-snip-
EDIT: and btw,
this is the sequence:
and this is x = y - 2^n:
EDIT: and btw,
this is the sequence:
and this is x = y - 2^n:
Given the numbers we are dealing with you should probably use a log scale.
Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 289. (Read 208283 times)
Given the numbers we are dealing with you should probably use a log scale.
-snip-
I'm not sure.
I got some infos that are getting me to believe that there is a possible formula behind it.
I give you an example. I'm playing around by creating random formulas, and I get pretty much similar results. Yet they are predictable with a formula.
All I use for inputs are 2 arrays, one with the current position and another with the sequential list of prime numbers.
For example:
Consider n = count, p = prime numbers, and y = sequence based on the formula 2^n + (n mod p) * Log(n+1, 2) <--- Random formula I invented.
y / 2^p + 1 and y-2^p *-1 are similar formulas to what was shown before for the var x in the real sequence, their results also appear to be random...
| n | p | y = 2^n + (n mod p) * Log(n+1, 2) | y / 2^p + 1 | y-2^p *-1 |
| 0 | 2 | 1 | 1.25000000 | 3 |
| 1 | 3 | 3 | 1.37500000 | 5 |
| 2 | 5 | 7 | 1.22406016 | 25 |
| 3 | 7 | 14 | 1.10937500 | 114 |
| 4 | 11 | 25 | 1.01234752 | 2023 |
| 5 | 13 | 45 | 1.00548399 | 8147 |
| 6 | 17 | 81 | 1.00061679 | 130991 |
Yet this sequence is breakable with a simple formula.
EDIT: this formula doesn't make any sense I know, just playing around
Am I the only one noticing that this guy makes a random formula using prime numbers and his first 3 results are exactly the ones as the sequence for this puzzle?
It seems pretty obvious that there is some formula using prime numbers behind this, no? And possibly the formula he posted is not so far from the real one.
Keep up the good work all!
Yea, I was actually surprised by those 3 first results since I was genuinely trying random stuff.
Maybe with some tweaks we can get to the right formula, if there is indeed one
One thing I'm sure if we stop looking we won't know.
31-33 doesn't follow the pattern either. I missed that.
Yes, I see, but it was well observed.
Here is a chart of those values with the ups and downs for x = y / 2^n:
EDIT: and btw,
this is the sequence:
and this is x = y - 2^n:
31-33 doesn't follow the pattern either. I missed that.
Nice colletive work y'all! Gonna try to use matlab to make some intergers experiments.
So starting at 1.482530615 into the next range and doing a butterfly search might be a tiny bit faster.
butterfly search... so the numbers were generated using chaos theory 
Maybe these random-like numbers came from hashing operations? For example: n-th key = truncate(SHA256(f((n-1)-th key))). It will be still hopeless if the process involves a strong passphrase though.
I think this would be a good way to do it. Then the author just needs to remember the seed and algorithm instead of remembering 256 private keys.Although keeping track of 256 private keys is not that hard in the first place.
The algorithm would need to "skip over" any private keys in the generated sequence that had the undesirable result of a 0 in the most significant bit after the masking operation.
EDIT: this formula doesn't make any sense I know, just playing around
Just for fun the average of this:
Code:
1.00000000
1.50000000
1.75000000
1.00000000
1.31250000
1.53125000
1.18750000
1.75000000
1.82421875
1.00390625
1.12792969
1.31005859
1.27343750
1.28710938
1.63983154
1.57196045
1.46214294
1.51572418
1.36388779
1.64664650
1.72783279
1.43408918
1.33485842
1.72003222
1.97801048
1.62538475
1.66818412
1.69600850
1.49275696
1.92441434
1.95800192
1.44051053
1.66181426
1.64530614
1.17072322
1.23364647
1.45885221
1.06935867
1.17770458
1.82563129
1.50000000
1.75000000
1.00000000
1.31250000
1.53125000
1.18750000
1.75000000
1.82421875
1.00390625
1.12792969
1.31005859
1.27343750
1.28710938
1.63983154
1.57196045
1.46214294
1.51572418
1.36388779
1.64664650
1.72783279
1.43408918
1.33485842
1.72003222
1.97801048
1.62538475
1.66818412
1.69600850
1.49275696
1.92441434
1.95800192
1.44051053
1.66181426
1.64530614
1.17072322
1.23364647
1.45885221
1.06935867
1.17770458
1.82563129
Is 1.482530615
So starting at 1.482530615 into the next range and doing a butterfly search might be a tiny bit faster.
Its an easy way to check whether the first bit is always 1 for a given step, which it is. Thus you can limit the search space. For step n you do not need to search for any possible solutions from step n-1
This was known from page 1 of this thread. 
Its an easy way to check whether the first bit is always 1 for a given step, which it is. Thus you can limit the search space. For step n you do not need to search for any possible solutions from step n-1
Maybe these random-like numbers came from hashing operations? For example: n-th key = truncate(SHA256(f((n-1)-th key))). It will be still hopeless if the process involves a strong passphrase though.
-snip-
I'm not sure.
I got some infos that are getting me to believe that there is a possible formula behind it.
I give you an example. I'm playing around by creating random formulas, and I get pretty much similar results. Yet they are predictable with a formula.
All I use for inputs are 2 arrays, one with the current position and another with the sequential list of prime numbers.
For example:
Consider n = count, p = prime numbers, and y = sequence based on the formula 2^n + (n mod p) * Log(n+1, 2) <--- Random formula I invented.
y / 2^p + 1 and y-2^p *-1 are similar formulas to what was shown before for the var x in the real sequence, their results also appear to be random...
| n | p | y = 2^n + (n mod p) * Log(n+1, 2) | y / 2^p + 1 | y-2^p *-1 |
| 0 | 2 | 1 | 1.25000000 | 3 |
| 1 | 3 | 3 | 1.37500000 | 5 |
| 2 | 5 | 7 | 1.22406016 | 25 |
| 3 | 7 | 14 | 1.10937500 | 114 |
| 4 | 11 | 25 | 1.01234752 | 2023 |
| 5 | 13 | 45 | 1.00548399 | 8147 |
| 6 | 17 | 81 | 1.00061679 | 130991 |
Yet this sequence is breakable with a simple formula.
EDIT: this formula doesn't make any sense I know, just playing around
Here are the results for the values we know given those 2 mentioned formulas:
y = 2^n * x
and so x = y / 2^n
AND
y = 2^n + x
and so x = y - 2^n
y = 2^n * x
and so x = y / 2^n
AND
y = 2^n + x
and so x = y - 2^n
| n | Known Results (y) | x = y / 2^n | x = y - 2^n |
| 0 | 1 | 1.00000000 | 0 |
| 1 | 3 | 1.50000000 | 1 |
| 2 | 7 | 1.75000000 | 3 |
| 3 | 8 | 1.00000000 | 0 |
| 4 | 21 | 1.31250000 | 5 |
| 5 | 49 | 1.53125000 | 17 |
| 6 | 76 | 1.18750000 | 12 |
| 7 | 224 | 1.75000000 | 96 |
| 8 | 467 | 1.82421875 | 211 |
| 9 | 514 | 1.00390625 | 2 |
| 10 | 1155 | 1.12792969 | 131 |
| 11 | 2683 | 1.31005859 | 635 |
| 12 | 5216 | 1.27343750 | 1120 |
| 13 | 10544 | 1.28710938 | 2352 |
| 14 | 26867 | 1.63983154 | 10483 |
| 15 | 51510 | 1.57196045 | 18742 |
| 16 | 95823 | 1.46214294 | 30287 |
| 17 | 198669 | 1.51572418 | 67597 |
| 18 | 357535 | 1.36388779 | 95391 |
| 19 | 863317 | 1.64664650 | 339029 |
| 20 | 1811764 | 1.72783279 | 763188 |
| 21 | 3007503 | 1.43408918 | 910351 |
| 22 | 5598802 | 1.33485842 | 1404498 |
| 23 | 14428676 | 1.72003222 | 6040068 |
| 24 | 33185509 | 1.97801048 | 16408293 |
| 25 | 54538862 | 1.62538475 | 20984430 |
| 26 | 111949941 | 1.66818412 | 44841077 |
| 27 | 227634408 | 1.69600850 | 93416680 |
| 28 | 400708894 | 1.49275696 | 132273438 |
| 29 | 1033162084 | 1.92441434 | 496291172 |
| 30 | 2102388551 | 1.95800192 | 1028646727 |
| 31 | 3093472814 | 1.44051053 | 945989166 |
| 32 | 7137437912 | 1.66181426 | 2842470616 |
| 33 | 14133072157 | 1.64530614 | 5543137565 |
| 34 | 20112871792 | 1.17072322 | 2933002608 |
| 35 | 42387769980 | 1.23364647 | 8028031612 |
| 36 | 100251560595 | 1.45885221 | 31532083859 |
| 37 | 146971536592 | 1.06935867 | 9532583120 |
| 38 | 323724968937 | 1.17770458 | 48847061993 |
| 39 | 1003651412950 | 1.82563129 | 453895599062 |
Of course the n-th private key is always in the form 2^n + x; this is the whole point of this puzzle. The problem is there are 2^n possible values for x!
The values 1 and 8, suggest that the formula can be something like this:
2^n * x, where x is = 1 OR 2^n + x, where x is = 0
Value 1 is in the position 0, value 8 is in the position 3.
Position 0 has the value 1, which is 2^0*1 OR 2^0+0
Position 3 has the value 8, which is 2^3*1 OR 2^3+0
It means that the calculation of x for the positions 0 and 3 result in 0 or 1.
2^n * x, where x is = 1 OR 2^n + x, where x is = 0
Value 1 is in the position 0, value 8 is in the position 3.
Position 0 has the value 1, which is 2^0*1 OR 2^0+0
Position 3 has the value 8, which is 2^3*1 OR 2^3+0
It means that the calculation of x for the positions 0 and 3 result in 0 or 1.
Lets see if that's right...
Position 1 has the value of 3, which is 21*1 = 2 OR 21+0 = 2
Hmm. That didn't work.
Position 2 has the value of 7, which is 22*1 = 4 OR 22+0 = 4
Hmm. That didn't work either.
Position 4 has the value of 21, which is 24*1 = 16 OR 24+0 = 16
Hmm. Still no good.
Position 5 has the value of 49, which is 25*1 = 32 OR 25+0 = 32
This isn't looking like it's going to work.
You didn't get the idea. I was also not getting it at first.
Look:
Finding the formula for this "x" can be the holy grail of this puzzle.
About the prime factorization, could be part the solution for finding how this x is calculated.
Unfortunately the function will not predict the 41st key.
No, but (depending on how you define "close") I'll bet I can get you close to the 41st key. Specifically, I'm nearly certain that I can find you a formula that will result in a value that is less than 2n-1 * 0.5 (which I think would be 2n-2) away from the actual private key. So for the 41st key I can get you a value that will be within 239 of the actual key (with a 50% chance that my value is actually within 238 and a 25% chance that my value is within 237).
While I'm being truthful here, those who are aware of the ranges that the random numbers fall between will probably notice the obviousness in my statement.
I am not sure if this would get someone "close" to the 41st private key, although I do not think it matters if you are "close" because AFAIK, for private key n, you receive no benefit for knowing private key n+1, and there is no indication that you are only "+1" away from n.
(BTW, I was able to accurately predict the principle behind my response without even reading anything except this post, although my specific response was only formulated after reading the entire thread......and having most of the formulas go way over my head).
--snip--
One thing I noticed:
The first address in the transaction is tagged on blockchain.info with "1st Bitcoin Address Compressed".
So probably this transaction was done by the Bitcoin devs? or even... satoshi?
That address links to a website that appears to be a Chinese version of directory.io (that has recently been taken offline). One thing I noticed:
The first address in the transaction is tagged on blockchain.info with "1st Bitcoin Address Compressed".
So probably this transaction was done by the Bitcoin devs? or even... satoshi?
Unfortunately the function will not predict the 41st key.
No, but (depending on how you define "close") I'll bet I can get you close to the 41st key. Specifically, I'm nearly certain that I can find you a formula that will result in a value that is less than 2n-1 * 0.5 (which I think would be 2n-2) away from the actual private key. So for the 41st key I can get you a value that will be within 239 of the actual key (with a 50% chance that my value is actually within 238 and a 25% chance that my value is within 237).
While I'm being truthful here, those who are aware of the ranges that the random numbers fall between will probably notice the obviousness in my statement.
Jump to: