Author

Topic: btcaddr.me - Bitcoin Address Identicon (Read 7365 times)

full member
Activity: 126
Merit: 100
September 20, 2014, 10:24:14 AM
#47
I made another identicon generator: http://jsfiddle.net/Lqfrmao8/

Original Bitcoin address: 1PPJ5x74KEo9euEiSJKxyBUfHMRQrXKL1f



Fake Bitcoin address: 1PPJ5x74KEo9evEiSJKxyBUfHMRQrXKL1f





full member
Activity: 126
Merit: 100
September 20, 2014, 07:02:56 AM
#46
I made a simple identicon generator (live demo): http://jsfiddle.net/6khq75d3/

Original Bitcoin address: 1PPJ5x74KEo9euEiSJKxyBUfHMRQrXKL1f



Fake Bitcoin address: 1PPJ5x74KEo9evEiSJKxyBUfHMRQrXKL1f

hero member
Activity: 518
Merit: 502
September 19, 2014, 08:34:12 PM
#45

Thanks. It appears to be much less sophisticated than other approaches.
Is there any info about the algorithm?
hero member
Activity: 518
Merit: 502
September 18, 2014, 09:04:12 AM
#44
Just found this thread, but the site seems to be down.
What happened?
member
Activity: 68
Merit: 10
September 20, 2013, 09:29:03 PM
#43
Replying to myself again Roll Eyes, but just for fun if we disregard prefix we can fairly easily match 32 bits:

1KbhFQVEUk8wMVtiuBURZAQ1PXnsDUqcag


1EEwcrjaJkWLLZDuZA2Rhob3aVM8NwY5tR



or 40 bits:

1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R


1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj


Not going to try for 48 bits on the CPU, but with OpenCL code on a GPU it shouldn't be bad either.

Interesting; I was thinking there probably aren't enough permutations of a default identicon to cover the huge possibility set for Bitcoin addresses, and that pretty much proves it. This sort of attack could be made less likely by modifying the identicon library with some tweaks. Namely, to not allow so many color variations, so an attacker can't just get a purple color close to the other purple (the biggest weakness, I think), but then those bits of the SHA hash have to be re-used as something else.

The default Identicon is a 3x3 grid, but really there's only three different sprites used (corners, edges, and center) and two colors. If you make only the opposing pairs match (top/bottom, left/right, NW/SE, SW/NE, and center), you've got five instead of three, and each pair could have its own color (net gain of 3 colors), without it looking too messy. I need to sit down and figure out how many bits would need to be re-used if the color palette was reduced... I might put my code where my mouth is on this one, since it seems like a fun project to tackle!
sr. member
Activity: 294
Merit: 250
June 12, 2013, 04:00:27 PM
#42
nice!
legendary
Activity: 1708
Merit: 1020
June 06, 2013, 04:30:40 AM
#41
In particular, could this be used to show users a their passwords before they type their passwords in? To confirm they are on a genuine site?

For example, a site saves passwords in a hashed and salted format. When they go to login, they type in their username, uponwhich the site shows an identicon of their password hash. If that identicon matches what they originally saw when they signed up, they know they are on the legitimate website.

Would that work?
There is a problem... an attacker can easily find out the pattern by simply entering the user name into the original site. You would need two passwords to be able to do this.
hero member
Activity: 788
Merit: 1001
June 05, 2013, 09:41:16 AM
#40
I like this "bitaddress mandala"   Cheesy
legendary
Activity: 1708
Merit: 1020
June 05, 2013, 09:23:00 AM
#39
In particular, could this be used to show users a their passwords before they type their passwords in? To confirm they are on a genuine site?

For example, a site saves passwords in a hashed and salted format. When they go to login, they type in their username, uponwhich the site shows an identicon of their password hash. If that identicon matches what they originally saw when they signed up, they know they are on the legitimate website.

Would that work?
Interesting idea. I would add another hash round before creating the identicon for safety. That would be a cool feature.
sr. member
Activity: 340
Merit: 250
GO http://bitcointa.lk !!! My new nick: jurov
March 04, 2013, 03:49:10 PM
#38
What if the firstbits are superposed on the picture (normally shown 6 letters or so in the bottom of identicon, without leading 1) to make the match harder? So both reading and abstract pattern recognition is engaged at once.

