if y % 2 == 0 else b'\x03'
    return prefix + x.to_bytes(32, byteorder='big')

def point_subtraction(compressed_keys):
    P = None
    for compressed_key in compressed_keys:
        Q = decompress_point(compressed_key)
        
        # Check that the point is valid on the curve
        if not is_valid_point(Q):
            return None
        
        if P is None:
            P = Q
        else:
            P = point_sub(P, Q)
        
        # Check that the resulting point is not the point at infinity
        if P is None:
            return None
    
    if is_valid_point(P):
        return compress_point(P)
    else:
        return None

compressed_keys = []
file1 = open('file1.txt', 'r')
for line in file1:
    compressed_keys.append(bytes.fromhex(line.strip()))
file1.close()

file2 = open('file2.txt', 'r')
for line in file2:
    compressed_keys.append(bytes.fromhex(line.strip()))
file2.close()

result = point_subtraction(compressed_keys)

if result:
    file3 = open('result.txt', 'a')
    file3.write(result.hex() + "\n")
    file3.close()
else:
    print("The subtraction result is not a valid point on the curve.")

I know the problem is in line.strip section, just don't know how, btw I asked AI, it started by implementing sha256 for no reason, ended up with giving me some test cases from bitcoin wiki. Go figure!

Note, it's for academic purposes only ( whatever that means anyway ).😉

This code reads line by line from a file.

Code:

file= open("data-base_line_by_line.txt", "r")
lines = file.readlines()
for index, line in enumerate(lines):
    
    target = str(line.strip())
    print(target)

edit:
if you just want to subtract (lines in file1) - (lines in file2) use this:

Code:

import itertools
import secp256k1 as ice



with open('file1.txt', 'r') as f1, open('file2.txt', 'r') as f2:
    

    for line1, line2 in zip(f1, f2):
        
        x=  ice.pub2upub(str(line1.strip()))

        x2= ice.pub2upub(str(line2.strip()))

        res = ice.point_subtraction(x, x2).hex()
        
        result= ice.to_cpub(res)

        file3 = open('result.txt', 'a')
        file3.write(result + "\n")
        file3.close()

alek76

member

Activity: 93

Merit: 16

Quote from: digaran on September 23, 2023, 07:14:27 AM

Quote from: alek76 on September 23, 2023, 04:34:39 AM

Coming soon.

Once upon a time, there existed a WanderingPhilospher who also was a brute force developer, he used to be my mentor, he taught a lot of useful stuff to me. Will you be my new mentor? Lol

Do you have anything useful and fast that could do public key calculations to solve for private key? I have some ideas which I need to test extensively to make sure it could be used to solve DLP, God willing after a successful test run, I might bother you to develop something new!

Not funny at all! I already have a version with random divide of the public key.
I talked to WanderingPhilospher a couple of years ago, I remember well when I remade the starting keys for Kangaroo.
And probably everyone forgot that I was the first to post the GPU code for Kangaroo and this was before the release date of Kangaroo from Jean-Luc Pons.
here is the link: https://bitcointalksearch.org/topic/bitcoin-challenge-transaction-1000-btc-total-bounty-to-solvers-updated-5218972
At that time, I pushed this topic very hard, and soon a version from Jean-Luc Pons appeared. Thank him very much.
As promised, I published the fork code on Github https://github.com/alek76-2/VanitySearch
Enjoy it, and if you find solution 66 with this version, don’t forget about me

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: alek76 on September 23, 2023, 04:34:39 AM

Coming soon.

Once upon a time, there existed a WanderingPhilospher who also was a brute force developer, he used to be my mentor, he taught a lot of useful stuff to me. Will you be my new mentor? Lol

Do you have anything useful and fast that could do public key calculations to solve for private key? I have some ideas which I need to test extensively to make sure it could be used to solve DLP, God willing after a successful test run, I might bother you to develop something new!

Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 141. (Read 215539 times)