Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it - page 296. (Read 208416 times)
This drama cannot be created with fiat money. Huge kudos to the person who provided the challenges.
I posted this puzzle transaction in January'15
https://bitcointalksearch.org/topic/--932434
(This tx was not sent by me)
Let me translate from Russian into English the main point in my prevoius post:
First output: take random number from 20 upto 21-1, use it as private key
Second output: take random number from 21 upto 22-1, use it as private key
Third output: take random number from 22 upto 23-1, use it as private key
And so on...
https://bitcointalksearch.org/topic/--932434
(This tx was not sent by me)
Let me translate from Russian into English the main point in my prevoius post:
First output: take random number from 20 upto 21-1, use it as private key
Second output: take random number from 21 upto 22-1, use it as private key
Third output: take random number from 22 upto 23-1, use it as private key
And so on...
The Russians always get it first
-snip-
Code:
"1 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU73sVHnoWn 1BgGZ9tcN4rm9KBzDn7KprQz87SZ26SAMH (1)"
"2 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU74sHUHy8S 1CUNEBjYrCn2y1SdiUMohaKUi4wpP326Lb (3)"
"3 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU76rnZwVdz 19ZewH8Kk1PDbSNdJ97FP4EiCjTRaZMZQA (7)"
"4 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU77MfhviY5 1EhqbyUMvvs7BfL8goY6qcPbD6YKfPqb7e (8)"
"5 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU7Dq8Au4Pv 1E6NuFjCi27W5zoXg8TRdcSRq84zJeBW3k (21)"
"6 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU7Tmu6qHxS 1PitScNLyp2HCygzadCh7FveTnfmpPbfp8 (49)"
"7 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU7hDgvu64y 1McVt1vMtCC7yn5b9wgX1833yCcLXzueeC (76)"
"8 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU8xvGK1zpm 1M92tSqNmQLYw33fuBvjmeadirh1ysMBxK (224)"
"9 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFUB3vfDKcxZ 1CQFwcjw1dwhtkVWBttNLDtqL7ivBonGPV (467)"
"10 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFUBTL67V6dE 1LeBZP5QCwwgXRtmVUvTVrraqPUokyLHqe (514)"
"11 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFUGxXgtm63M 1PgQVLmst3Z314JrQn5TNiys8Hc38TcXJu (1155)"
"12 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFUW5RtS2JN1 1DBaumZxUkM4qMQRt2LVWyFJq5kDtSZQot (2683)"
"13 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFUspniiQZds 1Pie8JkxBT6MGPz9Nvi3fsPkr2D8q3GBc1 (5216)"
"14 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFVfZyiN5iEG 1ErZWg5cFCe4Vw5BzgfzB74VNLaXEiEkhk (10544)"
"15 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFY5iMZbuRxj 1QCbW9HWnwQWiQqVo5exhAnmfqKRrCRsvW (26867)"
"16 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFbjHrFMWzJp 1BDyrQ6WoF8VN3g9SAS1iKZcPzFfnDVieY (51510)"
"17 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFiHkRsp99uC 1HduPEXZRdG26SUT5Yk83mLkPyjnZuJ7Bm (95823)"
"18 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFyWkjT5fywW 1GnNTmTVLZiqQfLbAdp9DVdicEnB5GoERE (198669)"
"19 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rGP2jMrxCfX3 1NWmZRpHH4XSPwsW6dsS3nrNWfL1yrJj4w (357535)"
"20 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rHfuE2Tg4nJW 1HsMJxNiV7TLxmoF6uJNkydxPFDog4NQum (863317)"
"21 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rL6JJvw6XUry 14oFNXucftsHiUMY8uctg6N487riuyXs4h (1811764)"
"22 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rP9Ja2dhtxoh 1CfZWK1QTQE3eS9qn61dQjV89KDjZzfNcv (3007503)"
"23 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rVkthFNsQ6i7 1L2GM8eE7mJWLdo3HZS6su1832NX2txaac (5598802)"
"24 KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rtHyNcFoApRd 1rSnXMr63jdCuegJFuidJqWxUPV7AtUf7 (14428676)"
You got all the work done right there until the #24, nicely done
Assuming my pattern assumption is correct then the underlying sequence was masked off to create the private keys.
Now if the underlying sequence before masking came from a cryptographically secure random number generator there is no hope of predicting the 51st private key and brute force or random chance in 51 bits is the only chance.
However if the underlying sequence was mathematically generated then maybe the keys are predictable.
Now if the underlying sequence before masking came from a cryptographically secure random number generator there is no hope of predicting the 51st private key and brute force or random chance in 51 bits is the only chance.
However if the underlying sequence was mathematically generated then maybe the keys are predictable.
Exactly.
I think the best is if we find a mathematical formula for the sequence (if it really exists).
For example, if you look at the decimal values, they seem to be always close to the double of the previous value, excluding the first few values.
So how were the results on the OP reached? Simply luck?
I'm pretty sure that the results that have been found by the OP so far were found with brute force attempting every value between 1 and 220.
The problem is that finding each subsequent result requires exponentially more attempts than the current result, so as the number of bits increases it becomes much, Much, MUCH more difficult to check the entire search space.
Exactly.
By the way, address 20:
KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rHfuE2Tg4nJW
1HsMJxNiV7TLxmoF6uJNkydxPFDog4NQum
pvk decimal value: 863317
pvk hex value: D2C55
So these are the decimal values we have:
Address 2: 3
Address 3: 7
Address 4: 8
Address 5: 21
Address 6: 49
Address 7: 76
Address 8: 224
Address 9: 467
Address 10: 514
Address 11: 1155
Address 12: 2683
Address 13: 5216
Address 14: 10544
Address 15: 26867
Address 16: 51510
Address 17: 95823
Address 18: 198669
Address 19: 357535
Address 20: 863317
Address 21: ?
-snip-
If that is what's going on here, then there may not be a "formula" or "pattern" that can be used. To get the 51st address, you'd just have to brute force try all addresses associated with private keys between 1125899906842624 and 2251799813685248 (which is only about 1.126 X 1015 addresses).
If that is what's going on here, then there may not be a "formula" or "pattern" that can be used. To get the 51st address, you'd just have to brute force try all addresses associated with private keys between 1125899906842624 and 2251799813685248 (which is only about 1.126 X 1015 addresses).
Yes, that's a lot of brute force right there
Any info on who published this puzzle and what's their goal? Also, how would one go on about calculating those pvk decimal values and covert them to the private keys?
The OP is not offering anything
I don't know why but I'm smelling a big scam. Because a newbie that offer more than 12 000€ to solve a following of numbers this is strange...
The OP is not offering anything
Oh, in that case I'm sorry. I thought it was him who was offering this. So who's offering it ?
no ones offering it, its just there
I posted this puzzle transaction in January'15
https://bitcointalksearch.org/topic/--932434
(This tx was not sent by me)
Let me translate from Russian into English the main point in my prevoius post:
First output: take random number from 20 upto 21-1, use it as private key
Second output: take random number from 21 upto 22-1, use it as private key
Third output: take random number from 22 upto 23-1, use it as private key
And so on...
https://bitcointalksearch.org/topic/--932434
(This tx was not sent by me)
Let me translate from Russian into English the main point in my prevoius post:
First output: take random number from 20 upto 21-1, use it as private key
Second output: take random number from 21 upto 22-1, use it as private key
Third output: take random number from 22 upto 23-1, use it as private key
And so on...
The interesting thing is that addresses #1 - #46 were cleaned out in January 2015. Then nothing for many months. Then on Sep 1 2015 #47, #48, #49 and #50 were almost simultaneously cleaned out.
so does that mean someone has cracked the puzzle? and claimed all (or most) of the 32 BTC?The interesting thing is that addresses #1 - #46 were cleaned out in January 2015. Then nothing for many months. Then on Sep 1 2015 #47, #48, #49 and #50 were almost simultaneously cleaned out.
so does that mean someone has cracked the puzzle? and claimed all (or most) of the 32 BTC? 
The interesting thing is that addresses #1 - #46 were cleaned out in January 2015. Then nothing for many months. Then on Sep 1 2015 #47, #48, #49 and #50 were almost simultaneously cleaned out.
Now I understand, thank you for your informative posts DannyHamilton, I think most of my doubts are no more. I guess this "puzzle" was meant to be unbroken after a certain point 
At least we can now see that there are better ways to work for those 32 BTC instead of attempting to break this
At least we can now see that there are better ways to work for those 32 BTC instead of attempting to break this
Ouch what a challenge and what a great reward but the question is will be anyone able to get the answer at this point,looks that is almost impossible to know ,but well a way to estimulate genius or bring the knowhow into bitcoin world,with a good challenge.
So how were the results on the OP reached? Simply luck?
I'm pretty sure that the results that have been found by the OP so far were found with brute force attempting every value between 1 and 220.
The problem is that finding each subsequent result requires exponentially more attempts than the current result, so as the number of bits increases it becomes much, Much, MUCH more difficult to check the entire search space.
I see a pattern but I do not think it will help much.
My conjecture is that the sequence number (the BTC amount) simply states the number of random bits in the private key.
Check it out:
The 0.001 BTC output used a 1 bit key (already claimed obviously)
The 0.002 BTC output used a 2 bit key
The 0.003 BTC output used a 3 bit key
etc...
The 0.019 BTC output used a 19 bit key
So I would claim the next unclaimed output uses a 51 bit key.
My conjecture is that the sequence number (the BTC amount) simply states the number of random bits in the private key.
Check it out:
The 0.001 BTC output used a 1 bit key (already claimed obviously)
The 0.002 BTC output used a 2 bit key
The 0.003 BTC output used a 3 bit key
etc...
The 0.019 BTC output used a 19 bit key
So I would claim the next unclaimed output uses a 51 bit key.
Interesting.
Here's a thought. What if that is the ONLY pattern.
Consider the possibility that the person that created this "puzzle" has done so as a form of "canary in the coal mine".
The idea would be to generate a bitcoin address completely randomly, but which only uses X bits of entropy. Then progressively store large values of bitcoins for each increase in entropy to provide an incentive for someone to try and access it.
So:
- The only possible address with 1 bit of entropy is the address associated with the private key having binary value 1
- There are 3 possible addresses with 2 bits of entropy. The addresses associated with the private keys having each of the following binary values (01, 10, 11), and one of them was chosen at random (11)
- There are 7 possible addresses with 3 bits of entropy, The addresses associated with the private keys having each of the following values (001, 010, 011, 100, 101, 110, and 111), and one of them was chosen at random (111)
- There are 15 possible addresses with 4 bits of entropy, and one of them was chosen at random (1000)
- There are 31 possible addresses with 5 bits of entropy, and one of them was chosen at random (10101)
- There are 63 possible addresses with 6 bits of entropy, and one of them was chosen at random (110001)
- There are 127 possible addresses with 7 bits of entropy, and one of them was chosen at random (1001100)
- and so on
By looking at which addresses have been "claimed", the creator of the "puzzle" can get a feel for the current security of version 1 bitcoin addresses.
So, if there are 50 addresses that have been "claimed", perhaps they'll avoid using any bitcoin address that has a private key with less than 51 binary digits for storing large amounts (actually, I'd probably go a bit higher than that just to be safe), and would have a feel for how secure addresses with 160 or more bits of entropy would be.
If that is what's going on here, then there may not be a "formula" or "pattern" that can be used. To get the 51st address, you'd just have to brute force try all addresses associated with private keys between 1125899906842624 and 2251799813685248 (which is only about 1.126 X 1015 addresses).
I would think the best way would be to modify (ocl)vanitygen according to BurtW's suggestion. You would need to limit the random number generator to a certain amount of bits and keep the rest.
That would be a start. Unfortunately I do not have the set of skills needed to do that, otherwise I'd start working right away
I don't think brute force is going to solve this puzzle.
A GPU bot would increase the performance much higher but still we would be here forever trying it.
The only way to solve this efficiently is to try to find a mathematical formula to break the sequence.
If a formula is not found, I think this puzzle will be as unbreakable as bitcoin itself.
A GPU bot would increase the performance much higher but still we would be here forever trying it.
The only way to solve this efficiently is to try to find a mathematical formula to break the sequence.
If a formula is not found, I think this puzzle will be as unbreakable as bitcoin itself.
So that means that calculating this is just as difficult as calculating a private key for a given public address? I thought this followed a fixed pattern, since some of the solutions have already been posted by you. All that's left is applying whatever you used to reach those address values.
Assuming my pattern assumption is correct then the underlying sequence was masked off to create the private keys.
Now if the underlying sequence before masking came from a cryptographically secure random number generator there is no hope of predicting the 51st private key and brute force or random chance in 51 bits is the only chance.
However if the underlying sequence was mathematically generated then maybe the keys are predictable.
Now if the underlying sequence before masking came from a cryptographically secure random number generator there is no hope of predicting the 51st private key and brute force or random chance in 51 bits is the only chance.
However if the underlying sequence was mathematically generated then maybe the keys are predictable.
So how were the results on the OP reached? Simply luck?
Assuming my pattern assumption is correct then the underlying sequence was masked off to create the private keys.
Now if the underlying sequence before masking came from a cryptographically secure random number generator there is no hope of predicting the 51st private key and brute force or random chance in 51 bits is the only chance.
However if the underlying sequence was mathematically generated then maybe the keys are predictable.
Now if the underlying sequence before masking came from a cryptographically secure random number generator there is no hope of predicting the 51st private key and brute force or random chance in 51 bits is the only chance.
However if the underlying sequence was mathematically generated then maybe the keys are predictable.
-snip-
Suggestions are always welcome.
Suggestions are always welcome.
The brute force way: Start @ ~607809 (multiplied the last known value by 1.7) convert to hex, create addresses, check if one address matches the next in turn.
What would be the best tool to attack this in a brute force way while we all think on something better or discover a easier way?
Some GPU bot would be the best to brute force it, like shorena was saying.
Need to code one, but I'm not in the mood now
Anyone out there doing it? Or maybe there is something existing?
I think the best existing tool currently is yours or otherwise private. I would think the best way would be to modify (ocl)vanitygen according to BurtW's suggestion. You would need to limit the random number generator to a certain amount of bits and keep the rest.
I don't think brute force is going to solve this puzzle.
A GPU bot would increase the performance much higher but still we would be here forever trying it.
The only way to solve this efficiently is to try to find a mathematical formula to break the sequence.
If a formula is not found, I think this puzzle will be as unbreakable as bitcoin itself.
-snip-
Suggestions are always welcome.
Suggestions are always welcome.
The brute force way: Start @ ~607809 (multiplied the last known value by 1.7) convert to hex, create addresses, check if one address matches the next in turn.
What would be the best tool to attack this in a brute force way while we all think on something better or discover a easier way?
Some GPU bot would be the best to brute force it, like shorena was saying.
Need to code one, but I'm not in the mood now
Anyone out there doing it? Or maybe there is something existing?
I think the best existing tool currently is yours or otherwise private. I would think the best way would be to modify (ocl)vanitygen according to BurtW's suggestion. You would need to limit the random number generator to a certain amount of bits and keep the rest.
Or maybe there is something existing?
That was the aim of my post, such a tool probably already exists.
-snip-
Suggestions are always welcome.
Suggestions are always welcome.
The brute force way: Start @ ~607809 (multiplied the last known value by 1.7) convert to hex, create addresses, check if one address matches the next in turn.
What would be the best tool to attack this in a brute force way while we all think on something better or discover a easier way?
Some GPU bot would be the best to brute force it, like shorena was saying.
Need to code one, but I'm not in the mood now
Anyone out there doing it? Or maybe there is something existing?
-snip-
Suggestions are always welcome.
Suggestions are always welcome.
The brute force way: Start @ ~607809 (multiplied the last known value by 1.7) convert to hex, create addresses, check if one address matches the next in turn.
What would be the best tool to attack this in a brute force way while we all think on something better or discover a easier way?
I see a pattern but I do not think it will help much.
My conjecture is that the sequence number (the BTC amount) simply states the number of random bits in the private key.
Check it out:
The 0.001 BTC output used a 1 bit key (already claimed obviously)
The 0.002 BTC output used a 2 bit key
The 0.003 BTC output used a 3 bit key
etc...
The 0.019 BTC output used a 19 bit key
So I would claim the next unclaimed output uses a 51 bit key.
My conjecture is that the sequence number (the BTC amount) simply states the number of random bits in the private key.
Check it out:
The 0.001 BTC output used a 1 bit key (already claimed obviously)
The 0.002 BTC output used a 2 bit key
The 0.003 BTC output used a 3 bit key
etc...
The 0.019 BTC output used a 19 bit key
So I would claim the next unclaimed output uses a 51 bit key.
So, there is no pattern? Its just getting more and more difficult to find a solution? Might be time to get something written for GPUs.
Jump to: