Topic: Bitcoin Visual private key generator - page 3. (Read 1989 times)

Thank you. Recovered. 
The zip file was named VisualBTC.zip, but the link - visualBTC.zip (1st letter "V" instead of "v")

Chances of twopeole drawing the same pattern?  Relatively high.

Download ZIP is a broken link (Not found).

Yes, i will make the repository on Github later. This was already discussed here earlier see the qute below the reason why.
Morover, I have the question to the coders to make the script faster for IE. In Interent Explorer and Edge the code works very slow - so it is possible there only tick one cell by cell. But on all other browsers it is possible to clickdown the mose and move filling several neighbor cells while moving the mouse.

Use this instead of Math.random() - https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues

There's no excuse to not use it when you are dealing with something that is even remotely required to be secure, just a few lines of code can potentially save someone from big trouble in the future.

Also consider creating a repository on Github for this project, so that people can see the changes in the source files and download from a place other than the site. Also Github is a good place to discuss issues and suggestions, and you might even get other people to help you with your code.

I do not beleive that it is possible to find exactly 50/50 symmetrical coin and the physical conditions to this. Morover for private key creating the small skewness could be the additional entropy (like ones use the coin 51/49, others use the floor conditions or toss habits 48/52, etc).

Interesting fact, that a statistics professor has asked his students to flip a coin over the several months period. He devided his students into 2 groups - one group really used the coin and recorded the results, but another group was asked to imagine that they use the coin and record the results from their assumptions the coin outcome could be. After collecting the results the professor was able to identify each group: the "guessing" group's results were very close to 50/50, but the results of the group really fliped a coin were wider than 50/50.

Another professor asked students to flip coins over a years, and he has formed a 95% confidence interval for the long-run population proportion of heads to be (0.497/0.513). Yes, the narrow results, but not yet 50/50

Thats why the ideal 50/50 coin is not very neccessary, some small deviation is allowed in real life.

that was one of the interesting parts about your project actually. it makes recording the flip results and eventual conversion to an integer (or hex) which you could then store or use as your private key, a lot easier than using bash or generally a command line option.

coin flip or generally any source of entropy that doesn't depend on computers can be very secure but it is sometimes extremely hard and they require a lot of attention. you should always make sure there is no bias in the results. for example the coin should be symmetrical and your flips should always have a 50-50 chance of heads or tails. and you have to repeat this 256 times and each time do it in the same exact way, that is not easy!

Yes, yes and yes, I'm with you. And it was the initial idea to create the key from the coin flip outcomes. I was also concerned about offline paper wallets as their random algorythms could be pre-defined.
The first keys I created in Excel: filled the cells 16x16 with 1 or 0, then combined bits by every line and concatenating all lines received the full 256 bin number, converted it to HEX and go to online tool to convert to addres or use phyton function locally. It was long and boring, so I decided to develop this tool. While developing I also added the random function and own key visualization - but yes, these both are only could be used for educational or fun purposes.

The real key should be generated only from the cion flip outcomes.

Thank you for your feedback.


This is a very valuable comment. Absolutely agree with you. I will add the warning for this function not to use real private keys with the funds for their visualization. Actually there is no need in the random private key visualizaition, because the user will find nothing interesting in it - just a couple of bits randomly spread across the square.

Fun site. I've been playing around with it for 10 minutes or so, generating some common patterns - checkerbox, vertical stripes, horizontal stripes, diagonal stripes, boxes, etc., - and haven't found a single address which has ever had any funds in it. This is in contrast to brain wallets dependent on a password or phrase, where most of the commonly used words/phrases lead to wallets which have been used multiple times and have all been emptied/hacked long ago. So it seems like this kind of method for generating private keys has never been used before, so kudos for that.

Having said that, I agree with all the posts above that no one should seriously use this to generate their private keys. Brain wallets are a notoriously poor method for storing your coins. Your 256 bit number should be truly random, and not based on some words, phrases, (or now) pictures which a user has chosen/drawn and could be easily brute forced or forgotten.

I'm also a little concerned about the function to "Visualize my own HEX private key (tick here to input your key)". Many newbies often fall for scams (not saying you are a scammer by any means) where they input their private key or seed in to a website and all their coins get stolen. I would like to see a warning here stating that if anyone does want to use this function, they should be downloading the site and running it on an airgapped machine.

As long as you're certain the software you use actually creates a private key from your coin flips, this could be very secure.
I'm saying this because of the paper wallet website that was compromised recently: it generated pre-defined private keys, even when used offline, and people are still losing funds because of it.
If you're using coin flips, it doesn't hurt to create the private key with different software on independent systems, and ensure they're the same (and always on air-gapped hardware that won't ever go online again).

Thank you all for your comments regarding the security. I added the warning message to the initial post of this topic. Latter add it to the site project as well.

I agree that patterns used in key generation could be not secure. And there are many reasons for it: attackers could guess and brutforce the pattern using the list of commmon picture/figure patterns, some attackers also could use hypnosis or other skills to find out the pattern (if the key is only written on the paper, or recorded within the hardware ledger it is impossible to hear it from the user as the user does not know it himself  )

However I retained the physical coin flip methond as a secure way for key generation. I'm sure that the tossing (coin flip) is the most secure way to generate the private key. So, for this way my project is a very nice tool to use. Physycal coin is used as the entropy, my project is used just only for common transformation to the address.


