Author

Topic: Blockchain.info wallet [SOLVED!] (Read 2467 times)

full member
Activity: 182
Merit: 100
July 24, 2014, 05:41:36 PM
#16
yes i also imported a private key, before it happened.
legendary
Activity: 2212
Merit: 1199
March 28, 2014, 06:19:55 PM
#15
Was this wallet generated by Blockchain.info ?

If someone somehow compromised your private key, they certainly wouldn't be sending BTC to it. But there is one plausible theory to what could have happened. Previously, certain Android-based wallets suffered from a security breach caused by weak native random number generators. It could be that Blockchain.info has a similarly faulty RNG or RNG seeding mechanism that somehow ended up generating the same private/public keypair twice - either due to a significantly lower than expected level of entropy, or because of a reused seed. These things are incredibly hard to debug, but it would be very, very bad if it were true.

Say for example that the RNG was naively seeded with the timestamp of the system - two wallet addresses generated at the same time, rounded to the exactness of the system clock, would be identical. I would strongly suggest they audit the code to make sure this isn't how it's done.

or
Why not do a simple check if the Address has ever been used?
It will not fix the main problem as another user may have same address but never used it.
The only way is to Claim that address forever, so no one else can use it again, is it possible?

Thanks to all of you! As I edited my 1st post - problem was solved! It was my fault ... as you can read in 1st post!

Thanks!
full member
Activity: 182
Merit: 100
March 28, 2014, 04:51:39 PM
#14
Was this wallet generated by Blockchain.info ?

If someone somehow compromised your private key, they certainly wouldn't be sending BTC to it. But there is one plausible theory to what could have happened. Previously, certain Android-based wallets suffered from a security breach caused by weak native random number generators. It could be that Blockchain.info has a similarly faulty RNG or RNG seeding mechanism that somehow ended up generating the same private/public keypair twice - either due to a significantly lower than expected level of entropy, or because of a reused seed. These things are incredibly hard to debug, but it would be very, very bad if it were true.

Say for example that the RNG was naively seeded with the timestamp of the system - two wallet addresses generated at the same time, rounded to the exactness of the system clock, would be identical. I would strongly suggest they audit the code to make sure this isn't how it's done.

or
Why not do a simple check if the Address has ever been used?
It will not fix the main problem as another user may have same address but never used it.
The only way is to Claim that address forever, so no one else can use it again, is it possible?
newbie
Activity: 9
Merit: 0
March 22, 2014, 05:08:39 PM
#13
Was this wallet generated by Blockchain.info ?

If someone somehow compromised your private key, they certainly wouldn't be sending BTC to it. But there is one plausible theory to what could have happened. Previously, certain Android-based wallets suffered from a security breach caused by weak native random number generators. It could be that Blockchain.info has a similarly faulty RNG or RNG seeding mechanism that somehow ended up generating the same private/public keypair twice - either due to a significantly lower than expected level of entropy, or because of a reused seed. These things are incredibly hard to debug, but it would be very, very bad if it were true.

Say for example that the RNG was naively seeded with the timestamp of the system - two wallet addresses generated at the same time, rounded to the exactness of the system clock, would be identical. I would strongly suggest they audit the code to make sure this isn't how it's done.
full member
Activity: 182
Merit: 100
March 22, 2014, 04:16:03 PM
#12
Stop panicking. If someone had found a hole in Bitcoin security they would have exploited it with far larger wallets. Just move whatever funds you have to another wallet an get on with your life. If they don't have control your wallet then by deduction they must have the private key to that address. There may have been a stuff up with Blockchain giving you an already used address but the probability is basically 0.

It's NOT ZERO
it's        1/115792089237316195423570985008687907852837564279074904382605163141518161494336

and totally NOT impossible to guess the key pair.

Please read the bolded part again - basically 0. I'm not saying it can't happen, but this is still a supremely unlikely occurrence to the point I'm far more inclined to believe some alternate explanation.

The term is infeasible.  Then again just about anything which most people consider is impossible is simply low probability.   Trying running directly into a wall.  There is a non zero percent chance that due to quantum effect you will pass right through it.

So higher change of wallet software picking same address/pair then?
Any idea the odd's?
hero member
Activity: 742
Merit: 502
Circa 2010
March 21, 2014, 06:46:11 PM
#11
Stop panicking. If someone had found a hole in Bitcoin security they would have exploited it with far larger wallets. Just move whatever funds you have to another wallet an get on with your life. If they don't have control your wallet then by deduction they must have the private key to that address. There may have been a stuff up with Blockchain giving you an already used address but the probability is basically 0.

It's NOT ZERO
it's        1/115792089237316195423570985008687907852837564279074904382605163141518161494336

and totally NOT impossible to guess the key pair.

Please read the bolded part again - basically 0. I'm not saying it can't happen, but this is still a supremely unlikely occurrence to the point I'm far more inclined to believe some alternate explanation.

The term is infeasible.  Then again just about anything which most people consider is impossible is simply low probability.   Trying running directly into a wall.  There is a non zero percent chance that due to quantum effect you will pass right through it.
full member
Activity: 182
Merit: 100
March 21, 2014, 06:36:49 PM
#10
Stop panicking. If someone had found a hole in Bitcoin security they would have exploited it with far larger wallets. Just move whatever funds you have to another wallet an get on with your life. If they don't have control your wallet then by deduction they must have the private key to that address. There may have been a stuff up with Blockchain giving you an already used address but the probability is basically 0.

It's NOT ZERO
it's        1/115792089237316195423570985008687907852837564279074904382605163141518161494336

and totally NOT impossible to guess the key pair.
hero member
Activity: 742
Merit: 502
Circa 2010
March 21, 2014, 06:31:42 PM
#9
Stop panicking. If someone had found a hole in Bitcoin security they would have exploited it with far larger wallets. Just move whatever funds you have to another wallet an get on with your life. If they don't have control your wallet then by deduction they must have the private key to that address. There may have been a stuff up with Blockchain giving you an already used address but the probability is basically 0.
full member
Activity: 182
Merit: 100
March 21, 2014, 06:23:49 PM
#8
Crap! it is the same!
https://btc.blockr.io/address/info/14gFWFSg9dxARw2khji4bnJmUYQp56aXbC

my mining earnings:

Hash     4444b1f11ba3d36e17d3b19c7783c9720a975b2ad7859076baeed02636e548a5

Edit: as soon as this happened I turned up the donations to 99% giving all earnings
back to the mining pool with signed. So I should not have checked it in weeks, Im still
downloading the blockchain to see what's going on but it's MT.
full member
Activity: 182
Merit: 100
March 21, 2014, 06:14:21 PM
#7
I had the BitcoinQT wallet with 4 address's the first one I used for mining payments
The second address I sent 0.4 bitcoin to.

Now what happened was as the payment (~0.042) from mining pool to the First address ~3-5 hours later
it was empty! Sent to another address which I don't own.

The second address still held the 0.400 bitcoins!

So i moved them to a Armory wallet, even though I can't access it as I'm on XP with only 2GB ram and
program crashes.
full member
Activity: 182
Merit: 100
March 21, 2014, 05:59:23 PM
#6
I had Exact same thing happen to me a few weeks back, and was using BitcoinQT!
Lost ~.04
hero member
Activity: 742
Merit: 502
Circa 2010
March 21, 2014, 05:52:59 PM
#5
maybe you both have same address? if so that is not good, shows a really Big problem...

It is possible, but so rediculously improbable that I wouldn't consider it to be true. Although, if someone is spending funds in that address and not the rest of your wallet it indicates that they have the private key to that address rather than access to your whole wallet. If you have 2FA on and you haven't lost anything than this could possibly be a case where someone has accidentally generated the same keypair, although I'm not inclined to believe it. My advice, make a new address and move your funds there and just carry on with your life.
full member
Activity: 182
Merit: 100
March 21, 2014, 05:51:23 PM
#4
You right!
/btc.blockr.io/ shows it.

Confirmations     3
full member
Activity: 182
Merit: 100
March 21, 2014, 05:24:48 PM
#3
BlockChain is down again!
full member
Activity: 182
Merit: 100
March 21, 2014, 05:24:07 PM
#2
maybe you both have same address? if so that is not good, shows a really Big problem...
legendary
Activity: 2212
Merit: 1199
March 21, 2014, 04:18:19 PM
#1
Solved!

IT WAS not Blockchain.info bug or something!



+10 to blockchain.info

It was just a stupid user who gave me a private key to import, I forgot about this and he just started to use this address again ... after he gave it IN PUBLIC!

https://bitcointalksearch.org/topic/public-knowledge-well-is-open-516987

I forgot about this... because there was nothing on it and it was too stupid to be true ... but he really did put a real private key in his post.

Sorry Blockchain.info!
Jump to: