Topic: [CLAIMED!] Bounty: 0.25 BTC. Find the Bitcoins hidden in plain sight. - page 3. (Read 10177 times)
July 14, 2011, 05:51:19 PM
Time to start SHA-256ing dictionary words to see if the bitcoin addresses that match have a balance.
July 14, 2011, 05:35:16 PM
Here is also why I became interested in hiding bitcoins in strings:
I have considered making some sort of physical bitcoins (like coins, or poker chips, or whatever) - who knows if I'll do it - but it occurred to me that hiding 51 legible characters in a small object might be difficult. But I thought that if I could hide even 20 characters, and simply define the private key as SHA256 of those 20 characters, that it would be just as secure.
I have considered making some sort of physical bitcoins (like coins, or poker chips, or whatever) - who knows if I'll do it - but it occurred to me that hiding 51 legible characters in a small object might be difficult. But I thought that if I could hide even 20 characters, and simply define the private key as SHA256 of those 20 characters, that it would be just as secure.
July 14, 2011, 05:27:34 PM
You guys are so smart.
July 14, 2011, 05:11:07 PM
I was mainly trying to show that Bitcoins can be hidden in short amounts of plain text. Any text will do, as long as it's not too short that it can be guessed by brute force.
Yeah, that's actually pretty neat.
I've been doing it the other way round, i.e. starting with a specific address and key and then obfuscating the key somehow. It hadn't occurred to me to start with some convenient text and then generate a private key and public address from that.
Hey Casascius — you could include in your business creating public/private keys on paper based on a specific passphrase. I don't know how popular that would be, although there is no real difference in the trust involved.
I think I prefer my unbreakable one-time code. Apart from the slight problem that I don't know of a simple way for someone not a computer genius to get their bitcoins out again.
July 14, 2011, 05:03:35 PM
It was claimed while I was trying to do so myself. Somebody beat me to it. 
Anyway, the secret is that the SHA-256 hash of the string is the private key for that address.
Anyway, the secret is that the SHA-256 hash of the string is the private key for that address.
July 14, 2011, 04:55:26 PM
Wild guess: the string is base58. Decode it, import resulting 32 bytes as private key, grab a cookie
edit: Are i and l allowed in base58? Afaik not, will this produce some result when trying to decode it or will it fail?
edit: Are i and l allowed in base58? Afaik not, will this produce some result when trying to decode it or will it fail?
i (eye) is allowed by l (ell) isn't. Annoying for someone with L's in my name... it's hard to keep up with the 1JonesesnUrF3mMFYmJbKHzRrvpdUP7Tke with an L in your name...
Will
July 14, 2011, 04:41:20 PM
Wild guess: the string is base58. Decode it, import resulting 32 bytes as private key, grab a cookie
edit: Are i and l allowed in base58? Afaik not, will this produce some result when trying to decode it or will it fail?
edit: Are i and l allowed in base58? Afaik not, will this produce some result when trying to decode it or will it fail?
July 14, 2011, 04:38:16 PM
lol.. well there goes my theory that casascius was throwing out this little puzzle to demonstrate how easy and convenient it is to import the keys from paper wallets!
That's just it, it's not yet easy.
I was mainly trying to show that Bitcoins can be hidden in short amounts of plain text. Any text will do, as long as it's not too short that it can be guessed by brute force.
An entire wallet could be generated from a short amount of plain text as well - simply by adding a counter onto the end of the string. That's been proposed as a "deterministic wallet". If done that way, one would never need to back it up, as long as they kept the original string safe and secure.
July 14, 2011, 04:29:39 PM
There is no winner yet! 
My transaction shows up at bitcoincharts.com/bitcoin, however it is listed as low priority. So.. if it works, I will be asleep by that time. 
The last block was found 30 minutes ago.. come on. I can't wait any longer.. I will check tomorrow, and if I see the BTC in my wallet, I will update here to explain how it worked.
My transaction shows up at bitcoincharts.com/bitcoin, however it is listed as low priority. So.. if it works, I will be asleep by that time. The last block was found 30 minutes ago.. come on. I can't wait any longer.. I will check tomorrow, and if I see the BTC in my wallet, I will update here to explain how it worked.
July 14, 2011, 04:28:59 PM
I studied the vanitygen code, and I probably figured it out. Just noticed your C# explanation now. (edit: Huh, if I remember correctly, I only used sha256 once... So this is maybe not going to work..?)
I did a -rescan and the 0.25 showed up. Then it took me another minute to figure out an amount where bitcoin wouldn't complain about transaction fees. Now waiting to see if my transaction goes through or if someone was faster than me.
Anyway, it was fun! Thanks a lot for the challenge.
Care to elaborate? Once the transaction goes through, of course... I did a -rescan and the 0.25 showed up. Then it took me another minute to figure out an amount where bitcoin wouldn't complain about transaction fees. Now waiting to see if my transaction goes through or if someone was faster than me.
Anyway, it was fun! Thanks a lot for the challenge.
July 14, 2011, 04:25:06 PM
lol.. well there goes my theory that casascius was throwing out this little puzzle to demonstrate how easy and convenient it is to import the keys from paper wallets!
That's what I figured, too. I did a google search for "Plain Sight Bitcoin" and found http://sprucecodes.com/ who cross-promotes the paper wallets heavily. SO SURE I was on the right track!
Ah well, kept me from cleaning the house for a few hours :-P.
Congrats to the skillful winner!
July 14, 2011, 04:22:18 PM
lol.. well there goes my theory that casascius was throwing out this little puzzle to demonstrate how easy and convenient it is to import the keys from paper wallets!
July 14, 2011, 04:21:13 PM
I studied the vanitygen code, and I probably figured it out. Just noticed your C# explanation now. (edit: Huh, if I remember correctly, I only used sha256 once... So this is maybe not going to work..?)
I did a -rescan and the 0.25 showed up. Then it took me another minute to figure out an amount where bitcoin wouldn't complain about transaction fees. Now waiting to see if my transaction goes through or if someone was faster than me.
Anyway, it was fun! Thanks a lot for the challenge.
I did a -rescan and the 0.25 showed up. Then it took me another minute to figure out an amount where bitcoin wouldn't complain about transaction fees. Now waiting to see if my transaction goes through or if someone was faster than me.
Anyway, it was fun! Thanks a lot for the challenge.
July 14, 2011, 04:07:21 PM
How to convert 32 byte hex private key into Base58-key that can be imported into a wallet...
1. take your 32 bytes...
2. tack 0x80 on at the beginning as the first byte (so now you have 33 bytes)
3. take sha256(sha256(those 33 bytes))
4. tack the first 4 bytes of the result of step 3 onto the end (so now you have 37 bytes)
5. compute base58 of the resulting 37 bytes
Base58 key will always start with a '5' in part because of the constant 0x80 being the first byte.
Working Microsoft C# code that does it:
1. take your 32 bytes...
2. tack 0x80 on at the beginning as the first byte (so now you have 33 bytes)
3. take sha256(sha256(those 33 bytes))
4. tack the first 4 bytes of the result of step 3 onto the end (so now you have 37 bytes)
5. compute base58 of the resulting 37 bytes
Base58 key will always start with a '5' in part because of the constant 0x80 being the first byte.
Working Microsoft C# code that does it:
Code:
private string ByteArrayToBase58Check(byte[] ba) {
// it is assumed that ba is 33 bytes long and starts with 0x80
byte[] bb = new byte[ba.Length + 4];
Array.Copy(ba, bb, ba.Length);
SHA256CryptoServiceProvider sha256 = new SHA256CryptoServiceProvider();
byte[] thehash = sha256.ComputeHash(ba);
thehash = sha256.ComputeHash(thehash);
for (int i = 0; i < 4; i++) bb[ba.Length + i] = thehash[i];
return ByteArrayToBase58(bb);
}
private string ByteArrayToBase58(byte[] ba) {
Org.BouncyCastle.Math.BigInteger addrremain = new Org.BouncyCastle.Math.BigInteger(1,ba);
Org.BouncyCastle.Math.BigInteger big0 = new Org.BouncyCastle.Math.BigInteger("0");
Org.BouncyCastle.Math.BigInteger big58 = new Org.BouncyCastle.Math.BigInteger("58");
string b58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
string rv = "";
while (addrremain.CompareTo(big0) > 0) {
int d = Convert.ToInt32(addrremain.Mod(big58).ToString());
addrremain = addrremain.Divide(big58);
rv = b58.Substring(d, 1) + rv;
}
// handle leading zeroes
foreach (byte b in ba) {
if (b != 0) break;
rv = "1" + rv;
}
return rv;
}
July 14, 2011, 04:01:53 PM
And follow the instructions on bitbills to import.
THAT'S what I was trying to figure out.
To bad it doesn't seem to work
July 14, 2011, 03:54:15 PM
(vanitygen seems to output base58-encoded privkeys)
So I probably got the hash wrong. I used an online sha256 tool, copied that sentence into the form field, got the hash in base64, then converted base64 to hex using another online tool, then used a copy-pasted python script to create this base58 key. It was worth a try.
Code:
$ ./pywallet.py --importprivkey=9MYaow1fLJHwaYgZVs6fLeALpTWuZY4zTA2NfFz8eMNQAiGQmzqeaHAYstXQ81vgVc
Bad private key
Bad private key
So I probably got the hash wrong. I used an online sha256 tool, copied that sentence into the form field, got the hash in base64, then converted base64 to hex using another online tool, then used a copy-pasted python script to create this base58 key. It was worth a try.
This is not a valid Base58-encoded wallet import string. Valid Base58-encoded wallet import strings always start with '5'.
July 14, 2011, 03:52:36 PM
You guys are on the right track. It is likely to be found soon.
July 14, 2011, 03:48:26 PM
I'm pretty sure some of you are overcomplicating the key import process.
If it's hidden in 'plain sight' - you probably don't need to hash it etc and use python or shell scripts.
Just work out which letters to read off e.g 1st and last letter of each word?
And follow the instructions on bitbills to import.
The impossible part for me is running a bitcoind that has the 'importprivkey' command.
The paper wallet thing looks interesting.. once the gui allows key import.
If it's hidden in 'plain sight' - you probably don't need to hash it etc and use python or shell scripts.
Just work out which letters to read off e.g 1st and last letter of each word?
And follow the instructions on bitbills to import.
The impossible part for me is running a bitcoind that has the 'importprivkey' command.
The paper wallet thing looks interesting.. once the gui allows key import.
July 14, 2011, 03:45:58 PM
How does one import a private key anyway? Do I need a new version of the client? I have an old one, I believe.
It's as easy as...{code}
Bitchin, thanks
edit: Looking at it now, it doesn't do what I wanted... actually at all. But thanks anyway, it's neat.
July 14, 2011, 03:43:59 PM
How does one import a private key anyway? Do I need a new version of the client? I have an old one, I believe.
It's as easy as...Code:
#!/bin/bash
base58=({1..9} {A..H} {J..N} {P..Z} {a..k} {m..z})
bitcoinregex="^[$(printf "%s" "${base58}")]{34}$"
decodeBase58() {
local s=$1
for i in {0..57}
do s="${s//${base58}/ $i}"
done
dc <<< "16o0d${s// /+58*}+f"
}
encodeBase58() {
# 58 = 0x3A
bc <<<"ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }" |
tac |
while read n
do echo -n ${base58[n]}
done
}
checksum() {
xxd -p -r <<<"$1" |
openssl dgst -sha256 -binary |
openssl dgst -sha256 -binary |
xxd -p -c 80 |
head -c 8
}
checkBitcoinAddress() {
if [[ "$1" =~ $bitcoinregex ]]
then
h=$(decodeBase58 "$1")
checksum "00${h::${#h}-8}" |
grep -qi "^${h: -8}$"
else return 2
fi
}
hash160() {
openssl dgst -sha256 -binary |
openssl dgst -rmd160 -binary |
xxd -p -c 80
}
hash160ToAddress() {
printf "%34s\n" "$(encodeBase58 "00$1$(checksum "00$1")")" |
sed "y/ /1/"
}
hash256ToAddress() {
#printf "80$1$(checksum "80$1")"
printf "%34s\n" "$(encodeBase58 "80$1$(checksum "80$1")")" |
sed "y/ /1/"
}
publicKeyToAddress() {
hash160ToAddress $(
openssl ec -pubin -pubout -outform DER |
tail -c 65 |
hash160
)
}
privateKeyToWIF() {
hash256ToAddress $(openssl ec -text -noout -in data.pem | head -5 | tail -3 | fmt -120 | sed 's/[: ]//g')
}
openssl ecparam -genkey -name secp256k1 | tee data.pem &>/dev/null
sleep 3
echo " "
echo "BITCOINS OFF-THE-GRID (BOTG) : A VERY SECURE SAVINGS ACCOUNT!"
echo " "
echo "THE FOLLOWING WILL BE THE PRIVATE HEX KEY NEEDED TO ACCESS YOUR BITCOINS!"
echo "***RECORD THIS NUMBER CAREFULLY*** IT CONTAINS NUMBERS 0-9 AND LETTERS A-F."
echo "THIS WILL HELP SO YOU DON'T ACCIDENTALLY CONFUSE SIMILAR LOOKING DIGITS LATER ON!"
echo "KEEP THIS HEX KEY SAFE. HIDE IT AND/OR LOCK IT UP SOMEWHERE."
echo "IT IS THE ONLY WAY TO ACCESS THE BTC IN THE FUTURE. WHOEVER HAS THAT HEX KEY"
echo "CAN SPEND YOUR MONEY. RECORD THE WHOLE LINE AFTER 'read EC key' "
echo " "
echo "ONLY USE THIS HEX KEY AND ADDRESS IF THIS SCRIPT WAS RUN OFF OF A LIVE CD WITH"
echo "NO INTERNET CONNECTION. REBOOT COMPUTER WHEN DONE TO CLEAR RAM."
echo "DO NOT COPY THIS HEX KEY ANYWHERE ONTO A COMPUTER."
echo " "
openssl ec -text -noout -in data.pem | head -5 | tail -3 | fmt -120 | sed 's/[: ]//g'
privateKeyToWIF
sleep 2
echo " "
echo "THE FOLLOWING IS THE BITCOIN ADDRESS YOU CAN SEND YOUR SAVINGS TO."
echo "RECORD THE ADDRESS CAREFULLY. IT IS NOT CRITICAL YOU KEEP THIS ADDRESS"
echo "SECRET. THE HEX CODE AND THE WALLET-IMPORT-KEYCODE MUST REMAIN SECRET!"
echo "THE LINE THAT BEGINS WITH THE NUMBER 1 IS THE BITCOIN ADDRESS."
echo " "
openssl ec -pubout < data.pem | publicKeyToAddress
echo " "
echo "SPECIAL THANKS TO 'grondilu' AND 'unk' WHO MADE THIS SCRIPT POSSIBLE!!"
base58=({1..9} {A..H} {J..N} {P..Z} {a..k} {m..z})
bitcoinregex="^[$(printf "%s" "${base58}")]{34}$"
decodeBase58() {
local s=$1
for i in {0..57}
do s="${s//${base58}/ $i}"
done
dc <<< "16o0d${s// /+58*}+f"
}
encodeBase58() {
# 58 = 0x3A
bc <<<"ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }" |
tac |
while read n
do echo -n ${base58[n]}
done
}
checksum() {
xxd -p -r <<<"$1" |
openssl dgst -sha256 -binary |
openssl dgst -sha256 -binary |
xxd -p -c 80 |
head -c 8
}
checkBitcoinAddress() {
if [[ "$1" =~ $bitcoinregex ]]
then
h=$(decodeBase58 "$1")
checksum "00${h::${#h}-8}" |
grep -qi "^${h: -8}$"
else return 2
fi
}
hash160() {
openssl dgst -sha256 -binary |
openssl dgst -rmd160 -binary |
xxd -p -c 80
}
hash160ToAddress() {
printf "%34s\n" "$(encodeBase58 "00$1$(checksum "00$1")")" |
sed "y/ /1/"
}
hash256ToAddress() {
#printf "80$1$(checksum "80$1")"
printf "%34s\n" "$(encodeBase58 "80$1$(checksum "80$1")")" |
sed "y/ /1/"
}
publicKeyToAddress() {
hash160ToAddress $(
openssl ec -pubin -pubout -outform DER |
tail -c 65 |
hash160
)
}
privateKeyToWIF() {
hash256ToAddress $(openssl ec -text -noout -in data.pem | head -5 | tail -3 | fmt -120 | sed 's/[: ]//g')
}
openssl ecparam -genkey -name secp256k1 | tee data.pem &>/dev/null
sleep 3
echo " "
echo "BITCOINS OFF-THE-GRID (BOTG) : A VERY SECURE SAVINGS ACCOUNT!"
echo " "
echo "THE FOLLOWING WILL BE THE PRIVATE HEX KEY NEEDED TO ACCESS YOUR BITCOINS!"
echo "***RECORD THIS NUMBER CAREFULLY*** IT CONTAINS NUMBERS 0-9 AND LETTERS A-F."
echo "THIS WILL HELP SO YOU DON'T ACCIDENTALLY CONFUSE SIMILAR LOOKING DIGITS LATER ON!"
echo "KEEP THIS HEX KEY SAFE. HIDE IT AND/OR LOCK IT UP SOMEWHERE."
echo "IT IS THE ONLY WAY TO ACCESS THE BTC IN THE FUTURE. WHOEVER HAS THAT HEX KEY"
echo "CAN SPEND YOUR MONEY. RECORD THE WHOLE LINE AFTER 'read EC key' "
echo " "
echo "ONLY USE THIS HEX KEY AND ADDRESS IF THIS SCRIPT WAS RUN OFF OF A LIVE CD WITH"
echo "NO INTERNET CONNECTION. REBOOT COMPUTER WHEN DONE TO CLEAR RAM."
echo "DO NOT COPY THIS HEX KEY ANYWHERE ONTO A COMPUTER."
echo " "
openssl ec -text -noout -in data.pem | head -5 | tail -3 | fmt -120 | sed 's/[: ]//g'
privateKeyToWIF
sleep 2
echo " "
echo "THE FOLLOWING IS THE BITCOIN ADDRESS YOU CAN SEND YOUR SAVINGS TO."
echo "RECORD THE ADDRESS CAREFULLY. IT IS NOT CRITICAL YOU KEEP THIS ADDRESS"
echo "SECRET. THE HEX CODE AND THE WALLET-IMPORT-KEYCODE MUST REMAIN SECRET!"
echo "THE LINE THAT BEGINS WITH THE NUMBER 1 IS THE BITCOIN ADDRESS."
echo " "
openssl ec -pubout < data.pem | publicKeyToAddress
echo " "
echo "SPECIAL THANKS TO 'grondilu' AND 'unk' WHO MADE THIS SCRIPT POSSIBLE!!"
Jump to: