Pages:
Author

Topic: Collisions on private addresses? Balances? - page 2. (Read 594 times)

hero member
Activity: 510
Merit: 4005
So my computations are now 500 million * 60000 per 24hrs.

I would double-check your numbers though, they seem a little high for a core i5...

Actually i find it's quite slow.

I suppose it's difficult to say without knowing anything about his implementation. He's saying he's doing 500 million * 60000 address comparisons per day. If his implementation is naive (checking each generated key against each address in the "database") that works out to ~350 million key comparisons per second. If his implementation is less naive (using a hash table for the 60000 "known" addresses) then that works out to nearly 6000 keys generated and compared per second.

If he's doing it the first (naive) way, then I think he's probably made a mistake somewhere without realizing it, because that number (350 million comparisons per second) seems obviously out-of-range for an i5 (to me, anyway).

If he's doing it the second (less naive) way, then assuming it's "homebrew" that's been quickly slapped together in 3 days, it's still suspiciously fast, IMHO.

Maybe I've misread/misunderstood something or calculated incorrectly. I'm always happy to be corrected Smiley
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Lol.
Ok so started to build the app. First got 12 million computations per day as a test, this generates the private key, and public key etc. I now compare that to a database of 60000 known public keys and balances.

Day 3, improved the code somewhat. Now the same app is running at 500 million computations per 24 hrs, comparing the generated output against a dBASE of 60000 known balances addresses

So my computations are now 500 million * 60000 per 24hrs. The numbers is to big to calculate.
This is running on a Windows 7 pc icore 5.

Let's see what it comes up with in a day, a week, a year.

I know the numbers are huge.

FYI, you're not the first people trying to generate all private keys. Have you checked LBC? According to them, their pool performance currently is 107.85 million keys/second[2]. Some people don't like LBC though since it use closed source software and there's speculation they targeting specific address.

--snip--

I would double-check your numbers though, they seem a little high for a core i5...

Actually i find it's quite slow. Recovery software such as FinderOuter could achieve 64 thousand address per second on i3[3].

[1] https://lbc.cryptoguru.org/
[2] https://lbc.cryptoguru.org/stats
[3] https://bitcointalksearch.org/topic/m.56043632
hero member
Activity: 510
Merit: 4005
Lol.
Ok so started to build the app. First got 12 million computations per day as a test, this generates the private key, and public key etc. I now compare that to a database of 60000 known public keys and balances.

Day 3, improved the code somewhat. Now the same app is running at 500 million computations per 24 hrs, comparing the generated output against a dBASE of 60000 known balances addresses

So my computations are now 500 million * 60000 per 24hrs. The numbers is to big to calculate.
This is running on a Windows 7 pc icore 5.

Let's see what it comes up with in a day, a week, a year.

I know the numbers are huge.

Take a merit for following through on your plan and for being hardcore enough to still be running Windows 7 Grin

Sounds like you're having fun, keep at it! I would double-check your numbers though, they seem a little high for a core i5...
newbie
Activity: 28
Merit: 3
Lol.
Ok so started to build the app. First got 12 million computations per day as a test, this generates the private key, and public key etc. I now compare that to a database of 60000 known public keys and balances.

Day 3, improved the code somewhat. Now the same app is running at 500 million computations per 24 hrs, comparing the generated output against a dBASE of 60000 known balances addresses

So my computations are now 500 million * 60000 per 24hrs. The numbers is to big to calculate.
This is running on a Windows 7 pc icore 5.

Let's see what it comes up with in a day, a week, a year.

I know the numbers are huge.
hero member
Activity: 510
Merit: 4005
If I wrote a computer program that generates private btc addresses and then generated the public address, if that public address has a balance, and if I then imported that private address into a wallet, could I claim the money on that wallet?

Interesting conversation, thanks everyone, now to build the app and try. Lol

Because this task is so computationally infeasible and therefore harmless to try, I'll spare you the morality lecture and just say that I like your methodology. IMHO, getting some code down is the best way to learn about something. Good luck!
newbie
Activity: 28
Merit: 3
Interesting conversation, thanks everyone, now to build the app and try. Lol
hero member
Activity: 510
Merit: 4005
I understand all of the above, but the point I am making is this.

I can generate a private key, and from there I can generate a public address, from that same private key.

If I did this enough times, and it may take forever, eventually I will match a public address, and I will have the private key from it, so I can claim the balance if it had one, in theory?

Yup, that's pretty much all there is to it.

Edit: Of course, it's not realistic to undertake this search and expect results, but it's possible, both in theory and in practice. The only thing protecting any given bitcoin address (ignoring exotic redeem scripts) from unauthorized spending is lack of knowledge about the private key, there are no other protections in place. That's why it's so important to keep your private key(s) safe.
newbie
Activity: 28
Merit: 3
I understand all of the above, but the point I am making is this.

I can generate a private key, and from there I can generate a public address, from that same private key.

If I did this enough times, and it may take forever, eventually I will match a public address, and I will have the private key from it, so I can claim the balance if it had one, in theory?
legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
Hi, is the hash 160 for legacy addresses?
Yes, it's one of the address type that uses "HASH160" or RIPEMD160[SHA256(PubKey)] for P2PKH.
P2SH also uses HASH160 of the redeem script, P2WPKH also uses it, the rest of the steps are just difference in encoding.
So when pointlessly bruteforcing addresses, you can derive those address types from each 160bit result.

The figures above are quoted to cycle through the entire range of addresses from start to finish.
If I wrote a computer program that generates private btc addresses and then generated the public address,
There's no "private BTC address" and "public address".
Only "Private Key" and its "Public Key" pair, then the "Bitcoin address" generated from the public key.
It's a one way process "PrvKey->PubKey->Address", not the other way around.

As an analogy, let' use a "lock" and "key" scenario:
  • Let the "lock" be the HASH160.
  • Let the "key" be the Private Key.
  • In your scenario, your theoretical computer program cycles through all the "locks" which can only unlocked by the "key".
  • Even if you can generate all the locks, it's pointless since you can't unlock them without their keys.
  • So, if you want "collision", you need search through the keys which have a tremendously larger search space than the locks.
hero member
Activity: 510
Merit: 4005
Hi, is the hash 160 for legacy addresses?

That's a little beside the point. As nc50lc said, if you want to be able spend what you find, then you need to search the "private key" space and not the "address" space.

Let's consider "legacy" P2PKH addresses for the moment. To create one you have to choose a number between 1 and 115792089237316195423570985008687907852837564279074904382605163141518161494336.

Then you take this number and do some irreversible math on it (elliptic curve cryptography) to produce another number.

Then you take this number and do some more irreversible math on it (cryptographic hash) to produce the final "address".

If you try to search for non-empty addresses by "cheating" and not doing the full address derivation, then when you find an address that has money in it, you won't be able to spend it (because you don't have the first number, the private key).

The figures above are quoted to cycle through the entire range of addresses from start to finish.

No, those figures are for illustrating how much harder searching a space gets as you add bits. The takeaway should be that if you can search a 2^160 space in 9 days, then searching a 2^256 space will take you roughly 2 octillion years (~140 quadrillion times longer than the age of the universe).

It may be a case that your my particular address gets cycled in the first hour.

That's true, but 2^256 is a massive search space. It's tempting to visualize it as a line and think that there "must" be some addresses near the beginning of that line, but with a space this big "near" can still be really, really far. If you've selected your private key at random, you have nothing to worry about.
newbie
Activity: 28
Merit: 3
Hi, is the hash 160 for legacy addresses?

The figures above are quoted to cycle through the entire range of addresses from start to finish.

It may be a case that your my particular address gets cycled in the first hour.
legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
I have seen that there are

1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976

Bitcoin addresses.

If I wrote a computer program that generates private btc addresses and then generated the public address, if that public address has a balance, and if I then imported that private address into a wallet, could I claim the money on that wallet?

How many addresses would nee to be checked before I found an address with a balance?
The number you've given is merely based on the HASH160 of the public key that is 160bit which is correct, but that's merely for addresses that relies on that PubkeyHash.
There are other address types out there, anyways, that's not the important part of this reply.

The Bitcoin address generation starts from Private key if you want to be able to spend its funds so what you need to bruteforce are private keys.
Which has roughly 2^256 combinations or
115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936
But since some of them are invalid, the number "shrinks" to:
115,792,089,237,316,195,423,570,985,008,687,907,852,837,564,279,074,904,382,605,163,141,518,161,494,336
If you can theoretically bruteforce even 1% of that, you "may" be able to find one with funds.

-snip- as I know the fastest super computer on the planet can cycle through the combinations in 9 days.
Maybe yes (for 2^160), but they can't spend it since they've bruteforced addresses, not private keys.
newbie
Activity: 28
Merit: 3
I know this is all theory, but it seems to me that if btc wallets just reply on you not matching the private key, then it's a lack of security surely, as I know the fastest super computer on the planet can cycle through the combinations in 9 days.
hero member
Activity: 510
Merit: 4005
There are 2160 P2PKH addresses + 2160 P2SH addresses + 2160 P2WPKH addresses + 2256 P2WSH addresses + 2256 P2TR addresses, which is the number that greatly exceeds the number of possible private keys (slightly less than 2256).

What about P2PK? Smiley

Why do you need a separate address format, if you'are paying directly to a public key (as a name suggests)?

P2PK was before my time, but wasn't it just the Base58 encoding of the public key? So, if you're adding up all the different ways that you can specify an "address", doesn't it belong in your sum?
legendary
Activity: 2450
Merit: 4414
🔐BitcoinMessage.Tools🔑
I have seen that there are

1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976

Bitcoin addresses.
There are 2160 P2PKH addresses + 2160 P2SH addresses + 2160 P2WPKH addresses + 2256 P2WSH addresses + 2256 P2TR addresses, which is the number that greatly exceeds the number of possible private keys (slightly less than 2256).

What about P2PK? Smiley
Why do you need a separate address format, if you'are paying directly to a public key (as a name suggests)?

If I wrote a computer program that generates private btc addresses and then generated the public address, if that public address has a balance, and if I then imported that private address into a wallet, could I claim the money on that wallet?
You don't need a special program to generate private and public keys, any bitcoin wallet can do the trick. The odds of you accidentally finding a private key with a balance are extremely slim, but no one can stop you from trying. However, keep in mind that stealing someone else's coins is to be considered a crime in most jurisdictions.
legendary
Activity: 2310
Merit: 4085
Farewell o_e_l_e_o
If I wrote a computer program that generates private btc addresses and then generated the public address
You're missing a point:

Private address to public address, there is no process like this.

It's one-way flow from k > K > A
Private key (Elliptic Curve Multiplication: one-way) > Public key (Hash-function: one-way) > Public address

It is one-way and irreversible process as you can read more in Chapter 3: Key, addresses in Mastering Bitcoin book
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
Is it true if that were to happen, all I need is the private key to spend the funds?
Private keys are the means by which transactions are signed from corresponding addresses on the blockchain which were generated from they xpriv key. So, with the private keys you will be able to spend funds from that address.

If it were possible to generate private keys and public keys which has a balance on it, then it would not have been worth it, as the network would haveko value.
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
If I wrote a computer program that generates private btc addresses and then generated the public address, if that public address has a balance, and if I then imported that private address into a wallet, could I claim the money on that wallet?
Yes. And by all means: try it! Convince yourself how secure Bitcoin is, you'll never find a fixed address that was properly generated.
hero member
Activity: 840
Merit: 932
Thanks for the answer.

Is it true if that were to happen, all I need is the private key to spend the funds?

Thanks
I don't have that much knowledge on this but base on my study. Yes you can spend the funds if a collision happens
newbie
Activity: 28
Merit: 3
Thanks for the answer.

Is it true if that were to happen, all I need is the private key to spend the funds?

Thanks
Pages:
Jump to: