Author

Topic: Calculating Satoshi's coins (Read 1261 times)

member
Activity: 196
Merit: 67
November 25, 2022, 02:39:22 PM
#53
I think that we need:

1) improvement of the hashing/computing power
2) new ways of calculating

I don't think that there will be a formula to get from the public key through a simple calculation the private key. But I'm sure that the 256 bit range can be calculated with less than the today's 128 bit (pollard). Let's say we bring it down to 80 bit and at the same time we improve the hashing/computing power, so it could be possible to solve this.
copper member
Activity: 76
Merit: 11
November 25, 2022, 07:17:54 AM
#52
Building the group  Smiley
member
Activity: 196
Merit: 67
July 28, 2022, 06:00:44 AM
#51
~

The speedup works only on Pollard Rho, at most sqrt(6) = 2.44 times. For Kangaroo only the negation (y) is applicable, with speedup at most 1.41 times (and bigger variance?) - AFAIK Jean-Luc uses it already.

All this is well known:
if we have a point (x,y) = k*G, the 6 points are
(aix, bjy) = cidj*(k*G)
with
a3 = 1 mod p (matching the chosen value of c)
b2 = 1 mod p
c3 = 1 mod n (matching the chosen value of a)
d2 = 1 mod n
i∈{0,1,2}
j∈{0,1}.
One can calculate the numbers by finding the primitive roots mod p and n
I.E.
rp = 77643668876891235360856744073230947502707792537156648322526682022085734511405
rn = 106331823171076060141872636901030920105366729272408102113527681246281393517969
a = (rp(p-1)/3)2 = 55594575648329892869085402983802832744385952214688224221778511981742606582254
b = rp(p-1)/2 = 115792089237316195423570985008687907853269984665640564039457584007908834671662 = -1
c = rn(n-1)/3 = 37718080363155996902926221483475020450927657555482586988616620542887997980018
d = rn(n-1)/2 = 115792089237316195423570985008687907852837564279074904382605163141518161494336 = -1

copper member
Activity: 76
Merit: 11
July 27, 2021, 07:27:14 PM
#50
So it works in the full range of 2^256 so what would be the expected operations?

  • 1 point addition to have Point (x1, y1)
  • 1 subtraction to get y2
  • 2 multiplications to get x2 and x3
  • comparisions to get lowest x and lowest y

Then you will have all x and y coordinates for all 6 points with the effort of less than 2 point additions, what will increase the speed enormously.
copper member
Activity: 76
Merit: 11
July 27, 2021, 04:32:01 PM
#49
Pollard's kangaroo / lambda / rho accelerator



It will lead to inner loops, but all solvable.
Profit: with one point addition, one will cover 6 points.

When will you be done with that project?
here is pubkey
02991eb8eb2e45b4bc9c71bc9a022832e712a8dc1b2db62bd7456e49b2d9f7dac8
could you tell me first example if its x1 ? x2 ? x3 ?
if its x1 then whats x2 and x3 print pubkeys , it will help to vistors for understand about x1 x2 x3
thankx

Example: pubkey = 02991eb8eb2e45b4bc9c71bc9a022832e712a8dc1b2db62bd7456e49b2d9f7dac8
This point becomes Point (x1, y1), but we don't know if it is Point 1, 2, 3, 4, 5 or 6.

from our offline server:
Code:
Point 1 (x1, y1)
x1 = 0x991eb8eb2e45b4bc9c71bc9a022832e712a8dc1b2db62bd7456e49b2d9f7dac8
y1 = 0xeb3c392e5ac716a0cb40fa08e2616f47459e6a1cc0f2922836896a1ce5f631cc

Point 2 (x2, y2)
x2 = 0xa673e97568057fb5f41c35d6ed6c88ef97510d71222b3686ef892f4ccc2af536
y2 = 0xeb3c392e5ac716a0cb40fa08e2616f47459e6a1cc0f2922836896a1ce5f631cc

Point 3 (x3, y3)
x3 = 0xc06d5d9f69b4cb8d6f720d8f106b442956061673b01e9da1cb0886fe59dd2860
y3 = 0xeb3c392e5ac716a0cb40fa08e2616f47459e6a1cc0f2922836896a1ce5f631cc


Point 4 (x4, y4)
x4 = 0x991eb8eb2e45b4bc9c71bc9a022832e712a8dc1b2db62bd7456e49b2d9f7dac8
y4 = 0x14c3c6d1a538e95f34bf05f71d9e90b8ba6195e33f0d6dd7c97695e21a09ca63

Point 5 (x5, y5)
x5 = 0xa673e97568057fb5f41c35d6ed6c88ef97510d71222b3686ef892f4ccc2af536
y5 = 0x14c3c6d1a538e95f34bf05f71d9e90b8ba6195e33f0d6dd7c97695e21a09ca63

Point 6 (x6, y6)
x6 = 0xc06d5d9f69b4cb8d6f720d8f106b442956061673b01e9da1cb0886fe59dd2860
y6 = 0x14c3c6d1a538e95f34bf05f71d9e90b8ba6195e33f0d6dd7c97695e21a09ca63

(Now we can say that the example point was Point 1, but that is not important.)

Remember:
x1 = x4  and  x2 = x5  and  x3 = x6
y1 = y2 = y3  and  y4 = y5 = y6

Lowest x = x1  or  x = x4
x = 0x991eb8eb2e45b4bc9c71bc9a022832e712a8dc1b2db62bd7456e49b2d9f7dac8

Lowest y = y4  or  y = y5  or  y = y6
y = 0x14c3c6d1a538e95f34bf05f71d9e90b8ba6195e33f0d6dd7c97695e21a09ca63

That Point (x, y) would be the reference point to go on with. From that point you jump to another Point (x1, y1) according to your kangaroo / rho.
It doesn't matter if you jumped to Point 1 or 2 or 3 or 4 or 5 or 6, your reference point would be that Point (x, y) in all cases.

That makes kangaroo / rho faster. For example: A 'tame' that jumps to Point 2 will go on with Point 4. A 'wild' that jumps to Point 5 will also go on with Point 4 and we would have a solution.

But this only works if you have the full Bitcoin range (1 ... n) like in this project and not in a range like the puzzle #120 (2^119 ... 2^120 - 1).
copper member
Activity: 76
Merit: 11
July 26, 2021, 03:59:23 PM
#48
Pollard's kangaroo / lambda / rho accelerator for our project



It leads to inner loops, but all solvable.
Profit: with one point addition, one will cover 6 points.
copper member
Activity: 76
Merit: 11
July 25, 2021, 12:32:28 PM
#47
Why are you limiting yourself to Satoshi's coins?
We want to solve Satoshi's coins, because these coins were mined to serve the purpose, to let the Bitcoin network run. Without these coins, we wouldn't have Bitcoin today, they are special as they had to be mined. Satoshi mined them, marked them and didn't transfer them. Satoshi alone can respond to our project e.g. can transfer them to other addresses. If someone can sign messages to our points, we will be sure that it is Satoshi as they were marked in a way, that you can separate them from others.

Think of it as sunken ships with these mined coins as their cargo. And we want to salve these ships and recover the coins.

That does not mean, that Satoshi isn't owning other coins (not sunken ships) than these marked.
full member
Activity: 162
Merit: 230
July 25, 2021, 05:59:10 AM
#46
Why are you limiting yourself to Satoshi's coins? There's nothing special about those private keys, if you got a way to crack those, you can attack any key which have had their public key exposed.
copper member
Activity: 76
Merit: 11
July 14, 2021, 01:17:21 PM
#45
Quote
There is a project to calculate Satoshi's coins and bring them back.

Is this
https://www.fxstreet.com/cryptocurrencies/news/is-satoshi-cashing-out-640-nine-year-old-bitcoin-on-the-move-202107131344
related to ur project?
Or is it some prophet inequality calculation of when, the perfect timing for, "I have to go now"?

Not related. We are permanently checking the blocks for such moves, But none of Satoshi's coins heve been moved so far.

'Satoshi's points' what we are calculating are coinbases only and mined in 2009 and 2010.
copper member
Activity: 76
Merit: 11
July 13, 2021, 06:50:24 PM
#44
We have to start somewhere ...

For example with a site like https://lbc.cryptoguru.org/about. They are calculating keys for hashed addresses. (We think that is impossible for Satoshi's addresses.)
copper member
Activity: 76
Merit: 11
July 12, 2021, 01:41:38 PM
#43
One other important thing for our project is, that when all 'Satoshi's points' are calculated, owners of the interaction token would sell all their coins as they would be valueless after solving the last point. The token price would crash before solving the last points. For that problem we have following solution:

For the last 4000 points, the solving participants will get their 25 BTC (12.5 BTC for wild and 12.5 BTC for tame) reward as usual.
But the purchase of the token with the remaining 25 BTC will be different. We will place them all as 0.01 BTC bid orders after solving one point, so that all token holders can sell for 0.01 BTC at least. That means: 4000 points with 25 BTC each = 100,000 BTC and the price wouldn't go below 0.01 BTC in the end as that would cover all 10,000,000 tokens.
copper member
Activity: 76
Merit: 11
July 12, 2021, 05:58:54 AM
#42
How exactly is this supposed to interact with a private key solver program again?

The software would have to be modified to buy or sell tokens as progress is made in exhausting search space. And it's pretty tricky to modify these programs because I once did that, and then someone complained on Github that it wasn't finding keys anymore.
The participants will provide the system with distinguished points only and after solving a point, we will publish it and the solving participants will broadcast their reward address, so we can transfer them their reward. We expect that the first solutions will take some time and the intervals will be long enough to make it manually and not automated. Also the purchase of the interaction token will happen manually.

At the beginning ot this project we want to improve the system to solve the points. Once the points will be solved, we will find an automated solution to the rewarding. But we expect that the purchase of the interaction token will remain manually.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 12, 2021, 03:59:11 AM
#41
We wanted to have a decentralized exchange for this project and created an own token as ADAB spin-off. We chose the Waves platform.

Exchange: https://waves.exchange/

Explorer with information on the token:
https://wavesexplorer.com/tx/9zMruSw8PPVPvRWgmrDi8QzsaGwNfBqdx9L5sMgASDAK

Name of the token: BitcoinADAB
Quantity: 10,000,000
Decimals: 8
Reissuable: no (10,000,000 tokens is max.)
AssetId: 9zMruSw8PPVPvRWgmrDi8QzsaGwNfBqdx9L5sMgASDAK

To find the token in the exchange:
Switch from 'Verified mode' to 'Community mode'
Search with the AssetId: 9zMruSw8PPVPvRWgmrDi8QzsaGwNfBqdx9L5sMgASDAK
Pairs: BitcoinADAB/BTC and BitcoinADAB/WAVES

This is our interaction token for this project.

How exactly is this supposed to interact with a private key solver program again?

The software would have to be modified to buy or sell tokens as progress is made in exhausting search space. And it's pretty tricky to modify these programs because I once did that, and then someone complained on Github that it wasn't finding keys anymore.
copper member
Activity: 76
Merit: 11
July 11, 2021, 04:08:51 PM
#40
We wanted to have a decentralized exchange for this project and created an own token as ADAB spin-off. We chose the Waves platform.

Exchange: https://waves.exchange/

Explorer with information on the token:
https://wavesexplorer.com/tx/9zMruSw8PPVPvRWgmrDi8QzsaGwNfBqdx9L5sMgASDAK

Name of the token: BitcoinADAB
Quantity: 10,000,000
Decimals: 8
Reissuable: no (10,000,000 tokens is max.)
AssetId: 9zMruSw8PPVPvRWgmrDi8QzsaGwNfBqdx9L5sMgASDAK

To find the token in the exchange:
Switch from 'Verified mode' to 'Community mode'
Search with the AssetId: 9zMruSw8PPVPvRWgmrDi8QzsaGwNfBqdx9L5sMgASDAK
Pairs: BitcoinADAB/BTC and BitcoinADAB/WAVES

This is our interaction token for this project.
copper member
Activity: 76
Merit: 11
July 11, 2021, 05:48:29 AM
#39
What we want is, that each participant of a pool calculates one tame or wild. The main server has to coordinate that all, so it is the best solution so far.

... I suggest you should look for another exchange in that region to cooperate with.
We have another idea. I hope that we can publish it here today or tomorrow.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 11, 2021, 02:55:49 AM
#38
Well the current Kangaroo builds use a herd of 1024 tame and wild points so I don't think it matters a lot how big you make the herd size on the CPU since the controller code runs through the herd with a simple for loop for CPU. On GPU It's a bit constrained though, hardware is usually optimized to run 128 or 64 items in parallel, and in this case it's 128 pairs at a time. And the GPU kernel runs through this 64 times per call to GPU-land so 8192 different privkeys iterated per call, 8 times more than the CPU on paper.

Of course because of floating-point arithmetic advancements in each new GPU card the actual speed boost is much higher.

As mentioned in earlier posts, ADAB wanted to build a crypto exchange and for a short time they had a running exchange but then closed it. We think that they had licensing problems. We know that projects in that region (ME) are high quality and that they have the required equipment. With that project, we invite them to join us. They could become the largest pool in that project.

The ADAB exchange you keep talking about had a messy scam accusation against them, apparently, they didn't conduct their ICO or whatever properly so I suggest you should look for another exchange in that region to cooperate with.
copper member
Activity: 76
Merit: 11
July 10, 2021, 07:12:47 PM
#37
We don't know how your kangaroo is working. We wanted to say, that if you use the projects system for a point in a range (2^119 - 2^120) and not the whole order range, that you will have a 2^256 problem. So it is not usable for it.

Yes, we use 2^0, 2^1, ... Even if 2^0 and 2^1 are neighboring points, we don't know, from which points these are target points. We are open for improvements, if people explain it.

Pools won't buy the token, if the token wouldn't help them. But they will understand, that it will help and support them. And if a pool participates in that project, that means, that they believe in it. If they don't want to use the token, they could reward their participants with BTC in advance.

It doesn't matter how much ADAB we have, we don't have 100%. And if we started our own token, then we would have 100%.

As mentioned in earlier posts, ADAB wanted to build a crypto exchange and for a short time they had a running exchange but then closed it. We think that they had licensing problems. We know that projects in that region (ME) are high quality and that they have the required equipment. With that project, we invite them to join us. They could become the largest pool in that project.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 10, 2021, 06:26:48 PM
#36
Quote
Wild points and tame points will jump 2^0, 2^1, ... , 2^255 and they will 'jump over' the order of FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 and as it is a finite field, they will come back into the field. That system is not usable for the puzzle, as you have there a small range (2^119 - 2^120) and not the whole order range. Nobody could test this for Bitcoin so far, but it has been tested for a smaller order.
You should probably study the code before talking on it. The current kangaroo, does "jump over" the order of N and does come back around. Run and print to screen the points and you will see or print them to file.

I still do not think if you jump tames 2^0, 2^1,...anything lower than 2^244ish, they will be of value. So if you are using the standard suggested jumps of 2^128, if those tames don't start in a targeted range above where the private key could be, or even when they wrap back around N, they will be too low to be of use/value.

Quote
And we found the solution in the token. Mining pools can operate with that token (reward their participants with that token) before we solve the first point. We already said it, the price of the token will be an indicator for the success of the project and the probability when a 'Satoshi's coin' will be solved. At the beginning, the token price will be speculative, but with higher key rates of the network it will become more and more predictable.
"Hey pools, we need you to buy this old scammish coin to reward your miners because a. we may never find a collision and b. even though you may have the most hashrate, you may not have half of the solving collision and therefore you get nada."

You must have a lot of ADAB tokens in your possession haha!
copper member
Activity: 76
Merit: 11
July 10, 2021, 01:28:54 PM
#35
...

In our case, tame points will be random points (private key: 1 - FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364140 = full order range) and wild points (Satoshi's points) are in the same range, so we can use the related wild points as tames after solving one point. Wild points and tame points will jump 2^0, 2^1, ... , 2^255 and they will 'jump over' the order of FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFE BAAEDCE6 AF48A03B BFD25E8C D0364141 and as it is a finite field, they will come back into the field. That system is not usable for the puzzle, as you have there a small range (2^119 - 2^120) and not the whole order range. Nobody could test this for Bitcoin so far, but it has been tested for a smaller order.

Thank you, that you are trying to improve it.


Edit:
In that system, it doesn't matter how many wild points and tame points we have. The server will provide the pools with starting points, so that the number of wild points and tame points (all tame points will be different random points and can be anywhere in the full order range) are approximately equal. The main problem is the key rate of the whole system. We will need 2^128 (can be more or less, Pollard is not deterministic) calculated points to solve the first point. And that is not impossible but nearly impossible, so we want to try it. We think, that when the project runs, improved point addition hardware will appear. With the provided data from the pools, people will be able to calculate how far we are from calculating the first point of Satoshi. But we will not know, which one it will be.

The hashrate of Bitcoin was in the first year ~10 Mhash/sec and 10 years later 100 Ehash/s. If someone told us in 2009 that in 2019 the network will hash 10,000,000,000,000 times faster, what would we say? 10,000,000,000,000 more participants? No, the hardware and hardware use improved, without Satoshi asking them.

So we have to run our project, even with a low key rate. And when people understand the project, they will join us.

With Satoshi's introduction of Bitcoin in 2009, people could join and mine coins and got coins. But in our case, it will take a while until we have the first point and the first reward. That was a problem to solve. And we found the solution in the token. Mining pools can operate with that token (reward their participants with that token) before we solve the first point. We already said it, the price of the token will be an indicator for the success of the project and the probability when a 'Satoshi's coin' will be solved. At the beginning, the token price will be speculative, but with higher key rates of the network it will become more and more predictable.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 10, 2021, 08:17:06 AM
#34
Quote
We will set the starting points of all tame and wild points
~snip
You set the starting points? Or program randomly generates starting points? ok, well the program does (you can set the range) and the wild kangaroo you know the range released but no clue where they are at in the range because they are offset by the pubkey's private key amount.

It would be much better if the starting points were not kept constant, the fact that the starting points are initially chosen at random anyway implies that there's no benefit to keeping them constant.

Quote
Btw: All wild points of this part, after solving a key, will become tame points in the system. So the system will become faster even when the 'hash rate/jump rate/key rate' remains constant.

The tames have a different min/max range from the wild points so some wild points won't be valid tame points.
copper member
Activity: 76
Merit: 11
July 09, 2021, 05:52:41 AM
#33
The crypto exchange BitForex https://www.bitforex.com made an announcement:

The project related token ADAB has been hidden.

Please notice that assets holders are required to withdraw their assets to their own wallets or other exchanges by 11:00, August 9th, 2021 (GMT+8). BitForex will not support the withdrawal of these tokens/coins after that time.

Transaction fee: 999995.4639 ADAB
copper member
Activity: 76
Merit: 11
July 08, 2021, 12:28:27 PM
#32
Quote
You can be sure that pools, who understand the project, will provide you with the necessary data.
You say you want to set it up like bitcoin network.
In a typical PoW network, pools are formed, pools find blocks, pools are rewarded.   Normally, the larger pools find more blocks.  When a block is found, the network checks and validates if it's a valid hash/block.
In your platform, the largest pool may never get a reward/find a block. Only your system knows/validates if a point (block) is valid therefore, again, you can decide who receives the reward.
With 'like the Bitcoin network', we wanted to say: large network with pools and pool participants. And not PoW. It won't be decentralized but fair and transparent.

After solving a point, we will publish all parameters (public keys) for:

wild point = 'Satoshi's point' (private key unknown) + distinguished point (we + participant have private key)
tame point = starting point (we have private key) + distinguished point (we + participant have private key)

Only the pools who calculated 'wild distinguished point' and 'tame distinguished point' can get the reward. We can't decide who receives the reward.

Even if we published

wild point = 'Satoshi's point' (private key unknown) + our point 1
tame point = starting point (we have private key) + our point 2

our points 1 and 2 would have to be distinguished points. And that is not possible unless we have the same calculating power like the network.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 08, 2021, 10:52:02 AM
#31
Quote
We have checked this. It is impossible as of today.
Then I guess it comes down to if you believe in the RIPEMD160 theory, doesn't it?

Quote
The system we use is different than your Pollard's kangaroo what you use for the puzzle. The main problem is the speed of calculations ('hash rate/jump rate/key rate').
Then I am not sure what system/program you will use if you don't store points to check for collisions.

Quote
You can be sure that pools, who understand the project, will provide you with the necessary data.
You say you want to set it up like bitcoin network.
In a typical PoW network, pools are formed, pools find blocks, pools are rewarded.   Normally, the larger pools find more blocks.  When a block is found, the network checks and validates if it's a valid hash/block.
In your platform, the largest pool may never get a reward/find a block. Only your system knows/validates if a point (block) is valid therefore, again, you can decide who receives the reward.




legendary
Activity: 2352
Merit: 6089
bitcoindata.science
July 08, 2021, 08:56:58 AM
#30
We want to build a network, like the Bitcoin network, where instead of hashing the next block, the nodes will calculate distinguished points of the elliptic curve that Bitcoin uses for its addresses.

And this network will include Satoshi's mined coins. Hopefully we can calculate them and bring them back.


----------


How will it work?

If we solve a Satoshi's coinbase, which consists of 50 BTC, 25 BTC will go to the node that calculated the distinguished point and with the other 25 BTC, we will buy the interaction token. The price of the interaction token will be an indicator for the success of that project and the participating nodes can optimize their reward with that token.


Theoretically, you are losing money while spending your processing power trying to, literally, attack the network.

The way bitcoin is designed that processing power would be better spent in the mining process itself, because the chances of getting a private key are ridiculously low.

As mentioned in the whitepaper:
Quote
The incentive may help encourage nodes to stay honest. If a greedy attacker is able to
assemble more CPU power than all the honest nodes, he would have to choose between using it
to defraud people by stealing back his payments, or using it to generate new coins. He ought to
find it more profitable to play by the rules, such rules that favour him with more new coins
than
everyone else combined, than to undermine the system and the validity of his own wealth.
https://bitcoin.org/bitcoin.pdf


There is also a second problem here.  Supposing you find a satoshi private key, that key is worth a LOT more than 50 bitcoins. You can literally prove yourself to be satoshi. How much would Faketoshi pay for this?

Certainly people like Faketoshi will be interested in a project like this. Is this the kind of partners you want? He is probably trying to do it already...
copper member
Activity: 76
Merit: 11
July 08, 2021, 05:49:41 AM
#29
...
First two points are answered in the previous post.

Quote
The project is very large and we want participants to build pools. Once the project runs a while, pools will pop up and they will store that data.
You do not understand the amount of data that will need to be stored

Lastly, kangaroo has its disadvantages with your approach.
You don't need that amount of data. The system we use is different than your Pollard's kangaroo what you use for the puzzle. The main problem is the speed of calculations ('hash rate/jump rate/key rate').

Yes, we will have loops (tame point will reach a tame point) but we have good solutions for that.

Brute force would be much quicker in this case. How much quicker, around 2^38 quicker, now, go figure that one out.
We have checked this. It is impossible as of today.




Is it possible to argue that any public key address is 128 bits?
The public keys are 256 bit. What we wanted to say is, that it is a 2^128 calculations problem instead of 2^255, if you don't use Pollard or Rho.
member
Activity: 174
Merit: 12
July 08, 2021, 02:36:04 AM
#28
Is it possible to argue that any public key address is 128 bits?
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 09:24:08 PM
#27
Quote
It is a finite field, all points that jump over N, come back to the field and are useful.
This tells me you do not know enough about Kangaroo and points

Quote
Yes, today it would be so. But if the project starts, there will be enough volume, that will handle these 25 BTC.
Again, it's not about volume, it's about tokens and price...25BTC would buy them all, in one swoop.

Quote
The project is very large and we want participants to build pools. Once the project runs a while, pools will pop up and they will store that data.
You do not understand the amount of data that will need to be stored

Lastly, kangaroo has its disadvantages with your approach.  Brute force would be much quicker in this case. How much quicker, around 2^38 quicker, now, go figure that one out.
copper member
Activity: 76
Merit: 11
July 07, 2021, 09:00:40 PM
#26
Not sure why you want to jump over N, but that is your programming choice. With a jump size of roughly 2^128 if you jump over N, those tame points will all become useless. The tames need to be higher than the wilds. If your tames are in a range less than 2^244, then that would be useless because the odds are, the private key is in at least the 248 to 256 bit range. 248 bit range allows for 2 leading 0s. So I don't see how you allowing jumps over/around N will make it faster.
It is a finite field, all points that jump over N, come back to the field and are useful.

If I am sending my points to a central server, how will I know what they are. Are you going to make every user store points on there on computer as well, and eat up 100s of 1000s of GB space?! I shouldn't be storing what the central server is storing therefore, I would have no private keys or points on my local machine to sign anything.
The project is very large and we want participants to build pools. Once the project runs a while, pools will pop up and they will store that data.

And the whole token thing, makes no sense.   25 BTC would buy all of those ADAB tokens and then some.
Yes, today it would be so. But if the project starts, there will be enough volume, that will handle these 25 BTC.

So if I am a user and don't help solve, I get nothing in return? Unless I own some ADAB tokens? Which by the way, they have all been sold, so people who aren't even participating/helping search for coins, will be rewarded, meanwhile the workers may not, because maybe there aren't any tokens to buy because people who bought them years ago aren't selling or are selling at extremely high price.
As answered, pools will solve this.

Also, by me not knowing or any user not knowing if they are searching for wilds or tames or anything, will never truly know if their point helped solve the key. You could program it where only you or your friends get the 25BTC reward, but if I am paid based on my contribution, then I know I will be compensated. Zero transparency with your platform. Imagine mining in a pool where you had no idea how much you would make because you didn't know total pool hashrate nor your own hashrate, you just trusted the pool operators. ha!
You can be sure that pools, who understand the project, will provide you with the necessary data.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 08:39:41 PM
#25
You set the starting points? Or program randomly generates starting points? ok, well the program does (you can set the range) and the wild kangaroo you know the range released but no clue where they are at in the range because they are offset by the pubkey's private key amount.
...
Yes, you did some reading and understand that you can tame previous wilds. BUT doesn't mean it will necessarily be faster, it will depend on where a key was found and where the next one lies on the curve.

In the puzzle, you are calculating in a range. But in the project we will have the full range and here the system becomes faster. It will be different than Pollard's kangaroo or Rho like you use it, we will let them jump over N.

The participants won't know, if they are calculating tame or wild points. They will provide the central server, which we will have, with distinguished points (plus related private keys) and the system will check if there is a solution. If so, we will broadcast the distinguished points (wild + tame) and only the participants who solved it can sign and will receive their rewards (12.5 BTC each).

wild point = 'Satoshi's point' (private key unknown) + distinguished point (we + participant have private key)
tame point = starting point (we have private key) + distinguished point (we + participant have private key)
Not sure why you want to jump over N, but that is your programming choice. With a jump size of roughly 2^128 if you jump over N, those tame points will all become useless. The tames need to be higher than the wilds. If your tames are in a range less than 2^244, then that would be useless because the odds are, the private key is in at least the 248 to 256 bit range. 248 bit range allows for 2 leading 0s. So I don't see how you allowing jumps over/around N will make it faster.

Quote
The participants won't know, if they are calculating tame or wild points. They will provide the central server, which we will have, with distinguished points (plus related private keys) and the system will check if there is a solution. If so, we will broadcast the distinguished points (wild + tame) and only the participants who solved it can sign and will receive their rewards (12.5 BTC each).
If I am sending my points to a central server, how will I know what they are. Are you going to make every user store points on there on computer as well, and eat up 100s of 1000s of GB space?! I shouldn't be storing what the central server is storing therefore, I would have no private keys or points on my local machine to sign anything.


And the whole token thing, makes no sense.   25 BTC would buy all of those ADAB tokens and then some.

So if I am a user and don't help solve, I get nothing in return? Unless I own some ADAB tokens? Which by the way, they have all been sold, so people who aren't even participating/helping search for coins, will be rewarded, meanwhile the workers may not, because maybe there aren't any tokens to buy because people who bought them years ago aren't selling or are selling at extremely high price.

Also, by me not knowing or any user not knowing if they are searching for wilds or tames or anything, will never truly know if their point helped solve the key. You could program it where only you or your friends get the 25BTC reward, but if I am paid based on my contribution, then I know I will be compensated. Zero transparency with your platform. Imagine mining in a pool where you had no idea how much you would make because you didn't know total pool hashrate nor your own hashrate, you just trusted the pool operators. ha!

copper member
Activity: 76
Merit: 11
July 07, 2021, 08:06:52 PM
#24
You set the starting points? Or program randomly generates starting points? ok, well the program does (you can set the range) and the wild kangaroo you know the range released but no clue where they are at in the range because they are offset by the pubkey's private key amount.
...
Yes, you did some reading and understand that you can tame previous wilds. BUT doesn't mean it will necessarily be faster, it will depend on where a key was found and where the next one lies on the curve.

In the puzzle, you are calculating in a range. But in the project we will have the full range and here the system becomes faster. It will be different than Pollard's kangaroo or Rho like you use it, we will let them jump over N.

The participants won't know, if they are calculating tame or wild points. They will provide the central server, which we will have, with distinguished points (plus related private keys) and the system will check if there is a solution. If so, we will broadcast the distinguished points (wild + tame) and only the participants who solved it can sign and will receive their rewards (12.5 BTC each).

wild point = 'Satoshi's point' (private key unknown) + distinguished point (we + participant have private key)
tame point = starting point (we have private key) + distinguished point (we + participant have private key)
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 07:26:09 PM
#23
Quote
We will set the starting points of all tame and wild points, we will have the private keys. The participants will calculate the points on top of these. Who submitted the solving point will have the private keys of these, and can sign a message. So we can know who solved it.
Btw: All wild points of this part, after solving a key, will become tame points in the system. So the system will become faster even when the 'hash rate/jump rate/key rate' remains constant.
Yeah, not sure what you are saying. Like, it really makes no sense.

You set the starting points? Or program randomly generates starting points? ok, well the program does (you can set the range) and the wild kangaroo you know the range released but no clue where they are at in the range because they are offset by the pubkey's private key amount.

You have the private keys? To all 2^128 points? Well hell, just sweep those coins now.

If I have the private key, why sign and send message? Why not just sweep the coins myself.

Tell me how what I see is wrong:

With Kangaroo, you have a range, in this case it would be from 0 to N-1, roughly 2^256.
The program will generate random starting points within that range for the tames and wilds to start their hops. So how do you plan on setting all the starting points? And how do you already have these private keys?
A tames point is actual pubkey and its distance is the actual private key to that pubkey.
A wilds point is a pubkey but the distance is offset by the pubkey you are searching for, private key.
The server or just the program if running on individual system, detects for a collision amongst the points, and then solves. How do you plan on running the system? A user would never know the points or distances they came across because their system should send it to a central server, along with every other participants points and distances, and the central server would look for collisions and solve. Users would never know if their point and distances found the collision.  So yeah, I am struggling to understand how your system intends to work.

Yes, you did some reading and understand that you can tame previous wilds. BUT doesn't mean it will necessarily be faster, it will depend on where a key was found and where the next one lies on the curve.
copper member
Activity: 76
Merit: 11
July 07, 2021, 07:18:03 PM
#22
Quote
Here are some examples of Satoshi's addresses (all coinbase 50 BTC)
You posting a few addresses ...

These addresses are special addresses (12 of them, there are ~100). They are the last coinbase addresses, before Satoshi resets his miner (the related values, like the ExtraNonce, go to 0). These points are on top of a blue line, which reflect Satoshi's coins. More here: https://bitslog.com/2019/04/16/the-return-of-the-deniers-and-the-revenge-of-patoshi/

copper member
Activity: 76
Merit: 11
July 07, 2021, 06:32:20 PM
#21
Ok, this all sounds great great but to use a token, ADAB, that is riddled with ridicule and scam, seems fishy.
ADAB wanted to build a crypto exchange and for a short time they had a running exchange but then closed it. We think that they had licensing problems. We know that projects in that region (ME) are high quality and that they have the required equipment. With that project, we invite them to join us.

So you and your buds buy up the token now for cheap, then spread the 25 BTC over those tokens you picked up for cheap?
After doing this, the token price would crash. Who would participate in that project thereafter? That would be a problem, if that project would solve all 'Satoshi's coins' at once. But the coins will be solved step by step, so we have to be carefull how we buy the tokens with the 25 BTC reward to keep the project running.

How would you even know who submitted the tame point that helped solve key and who submitted the wild point that helped solve the key?
We will set the starting points of all tame and wild points, we will have the private keys. The participants will calculate the points on top of these. Who submitted the solving point will have the private keys of these, and can sign a message. So we can know who solved it.
Btw: All wild points of this part, after solving a key, will become tame points in the system. So the system will become faster even when the 'hash rate/jump rate/key rate' remains constant.

Pay people based on their hash rate/jump rate/key rate; whatever you want to call it, and split the entire 50 BTC amongst all people who contributed hashing power.
Why use a token at all?
It will take a long time to solve the first 'Satoshi's coin' and the token would help the participants in that phase. The price of the token will reflect the success of the project and the probability when a 'Satoshi's coin' will be solved and the participating nodes can optimize their reward with that token. We think that this will work.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 04:41:53 PM
#20
Quote
As interaction token for that project, we will use ADAB token
Ok, this all sounds great great but to use a token, ADAB, that is riddled with ridicule and scam, seems fishy.

Why not start your own eth token, easy to create.

Why use a token at all?

Quote
25 BTC will go to the node that calculated the distinguished point and with the other 25 BTC, we will buy the interaction token
Pay people based on their hash rate/jump rate/key rate; whatever you want to call it, and split the entire 50 BTC amongst all people who contributed hashing power.
So you and your buds buy up the token now for cheap, then spread the 25 BTC over those tokens you picked up for cheap?

How would you even know who submitted the tame point that helped solve key and who submitted the wild point that helped solve the key? Do you honestly know how Kangaroo even works or are you just seeing that it is faster than brute force and want to implement it without really knowing how it works?!

Quote
Here are some examples of Satoshi's addresses (all coinbase 50 BTC)
There is a well known list with all of his "thought to be" addresses. I have the full uncompressed pubkey list, the compressed pubkey list, as well as uncompressed and compressed addresses. You posting a few addresses doesn't really prove anything other than you looked at the blockchain or googled it.

Bottom line, if one wants to do this, setup a server, set up a "Kangaroo pool" (like a mining pool), distribute found BTC amongst all people who helped based on their hashrate. Don't need a token, especially one with sketchy past.



copper member
Activity: 76
Merit: 11
July 07, 2021, 04:30:03 PM
#19
edited 2nd post: some examples of Satoshi's addresses
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 04:19:01 PM
#18
Our opinion is, if people understand what we want to try, they will join us. As already said, the problem is not impossible - it is nearly impossible. But software and hardware can be optimized and with a large network, we should try it.
People will not understand by your first and second posts.

You have to spell it out, explain the reason behind your math of 2^128. Explain you'll be using a Kangaroo method versus brute force. Explain how Kangaroo works vs brute force.

Don't leave it up to the people that do understand and have been a part of the puzzle, to pull it out of you and make passerby readers have to read down 30 posts to understand how you are going to try, etc.
copper member
Activity: 76
Merit: 11
July 07, 2021, 04:12:29 PM
#17
Our opinion is, if people understand what we want to try, they will join us. As already said, the problem is not impossible - it is nearly impossible. But software and hardware can be optimized and with a large network, we should try it.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 04:04:09 PM
#16
If you have a 2^100 bit public key

you will need ~2^100 calculations if you have a hashed key
you will need ~2^50 calculations if you have the coordinates and can use for example Pollard's kangaroo


That's the reason, why they solved #63 (hashed key) and #115 (key with coordinates) in the puzzle.
Haha, yeahhhhhhhh I am not new to the puzzle. Have been actively involved for over a year. I know how it works and how each key has been solved.

Then yes, you are talking group operations. Which sounds more logical than you just saying it becomes a 2^128 problem.

And don't clutter it with Satoshi's coins have x and y coords, that doesn't matter. Just say when a public key is exposed, you can use different methods than old school brute force method. Any address with public key exposed is susceptible to Kangaroo, not just his address because it has x and y coords.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 04:00:03 PM
#15
Also, not saying this can't be done but you will have to have some powerful server equipment/setup.

1. so that many people can connect and join the hunt.
2. enough ram to combine files/collect points
  a. if you set a DP of say 60, you will have to store 2^60 points and distances (DP 60 will increase search time quite a bit)
  b. but if you go lower than 60, say down to 40, then you will need to store 2^80 points and distances
  c. with the 115 bit range, it took a file size of 300+ GBs to store all of the points and distances, and that was with a DP of 25

You will probably need at least 2 servers, maybe more. One to handle all connections and one to combine files and check for solved key

copper member
Activity: 76
Merit: 11
July 07, 2021, 03:56:56 PM
#14
If you have a 2^100 bit public key

you will need ~2^100 calculations if you have a hashed key
you will need ~2^50 calculations if you have the coordinates and can use for example Pollard's kangaroo


That's the reason, why they solved #63 (hashed key) and #115 (key with coordinates) in the puzzle.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
July 07, 2021, 03:49:55 PM
#13
Unused hashed addresses: 2^256 problem (or 2^160 ripemd)
= impossible to solve as of today

Satoshi's coins include the x and y coordinates of the public keys. Although they are 256 bit, with Pollard's kangaroo they are a 2^128 problem.
= nearly impossible to solve

And we want to build with that project a network, that makes it possible.
I'm not really following you. I'm not saying you are wrong but just trying to understand how it becomes a 2^128 problem??

I can get the x and y coordinates from any public key, but that doesn't make it easier to find/shrink the problem to 2^128. So please explain how you think it does.

Unless you are talking 2^128 group ops, which you need to/should specify as to not mislead people reading your posts.

And using Kangaroo doesn't shrink anything except speed up a search versus a brute force attack.
copper member
Activity: 76
Merit: 11
July 07, 2021, 03:20:50 PM
#12
Unused hashed addresses: 2^256 problem (or 2^160 ripemd)
= impossible to solve as of today

Satoshi's coins include the x and y coordinates of the public keys. Although they are 256 bit, with Pollard's kangaroo they are a 2^128 problem.
= nearly impossible to solve

And we want to build with that project a network, that makes it possible.
member
Activity: 174
Merit: 12
July 07, 2021, 02:22:08 PM
#11
Didn't find an explanation in the second post. Do you want to crack a 128 bit key?
In the puzzle you pointed to, only the 63 bit key is cracked. And 120 with a public key.
Where does the data come from that the first addresses have 128 bits?
copper member
Activity: 76
Merit: 11
July 07, 2021, 01:17:58 PM
#10
how do you plan to get Satoshi coins? Smiley

That is the project. In the 2nd post you can read it and it will be updated.
member
Activity: 174
Merit: 12
July 07, 2021, 01:15:17 PM
#9
how do you plan to get Satoshi coins? Smiley
copper member
Activity: 76
Merit: 11
July 07, 2021, 12:52:02 PM
#8
These addresses you are referring to are the puzzle transactions and Satoshi did not make them. Therefore, it is not useful to use properties like mining reward amounts, and especially tokens, as clues because they have no relation to the private keys at hand.

The only known clue, is that each private key is between 2**n and 2**(n+1)-1.

Thank you for your reply. Yes, we know that. It was only an example to explain the project.

In the project, Satoshi's coins will be calculated. They contain 50 BTC per address. Satoshi marked them, so we can know which addresses these are. You can read here
https://bitslog.com/2019/04/16/the-return-of-the-deniers-and-the-revenge-of-patoshi/
https://bitcointalksearch.org/topic/chain-archaeology-answers-from-the-early-blockchain-507458
if you want to know how it is possible to differ them.

Soon, we will update the 2nd post with some example addresses.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
July 07, 2021, 07:45:28 AM
#7
These addresses you are referring to are the puzzle transactions and Satoshi did not make them. Therefore, it is not useful to use properties like mining reward amounts, and especially tokens, as clues because they have no relation to the private keys at hand.

The only known clue, is that each private key is between 2**n and 2**(n+1)-1.
newbie
Activity: 1
Merit: 0
July 06, 2021, 10:55:20 PM
#6
I will have to spend some time on that! haha
copper member
Activity: 76
Merit: 11
July 06, 2021, 05:47:55 AM
#5
In a normal key pair the private key is 256 bits and is selected in the correct secp256k1 range randomly so it is impossible to find it from the public key due to the massive search size that would take millions of years to search even when you share the work among all computing power in the world.

In a puzzle on the other hand the private keys are small from 1 bit to tens of bits and are meant to be searched and found in a short time. Faster if you share it among more people.

Thanks for your reply pooya87. Yes, you are right, normal addresses are a 2^256 problem. But Satoshi's coins are special, a 2^128 problem. You can see it here https://bitcointalksearch.org/topic/bitcoin-puzzle-transaction-32-btc-prize-to-who-solves-it-1306983 how they solve it.
legendary
Activity: 3472
Merit: 10611
July 05, 2021, 09:57:03 PM
#4
And this network will include Satoshi's mined coins. Hopefully we can calculate them and bring them back.
In a normal key pair the private key is 256 bits and is selected in the correct secp256k1 range randomly so it is impossible to find it from the public key due to the massive search size that would take millions of years to search even when you share the work among all computing power in the world.

In a puzzle on the other hand the private keys are small from 1 bit to tens of bits and are meant to be searched and found in a short time. Faster if you share it among more people.
copper member
Activity: 76
Merit: 11
July 05, 2021, 07:30:38 PM
#3
- reserved -
copper member
Activity: 76
Merit: 11
July 05, 2021, 07:28:44 PM
#2
Five years ago, a Bitcoin puzzle was discovered https://bitcointalksearch.org/topic/bitcoin-puzzle-transaction-32-btc-prize-to-who-solves-it-1306983 and people are trying to calculate private keys of addresses that have different difficulties.

We want to build a network, like the Bitcoin network, where instead of hashing the next block, the nodes will calculate distinguished points of the elliptic curve that Bitcoin uses for its addresses.

And this network will include Satoshi's mined coins. Hopefully we can calculate them and bring them back.


----------


How will it work?

If we solve a Satoshi's coinbase, which consists of 50 BTC, 25 BTC will go to the node that calculated the distinguished point and with the other 25 BTC, we will buy the interaction token. The price of the interaction token will be an indicator for the success of that project and the participating nodes can optimize their reward with that token.

As interaction token for that project, we will use ADAB token (ETH Contract: 0x034b0dd380b5f6f8123b8d0d0e42329b67772792). The initial project https://bitcointalk.org/index.php?topic=4720775.0) that should become a crypto exchange, doesn't exist anymore, we think that they had licensing problems. We invested in that project, the tokens have a good distribution and the market cap is < $100,000 (06/Jul/2021).

Exchange: Bitforex - pair ADAB/ETH https://www.bitforex.com/en/spot/adab_eth (09/Jul/2021 BitForex has hidden ADAB https://support.bitforex.com/hc/en-us/articles/4404391011853-Announcement-of-Hiding-22-Inactive-Tokens-and-28-Trading-Pairs)

It will take a certain time to build up that network, which will be a large database.


----------


How will you be rewarded?

With the interaction token. Anyone can buy, sell, invest in that token. As already said, ADAB token will indicate the success of this project.


----------


How can we be sure that the nodes will receive their reward and that the initial token will be bought after solving a coinbase?

We could keep the coins. But we could do this one time, as nobody would trust in that project anymore.


----------


How can we know that the coins we calculate are Satoshi's coins?

Satoshi marked his mined coins.
https://bitslog.com/2019/04/16/the-return-of-the-deniers-and-the-revenge-of-patoshi/
https://bitcointalksearch.org/topic/chain-archaeology-answers-from-the-early-blockchain-507458


----------


What, if Satoshi wants us to stop that project?

If Satoshi signs a message with the private keys for addresses that we will publish here for our calculations, we will stop the project immediately.


----------


Here are some examples of Satoshi's addresses (all coinbase 50 BTC - year 2009) - there are > 20,000 Satoshi blocks with > 1,000,000 BTC

Block   Address
5168   1BeGnS32fmE8519HS4MZNzEXNF9qac2aZe
5746   1MrtaEbkfz6fRaZdZkxgVKmaErVyjAVBvd
6293   1qqJ811Y5BGZ6FmvXqWWAY2ZYpC1WTAwo
6881   1XFBaNuVc8adgHzW4ofkZ4LpnzmGZLFtj
7443   12yTBHcmSx8EkfwLSS4CxeN8d9mqZBN9EM
8044   1Ev7PmfSL8N2a8iK6mTEKVcXZYpT2WvcAp
8644   12j55m8ujDYdMRzeF9tEhoDJxHeaeSPFmR
9205   1EpMerLUAURc6pFUgPFnA1ktGhPPJW9UHp
9778   1NgbX9h8PauV62Gd4ZnaD4VRAVFVmU9YnZ
10353   1Ccg7vDQECRw86UwLKqwqJxgBJLLTRjLKt
11067   1GfHRDwooUCdq4HhTdqDyDTy1RQXsKqhjA
11625   17RDjaCwTfrGJJWBNbz8P8gM86gejgTsjD


These addresses are special addresses (here 12 of them, there are ~100). They are the last coinbase addresses, before Satoshi resets his miner (the related values, like the ExtraNonce, go to 0). These points are on top of a blue line, which reflect Satoshi's coins. More here: https://bitslog.com/2019/04/16/the-return-of-the-deniers-and-the-revenge-of-patoshi/




----------



- will be edited -
copper member
Activity: 76
Merit: 11
July 05, 2021, 07:27:08 PM
#1
Jump to: