Game 2: First person to crack this gets 5 BTC [SOLVED]

dani147624

newbie

Activity: 22

Merit: 0

Quote from: Ean on January 14, 2012, 02:19:24 PM

Quote from: dani147624 on January 14, 2012, 07:01:05 AM

Damn it!

Doing the operations was my first idea... I managed to force pywallet to output something in hex, which I beleived, were the numbers:

33 + caea7cc3f8b198101e0f7ffb0eeb2e8c85ce9e72cc628990f30f41183aa6eba58761c239d03ded / 019385 (all in hex)

Doing these operations in gcalctool I ended up with this solution: 80BBC798A19A21A8BCEAA022375B1B73C73EF466CBE5B48D1DB1C195B26CC4603DDC2F897C

However, when this was imported into my wallet.dat, I didn't get the bitcoins (bitcoin was restarted with -rescan). What did I screw up?

The base58-key kontains 5 additional bytes that the hex-version do not. The blue part is the actual key:
80BBC798A19A21A8BCEAA022375B1B73C73EF466CBE5B48D1DB1C195B26CC4603DDC2F897C

Now that I think about it, pywallet probably didn't allow me to import the long key, so I deleted the last 5 bytes... Turns out I should have deleted the first byte and the last 4 bytes instead... Well, anyway, thanks for pointing that out.

scintill

sr. member

Activity: 448

Merit: 254

Quote from: dani147624 on January 14, 2012, 07:01:05 AM

Damn it!

Doing the operations was my first idea... I managed to force pywallet to output something in hex, which I beleived, were the numbers:

33 + caea7cc3f8b198101e0f7ffb0eeb2e8c85ce9e72cc628990f30f41183aa6eba58761c239d03ded / 019385 (all in hex)

Doing these operations in gcalctool I ended up with this solution: 80BBC798A19A21A8BCEAA022375B1B73C73EF466CBE5B48D1DB1C195B26CC4603DDC2F897C

However, when this was imported into my wallet.dat, I didn't get the bitcoins (bitcoin was restarted with -rescan). What did I screw up?

Ouch, bummer man. Sad

Quote from: Remember remember the 5th of November on January 14, 2012, 02:08:37 PM

Dani, a private key begins with a 5. That is quite different from a privkey.

A Wallet Import Format key does, but what he posted does indeed contain the hex private key, as Ean explains.

Ean

full member

Activity: 199

Merit: 100

Quote from: dani147624 on January 14, 2012, 07:01:05 AM

Damn it!

Doing the operations was my first idea... I managed to force pywallet to output something in hex, which I beleived, were the numbers:

33 + caea7cc3f8b198101e0f7ffb0eeb2e8c85ce9e72cc628990f30f41183aa6eba58761c239d03ded / 019385 (all in hex)

Doing these operations in gcalctool I ended up with this solution: 80BBC798A19A21A8BCEAA022375B1B73C73EF466CBE5B48D1DB1C195B26CC4603DDC2F897C

However, when this was imported into my wallet.dat, I didn't get the bitcoins (bitcoin was restarted with -rescan). What did I screw up?

The base58-key kontains 5 additional bytes that the hex-version do not. The blue part is the actual key:
80BBC798A19A21A8BCEAA022375B1B73C73EF466CBE5B48D1DB1C195B26CC4603DDC2F897C

altuin

newbie

Activity: 42

Merit: 0

Congratz Melman

Remember remember the 5th of November

legendary

Activity: 1862

Merit: 1011

Reverse engineer from time to time

Dani, a private key begins with a 5. That is quite different from a privkey.

dani147624

newbie

Activity: 22

Merit: 0

Damn it!

Doing the operations was my first idea... I managed to force pywallet to output something in hex, which I beleived, were the numbers:

33 + caea7cc3f8b198101e0f7ffb0eeb2e8c85ce9e72cc628990f30f41183aa6eba58761c239d03ded / 019385 (all in hex)

Doing these operations in gcalctool I ended up with this solution: 80BBC798A19A21A8BCEAA022375B1B73C73EF466CBE5B48D1DB1C195B26CC4603DDC2F897C

However, when this was imported into my wallet.dat, I didn't get the bitcoins (bitcoin was restarted with -rescan). What did I screw up?

xzion

member

Activity: 96

Merit: 10

wasn't using the correct order of operations. doh!

MelMan2002

sr. member

Activity: 461

Merit: 251

Quote from: Ean on January 13, 2012, 07:35:59 PM

Quote from: scintill on January 13, 2012, 07:29:52 PM

I'm curious Ean, did you purposely camouflage this to look like base64, even the same length as the last one?

Of course.

Yes, very clever Ean - I enjoyed the challenge.

Thank you!

Ean

full member

Activity: 199

Merit: 100

Quote from: scintill on January 13, 2012, 07:29:52 PM

I'm curious Ean, did you purposely camouflage this to look like base64, even the same length as the last one?

Of course.

scintill

sr. member

Activity: 448

Merit: 254

Good job, MelMan2002!

If anyone else is wondering, here's how I replicated the result in PHP:

Code:

// adapted from
// http://darklaunch.com/2009/08/07/base58-encode-and-decode-using-php-with-example-base58-encode-base58-decode
function base58_decode($num) {
    $alphabet = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
    $len = strlen($num);
    $decoded = 0;
    $multi = 1;

    for ($i = $len - 1; $i >= 0; $i--) {
        $decoded = bcadd($decoded, bcmul($multi, strpos($alphabet, $num[$i])));
        $multi = bcmul($multi, strlen($alphabet));
    }

    return $decoded;
}

function base58_encode($num) {
    $alphabet = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
    $base_count = strlen($alphabet);
    $encoded = '';

    while (bccomp($num, $base_count) >= 0) {
        $div = bcdiv($num, $base_count, 0);
        $mod = bcsub($num, bcmul($base_count, $div));
        $encoded = $alphabet[$mod] . $encoded;
        $num = $div;
    }

    if ($num) {
        $encoded = $alphabet[(int)$num] . $encoded;
    }

    return $encoded;
}

// http://us2.php.net/manual/en/ref.bc.php#99130
function bcdechex($dec) {
    $last = bcmod($dec, 16);
    $remain = bcdiv(bcsub($dec, $last), 16);

    if($remain == 0) {
        return dechex($last);
    } else {
        return bcdechex($remain).dechex($last);
    }
}

$num = base58_decode('3HVMPwe1rr96QryQdZtZt1LWfcXnEFSG9rKiRuv8ewxwvUmZMH1zwn');

$num = bcdiv($num, base58_decode('Xi4'));
$key = bcadd(base58_decode('t'), $num);
echo base58_encode($num), "\n";
echo substr(bcdechex($num), 2, 64), "\n";

(No warranty or anything on this code Wink

)

If I paste the base58 output into the WIF field on Casascius' address utility, appending "?", it calculates the correct private address and adjusts the WIF to match the correct answer. I'm not sure if this adjustment is because of a bug in my program, or if it's part of the checksum stuff.

The hex goes in fine, although I'll have to read about base58check to see why the substr is necessary.

I'm curious Ean, did you purposely camouflage this to look like base64, even the same length as the last one? If so it seems to have been effective!

Ean

full member

Activity: 199

Merit: 100

I used these python functions for the conversion to and from integer numbers:

Code:

__b58chars = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
__b58base = len(__b58chars)

def b58encode(v):
   result = []
   while v > 0:
   v, mod = divmod(v, __b58base)
   result.append(__b58chars[mod])
   return ''.join(result[::-1])

def b58decode(v):
   return sum(__b58chars.find(c) * __b58base ** i for i, c in enumerate(v[::-1]))

MelMan2002

sr. member

Activity: 461

Merit: 251

I suppose that the other option is to do the division by hand in Base58Check but...that can be rather tricky.

MelMan2002

sr. member

Activity: 461

Merit: 251

Quote from: xzion on January 13, 2012, 06:24:33 PM

can you give a bit more details on how to get the right result?
i still can't get it to work Sad

Details on Base58Check can be found here:
https://en.bitcoin.it/wiki/Base58Check_encoding

Either you find a calculator that can handle a custom number system (my searches were fruitless but I'm sure that they exist) or you convert it to a number system that you can use to do the divide and addition operations.

To convert "Xi4" to base 10, for example, you would have (30*58^2)+(41*58^1)+(3*58^0)=103301

xzion

member

Activity: 96

Merit: 10

can you give a bit more details on how to get the right result?
i still can't get it to work Sad

EDIT: nevermind, got it. good challenge!

Ean

full member

Activity: 199

Merit: 100

Quote from: MelMan2002 on January 13, 2012, 05:59:01 PM

Thought I did - have I not? Shocked

I suppose.
But I can still see them in Electrum ...

MelMan2002

sr. member

Activity: 461

Merit: 251

Thought I did - have I not? Shocked

Ean

full member

Activity: 199

Merit: 100

Quote from: MelMan2002 on January 13, 2012, 05:13:29 PM

Read the + and / as mathematical operators. The rest is in base58Check.

private key: 5KEzAJbyWBoJdjiDAMatvGTjUTurFsyweGknk8r29tUGSS7k5o9

Congratulations!
Now you just have to take the coins.

MelMan2002

sr. member

Activity: 461

Merit: 251

Read the + and / as mathematical operators. The rest is in base58Check.

private key: 5KEzAJbyWBoJdjiDAMatvGTjUTurFsyweGknk8r29tUGSS7k5o9

Ean

full member

Activity: 199

Merit: 100

It's actually closer to the answer than you think.
In a way, you don't even need to decode.

mb300sd

legendary

Activity: 1260

Merit: 1000

Drunk Posts

I can't figure it out.. If thats not base64, I have no idea where to start. I assume you're also using 7-bit since its the same length.

Topic: Game 2: First person to crack this gets 5 BTC [SOLVED] (Read 2450 times)