So, what do you think about the key generation through the 256 coin flips? [my opinion - is is the most secure way nowadays]

Primarily I decided to post the project here to discuss the topic and idea with the the subject specialists. If it is interesting, of course I will share it on GitHub for subsequent code discussions. The is no need to discuss the code for thing of naught.

Glad to see you moved it here and getting right kind of discussions. Again very good work however it's very much clear to me that there is a message needed in the website that users are advised not to use the addresses generated in the site to hold BTC. It's okay for educational purpose.

When it comes to visualization and it has boundary limitation then human mind are limited and ends up with very common images. For example: heart, 0, 7. And it's very possible to find the keys if two person visualize the same pattern.

I am 100% with the following quote:

Sorry, i'm a bit late with my reply about math.random(). I'm a big fan of your site, but i'd like to see a warning banner: "for educational purposes only" on the very top.

The "problem" when people would use this site to create an "actual" private key goes further than the cryptographic insecure javascript function... Your site is (more or less) a new brainwallet.
Sure, a completely random pattern is impossible to bruteforce... A random pattern created with math.random is *allmost* impossible to bruteforce (actually, i believe it's still impossible, even with the weak math.random function, but still...). BUT, a brain is a terrible source of entropy (i don't know who first came up with this quote, but i really like it).

This basically means that IF your site becomes popular, and a million people use it to "draw" their private keys, i can pretty much guarantee that if I would generate a dictionary of the one million most popular images and shapes, convert it into 16x16 pixels, convert it to a private key => public key => address and check the address for unspent outputs, i'd find several dozen of funded addresses i'd be able to rob.

Don't get me wrong, you wrote a nice learning tool, it's fun to see and it can teach people about the basics of key and address generation... However, i would NOT recommand to "draw" a drawing you can easily remember, and fund the address that was actually generated as a result of this drawing, nor would i use the random function due to the cryptographic weakness.

Conclusion: nice tool, nice for learning, nice for visualising a pregenerated private key on an offline machine, nice for playing, not ideal for actual production key generation

it is interesting to "visualize" a private key in binary and also if you use the first method (coin flip) to create it but it is not a good idea to use it in any other way such as manual selecting the squares, using random button,... if the key is to be used for funds.

you also should add the warning to your site explaining the insecurity of the random function used, and warn about manual selection since people are never a good entropy source.

additionally i see a zip file link at the bottom. is your project open source? if it is, sharing it on GitHub and linking it there is a better idea.

Yes, every private key is within the range 2^256. So, the security - is to generate this number very very random, without any computer dependencies. I suggest to flip the coin in order to receive a number within the range - actually this number is all you need for your BTC.

All the subsequent operations to convert the private key to bitcoin address could be performed ONLY in one possible way, so you receive ONLY one specific bitcoin address from the certain private key. And you do not need any random operations or random entropy to perform these transformations. Yes, these calcualtions are made by my project (by computer), and nothing secret in these operations because such calculations could be performed ONLY in one possible way. Take any number X withing the range 1 - 2^256, and there is ONLY one corresponding BTC address to this X; so it does not matter who and how performs the transormations.

P.S. Ok, BTC is developing and actually there are 4 known different bitcoin addresses to the number X: (1) Legacy uncompressed; (2) Legacy compressed; (3) Segwit legacy; (4) Segwit bech32; Legacy 1 and 2 start with "1"i in the beginning, Segwit legacy starts with "3" and Segwit bech32 starts with "bc1". But these different formats is not topic here (my project works with legacy addresses - compressed and uncompressed). If you need legacy commpressed address, where is ONLY ONE way to convert the number X to it, and there is nothing unsecure in this convertation.
The most vulnerable point in bitcoin address creation is the number generation, i.e. selection of 256 bits (digits 1 or 0), and of course the private key storage (but key storage is offtopic here as well).

2^256 is the security of the bitcoin network, all keys are generated within that range.

Your way may not be most the most secure I think.
You still need a computer to convert private key in HEX to other formats and to a public address as well (a computer is needed in those operations).

It is not.

Nobody could crack 256 independent outcomes generated by a physical coin fliped offline. It is 2^256 possible combinations - you can not imagine how much is it! It is the most secure way for paper wallet creation, as it does not use any computer random algorithms.

This way is suitable for long term BTC storage. Because as soon as you decide to make spendings from such paper wallet there are 2 events that decrease the security: you should import the key to your favourite wallet ([1] the key become open for the wallet software),  and [2] while making the transaction you make the public key open to blockchain

I'm with bitmover on this one, I'll rather suggest this site for education purposes only but I wouldn't recommend anyone using it to create their private keys. 256 outcomes for a hacker is like an hour or two of his life before he can crack an operating wallet which the outcomes for the private keys will come directly from your website. I would rather prefer the private keys being generated by the wallet itself because I know that I'm the only one who have seen or now the combination of my own private key.