Topic: del (Read 851 times)
this is normal math sqrt√(x)^2,
test value: 4^2 = 16, next root return 4
-8^2= 64,next root return 8
how to bitcoin Publickey x and y use to sqrt example: √(x,y)^2
how to calculate sqrt for bitcoin publickey teach me please
example1:x,y
px: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 py: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 #privatekey 4
px: 421f5fc9a21065445c96fdb91c0c1e2f2431741c72713b4b99ddcb316f31e9fc py: 2b90f16d11dabdb616f6db7e225d1e14743034b37b223115db20717ad1cd6781 #privatekey 4^2 = 16
ans
px: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 py: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 #privatekey √16 = 4
example2:
px: 2f01e5e15cca351daff3843fb70f3c2f0a1bdd05e5af888a67784ef3e10a2a01 py: a3b25758beac66b6d6c2f7d5ecd2ec4b3d1dec2945a489e84a25d3479342132b # -8
px: ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88 py: e57a6f571288ccffdcda5e8a7a1f87bf97bd17be084895d0fce17ad5e335286e # -8^ = 64
ans
px: 2f01e5e15cca351daff3843fb70f3c2f0a1bdd05e5af888a67784ef3e10a2a01 py: 5c4da8a741539949293d082a132d13b4c2e213d6ba5b7617b5da2cb76cbde904 # √64 = 8
how does work explain. do u understad my problem ,i speak little english
test value: 4^2 = 16, next root return 4
-8^2= 64,next root return 8
how to bitcoin Publickey x and y use to sqrt example: √(x,y)^2
how to calculate sqrt for bitcoin publickey teach me please
example1:x,y
px: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 py: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 #privatekey 4
px: 421f5fc9a21065445c96fdb91c0c1e2f2431741c72713b4b99ddcb316f31e9fc py: 2b90f16d11dabdb616f6db7e225d1e14743034b37b223115db20717ad1cd6781 #privatekey 4^2 = 16
ans
px: e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 py: 51ed993ea0d455b75642e2098ea51448d967ae33bfbdfe40cfe97bdc47739922 #privatekey √16 = 4
example2:
px: 2f01e5e15cca351daff3843fb70f3c2f0a1bdd05e5af888a67784ef3e10a2a01 py: a3b25758beac66b6d6c2f7d5ecd2ec4b3d1dec2945a489e84a25d3479342132b # -8
px: ed3bace23c5e17652e174c835fb72bf53ee306b3406a26890221b4cef7500f88 py: e57a6f571288ccffdcda5e8a7a1f87bf97bd17be084895d0fce17ad5e335286e # -8^ = 64
ans
px: 2f01e5e15cca351daff3843fb70f3c2f0a1bdd05e5af888a67784ef3e10a2a01 py: 5c4da8a741539949293d082a132d13b4c2e213d6ba5b7617b5da2cb76cbde904 # √64 = 8
how does work explain. do u understad my problem ,i speak little english
...fixed R value, not a random R value.
pm me 
Is it posible generate with scrypt "virtual" test transaction to real publick key(empty, without money any old publick key for ex) and get valid r,s,z for this transaction and this real publick key ?
Transactions to a public key (so a P2PKH transaction), where this "real" public key is on the receiving end will not make any difference. You need signatures made by the corresponding private key and those will obviously only occur whenever an outgoing transaction is made for the lattice attack to work.If you want to have some more info on how this kind of attack works read this study called "Biased Nonce Sense: Lattice Attacks against
Weak ECDSA Signatures in Cryptocurrencies". PDF here -> https://eprint.iacr.org/2019/023.pdf
If someone ready to buy go to my thread
https://bitcointalksearch.org/topic/looking-for-a-two-partners-to-develop-scrypt-for-bitcoin-sighnatures-attack-5370215
https://bitcointalksearch.org/topic/looking-for-a-two-partners-to-develop-scrypt-for-bitcoin-sighnatures-attack-5370215
When providing nonce should we also provide the privatekey so that you can check if it is the correct one?
Yeas !!!
You can not provide a privkey. I not wary about privkey.
maybe some one want test on range from 2**1 to 2**240 bit?
Easy.
Provide bitcoin transaction message, nonce,r,s
maybe some one want test on range from 2**1 to 2**240 bit?
I can’t DM you due to message limits can you send the script to DM and if successfully works you will be tipped for your work?
Regards Relic
interesting script.
let's make another test,
below are the transactions generated ..
tra1= 1
z1= 76876030023415608668423338825784187452811639173959320017817337455802041964103
r1= 29160437407760520088247392323108134391883974944341759721909486038392263934252
s1= 88057664668158915012604599595493011104336144057048137151796684081161455068940
tra2= 2
z2= 61263116138134401525028229058918539609568640472628708541655291156521288618248
r2= 11549193954947596960703021534561318910687537033109530363590706949861810191464
s2= 13855753320462738868894436900000308125592534663165802454975929237386525551901
tra3= 3
z3= 94120272562392704147662507148139386415636002525757800768256455290364818983329
r3= 13235484545503092834351146107583288106526331893492330386542837886995039286857
s3= 113471888736454597898872446719734211059501085408597184281019577940003149168065
tra4= 4
z4= 99367284209844177315046616821185029528460822746665482351687345968205433531175
r4= 21288395071614272342731373579454206117249664754398039513644770673861859644939
s4= 73413879352532156241008151728886908980344895524488338859086767531496556394060
tra5= 5
z5= 69060216405924095583792910129380620270055713256952020221932327399807627102551
r5= 73000033343383277415474287756201732147913599806018084676911334919205184318951
s5= 87072726453737444924441523106612425315322987277779002678423286525578748401182
tra6= 6
z6= 92618601610473019371617964490946613446123192049470928113333991628587023928412
r6= 28067093485624905318698514057355456753086537066210474707760282283107230161754
s6= 81570316168538325691556352611345952414389273074007052937069015984756717263806
tra7= 7
z7= 64467069221879581988935526952178802798904578325721403807573521890371858623272
r7= 40928812080096313007619676294314551308323264286042053123514365242236661911514
s7= 1025329956085058380108911065381202269358907493178639449598067535198228526723
tra8= 8
z8= 72495741802917349120327698487760807911457277460026498073086860211586960327565
r8= 66378711205276032381995546935653475100643276511913002418773726587229576821881
s8= 108667454887055533668950227498601121583301007111191340394989504444791689053341
tra9= 9
z9= 78468020509772362123932250401279947970863640371108253522122735757309805907599
r9= 19231849856468166709561956160822737309083319782875295366880812480857879465237
s9= 2515169593593730466049902241306205711031444354734218814410691392439616554389
tra10= 10
z10= 78060509642529765276222634915143859953530748675308663141797340870084401854707
r10= 56781478814500394128333645854821980053762351020682230423318068363007571952796
s10= 8225138324074299127136188647123494944401351632612802372258470782812066336142
tra11= 11
z11= 79779827977136050305633476576385475751837262413801195246508844247195592956474
r11= 42569001943452434099942841287472883596088766927308919058922517240095023952305
s11= 1407663125118136808095389526630427676124736628716353500388345820111796001963
tra12= 12
z12= 106595513637886365274814102808291057278198427947604804923492103024132298662073
r12= 82416951132458437959864195479573279283096423098842842786194452820181884122047
s12= 16199057421916147554949358350810895793907227884540563767261972649834152748107
tra13= 13
z13= 68489560520876775568471829325504723427546860570677632392865683298027878436623
r13= 97942681488182315702560424236758409557001611486493184883333474649302628551040
s13= 73733576094385257028905244483867697271765712587658384121942578933083863131832
tra14= 14
z14= 88824913088586937091819419238438566701164343626280360487024697411739517103707
r14= 54289814375981922050958676638679327321247871495949246283904693248453246656483
s14= 91832431429520445149775820905320653634764190190929933708848042218874834508501
tra15= 15
z15= 85652327308811831382436205738266460574222300027367907748239792342952828973440
r15= 16613711354407097236850928854924361601015689306227892348440906864631885091973
s15= 80840039291427506062454499523631109705679566193223311715899795877750967539328
tra16= 16
z16= 65060641157937371808555230733609853408909684112561988842072826300674063030547
r16= 104272014795452675535604260916341363821801933757316993779707566144315357534767
s16= 86623263268148577559494707215944538702409651713369659284047337653056673517623
tra17= 17
z17= 111828740236090006688693495832192963032795368231157257335682470941267007171558
r17= 89073547190536414618222055280881620385309523951183694730779807318963214062280
s17= 109852499300962433164815238778976004880948668774843008897372116247815588738702
tra18= 18
z18= 98824167654958447904489072947892095719405536039819629922932614656069882836190
r18= 80987801020493569105412481143009310543451106437305306879480172043706552070200
s18= 33017440135053449429258988709931326418137982872316712662094074998694479956568
tra19= 19
z19= 64307891501710594612236762901627124305599192466451363765179703547459709187480
r19= 21793799379832572713485577223088553086939424517472399285847216328442532064794
s19= 57621584260137986132128912542938486391934345981617370353522147947744830696635
tra20= 20
z20= 87311263504060842953223757709363617585048656968711362882688595327084899926608
r20= 58944493751340891960057257317550109107802599663133688394628165694699116166302
s20= 78661678553724693559058028336158306051073544759382911835052759016056395015517
tra21= 21
z21= 85846385515466853782022953566659546519630368523799342752436473930357927040631
r21= 6002735972245524477516556767980019540936244579324152202005870420240057764448
s21= 6096604835397983429571849012761639775661587856381434059954190328993227033547
let's make another test,
below are the transactions generated ..
tra1= 1
z1= 76876030023415608668423338825784187452811639173959320017817337455802041964103
r1= 29160437407760520088247392323108134391883974944341759721909486038392263934252
s1= 88057664668158915012604599595493011104336144057048137151796684081161455068940
tra2= 2
z2= 61263116138134401525028229058918539609568640472628708541655291156521288618248
r2= 11549193954947596960703021534561318910687537033109530363590706949861810191464
s2= 13855753320462738868894436900000308125592534663165802454975929237386525551901
tra3= 3
z3= 94120272562392704147662507148139386415636002525757800768256455290364818983329
r3= 13235484545503092834351146107583288106526331893492330386542837886995039286857
s3= 113471888736454597898872446719734211059501085408597184281019577940003149168065
tra4= 4
z4= 99367284209844177315046616821185029528460822746665482351687345968205433531175
r4= 21288395071614272342731373579454206117249664754398039513644770673861859644939
s4= 73413879352532156241008151728886908980344895524488338859086767531496556394060
tra5= 5
z5= 69060216405924095583792910129380620270055713256952020221932327399807627102551
r5= 73000033343383277415474287756201732147913599806018084676911334919205184318951
s5= 87072726453737444924441523106612425315322987277779002678423286525578748401182
tra6= 6
z6= 92618601610473019371617964490946613446123192049470928113333991628587023928412
r6= 28067093485624905318698514057355456753086537066210474707760282283107230161754
s6= 81570316168538325691556352611345952414389273074007052937069015984756717263806
tra7= 7
z7= 64467069221879581988935526952178802798904578325721403807573521890371858623272
r7= 40928812080096313007619676294314551308323264286042053123514365242236661911514
s7= 1025329956085058380108911065381202269358907493178639449598067535198228526723
tra8= 8
z8= 72495741802917349120327698487760807911457277460026498073086860211586960327565
r8= 66378711205276032381995546935653475100643276511913002418773726587229576821881
s8= 108667454887055533668950227498601121583301007111191340394989504444791689053341
tra9= 9
z9= 78468020509772362123932250401279947970863640371108253522122735757309805907599
r9= 19231849856468166709561956160822737309083319782875295366880812480857879465237
s9= 2515169593593730466049902241306205711031444354734218814410691392439616554389
tra10= 10
z10= 78060509642529765276222634915143859953530748675308663141797340870084401854707
r10= 56781478814500394128333645854821980053762351020682230423318068363007571952796
s10= 8225138324074299127136188647123494944401351632612802372258470782812066336142
tra11= 11
z11= 79779827977136050305633476576385475751837262413801195246508844247195592956474
r11= 42569001943452434099942841287472883596088766927308919058922517240095023952305
s11= 1407663125118136808095389526630427676124736628716353500388345820111796001963
tra12= 12
z12= 106595513637886365274814102808291057278198427947604804923492103024132298662073
r12= 82416951132458437959864195479573279283096423098842842786194452820181884122047
s12= 16199057421916147554949358350810895793907227884540563767261972649834152748107
tra13= 13
z13= 68489560520876775568471829325504723427546860570677632392865683298027878436623
r13= 97942681488182315702560424236758409557001611486493184883333474649302628551040
s13= 73733576094385257028905244483867697271765712587658384121942578933083863131832
tra14= 14
z14= 88824913088586937091819419238438566701164343626280360487024697411739517103707
r14= 54289814375981922050958676638679327321247871495949246283904693248453246656483
s14= 91832431429520445149775820905320653634764190190929933708848042218874834508501
tra15= 15
z15= 85652327308811831382436205738266460574222300027367907748239792342952828973440
r15= 16613711354407097236850928854924361601015689306227892348440906864631885091973
s15= 80840039291427506062454499523631109705679566193223311715899795877750967539328
tra16= 16
z16= 65060641157937371808555230733609853408909684112561988842072826300674063030547
r16= 104272014795452675535604260916341363821801933757316993779707566144315357534767
s16= 86623263268148577559494707215944538702409651713369659284047337653056673517623
tra17= 17
z17= 111828740236090006688693495832192963032795368231157257335682470941267007171558
r17= 89073547190536414618222055280881620385309523951183694730779807318963214062280
s17= 109852499300962433164815238778976004880948668774843008897372116247815588738702
tra18= 18
z18= 98824167654958447904489072947892095719405536039819629922932614656069882836190
r18= 80987801020493569105412481143009310543451106437305306879480172043706552070200
s18= 33017440135053449429258988709931326418137982872316712662094074998694479956568
tra19= 19
z19= 64307891501710594612236762901627124305599192466451363765179703547459709187480
r19= 21793799379832572713485577223088553086939424517472399285847216328442532064794
s19= 57621584260137986132128912542938486391934345981617370353522147947744830696635
tra20= 20
z20= 87311263504060842953223757709363617585048656968711362882688595327084899926608
r20= 58944493751340891960057257317550109107802599663133688394628165694699116166302
s20= 78661678553724693559058028336158306051073544759382911835052759016056395015517
tra21= 21
z21= 85846385515466853782022953566659546519630368523799342752436473930357927040631
r21= 6002735972245524477516556767980019540936244579324152202005870420240057764448
s21= 6096604835397983429571849012761639775661587856381434059954190328993227033547
priv : 163933502030832404384531025411662545
it is correct, I must confirm that your script really works.
it was easy : first nonce is....
so. your first r = 95781203938134771654748299032707231792956540686382340872008587989453366815619
nonce k = 1050579349868621761136446930980763481
do I need calculate priv?
so ..works!
so. your first r = 95781203938134771654748299032707231792956540686382340872008587989453366815619
nonce k = 1050579349868621761136446930980763481
do I need calculate priv?
so ..works!
Hi !!
Then I use my scrypt, I get:
Inputs:
Message. - 1
Nonce - 1050579349868621761136446930980763481
Privkey -
792377483100611830733857591710555576
I get R
95781203938134771654748299032707231792956540686382340872008587989453366815619
S - 80727512625679490130821917141198584466211136904971132112411065595033151255463
And recover privkey, this is my out:
Privkey - 792377483100611830733857591710555576
Does a my R,S and nonse right for message "1" ?
Regards.
P.s. Congratulate you with your scrypt !!!
P.s. To All, provide me test messages, nonce, r,s I will try find a privkey and you will say me privkey valid or not.
Only 1 complet to 1 privkey for 1 pcs r,s,nonce,message.
??
Message: Hello:
Sig 1 r,s: 106923403469002071464573643869707943966592504366901776923810957756971389802522 80644014881334606089034734916645373182384062016959511132596853876102905308683
Key: 792377483100611830733857591710555576
Found Key: 792377483100611830733857591710555576
---
Hello
Sig 1 r,s: 51496392411956281611216040617208993114191228038244851270986452420155730516939 78154197876022834302130548608667134295529625766386000530779695147903725696167
Key: 792377483100611830733857591710555576
Found Key: 792377483100611830733857591710555576
-----
Hello
Sig 1 r,s: 78845760925423278127109896178090076396844806233069150452205432985160611009863 69647486112828410636313537117172013006153788606821401126409200197358361408478
Key: 792377483100611830733857591710555576
Found Key: 792377483100611830733857591710555576
_----------
Check please, my r,s are good or not
Check someone please, and I will gift you privkey for 1 addres in pm.
Sig 1 r,s: 106923403469002071464573643869707943966592504366901776923810957756971389802522 80644014881334606089034734916645373182384062016959511132596853876102905308683
Key: 792377483100611830733857591710555576
Found Key: 792377483100611830733857591710555576
---
Hello
Sig 1 r,s: 51496392411956281611216040617208993114191228038244851270986452420155730516939 78154197876022834302130548608667134295529625766386000530779695147903725696167
Key: 792377483100611830733857591710555576
Found Key: 792377483100611830733857591710555576
-----
Hello
Sig 1 r,s: 78845760925423278127109896178090076396844806233069150452205432985160611009863 69647486112828410636313537117172013006153788606821401126409200197358361408478
Key: 792377483100611830733857591710555576
Found Key: 792377483100611830733857591710555576
_----------
Check please, my r,s are good or not
Check someone please, and I will gift you privkey for 1 addres in pm.
interesting script.
let's make another test,
below are the transactions generated ..
tra1= 1
z1= 76876030023415608668423338825784187452811639173959320017817337455802041964103
r1= 29160437407760520088247392323108134391883974944341759721909486038392263934252
s1= 88057664668158915012604599595493011104336144057048137151796684081161455068940
tra2= 2
z2= 61263116138134401525028229058918539609568640472628708541655291156521288618248
r2= 11549193954947596960703021534561318910687537033109530363590706949861810191464
s2= 13855753320462738868894436900000308125592534663165802454975929237386525551901
tra3= 3
z3= 94120272562392704147662507148139386415636002525757800768256455290364818983329
r3= 13235484545503092834351146107583288106526331893492330386542837886995039286857
s3= 113471888736454597898872446719734211059501085408597184281019577940003149168065
tra4= 4
z4= 99367284209844177315046616821185029528460822746665482351687345968205433531175
r4= 21288395071614272342731373579454206117249664754398039513644770673861859644939
s4= 73413879352532156241008151728886908980344895524488338859086767531496556394060
tra5= 5
z5= 69060216405924095583792910129380620270055713256952020221932327399807627102551
r5= 73000033343383277415474287756201732147913599806018084676911334919205184318951
s5= 87072726453737444924441523106612425315322987277779002678423286525578748401182
tra6= 6
z6= 92618601610473019371617964490946613446123192049470928113333991628587023928412
r6= 28067093485624905318698514057355456753086537066210474707760282283107230161754
s6= 81570316168538325691556352611345952414389273074007052937069015984756717263806
tra7= 7
z7= 64467069221879581988935526952178802798904578325721403807573521890371858623272
r7= 40928812080096313007619676294314551308323264286042053123514365242236661911514
s7= 1025329956085058380108911065381202269358907493178639449598067535198228526723
tra8= 8
z8= 72495741802917349120327698487760807911457277460026498073086860211586960327565
r8= 66378711205276032381995546935653475100643276511913002418773726587229576821881
s8= 108667454887055533668950227498601121583301007111191340394989504444791689053341
tra9= 9
z9= 78468020509772362123932250401279947970863640371108253522122735757309805907599
r9= 19231849856468166709561956160822737309083319782875295366880812480857879465237
s9= 2515169593593730466049902241306205711031444354734218814410691392439616554389
tra10= 10
z10= 78060509642529765276222634915143859953530748675308663141797340870084401854707
r10= 56781478814500394128333645854821980053762351020682230423318068363007571952796
s10= 8225138324074299127136188647123494944401351632612802372258470782812066336142
tra11= 11
z11= 79779827977136050305633476576385475751837262413801195246508844247195592956474
r11= 42569001943452434099942841287472883596088766927308919058922517240095023952305
s11= 1407663125118136808095389526630427676124736628716353500388345820111796001963
tra12= 12
z12= 106595513637886365274814102808291057278198427947604804923492103024132298662073
r12= 82416951132458437959864195479573279283096423098842842786194452820181884122047
s12= 16199057421916147554949358350810895793907227884540563767261972649834152748107
tra13= 13
z13= 68489560520876775568471829325504723427546860570677632392865683298027878436623
r13= 97942681488182315702560424236758409557001611486493184883333474649302628551040
s13= 73733576094385257028905244483867697271765712587658384121942578933083863131832
tra14= 14
z14= 88824913088586937091819419238438566701164343626280360487024697411739517103707
r14= 54289814375981922050958676638679327321247871495949246283904693248453246656483
s14= 91832431429520445149775820905320653634764190190929933708848042218874834508501
tra15= 15
z15= 85652327308811831382436205738266460574222300027367907748239792342952828973440
r15= 16613711354407097236850928854924361601015689306227892348440906864631885091973
s15= 80840039291427506062454499523631109705679566193223311715899795877750967539328
tra16= 16
z16= 65060641157937371808555230733609853408909684112561988842072826300674063030547
r16= 104272014795452675535604260916341363821801933757316993779707566144315357534767
s16= 86623263268148577559494707215944538702409651713369659284047337653056673517623
tra17= 17
z17= 111828740236090006688693495832192963032795368231157257335682470941267007171558
r17= 89073547190536414618222055280881620385309523951183694730779807318963214062280
s17= 109852499300962433164815238778976004880948668774843008897372116247815588738702
tra18= 18
z18= 98824167654958447904489072947892095719405536039819629922932614656069882836190
r18= 80987801020493569105412481143009310543451106437305306879480172043706552070200
s18= 33017440135053449429258988709931326418137982872316712662094074998694479956568
tra19= 19
z19= 64307891501710594612236762901627124305599192466451363765179703547459709187480
r19= 21793799379832572713485577223088553086939424517472399285847216328442532064794
s19= 57621584260137986132128912542938486391934345981617370353522147947744830696635
tra20= 20
z20= 87311263504060842953223757709363617585048656968711362882688595327084899926608
r20= 58944493751340891960057257317550109107802599663133688394628165694699116166302
s20= 78661678553724693559058028336158306051073544759382911835052759016056395015517
tra21= 21
z21= 85846385515466853782022953566659546519630368523799342752436473930357927040631
r21= 6002735972245524477516556767980019540936244579324152202005870420240057764448
s21= 6096604835397983429571849012761639775661587856381434059954190328993227033547
let's make another test,
below are the transactions generated ..
tra1= 1
z1= 76876030023415608668423338825784187452811639173959320017817337455802041964103
r1= 29160437407760520088247392323108134391883974944341759721909486038392263934252
s1= 88057664668158915012604599595493011104336144057048137151796684081161455068940
tra2= 2
z2= 61263116138134401525028229058918539609568640472628708541655291156521288618248
r2= 11549193954947596960703021534561318910687537033109530363590706949861810191464
s2= 13855753320462738868894436900000308125592534663165802454975929237386525551901
tra3= 3
z3= 94120272562392704147662507148139386415636002525757800768256455290364818983329
r3= 13235484545503092834351146107583288106526331893492330386542837886995039286857
s3= 113471888736454597898872446719734211059501085408597184281019577940003149168065
tra4= 4
z4= 99367284209844177315046616821185029528460822746665482351687345968205433531175
r4= 21288395071614272342731373579454206117249664754398039513644770673861859644939
s4= 73413879352532156241008151728886908980344895524488338859086767531496556394060
tra5= 5
z5= 69060216405924095583792910129380620270055713256952020221932327399807627102551
r5= 73000033343383277415474287756201732147913599806018084676911334919205184318951
s5= 87072726453737444924441523106612425315322987277779002678423286525578748401182
tra6= 6
z6= 92618601610473019371617964490946613446123192049470928113333991628587023928412
r6= 28067093485624905318698514057355456753086537066210474707760282283107230161754
s6= 81570316168538325691556352611345952414389273074007052937069015984756717263806
tra7= 7
z7= 64467069221879581988935526952178802798904578325721403807573521890371858623272
r7= 40928812080096313007619676294314551308323264286042053123514365242236661911514
s7= 1025329956085058380108911065381202269358907493178639449598067535198228526723
tra8= 8
z8= 72495741802917349120327698487760807911457277460026498073086860211586960327565
r8= 66378711205276032381995546935653475100643276511913002418773726587229576821881
s8= 108667454887055533668950227498601121583301007111191340394989504444791689053341
tra9= 9
z9= 78468020509772362123932250401279947970863640371108253522122735757309805907599
r9= 19231849856468166709561956160822737309083319782875295366880812480857879465237
s9= 2515169593593730466049902241306205711031444354734218814410691392439616554389
tra10= 10
z10= 78060509642529765276222634915143859953530748675308663141797340870084401854707
r10= 56781478814500394128333645854821980053762351020682230423318068363007571952796
s10= 8225138324074299127136188647123494944401351632612802372258470782812066336142
tra11= 11
z11= 79779827977136050305633476576385475751837262413801195246508844247195592956474
r11= 42569001943452434099942841287472883596088766927308919058922517240095023952305
s11= 1407663125118136808095389526630427676124736628716353500388345820111796001963
tra12= 12
z12= 106595513637886365274814102808291057278198427947604804923492103024132298662073
r12= 82416951132458437959864195479573279283096423098842842786194452820181884122047
s12= 16199057421916147554949358350810895793907227884540563767261972649834152748107
tra13= 13
z13= 68489560520876775568471829325504723427546860570677632392865683298027878436623
r13= 97942681488182315702560424236758409557001611486493184883333474649302628551040
s13= 73733576094385257028905244483867697271765712587658384121942578933083863131832
tra14= 14
z14= 88824913088586937091819419238438566701164343626280360487024697411739517103707
r14= 54289814375981922050958676638679327321247871495949246283904693248453246656483
s14= 91832431429520445149775820905320653634764190190929933708848042218874834508501
tra15= 15
z15= 85652327308811831382436205738266460574222300027367907748239792342952828973440
r15= 16613711354407097236850928854924361601015689306227892348440906864631885091973
s15= 80840039291427506062454499523631109705679566193223311715899795877750967539328
tra16= 16
z16= 65060641157937371808555230733609853408909684112561988842072826300674063030547
r16= 104272014795452675535604260916341363821801933757316993779707566144315357534767
s16= 86623263268148577559494707215944538702409651713369659284047337653056673517623
tra17= 17
z17= 111828740236090006688693495832192963032795368231157257335682470941267007171558
r17= 89073547190536414618222055280881620385309523951183694730779807318963214062280
s17= 109852499300962433164815238778976004880948668774843008897372116247815588738702
tra18= 18
z18= 98824167654958447904489072947892095719405536039819629922932614656069882836190
r18= 80987801020493569105412481143009310543451106437305306879480172043706552070200
s18= 33017440135053449429258988709931326418137982872316712662094074998694479956568
tra19= 19
z19= 64307891501710594612236762901627124305599192466451363765179703547459709187480
r19= 21793799379832572713485577223088553086939424517472399285847216328442532064794
s19= 57621584260137986132128912542938486391934345981617370353522147947744830696635
tra20= 20
z20= 87311263504060842953223757709363617585048656968711362882688595327084899926608
r20= 58944493751340891960057257317550109107802599663133688394628165694699116166302
s20= 78661678553724693559058028336158306051073544759382911835052759016056395015517
tra21= 21
z21= 85846385515466853782022953566659546519630368523799342752436473930357927040631
r21= 6002735972245524477516556767980019540936244579324152202005870420240057764448
s21= 6096604835397983429571849012761639775661587856381434059954190328993227033547
strange. It is correct.
Btw. I modified your script:
Btw. I modified your script:
Code:
import collections
import hashlib
import random
import os
EllipticCurve_1 = collections.namedtuple('EllipticCurve', 'name p a b g n h')
curve = EllipticCurve_1(
'secp256k1',
# Field characteristic.
p=0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f,
# Curve coefficients.
a=0,
b=7,
# Base point.
g=(0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,
0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8),
# Subgroup order.
n=0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141,
# Subgroup cofactor.
h=1,
)
# Modular arithmetic ##########################################################
def inverse_mod(k, p):
"""Returns the inverse of k modulo p.
This function returns the only integer x such that (x * k) % p == 1.
k must be non-zero and p must be a prime.
"""
if k == 0:
raise ZeroDivisionError('division by zero')
if k < 0:
# k ** -1 = p - (-k) ** -1 (mod p)
return p - inverse_mod(-k, p)
# Extended Euclidean algorithm.
s, old_s = 0, 1
t, old_t = 1, 0
r, old_r = p, k
while r != 0:
quotient = old_r // r
old_r, r = r, old_r - quotient * r
old_s, s = s, old_s - quotient * s
old_t, t = t, old_t - quotient * t
gcd, x, y = old_r, old_s, old_t
assert gcd == 1
assert (k * x) % p == 1
return x % p
# Functions that work on curve points #########################################
def is_on_curve(point):
"""Returns True if the given point lies on the elliptic curve."""
if point is None:
# None represents the point at infinity.
return True
x, y = point
return (y * y - x * x * x - curve.a * x - curve.b) % curve.p == 0
def point_neg(point):
"""Returns -point."""
assert is_on_curve(point)
if point is None:
# -0 = 0
return None
x, y = point
result = (x, -y % curve.p)
assert is_on_curve(result)
return result
def point_add(point1, point2):
"""Returns the result of point1 + point2 according to the group law."""
assert is_on_curve(point1)
assert is_on_curve(point2)
if point1 is None:
# 0 + point2 = point2
return point2
if point2 is None:
# point1 + 0 = point1
return point1
x1, y1 = point1
x2, y2 = point2
if x1 == x2 and y1 != y2:
# point1 + (-point1) = 0
return None
if x1 == x2:
# This is the case point1 == point2.
m = (3 * x1 * x1 + curve.a) * inverse_mod(2 * y1, curve.p)
else:
# This is the case point1 != point2.
m = (y1 - y2) * inverse_mod(x1 - x2, curve.p)
x3 = m * m - x1 - x2
y3 = y1 + m * (x3 - x1)
result = (x3 % curve.p,
-y3 % curve.p)
assert is_on_curve(result)
return result
def scalar_mult(k, point):
"""Returns k * point computed using the double and point_add algorithm."""
assert is_on_curve(point)
if k % curve.n == 0 or point is None:
return None
if k < 0:
# k * point = -k * (-point)
return scalar_mult(-k, point_neg(point))
result = None
addend = point
while k:
if k & 1:
# Add.
result = point_add(result, addend)
# Double.
addend = point_add(addend, addend)
k >>= 1
assert is_on_curve(result)
return result
# Keypair generation and ECDSA ################################################
def make_keypair(private):
"""Generates a random private-public key pair."""
private_key = private#random.randrange(1, curve.n)
public_key = scalar_mult(private_key, curve.g)
return private_key, public_key
def hash_message(message):
"""Returns the truncated SHA512 hash of the message."""
message_hash = hashlib.sha512(message).digest()
e = int.from_bytes(message_hash, 'big')
# FIPS 180 says that when a hash needs to be truncated, the rightmost bits
# should be discarded.
z = e >> (e.bit_length() - curve.n.bit_length())
assert z.bit_length() <= curve.n.bit_length()
return z
def sign_message(private_key, message,nonce):
z = hash_message(message)
r = 0
s = 0
half_mod=57896044618658097711785492504343953926418782139537452191302581570759080747169
while not r or not s:
k = nonce# random.randrange(1, curve.n)
x, y = scalar_mult(k, curve.g)
r = x % curve.n
s = ((z + r * private_key) * inverse_mod(k, curve.n)) % curve.n
if s> half_mod:
s=curve.n -s
if s<0:
s=s%curve.n
return r, s,z
def verify_signature(public_key, message, signature):
z=message
r, s = signature
w = inverse_mod(s, curve.n)
u1 = (z * w) % curve.n
u2 = (r * w) % curve.n
x, y = point_add(scalar_mult(u1, curve.g),
scalar_mult(u2, public_key))
if (r % curve.n) == (x % curve.n):
return 'signature matches'
else:
return 'invalid signature'
def egcd(a, b):
"Euclidean greatest common divisor"
if a == 0:
return (b, 0, 1)
else:
g, y, x = egcd(b % a, a)
return (g, x - (b // a) * y, y)
def modinv(a, m):
"Modular inverse"
# in Python 3.8 you can simply return pow(a,-1,m)
g, x, y = egcd(a, m)
if g != 1:
raise Exception('modular inverse does not exist')
else:
return x % m
def make_val(priv,nonce,msg,id):
private, public = make_keypair(priv)
r,s,z = sign_message(private, msg,nonce)
print()
print("tra"+str(id)+"=", id)
print("z"+str(id)+"=",z)
print("r"+str(id)+"=",r)
print("s"+str(id)+"=",s)
return private,public,nonce,r,s,z
import random
a=2**119 # min nonce range
c=2**120 # max nonce range
priv=random.randrange(a,c) # here put real privatekey for testing address
print("priv=",priv)
for i in range(1,22):
priv=priv
nonce=random.randrange(a,c)
war= str(os.urandom(25)) + str(nonce) # message for hash you can change
msg= bytes(war, 'utf-8')
make_val(priv,nonce,msg,i)
import hashlib
import random
import os
EllipticCurve_1 = collections.namedtuple('EllipticCurve', 'name p a b g n h')
curve = EllipticCurve_1(
'secp256k1',
# Field characteristic.
p=0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f,
# Curve coefficients.
a=0,
b=7,
# Base point.
g=(0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,
0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8),
# Subgroup order.
n=0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141,
# Subgroup cofactor.
h=1,
)
# Modular arithmetic ##########################################################
def inverse_mod(k, p):
"""Returns the inverse of k modulo p.
This function returns the only integer x such that (x * k) % p == 1.
k must be non-zero and p must be a prime.
"""
if k == 0:
raise ZeroDivisionError('division by zero')
if k < 0:
# k ** -1 = p - (-k) ** -1 (mod p)
return p - inverse_mod(-k, p)
# Extended Euclidean algorithm.
s, old_s = 0, 1
t, old_t = 1, 0
r, old_r = p, k
while r != 0:
quotient = old_r // r
old_r, r = r, old_r - quotient * r
old_s, s = s, old_s - quotient * s
old_t, t = t, old_t - quotient * t
gcd, x, y = old_r, old_s, old_t
assert gcd == 1
assert (k * x) % p == 1
return x % p
# Functions that work on curve points #########################################
def is_on_curve(point):
"""Returns True if the given point lies on the elliptic curve."""
if point is None:
# None represents the point at infinity.
return True
x, y = point
return (y * y - x * x * x - curve.a * x - curve.b) % curve.p == 0
def point_neg(point):
"""Returns -point."""
assert is_on_curve(point)
if point is None:
# -0 = 0
return None
x, y = point
result = (x, -y % curve.p)
assert is_on_curve(result)
return result
def point_add(point1, point2):
"""Returns the result of point1 + point2 according to the group law."""
assert is_on_curve(point1)
assert is_on_curve(point2)
if point1 is None:
# 0 + point2 = point2
return point2
if point2 is None:
# point1 + 0 = point1
return point1
x1, y1 = point1
x2, y2 = point2
if x1 == x2 and y1 != y2:
# point1 + (-point1) = 0
return None
if x1 == x2:
# This is the case point1 == point2.
m = (3 * x1 * x1 + curve.a) * inverse_mod(2 * y1, curve.p)
else:
# This is the case point1 != point2.
m = (y1 - y2) * inverse_mod(x1 - x2, curve.p)
x3 = m * m - x1 - x2
y3 = y1 + m * (x3 - x1)
result = (x3 % curve.p,
-y3 % curve.p)
assert is_on_curve(result)
return result
def scalar_mult(k, point):
"""Returns k * point computed using the double and point_add algorithm."""
assert is_on_curve(point)
if k % curve.n == 0 or point is None:
return None
if k < 0:
# k * point = -k * (-point)
return scalar_mult(-k, point_neg(point))
result = None
addend = point
while k:
if k & 1:
# Add.
result = point_add(result, addend)
# Double.
addend = point_add(addend, addend)
k >>= 1
assert is_on_curve(result)
return result
# Keypair generation and ECDSA ################################################
def make_keypair(private):
"""Generates a random private-public key pair."""
private_key = private#random.randrange(1, curve.n)
public_key = scalar_mult(private_key, curve.g)
return private_key, public_key
def hash_message(message):
"""Returns the truncated SHA512 hash of the message."""
message_hash = hashlib.sha512(message).digest()
e = int.from_bytes(message_hash, 'big')
# FIPS 180 says that when a hash needs to be truncated, the rightmost bits
# should be discarded.
z = e >> (e.bit_length() - curve.n.bit_length())
assert z.bit_length() <= curve.n.bit_length()
return z
def sign_message(private_key, message,nonce):
z = hash_message(message)
r = 0
s = 0
half_mod=57896044618658097711785492504343953926418782139537452191302581570759080747169
while not r or not s:
k = nonce# random.randrange(1, curve.n)
x, y = scalar_mult(k, curve.g)
r = x % curve.n
s = ((z + r * private_key) * inverse_mod(k, curve.n)) % curve.n
if s> half_mod:
s=curve.n -s
if s<0:
s=s%curve.n
return r, s,z
def verify_signature(public_key, message, signature):
z=message
r, s = signature
w = inverse_mod(s, curve.n)
u1 = (z * w) % curve.n
u2 = (r * w) % curve.n
x, y = point_add(scalar_mult(u1, curve.g),
scalar_mult(u2, public_key))
if (r % curve.n) == (x % curve.n):
return 'signature matches'
else:
return 'invalid signature'
def egcd(a, b):
"Euclidean greatest common divisor"
if a == 0:
return (b, 0, 1)
else:
g, y, x = egcd(b % a, a)
return (g, x - (b // a) * y, y)
def modinv(a, m):
"Modular inverse"
# in Python 3.8 you can simply return pow(a,-1,m)
g, x, y = egcd(a, m)
if g != 1:
raise Exception('modular inverse does not exist')
else:
return x % m
def make_val(priv,nonce,msg,id):
private, public = make_keypair(priv)
r,s,z = sign_message(private, msg,nonce)
print()
print("tra"+str(id)+"=", id)
print("z"+str(id)+"=",z)
print("r"+str(id)+"=",r)
print("s"+str(id)+"=",s)
return private,public,nonce,r,s,z
import random
a=2**119 # min nonce range
c=2**120 # max nonce range
priv=random.randrange(a,c) # here put real privatekey for testing address
print("priv=",priv)
for i in range(1,22):
priv=priv
nonce=random.randrange(a,c)
war= str(os.urandom(25)) + str(nonce) # message for hash you can change
msg= bytes(war, 'utf-8')
make_val(priv,nonce,msg,i)
Jump to: