Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 146. (Read 245054 times)

import sys, os, time, hashlib, gmpy2, random, multiprocessing
from multiprocessing import Pool, cpu_count
from gmpy2 import mpz
import secp256k1 as ice

if os.name=='nt':os.system('cls')
else:os.system('clear')
t = time.ctime()
sys.stdout.write(f"\033[?25l")
sys.stdout.write(f"\033[01;33m[+] STARTED: {t}\n")
sys.stdout.flush()

MODULO = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
ORDER = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
GX = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
GY = gmpy2.mpz(0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8)

class Point:
    def __init__(self, x=0, y=0):
        self.x = gmpy2.mpz(x)
        self.y = gmpy2.mpz(y)

PG = Point(GX, GY)
ZERO_POINT = Point(0, 0)

def multiply_by_2(P, p=MODULO):
    x_squared = P.x**2 % p
    c = (3 * x_squared * gmpy2.invert((P.y + P.y) % p, p)) % p

    R = Point()
    R.x = (c**2 - 2 * P.x) % p
    R.y = (c * (P.x - R.x) - P.y) % p

    return R

def add_points(P, Q, p=MODULO):
    dx = Q.x - P.x
    dx_inv = gmpy2.invert(dx, p)
    dy_dx_inv = (Q.y - P.y) * dx_inv

    R = Point()
    R.x = (dy_dx_inv**2 - P.x - Q.x) % p
    R.y = (dy_dx_inv * (P.x - R.x) - P.y) % p

    return R

def mod_pow(base, exponent, modulus):
    result = 1
    base = base % modulus

    while exponent > 0:
        if exponent % 2 == 1:
            result = (result * base) % modulus
        exponent = exponent // 2
        base = (base * base) % modulus

    return result

def x_to_y(X, y_parity, p=MODULO):
    X_cubed = (X**3) % p
    X = (X_cubed + 7) % p

    Y = (p + 1) // 4
    tmp = mod_pow(X, Y, p)

    if gmpy2.is_odd(tmp) != y_parity:
        tmp = -tmp % p

    return tmp

def compute_point_table():
    points = [PG]
    for k in range(255):
        points.append(multiply_by_2(points[k]))
    return points

POINTS_TABLE = compute_point_table()
STOP_EVENT = multiprocessing.Event()

def check(P, Pindex, DP_rarity, A, Ak, B, Bk):
    check = gmpy2.f_mod(P.x, DP_rarity)
    if check == 0:
        A.append(mpz(P.x))
        Ak.append(mpz(Pindex))
        message = "\r[+] [Pindex]: {}".format(Pindex)
        messages = []
        messages.append(message)
        output = ''.join(messages) + "\r"
        sys.stdout.write(output)
        sys.stdout.flush()
        return comparator(A, Ak, B, Bk)
    else:
        return False

def comparator(A, Ak, B, Bk):
    global STOP_EVENT
    result = set(A).intersection(set(B))

    if result:
        t = time.ctime()
        total_time = time.time() - starttime
        sol_kt = A.index(next(iter(result)))
        sol_kw = B.index(next(iter(result)))
        HEX = "%064x" % abs(Ak[sol_kt] - Bk[sol_kw])
        dec = int(HEX, 16)
        wifc = ice.btc_pvk_to_wif(HEX)
        wifu = ice.btc_pvk_to_wif(HEX, False)
        caddr = ice.privatekey_to_address(0, True, dec)   
        uaddr = ice.privatekey_to_address(0, False, dec) 
        pid = os.getpid()  # Get the process ID
        core_number = pid % cpu_count()  # Calculate the CPU core number
        sys.stdout.write("\033[?25h")
        sys.stdout.flush()
        print(f"\033[32m[+] PUZZLE SOLVED: {t}, total time: {total_time:.9f} sec, Core: {core_number+1:02} \033[0m")
        print(f"\033[32m[+] WIF: \033[32m {wifc} \033[0m")
        with open("KEYFOUNDKEYFOUND.txt", "a") as file:
            file.write("\n\nSOLVED " + t)
            file.write(f"\nTotal Time: {total_time:.9f} sec")
            file.write("\nPrivate Key (decimal): " + str(dec))
            file.write("\nPrivate Key (hex): " + HEX)
            file.write("\nPrivate key (wif) Compressed : " + wifc)
            file.write("\nPrivate key (wif) Uncompressed: " + wifu)
            file.write("\nBitcoin address Compressed: " + caddr)
            file.write("\nBitcoin address Uncompressed: " + uaddr)
            file.write(
                "\n-------------------------------------------------------------------------------------------------------------------------------------------\n"
            )

        STOP_EVENT.set()  # Set the stop event to signal all processes

ECMULTIPLY_MEMO = {}

def ecmultiply(k, P=PG, p=MODULO):
    if k == 0:
        return ZERO_POINT
    elif k == 1:
        return P
    elif k % 2 == 0:
        if k in ECMULTIPLY_MEMO:
            return ECMULTIPLY_MEMO[k]
        else:
            result = ecmultiply(k // 2, multiply_by_2(P, p), p)
            ECMULTIPLY_MEMO[k] = result
            return result
    else:
        return add_points(P, ecmultiply((k - 1) // 2, multiply_by_2(P, p), p))

def mulk(k, P=PG, p=MODULO):
    if k == 0:
        return ZERO_POINT
    elif k == 1:
        return P
    elif k % 2 == 0:
        return mulk(k // 2, multiply_by_2(P, p), p)
    else:
        return add_points(P, mulk((k - 1) // 2, multiply_by_2(P, p), p))

def generate_powers_of_two(hop_modulo):
    return [mpz(1 << pw) for pw in range(hop_modulo)]

# Configuration for the Puzzle
puzzle = 60
compressed_public_key = "0348e843dc5b1bd246e6309b4924b81543d02b16c8083df973a89ce2c7eb89a10d" 
lower_range_limit = 2 ** (puzzle - 1)
upper_range_limit = (2 ** puzzle) - 1
power = (puzzle // cpu_count()) + 1
Nt = Nw = (2 ** power // puzzle) * puzzle + cpu_count()
DP_rarity = (puzzle * puzzle)
hop_modulo = (puzzle // 2) + cpu_count()

powers_of_two = generate_powers_of_two(hop_modulo)
T, t, dt = [], [], []
W, w, dw = [], [], []

if len(compressed_public_key) == 66:
    X = mpz(compressed_public_key[2:66], 16)
    Y = x_to_y(X, mpz(compressed_public_key[:2]) - 2)
else:
    print("[error] pubkey len(66/130) invalid!")

print(f"[+] [Puzzle]: {puzzle}")
print(f"[+] [Lower range limit]: {lower_range_limit}")
print(f"[+] [Upper range limit]: {upper_range_limit}")

W0 = Point(X, Y)
starttime = oldtime = time.time()
Hops = 0

def search_worker(
    Nt, Nw, puzzle, power, starttime, lower_range_limit, upper_range_limit
):
    global STOP_EVENT
    pid = os.getpid()
    core_number = pid % cpu_count()
    #Random Seed Config
    constant_prefix = b''  # b'' is back to no constant
    prefix_length = len(constant_prefix)
    length = 9
    ending_length = length - prefix_length
    ending_bytes = os.urandom(ending_length)
    random_bytes = constant_prefix + ending_bytes
    print(f"[+] [Core]: {core_number+1:02}, [Random seed]: {random_bytes}")
    random.seed(random_bytes)
    t = [mpz(random.randint(lower_range_limit, upper_range_limit)) for _ in range(Nt)]
    T = [mulk(ti) for ti in t]
    dt = [mpz(0) for _ in range(Nt)]
   
    w = [mpz(random.randint(lower_range_limit, upper_range_limit)) for _ in range(Nw)]
    W = [add_points(W0, mulk(wk)) for wk in w]
    dw = [mpz(0) for _ in range(Nw)]

    Hops, Hops_old = 0, 0
    oldtime = time.time()
    starttime = oldtime

    while True:
        for k in range(Nt):
            Hops += 1
            pw = T[k].x % hop_modulo
            dt[k] = powers_of_two[pw]
            solved = check(T[k], t[k], DP_rarity, T, t, W, w)
            if solved:
                STOP_EVENT.set()
                break
            t[k] = mpz(t[k]) + dt[k]  # Use mpz here
            T[k] = add_points(POINTS_TABLE[pw], T[k])

        for k in range(Nw):
            Hops += 1
            pw = W[k].x % hop_modulo
            dw[k] = powers_of_two[pw]
            solved = check(W[k], w[k], DP_rarity, W, w, T, t)
            if solved:
                STOP_EVENT.set()
                break
            w[k] = mpz(w[k]) + dw[k]  # Use mpz here
            W[k] = add_points(POINTS_TABLE[pw], W[k])

        if STOP_EVENT.is_set():
            break

if __name__ == "__main__":
    process_count = cpu_count()
    print(f"[+] [Using  {process_count} CPU cores for parallel search]:")

    # Create a pool of worker processes
    pool = Pool(process_count)
    results = pool.starmap(
        search_worker,
        [
            (
                Nt,
                Nw,
                puzzle,
                power,
                starttime,
                lower_range_limit,
                upper_range_limit,
            )
        ]
        * process_count,
    )
    pool.close()
    pool.join()

#!/bin/bash

while true; do
    timeout 30 python3 puzzle.py
    sleep 2
    if [ -n "$(find . -maxdepth 1 -type f -name 'KEYFOUNDKEYFOUND.txt' -print -quit)" ]; then
        echo "[+] PUZZLE SOLVED! Stopping the loop."
        break
    fi
done

#! /usr/bin/env python

import random
from ecdsa.ecdsa import int_to_string
from ecdsa.ecdsa import string_to_int
from binascii import hexlify
import hashlib


class CurveFp( object ):
  def __init__( self, p, a, b ):
    self.__p = p
    self.__a = a
    self.__b = b

  def p( self ):
    return self.__p

  def a( self ):
    return self.__a

  def b( self ):
    return self.__b

  def contains_point( self, x, y ):
    return ( y * y - ( x * x * x + self.__a * x + self.__b ) ) % self.__p == 0

class Point( object ):
  def __init__( self, curve, x, y, order = None ):
    self.__curve = curve
    self.__x = x
    self.__y = y
    self.__order = order
    if self.__curve: assert self.__curve.contains_point( x, y )
    if order: assert self * order == INFINITY
 
  def __add__( self, other ):
    if other == INFINITY: return self
    if self == INFINITY: return other
    assert self.__curve == other.__curve
    if self.__x == other.__x:
      if ( self.__y + other.__y ) % self.__curve.p() == 0:
        return INFINITY
      else:
        return self.double()

    p = self.__curve.p()
    l = ( ( other.__y - self.__y ) * \
          inverse_mod( other.__x - self.__x, p ) ) % p
    x3 = ( l * l - self.__x - other.__x ) % p
    y3 = ( l * ( self.__x - x3 ) - self.__y ) % p
    return Point( self.__curve, x3, y3 )

  def __mul__( self, other ):
    def leftmost_bit( x ):
      assert x > 0
      result = 1L
      while result <= x: result = 2 * result
      return result / 2

    e = other
    if self.__order: e = e % self.__order
    if e == 0: return INFINITY
    if self == INFINITY: return INFINITY
    assert e > 0
    e3 = 3 * e
    negative_self = Point( self.__curve, self.__x, -self.__y, self.__order )
    i = leftmost_bit( e3 ) / 2
    result = self
    while i > 1:
      result = result.double()
      if ( e3 & i ) != 0 and ( e & i ) == 0: result = result + self
      if ( e3 & i ) == 0 and ( e & i ) != 0: result = result + negative_self
      i = i / 2
    return result

  def __rmul__( self, other ):
    return self * other

  def __str__( self ):
    if self == INFINITY: return "infinity"
    return "(%d,%d)" % ( self.__x, self.__y )

  def double( self ):
    if self == INFINITY:
      return INFINITY

    p = self.__curve.p()
    a = self.__curve.a()
    l = ( ( 3 * self.__x * self.__x + a ) * \
          inverse_mod( 2 * self.__y, p ) ) % p
    x3 = ( l * l - 2 * self.__x ) % p
    y3 = ( l * ( self.__x - x3 ) - self.__y ) % p
    return Point( self.__curve, x3, y3 )

  def x( self ):
    return self.__x

  def y( self ):
    return self.__y

  def curve( self ):
    return self.__curve
  
  def order( self ):
    return self.__order
    
INFINITY = Point( None, None, None )

def inverse_mod( a, m ):
  if a < 0 or m <= a: a = a % m
  c, d = a, m
  uc, vc, ud, vd = 1, 0, 0, 1
  while c != 0:
    q, c, d = divmod( d, c ) + ( c, )
    uc, vc, ud, vd = ud - q*uc, vd - q*vc, uc, vc
  assert d == 1
  if ud > 0: return ud
  else: return ud + m

# secp256k1
_p  = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2FL
_r  = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141L
_b  = 0x0000000000000000000000000000000000000000000000000000000000000007L
_a  = 0x0000000000000000000000000000000000000000000000000000000000000000L
_Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798L
_Gy = 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8L

class Public_key( object ):
  def __init__( self, generator, point ):
    self.curve = generator.curve()
    self.generator = generator
    self.point = point
    n = generator.order()
    if not n:
      raise RuntimeError, "Generator point must have order."
    if not n * point == INFINITY:
      raise RuntimeError, "Generator point order is bad."
    if point.x() < 0 or n <= point.x() or point.y() < 0 or n <= point.y():
      raise RuntimeError, "Generator point has x or y out of range."

curve_256 = CurveFp( _p, _a, _b )
generator_256 = Point( curve_256, _Gx, _Gy, _r )
g = generator_256

b58_digits = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'

### generate privkey
randrange = random.SystemRandom().randrange
n = g.order()
#n = 115792089237316195423570985008687907852837564279074904382605163141518161494337

ripehash = hashlib.new('ripemd160')	

def b58encode(b):
    
	n = int('0x0' + hexlify(b).decode('utf8'), 16)
	res = []
	while n > 0:
		n, r = divmod (n, 58)
		res.append(b58_digits[r])
	res = ''.join(res[::-1])
	import sys
	czero = b'\x00'
	if sys.version > '3':
		czero = 0
	pad = 0
	for c in b:
		if c == czero: pad += 1
		else: break
	return b58_digits[0] * pad + res

###

#Compress_fl = 0 # UNCompressed
Compress_fl = 1 # Compressed

### Start generate secret
password = "123" # SET PASSWORD -----------------------!!!!!!!!!!!!!!!!!!!!!----------------------- SET PASSWORD
#password = raw_input('Your string here:')
sha1 = hashlib.sha256(password).digest()
temp1 = string_to_int(sha1)
secret_bw = temp1 # brainwallet
### End generate secret

#secret = secret_bw # brainwallet

secret = randrange( 1, 2**256 )

### SET SECRET KEY ###
### SET SECRET KEY ###
### SET SECRET KEY ###
### SET SECRET KEY ###
### SET SECRET KEY ###

#secret = 0xf13b87e9L # PointX len 62

#secret = 0xF7051F27B09112D4

### SET SECRET KEY ###
print '====================================================================================='
print 'Secret Key: '
print hex(secret)
print '====================================================================================='

### generate pubkey
myp = g * secret
### generate address

print "Points: "

px_str = hex(myp.x())[2:-1]
py_str = hex(myp.y())[2:-1]

while len(px_str) < 64:
    #print 'px_str: ', len(px_str)
    px_str = '0' + px_str

while len(py_str) < 64:
    #print 'py_str: ', len(py_str)
    py_str = '0' + py_str

print px_str
print py_str

print '====================================================================================='

# if Compressed address
if myp.y() % 2 == 0:
	y_parity = '\x02'
	pk_y_parity = '02'
	#print "02" + px_str
else: 
	y_parity = '\x03'
	pk_y_parity = '03'
	#print "03" + px_str

# Public Key
if Compress_fl:
    pk = pk_y_parity + px_str
else:
    pk = '04' + px_str + py_str
print 'Public Key: '
print pk
print '====================================================================================='

# !!! NORMALIZE Length !!!
print 'NORMALIZE Length PointX and PointY'
# Point X
px_string = int_to_string(myp.x())

if len(px_string) < 32:
    print 'NORMALIZE Length PointX: ', len(px_string)

while len(px_string) < 32:
    px_string = '\x00' + px_string

print 'Check len PointX: ', len(px_string)

# Point Y
py_string = int_to_string(myp.y())

if len(py_string) < 32:
    print 'NORMALIZE Length PointY: ', len(py_string)

while len(py_string) < 32:
    py_string = '\x00' + py_string

print 'Check len PointY: ', len(py_string)

print '====================================================================================='

if Compress_fl:
    step1_mod = y_parity + px_string  # Compressed
else:
    step1_mod = '\x04' + px_string + py_string # UNCompressed

# End

step2 = hashlib.sha256(step1_mod).digest()

print "Pubkey sha256: "
istep2 = string_to_int(step2)
Psha256 = hex(istep2)[2:-1]
print Psha256
print '====================================================================================='

ripehash.update(step2)
step3 = ripehash.digest()
address160 = hex(string_to_int(step3))[2:-1]
print "Address hash160: "
print address160
step4 = '\x00' + ripehash.digest()
step5 = hashlib.sha256(step4).digest()
step6 = hashlib.sha256(step5).digest()
chksum = step6[:4]
addr = step4 + chksum
address = b58encode(addr) 
#print address
### Convert private key to wallet import format
wif1 = int_to_string(secret)
i = 0;
while  i < (64 - len(hex(secret)[2:-1])) / 2:
	wif1 = '\x00' + wif1
	i = i + 1
		
#wif2 = '\x80' + wif1
# Compressed privkey
if Compress_fl:
    wif2 = '\x80' + wif1 + '\x01' # Compressed privkey
    addr_mode_str = 'Compressed'
else:
    wif2 = '\x80' + wif1 #        # UNCompressed privkey
    addr_mode_str = 'UnCompressed'

wif3 = hashlib.sha256(wif2).digest()
wif4 = hashlib.sha256(wif3).digest()
wif5 = wif4[:4]
wif6 = wif2 + wif5
wif = b58encode(wif6) 
#print wif
### Save address and private key in priv.txt
hexsecret = hex(secret)

file_name = 'p_r_v.txt'

f = open(file_name, 'a')
f.write('\n'.join([addr_mode_str + ' Address: ' + address, 'Address hash160:    ' + address160, 'Secret wif: ' + wif, 'Secret hex: ' + hexsecret, 'PK: ' + pk, \
                   'Px: ' + px_str, 'Py: ' + py_str + '\n\n' ]))
f.close()
print '====================================================================================='
print 'Save ' + addr_mode_str + ' Address: ' + address
print 'Save Address hash160:    ' + address160
print 'Save WIF PrivKey: ' + wif
print 'Save Hex PrivKey: ' + hexsecret
print 'Save Public Key:  ' + pk
print '====================================================================================='
raw_input("... Press Enter")
raise SystemExit

Compressed Address: 18cdpW3P6imyDz6w622nYAGXvSznCM5om9
Address hash160:    53862c90c2a994c7a874bb091f9b8e51fcdaa06c
Secret wif: L3zSyzX1ky3QbEcvC6fHE9eDyuznswoDCsvGvCeiTuH2fkmN3L2G
Secret hex: 0xca0a0ca7838e9dfee4aaa0cfbee29b69a8f67dae595d993a71fdaab4a01287e2L
PK: 029c5b2d21be2b2bbeca4ac1cf1233c591e1127a355cdd564c880e88f98985efe7
Px: 9c5b2d21be2b2bbeca4ac1cf1233c591e1127a355cdd564c880e88f98985efe7
Py: 3c36a84972cbe787b26822596014625fa801981f38c56597d0c03f38f3ee93bc

Compressed Address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN
Address hash160:    3ee4133d991f52fdf6a25c9834e0745ac74248a4
Secret wif: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZ6FxoaD5r1kYegmtbaT
Secret hex: 0xf7051f27b09112d4L
PK: 03100611c54dfef604163b8358f7b7fac13ce478e02cb224ae16d45526b25d9d4d
Px: 100611c54dfef604163b8358f7b7fac13ce478e02cb224ae16d45526b25d9d4d
Py: 5127c2d0b1c4a4d5b4996bbdf37633b86901d0303b61e2f6f0772282ae08ff95

h160 = ice.privatekey_to_h160(1, True, dec).hex()

h160 = ice.privatekey_to_h160(0, True, dec).hex()

def _privatekey_to_h160(addr_type, iscompressed, pvk_int):
    # type = 0 [p2pkh],  1 [p2sh],  2 [bech32]