Replying to myself again Roll Eyes, but just for fun if we disregard prefix we can fairly easily match 32 bits:

1KbhFQVEUk8wMVtiuBURZAQ1PXnsDUqcag


1EEwcrjaJkWLLZDuZA2Rhob3aVM8NwY5tR



or 40 bits:

1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R


1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj


Not going to try for 48 bits on the CPU, but with OpenCL code on a GPU it shouldn't be bad either.
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
March 02, 2013, 01:40:14 PM
#37
In particular, could this be used to show users a their passwords before they type their passwords in? To confirm they are on a genuine site?

For example, a site saves passwords in a hashed and salted format. When they go to login, they type in their username, uponwhich the site shows an identicon of their password hash. If that identicon matches what they originally saw when they signed up, they know they are on the legitimate website.

Would that work?
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
March 02, 2013, 12:44:35 PM
#36
Any Update on this?
hero member
Activity: 742
Merit: 500
November 10, 2012, 08:09:52 PM
#35
This is a cool idea.  I had been reading the first and last few characters to make sure the address was right. This is even easier.
legendary
Activity: 1022
Merit: 1000
November 10, 2012, 12:18:05 PM
#34
If its based on SHA1, does that mean it can be cracked (I have no idea, but I know the current standard is SHA3)
legendary
Activity: 1050
Merit: 1003
November 05, 2012, 07:14:56 PM
#33
rageface.me   lol

Not cute at all.  Angry
hero member
Activity: 686
Merit: 500
Wat
November 05, 2012, 04:25:37 PM
#32
1AgwF965rwYpK6J8N3CbCxfRAdu7nSHt9v



1P7WdPJrZEXTmbjD5bzqNwNtNDuoTqDGu



1Fq6TL3wT4v4tbgW7CaGTyS42hsjmCHPdB





rageface.me   lol
hero member
Activity: 686
Merit: 500
Wat
November 05, 2012, 04:18:45 PM
#31
Its like https for bitcoin adresses  Cheesy
full member
Activity: 125
Merit: 100
November 05, 2012, 04:07:20 PM
#30
Doing the math on the robohash it looks like it uses 22-24 bits depending on the settings to get an exact match, so roughly equivalent to matching 4 characters of the address.  It could add some extra security combined with something else but by itself yes it is fairly trivial to match.
legendary
Activity: 1246
Merit: 1016
Strength in numbers
November 05, 2012, 02:59:16 PM
#29

The robohash robot is great. Optionally print out an image of the robot next to the identicon?

Users could check that the identicon maps to the robot and robots are easier to remember than patterns.

The robots would be good branding for bitcoin. It looks like robohash is open source.

Well it does seem that mskwik did just prove robohash to be useless for our purposes.

Not completely, it would be extra hard to find a robot collision AND collide the first few chars.
sr. member
Activity: 249
Merit: 251
November 05, 2012, 12:20:40 PM
#28

The robohash robot is great. Optionally print out an image of the robot next to the identicon?

Users could check that the identicon maps to the robot and robots are easier to remember than patterns.

The robots would be good branding for bitcoin. It looks like robohash is open source.

Well it does seem that mskwik did just prove robohash to be useless for our purposes.
legendary
Activity: 1050
Merit: 1003
November 05, 2012, 04:25:43 AM
#27

Interesting idea. I came across: http://robohash.org/ - cunicula you thought about something like this? Wink

The robohash robot is great. Optionally print out an image of the robot next to the identicon?

Users could check that the identicon maps to the robot and robots are easier to remember than patterns.

The robots would be good branding for bitcoin. It looks like robohash is open source.
full member
Activity: 125
Merit: 100
November 04, 2012, 03:12:25 PM
#26
1MB2HBuzi4LQ9XZwtQ3GzRGombGx72LUPZ


1F9UeZCMcSfdYpVwSFfbaWQxK4p7FER79k


 Wink


Not really familiar with github but here is the script I was using:

