Topic: Collection of 18.509 found and used Brainwallets - page 2. (Read 30938 times)

I guess it's always possible to use something like this for money laundering.
I.e.: (1) Send 1BTC to address whose private key is publicly known.
(2) Sweep the funds a few minutes later (depending on the amount of plausible deniability vs. risk you're willing to take).
(3) Claim you mistakenly sent the funds and that they're gone, since it's an address whose private key is known.

Then mix and be happy. Just an idea.

how would someone make a mistake like that? it doesn't seem probable.

adres privkey https://privatekeys.pw/address/bitcoin/1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN

Maybe the miner inserted both transactions into the block and we never saw them in the mempool before being in the block.

Interesting update...
Address 1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN is derived from hashed empty string "". Two moths ago (!) someone sent almost 1BTC to this address. I guess by mistake. It took as mush as 10 minutes to drain this address.

https://www.blockchain.com/btc/tx/37e166a1e52e96bcfe535738082e328ef8db56aafd6945d9cad6f2afdb34b4a4

After reading one of the FAQ and knowing the owner delete original repository, you could wasting your time.


I'd recommend people to use different tool such as https://github.com/Coding-Enthusiast/FinderOuter to brute force mini private key.

No vouch or idea whether legit or not, but there is one result on GitHub:

https://github.com/Yanmailde/Phrutis_MiniKeys2

No source code either, just binaries; so proceed with extreme caution. Maybe it's possible to contact the repo's owner to clarify.

Link 404?

Other repositories under that account seem to be cracking based, with executables only... so yeah, nah.

Here you have another toy to play with :

https://github.com/phrutis/MiniKeys2

This is the fastest public program to find old Serie1 minikeys (22 characters) in the world.

You can keep your own copy of the software used to generate the private key, but if you are relying on a specific, non-standardized software implementation, you must have access to a copy of that software implementation to access your coin. This creates another layer of risk because now, without the software, you will not have access to your money.

Thank you. I got it.

rehashaddress it work by using privatekey to hash with sha-256 and use it again for next privatekey and loop right?

Tool you mentioned only use single SHA-256. Use WarpWallet[1] or rehashaddress (part of ecctools[2]) instead, which harder to brute force.

[1] https://keybase.io/warp
[2] https://github.com/albertobsd/ecctools#rehashaddress

Backing up wallet.dat that is encrypted with decent passphrase is not a big issue, attacker first has to hack you to access your backup, and then has to attack the file's encryption passhprase. This is so complicated attack vector that all attackers rather choose to attack idiotic brainwallets.

So for such case use https://brainwalletx.github.io/ ?

Since you mention wallet.dat which usually associated with Bitcoin Core, i'd like to mention Bitcoin Core doesn't use BIP39. You still have to backup your wallet.dat or alternatively master private key from dumpwallet command/output descriptor.


For most cases, i would agree. But i'd like to quote a page from Bitcoin Wiki.

An arbitrary number of SHA-256 rounds for your brainwallet secret is still security by obscurity for me. If your to be memorized secret is "bad" or publicly available anywhere you trust that no attacker tries to check multiple SHA-256 rounds. I wouldn't bet that no one is going to try this.

Brain wallets have in many cases proven to be a terrible idea, because those who failed and were cracked had initially bad or worse secrets. Your initial secret must already be complex and good enough to withstand even heavy possible cracking in the first place. If it isn't, don't use a brainwallet. Yes, a high number of hashing rounds do delay an attacker, I don't dismiss this. It still leaves the risk open to crack a brainwallet, especially with a poorly chosen initial secret.

And don't forget (haha, what a coincidence) that the human memory is a fragile thing. It's easy to forget something if you don't repeat it regularly. It's easy to become ill or injured and forget more than you can imagine. To verify you memorized something complex enough, you should have it properly written down. Then it doesn't make much sense to me to memorize it anymore and I could skip the whole brainwallet thing alltogether.

It wasn't a replacement, but an even better proposal. Yes, you don't memorize seed phrases, but write them down. But: If you told me to choose between brain wallets and securing a wallet.dat file, which is how things worked before BIP39, I'd go with the former.

Hadn't found the choice from popular brain wallets such as: https://brainwalletx.github.io/.

Talking about definition - there is no strict definition. The idea is that you "remember" how to produce private key. Somehow (I do not know why and how) single iteration of sha256 became "a standard". You may use other hash algorithm (eth & keccak), you may use other number of iterations, you may use any other way you want - as long as you remember what to do, it could be still a "brain wallet" (the question is if you remember your 12/24 words seed, is it brain wallet or not, theoretically yes).
The more additional steps you use or need to perform, it complicates thing and make it easier to forget. About number of iterations - you may use date, like I proposed few posts ago. Then you may know that number of possible iterations was for example between 20210101 and 20221231. But then we go to another point - are you able to restore your private key quickly? With single iteration of sha256 - probably yes. With more complicated scenarios - you will probably need your own dedicated program.
Of course we may think about many many possible ways to "remember" private key. Even the ways which allows you to restore that using just a piece of paper and pencil - for example, you take your name, dog's name, email address, phone number etc, take letters as a numbers (a=1, b=2, whatever) and then use modulo 16 to produce hex string. Is it possible? yes. The question is if it is safe - I would say it is probably safer than typical sha256 brainwallet from common phrase, because it is very custom method and there is no automated attack for that (yet).

With WarpWallet you can (and should!) keep your own offline copy.
If you're going for a "weird" number of hashing rounds, I can think of many ways to remember the number. It could be your phone number or full date of birth. Or just something you remember. Worst-case, if you forget the exact number, you can still brute-force it yourself given that you know the pass phrase.