Code:
#!/usr/bin/perl

use Digest::SHA;$|=1;
open(VG, "./vanitygen -q -k 1 |");
while(){print $_;chomp($_);
  $msg=$_;if(/Address: (.*)/ig){$addr=$1;
    $hash=Digest::SHA::sha1_hex(Digest::SHA::sha1_hex($addr));
    $id=substr($hash,0,2);
    $id.=hex(substr($hash,2,1))%8;
    $id.=hex(substr($hash,3,1))%4;
    $id.=hex(substr($hash,4,1))%4;
    $id.=hex(substr($hash,5,1))%2;
    $id.=int(hex(substr($hash,6,1))/4);
    $id.=int(hex(substr($hash,8,1))/4);
    $id.=int(hex(substr($hash,10,1))/4);
    $id.=int(hex(substr($hash,12,1))/4);
    $id.=int(hex(substr($hash,14,1))/4);
    $id.=int(hex(substr($hash,16,1))/4);
    $id.=hex(substr($hash,18,1));
    print "Identicon: $id              \n";
    if($seen{$id} ne ''){
      print "Match found\n".$seen{$id}."\n$1\n";exit;
    }$seen{$id}=$1;
  }
}

That's picking 32 bits out of the hash for the identicon string, to add more bits and get more accurate I would add more bits on the end of the colors that are using just 2 bits per channel there.  Notice that it just checks for a match against any icon it has found so far, to match a particular one you would find an identicon string for it from the same bits and just search for that, to search an address prefix as well you can change the vanitygen argument.  I also was running on a machine with 8GB RAM, run at your own risk with more bits or less RAM when saving every result like this.
newbie
Activity: 14
Merit: 0
newbie
Activity: 14
Merit: 0
November 04, 2012, 02:18:26 PM
#24
Thank you for your comments, everyone! I would like to emphasize that the project is just a proposition made during one Saturday after ThePiachu master thesis inspired me. It wasn't well tested for colisions though. However, I'm happy that this thread is growing and ideas for upgrades appear.

mskwik, thank you for your tests. I didn't think your way: that when the project become popular people may rely mostly on identicon rather that prefix thus they may stop checking it. Now, identicon is made from string made from double sha1 on address. I'm not sure what can be done to make collisions rarer. Maybe you would like to push to github your code? Smiley

I realize this has no practical purpose, but can you make the identicon into something cute?

More broadly, if you could do QR codes that are shaped like bunny rabbits and pandas, then the whole QR scheme might become more interesting to 50% of the population.

That would be quite an interesting idea, although it would probably be way harder to implement than random geometric shapes...

Interesting idea. I came across: http://robohash.org/ - cunicula you thought about something like this? Wink
full member
Activity: 125
Merit: 100
November 04, 2012, 01:33:15 PM
#23
Replying to myself again Roll Eyes, but just for fun if we disregard prefix we can fairly easily match 32 bits:

1KbhFQVEUk8wMVtiuBURZAQ1PXnsDUqcag


1EEwcrjaJkWLLZDuZA2Rhob3aVM8NwY5tR



or 40 bits:

1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R


1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj


Not going to try for 48 bits on the CPU, but with OpenCL code on a GPU it shouldn't be bad either.
full member
Activity: 125
Merit: 100
November 04, 2012, 12:24:04 PM
#22
So I did download the source and take a look at it.  Seems to me you would need to match about 32 bits to look fairly similar (like so someone may not notice if it had changed between site visits) up to about 48 bits to look fairly similar even comparing them side by side.  Mathematically this puts it roughly similar to checking 7 digits at the end of the address.

As a short example here's 12 bits matched which only takes a couple minutes (plus I skimped a little on the prefix):

1BoatSLRHtKNngkdXEeobR76b53LETtpyT


1BoaDLmiNMdQJKe34nbbvJDCqAmpD1adMN


I do like the idea, the human brain does seem to be wired to remember (and recognize if they change) colors and shapes better than random characters, just trying to quantify the results somewhat.
full member
Activity: 125
Merit: 100
November 04, 2012, 09:19:32 AM
#21
Hm, I always check the beginning and end of each address. Do I still need this?

That depends on how many characters you memorise. If it's about 10, you should be fine, otherwise creating a collision would take just a few bitcoins worth of hashing. You can read more about it in my master thesis around page 66 - https://bitcointalksearch.org/topic/my-bitcoin-master-thesis-88149 .

It is however better than checking an equivalent number of characters just at the beginning since it includes the checksum part of the address.  It could be just as good as checking the identicon depending on how many bits you would need to get a similar-looking identicon.  Both the address checksum and the identicon are based on parts of a hash of the address, it's not clear without examining the identicon source further how many bits you would need to generate another that looks "close enough".
sr. member
Activity: 444
Merit: 313
November 04, 2012, 08:33:53 AM
#20
I realize this has no practical purpose, but can you make the identicon into something cute?

More broadly, if you could do QR codes that are shaped like bunny rabbits and pandas, then the whole QR scheme might become more interesting to 50% of the population.

That would be quite an interesting idea, although it would probably be way harder to implement than random geometric shapes...
legendary
Activity: 1246
Merit: 1016
Strength in numbers
November 04, 2012, 05:04:37 AM
#19
I realize this has no practical purpose, but can you make the identicon into something cute?

More broadly, if you could do QR codes that are shaped like bunny rabbits and pandas, then the whole QR scheme might become more interesting to 50% of the population.

Lol.

"Mom can you send me lunch money? I'm the panda with crossed eyes holding a rainbow in its LEFT hand."
legendary
Activity: 1050
Merit: 1003
November 04, 2012, 04:41:43 AM
#18
I realize this has no practical purpose, but can you make the identicon into something cute?

More broadly, if you could do QR codes that are shaped like bunny rabbits and pandas, then the whole QR scheme might become more interesting to 50% of the population.
sr. member
Activity: 444
Merit: 313
November 04, 2012, 04:35:18 AM
#17
It seems it helps in cases where someone expects to be paying an address they have already paid, but the address has somehow been swapped out with the malicious one. If the site that was compromised is also serving the icon could that not also be swapped out for one that doesn't actually match? To guard against that the payer would need to personally check, is that what is intended?

If the image was swapped as well, then the website owner could recognize it as not being theirs (lets hope). If the original image is left, the sender can recognise it doesn't match up.

Hm, I always check the beginning and end of each address. Do I still need this?

That depends on how many characters you memorise. If it's about 10, you should be fine, otherwise creating a collision would take just a few bitcoins worth of hashing. You can read more about it in my master thesis around page 66 - https://bitcointalksearch.org/topic/my-bitcoin-master-thesis-88149 .



Also from other news, this topic is also available on Reddit:
http://www.reddit.com/r/Bitcoin/comments/12ktos/bitcoin_address_identicon_topic_a_solution/
legendary
Activity: 1246
Merit: 1016
Strength in numbers
November 04, 2012, 02:59:02 AM
#16
I think it could work as a browser plugin, where when you mouse over an address, you would see the identicon. This would allow the user to verify quickly, but not rely on the security of the site.

So, you see the correct icon for the attacker's address.  Nothing gained.

Seems like it is only relevant when paying an address you have seen before. An optional warning in a client like "You are trying to pay an address that may look like one you have payed before, BUT YOU HAVE NEVER PAID THIS ADDRESS BEFORE. Proceed?" might accomplish this better.
legendary
Activity: 3038
Merit: 1032
RIP Mommy
November 04, 2012, 02:38:18 AM
#15
Hm, I always check the beginning and end of each address. Do I still need this?
kjj
legendary
Activity: 1302
Merit: 1026
November 04, 2012, 12:46:42 AM
#14
I think it could work as a browser plugin, where when you mouse over an address, you would see the identicon. This would allow the user to verify quickly, but not rely on the security of the site.

So, you see the correct icon for the attacker's address.  Nothing gained.
hero member
Activity: 588
Merit: 500
firstbits.com/1kznfw
November 04, 2012, 12:40:32 AM
#13
I think it could work as a browser plugin, where when you mouse over an address, you would see the identicon. This would allow the user to verify quickly, but not rely on the security of the site.
legendary
Activity: 1246
Merit: 1016
Strength in numbers
November 03, 2012, 06:40:41 PM
#12
This is interesting.

It seems it helps in cases where someone expects to be paying an address they have already paid, but the address has somehow been swapped out with the malicious one. If the site that was compromised is also serving the icon could that not also be swapped out for one that doesn't actually match? To guard against that the payer would need to personally check, is that what is intended?

Another solution that came to me (inspired by etotheipi) is to generate a visually distinctive address (etotheipi used an address with only capital letters). I think there are probably a lot of ways to make an address visually striking. Now that alone would not work because making another one that is striking in the same way would cost the same as the original on average, but if people remember the feel of the address plus the first 5 characters or so (which the original address producer can just let be random) then matching it would be about 58^5 times harder for an attacker.

What are some cheap but striking patterns?

An unusualy high number of triplets? (1j4U666mJJJw3QD7gggrHHH2rynFEcAAA)
A lot of numbers?
No letters or numbers with curves?
Only capitals and numbers?
full member
Activity: 165
Merit: 100
November 03, 2012, 05:10:16 PM
#11
Hmm, this is neat! Kind of a way to side-step Zooko's triangle
newbie
Activity: 14
Merit: 0
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
November 03, 2012, 01:27:37 PM
#9
You can use it will litecoin addresses too (even there's "btc" in domain name). To be honest, you can use it with any string as there is no input validation. It just takes a string do sha1 twice and make identicon from it.

Is it open source? If not- is there an API that other sites could provide the service as well through you?
newbie
Activity: 14
Merit: 0
November 03, 2012, 01:25:19 PM
#8
You can use it will litecoin addresses too (even there's "btc" in domain name). To be honest, you can use it with any string as there is no input validation. It just takes a string do sha1 twice and make identicon from it.
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
November 03, 2012, 01:21:37 PM
#7
Oh wow that is VERY COOL. That could go on so many things, right next to your payment address you can show what it *should* look like when you pay.
That's exactly the purpose of it Smiley.

Is it possible to "scan" the identicon and decipher the address? Like a custom QR code?
No, you can treat it like "visual hash" and it's not reversable.

Still very cool. Do you think you could do one for Litecoin? Is the project open source?
newbie
Activity: 14
Merit: 0
November 03, 2012, 01:17:08 PM
#6
Oh wow that is VERY COOL. That could go on so many things, right next to your payment address you can show what it *should* look like when you pay.
That's exactly the purpose of it Smiley.

Is it possible to "scan" the identicon and decipher the address? Like a custom QR code?
No, you can treat it like "visual hash" and it's not reversable.
legendary
Activity: 1204
Merit: 1002
RUM AND CARROTS: A PIRATE LIFE FOR ME
November 03, 2012, 01:15:11 PM
#5
Oh wow that is VERY COOL. That could go on so many things, right next to your payment address you can show what it *should* look like when you pay.

Is it possible to "scan" the identicon and decipher the address? Like a custom QR code?
legendary
Activity: 1022
Merit: 1000
November 03, 2012, 01:13:40 PM
#4
What addresses did you try? You can try it other way:

http://btcaddr.me/[bitcoin address here]

Maybe the form is not working in your browser - which one are you using?

Firefox 16.0.2 on windows 7

-edit-
I first entered your site by your link provided in OP, then used the input field with a random address obtained on this forum (1CoinLabF5Avpp5kor41ngn7prTFMMHFVc). Then I changed some letters and later the whole address but it still gave me the same identicon.

Now I just tried it only adding the address in the URL, like you advised and it workeed. But dont you think it is problematic that the same address gets a different icon everytime I run it? Heck, it does the same thing again now, after Im leaving the tap open for 2 minutes, it returns the same identicon no matter what address I put in the URL.

newbie
Activity: 14
Merit: 0
November 03, 2012, 01:09:48 PM
#3
What addresses did you try? You can try it other way:

http://btcaddr.me/[bitcoin address here]

Maybe the form is not working in your browser - which one are you using?
legendary
Activity: 1022
Merit: 1000
November 03, 2012, 01:07:37 PM
#2
I just tried it, it always gives me the same identicon, no matter what address I put in. Cookies?
newbie
Activity: 14
Merit: 0
November 03, 2012, 12:55:52 PM
#1
I would like to introduce project I've done after reading ThePiachu's Master Thesis (https://bitcointalksearch.org/user/thepiachu-34743). In one of sections he writes about "Partial address collision" attack connected with bitcoin addresses. In a nutshell: given a bitcoin address we can generate address with the same prefix. As humans use to read only a few first characters of an address to validate it, malicous user may replace it with generated one and deceive user sending payment.

I believe problem can be solved using identicons. Check the site: http://btcaddr.me/ and let me know what are your thoughts.
Jump to: