EXTRA SPEED: .....
Punch your keyboard and take SHA256 of the results. It's way much better than using an online third party RNG.
I actually tried this... it worked great! Thanks!
Topic: How to Create a Bitcoin Receive Address from a Coin Flip - page 2. (Read 14723 times)
EXTRA SPEED: .....
Punch your keyboard and take SHA256 of the results. It's way much better than using an online third party RNG.
I actually tried this... it worked great! Thanks!
The only thing I claim is safe is: 1) its done offline, 2) its done randomly, and 3) no one can know the method of creation. I will stick by that maxim. < this is the essence of the thread
I don't see the need for (3). Indeed, if (3) is at all useful to your security then I'd claim that you're not introducing enough entropy at step (2) and are being forced to rely on the extra entropy of your method being one among many plausible alternatives.
Certainly, 256 coin flips provides sufficient entropy. I believe 128 coin-flips is enough for critical cold storage even with the method known but I'm not a cryptographer.
While this is true, (3) may be important in case (2) is not perfectly knowable.
If I know all of the circumstances surrounding your coin flips (from even a little bit, up to even the extreme of covert surveillance of your flipping), then (3) would have been helpful to you. The less others know of your method, the more of your secrets are secret.
Maybe you have your phone with you, and I can turn your phone't mic or camera on via remote. Maybe I can hear whether you are writing an H or a T or a 1 or 0 by the noise you make while doing it? The more I know of your process, the worse it is for you.
The only thing I claim is safe is: 1) its done offline, 2) its done randomly, and 3) no one can know the method of creation. I will stick by that maxim. < this is the essence of the thread
I don't see the need for (3). Indeed, if (3) is at all useful to your security then I'd claim that you're not introducing enough entropy at step (2) and are being forced to rely on the extra entropy of your method being one among many plausible alternatives.
Certainly, 256 coin flips provides sufficient entropy. I believe 128 coin-flips is enough for critical cold storage even with the method known but I'm not a cryptographer.
1. I agree that my measly .05 BTC of bait is not a real enticement. But it would demonstrate if someone had maliciously swiped the code and was using the site to swipe private keys no matter the balance.
2. I appreciate gmaxwell's point and I added warnings based on his point. This thread is however, about creating the private key with a coin flip not a web site. Using a site like random.org is ancillary to the thread and I marked it "educational only."
3. The only thing I claim is safe is: 1) its done offline, 2) its done randomly, and 3) no one can know the method of creation. I will stick by that maxim. < this is the essence of the thread
Agree with all of this 2. I appreciate gmaxwell's point and I added warnings based on his point. This thread is however, about creating the private key with a coin flip not a web site. Using a site like random.org is ancillary to the thread and I marked it "educational only."
3. The only thing I claim is safe is: 1) its done offline, 2) its done randomly, and 3) no one can know the method of creation. I will stick by that maxim. < this is the essence of the thread
and with the recent revelations:http://www.cbc.ca/news/technology/nsa-hid-spying-software-in-hard-drive-firmware-report-says-1.2959252
the method is very attractive, still I'd stick with the 64 hex dice rolls over the 256 coin flips.
EXTRA SPEED: .....
Punch your keyboard and take SHA256 of the results. It's way much better than using an online third party RNG.
I will argue that 256 coin flips from random.org is the best random number possibility available. And assuming that you push the results through an offline computer using brainwallet offline, you will have a VERY SAFE, VERY RANDOM private key.
LOL. A "VERY SAFE" number which is trivially known to a third party. Is someone at "random.org" paying you to encourage people to have them generate their private keys, or did you come by this cluelessness naturally?I haven't looked recently but last I checked random.org methods were secret and not peer reviewed. So not only may the results be trivially maliciously logged (by the site operators or anyone whos compromised their system; or the operators of the VPSes they use (rackspace cloud)), they're probably more likely to be accidentally flawed because their methods are not reviewed.
A. Attacking an idea or postulate is a great thing. Attacking a person and calling them "clueless" is ad hominem and is below your status as a moderator of this board.
B. Random.org is peer reviewed here https://www.random.org/media As well as tested by third party orgs like http://www.ecogra.org/ Their methods are not secret but they are not public either.
C. So lets examine your logic: Since random.org (peer reviewed, certified and in business since 1998) creates a buffer in advance full of billions of ones and zeroes and since it uses https, someone could log the front end usage of these ones and zeros after they leave the buffer and before they hit the https (side note on magnitude: these ones and zeroes from the buffer are used for ALOT of different applications on the site other than coin flips), track the usage by ip, collect and then echo the data once an ip pulls precisely 256 bits of data, run the bits through a key generator, (also try various combinations of the 256bit sequence like only look at the last 256 bits, since the first x bits could have been a test), create a database to collect all of these new bitcoin address and repeatedly query the entire blockchain to see if any of the addresses are extant. If any one address is extant and holds bitcoins, import the corresponding key into a wallet and steal the bitcoins. OK... I will concede. This may be possible. Its not likely considering the high level access, the subterfuge necessary, and the high number of bitcoin addresses to generate & query; not probable, but maybe possible.
So to test your theory I am going to publish a bitcoin address that I created using random.org, leave some BTC there and see if they evaporate. If they magically walk away, then we will know that someone at random.org is malicious. If nothing happens, then Im going to stick with my "SAFE" comment. I will however add a note of caution to the thread warning people that 1) They could get struck by lightning today 2) Earth could get destroyed by a meteor in the next 5 minutes AND 3) Somebody at random.org might guess your intent out of the millions of possible intents by those who use this service, parse through the data looking for precisely 256 bits of interesting target data turn them into a bitcoin key and steal your BTC.
Dear Mythical Hacker at Random.Org: I created this address with the coin flip service on 02/07/2015. I flipped 8 coins at once using Polish Zloties. I pulled precisely 256 bits of data from the buffer to make it easy on you. Please steal my bitcoins.
Here is the address: 1DcS5pEgjnLGJ43h7znVxdcxMfx6pfaZvA
A. He may have been a little harsh, but you need to understand cryptography for some of these things. And you can't simply claim something is secure. I am trying to learn about cryptography, and all I've really learned thus far is that there is a lot out there and one can quickly do a lot of damage.
B. Those are random citations that don't any really appear to be peer review of the methods. For random.org to be tested their methods should be fully disclosed. They have a question covering this in their FAQ: https://www.random.org/faq/#Q2.2 It talks about gaming and gambling. Being verified for that is NOT the same as being verified for cryptographic purposes. Also see https://www.random.org/faq/#Q1.2 Standard security practice before using something in cryptography is that it's open to inspection and that a lot of people have looked at it. The code they use is not available so how do you know it's right.
C. In theory the whoever can access the machines they use can get to the random numbers generated. These include the hosting company, the site owners, hackers with access etc. gmaxwell did point out that the most likely source of error was a accidentally poor implementation of the random number generator process. The point is you cannot know because it's all closed source and not reviewed. So do you want to use something that is well reviewed random generator or something that may or may not be random?
A poor random generator may make it possible to solve private keys for 1 in 1000 or 1 in a 1000 000 generated using the site. The point is even 1 in 1bn is a lot (and I mean a LOT) less secure than other methods used to generate private keys. So your test address is probably safe, but how safe you won't know, because it's all closed up. Now if lots of people start using the service (like when someone start recommending them) the odds start looking a lot better for an attacker.
This is my lay understanding of the issues around something like this.
GMaxwell writes from a development point of view.
Make it provably safe therefore trustless (not requiring unusual trust).
I appreciate that view point in a developer, because it makes the code useful for very large values.
The "test" is one which uses very small bait: 1DcS5pEgjnLGJ43h7znVxdcxMfx6pfaZvA has 0.05 XBT.
It is not a very valid test. It will not entice someone with an exploit to go after those coins.
2. I appreciate gmaxwell's point and I added warnings based on his point. This thread is however, about creating the private key with a coin flip not a web site. Using a site like random.org is ancillary to the thread and I marked it "educational only."
3. The only thing I claim is safe is: 1) its done offline, 2) its done randomly, and 3) no one can know the method of creation. I will stick by that maxim. < this is the essence of the thread
Since we only generate 256 1's or 0's does that mean that there are only 256^2 possibilities?
Wow, it should be 2^256
Wow, it should be 2^256
No, generating 256 bits means there are 2^256 possibilities. For example, 1 coin flip has 2^1 possibilities, 2 coin flips have 2^2, 3 flips has 2^3, etc. The number of possibilities for n flips is the number of possibilities of n-1 flips times the number of possibilities of that nth flip, hence 2^n.
Since we only generate 256 1's or 0's does that mean that there are only 256^2 possibilities?
Wow, it should be 2^256
Wow, it should be 2^256
I will argue that 256 coin flips from random.org is the best random number possibility available. And assuming that you push the results through an offline computer using brainwallet offline, you will have a VERY SAFE, VERY RANDOM private key.
LOL. A "VERY SAFE" number which is trivially known to a third party. Is someone at "random.org" paying you to encourage people to have them generate their private keys, or did you come by this cluelessness naturally?I haven't looked recently but last I checked random.org methods were secret and not peer reviewed. So not only may the results be trivially maliciously logged (by the site operators or anyone whos compromised their system; or the operators of the VPSes they use (rackspace cloud)), they're probably more likely to be accidentally flawed because their methods are not reviewed.
A. Attacking an idea or postulate is a great thing. Attacking a person and calling them "clueless" is ad hominem and is below your status as a moderator of this board.
B. Random.org is peer reviewed here https://www.random.org/media As well as tested by third party orgs like http://www.ecogra.org/ Their methods are not secret but they are not public either.
C. So lets examine your logic: Since random.org (peer reviewed, certified and in business since 1998) creates a buffer in advance full of billions of ones and zeroes and since it uses https, someone could log the front end usage of these ones and zeros after they leave the buffer and before they hit the https (side note on magnitude: these ones and zeroes from the buffer are used for ALOT of different applications on the site other than coin flips), track the usage by ip, collect and then echo the data once an ip pulls precisely 256 bits of data, run the bits through a key generator, (also try various combinations of the 256bit sequence like only look at the last 256 bits, since the first x bits could have been a test), create a database to collect all of these new bitcoin address and repeatedly query the entire blockchain to see if any of the addresses are extant. If any one address is extant and holds bitcoins, import the corresponding key into a wallet and steal the bitcoins. OK... I will concede. This may be possible. Its not likely considering the high level access, the subterfuge necessary, and the high number of bitcoin addresses to generate & query; not probable, but maybe possible.
So to test your theory I am going to publish a bitcoin address that I created using random.org, leave some BTC there and see if they evaporate. If they magically walk away, then we will know that someone at random.org is malicious. If nothing happens, then Im going to stick with my "SAFE" comment. I will however add a note of caution to the thread warning people that 1) They could get struck by lightning today 2) Earth could get destroyed by a meteor in the next 5 minutes AND 3) Somebody at random.org might guess your intent out of the millions of possible intents by those who use this service, parse through the data looking for precisely 256 bits of interesting target data turn them into a bitcoin key and steal your BTC.
Dear Mythical Hacker at Random.Org: I created this address with the coin flip service on 02/07/2015. I flipped 8 coins at once using Polish Zloties. I pulled precisely 256 bits of data from the buffer to make it easy on you. Please steal my bitcoins.
Here is the address: 1DcS5pEgjnLGJ43h7znVxdcxMfx6pfaZvA
A. He may have been a little harsh, but you need to understand cryptography for some of these things. And you can't simply claim something is secure. I am trying to learn about cryptography, and all I've really learned thus far is that there is a lot out there and one can quickly do a lot of damage.
B. Those are random citations that don't any really appear to be peer review of the methods. For random.org to be tested their methods should be fully disclosed. They have a question covering this in their FAQ: https://www.random.org/faq/#Q2.2 It talks about gaming and gambling. Being verified for that is NOT the same as being verified for cryptographic purposes. Also see https://www.random.org/faq/#Q1.2 Standard security practice before using something in cryptography is that it's open to inspection and that a lot of people have looked at it. The code they use is not available so how do you know it's right.
C. In theory the whoever can access the machines they use can get to the random numbers generated. These include the hosting company, the site owners, hackers with access etc. gmaxwell did point out that the most likely source of error was a accidentally poor implementation of the random number generator process. The point is you cannot know because it's all closed source and not reviewed. So do you want to use something that is well reviewed random generator or something that may or may not be random?
A poor random generator may make it possible to solve private keys for 1 in 1000 or 1 in a 1000 000 generated using the site. The point is even 1 in 1bn is a lot (and I mean a LOT) less secure than other methods used to generate private keys. So your test address is probably safe, but how safe you won't know, because it's all closed up. Now if lots of people start using the service (like when someone start recommending them) the odds start looking a lot better for an attacker.
This is my lay understanding of the issues around something like this.
GMaxwell writes from a development point of view.
Make it provably safe therefore trustless (not requiring unusual trust).
I appreciate that view point in a developer, because it makes the code useful for very large values.
The "test" is one which uses very small bait: 1DcS5pEgjnLGJ43h7znVxdcxMfx6pfaZvA has 0.05 XBT.
It is not a very valid test. It will not entice someone with an exploit to go after those coins.
I will argue that 256 coin flips from random.org is the best random number possibility available. And assuming that you push the results through an offline computer using brainwallet offline, you will have a VERY SAFE, VERY RANDOM private key.
LOL. A "VERY SAFE" number which is trivially known to a third party. Is someone at "random.org" paying you to encourage people to have them generate their private keys, or did you come by this cluelessness naturally?I haven't looked recently but last I checked random.org methods were secret and not peer reviewed. So not only may the results be trivially maliciously logged (by the site operators or anyone whos compromised their system; or the operators of the VPSes they use (rackspace cloud)), they're probably more likely to be accidentally flawed because their methods are not reviewed.
A. Attacking an idea or postulate is a great thing. Attacking a person and calling them "clueless" is ad hominem and is below your status as a moderator of this board.
B. Random.org is peer reviewed here https://www.random.org/media As well as tested by third party orgs like http://www.ecogra.org/ Their methods are not secret but they are not public either.
C. So lets examine your logic: Since random.org (peer reviewed, certified and in business since 1998) creates a buffer in advance full of billions of ones and zeroes and since it uses https, someone could log the front end usage of these ones and zeros after they leave the buffer and before they hit the https (side note on magnitude: these ones and zeroes from the buffer are used for ALOT of different applications on the site other than coin flips), track the usage by ip, collect and then echo the data once an ip pulls precisely 256 bits of data, run the bits through a key generator, (also try various combinations of the 256bit sequence like only look at the last 256 bits, since the first x bits could have been a test), create a database to collect all of these new bitcoin address and repeatedly query the entire blockchain to see if any of the addresses are extant. If any one address is extant and holds bitcoins, import the corresponding key into a wallet and steal the bitcoins. OK... I will concede. This may be possible. Its not likely considering the high level access, the subterfuge necessary, and the high number of bitcoin addresses to generate & query; not probable, but maybe possible.
So to test your theory I am going to publish a bitcoin address that I created using random.org, leave some BTC there and see if they evaporate. If they magically walk away, then we will know that someone at random.org is malicious. If nothing happens, then Im going to stick with my "SAFE" comment. I will however add a note of caution to the thread warning people that 1) They could get struck by lightning today 2) Earth could get destroyed by a meteor in the next 5 minutes AND 3) Somebody at random.org might guess your intent out of the millions of possible intents by those who use this service, parse through the data looking for precisely 256 bits of interesting target data turn them into a bitcoin key and steal your BTC.
Dear Mythical Hacker at Random.Org: I created this address with the coin flip service on 02/07/2015. I flipped 8 coins at once using Polish Zloties. I pulled precisely 256 bits of data from the buffer to make it easy on you. Please steal my bitcoins.
Here is the address: 1DcS5pEgjnLGJ43h7znVxdcxMfx6pfaZvA
A. He may have been a little harsh, but you need to understand cryptography for some of these things. And you can't simply claim something is secure. I am trying to learn about cryptography, and all I've really learned thus far is that there is a lot out there and one can quickly do a lot of damage.
B. Those are random citations that don't any really appear to be peer review of the methods. For random.org to be tested their methods should be fully disclosed. They have a question covering this in their FAQ: https://www.random.org/faq/#Q2.2 It talks about gaming and gambling. Being verified for that is NOT the same as being verified for cryptographic purposes. Also see https://www.random.org/faq/#Q1.2 Standard security practice before using something in cryptography is that it's open to inspection and that a lot of people have looked at it. The code they use is not available so how do you know it's right.
C. In theory the whoever can access the machines they use can get to the random numbers generated. These include the hosting company, the site owners, hackers with access etc. gmaxwell did point out that the most likely source of error was a accidentally poor implementation of the random number generator process. The point is you cannot know because it's all closed source and not reviewed. So do you want to use something that is well reviewed random generator or something that may or may not be random?
A poor random generator may make it possible to solve private keys for 1 in 1000 or 1 in a 1000 000 generated using the site. The point is even 1 in 1bn is a lot (and I mean a LOT) less secure than other methods used to generate private keys. So your test address is probably safe, but how safe you won't know, because it's all closed up. Now if lots of people start using the service (like when someone start recommending them) the odds start looking a lot better for an attacker.
This is my lay understanding of the issues around something like this.
For the Hex Dice, I'd like to see them in happy homes:
BTC0.05 for a pair will get me off my butt to get them shipped to you in the USA, for international, probably a bit more. Let me know where you are and I'll let you know how much more.
BTC0.05 for a pair will get me off my butt to get them shipped to you in the USA, for international, probably a bit more. Let me know where you are and I'll let you know how much more.
It's a nice idea, but if you are doing coin flipping as a way to have "perfect" randomness, then you are rather spoiling the effort by having it touch any online computer system. I would rather just use bitcoin core on a linux livecd which I'd trust way more than any of the sites you linked.
i.e. suggesting mathisisfun.com website. Hey hackers, go compromise mathisfun.com, a fun little side project for you, maybe you'll find yourself some private keys.
Or maybe OP is the hacker who has already done so. Clever!
I would definitely be interested in seeing a tiny little script with no external dependencies that can be run on an offline system.
(Or excel/open office equations that I can copy+paste myself).
i.e. suggesting mathisisfun.com website. Hey hackers, go compromise mathisfun.com, a fun little side project for you, maybe you'll find yourself some private keys.
Or maybe OP is the hacker who has already done so. Clever!
I would definitely be interested in seeing a tiny little script with no external dependencies that can be run on an offline system.
(Or excel/open office equations that I can copy+paste myself).
- I'm working on the excel. I have the sha256 and base58 working in excel, just hung up on RIPEMD-160...but i'm close
- Also all of the links I suggested have "offline" capability.
It's a nice idea, but if you are doing coin flipping as a way to have "perfect" randomness, then you are rather spoiling the effort by having it touch any online computer system. I would rather just use bitcoin core on a linux livecd which I'd trust way more than any of the sites you linked.
i.e. suggesting mathisisfun.com website. Hey hackers, go compromise mathisfun.com, a fun little side project for you, maybe you'll find yourself some private keys.
Or maybe OP is the hacker who has already done so. Clever!
I would definitely be interested in seeing a tiny little script with no external dependencies that can be run on an offline system.
(Or excel/open office equations that I can copy+paste myself).
i.e. suggesting mathisisfun.com website. Hey hackers, go compromise mathisfun.com, a fun little side project for you, maybe you'll find yourself some private keys.
Or maybe OP is the hacker who has already done so. Clever!
I would definitely be interested in seeing a tiny little script with no external dependencies that can be run on an offline system.
(Or excel/open office equations that I can copy+paste myself).
Cool idea. So decentralized ...
Please please please do not do this. The cryptosystem which Bitcoin keys and addresses are part of assumes for its security that its private keys are uniformly random numbers. Flipping coins by hand will definitely not give uniformly random numbers, and is probably so biased (depending on your hand, the coin, what side you pick it up from, the surface it lands on, etc, etc) that you can measure it yourself by just flipping a coin and counting the zeroes and ones.
If you swap out one component of a cryptosystem for another you have constructed a new cryptosystem and need to argue its security. And I guarantee you won't find a good security argument for "Bitcoin script with biased randomness".
To add to the presumption of insecurity that should be applied to all new cryptosystems, let me point out that much of this one is gibberish:
If you swap out one component of a cryptosystem for another you have constructed a new cryptosystem and need to argue its security. And I guarantee you won't find a good security argument for "Bitcoin script with biased randomness".
To add to the presumption of insecurity that should be applied to all new cryptosystems, let me point out that much of this one is gibberish:
Quote
Every Public Address corresponds to exactly one Private Key and vice-versa.
This is simply false.Are you talking about possible collisions?
I believe he is referring to this: https://bitcointalksearch.org/topic/how-many-possibly-bitcoin-addresses-are-there-exactly-and-how-long-does-it-24268
So there are 2^160 public keys but only 2^96 private keys? Ho does that add up?
Are there private keys than unlock more than one public key?
There are just under 2^256 private keys, just under 2^256 public keys, and 2^160 addresses. There are some addresses that have more than one corresponding public key and thus more than one corresponding private key.Are there private keys than unlock more than one public key?
Please please please do not do this. The cryptosystem which Bitcoin keys and addresses are part of assumes for its security that its private keys are uniformly random numbers. Flipping coins by hand will definitely not give uniformly random numbers, and is probably so biased (depending on your hand, the coin, what side you pick it up from, the surface it lands on, etc, etc) that you can measure it yourself by just flipping a coin and counting the zeroes and ones.
If you swap out one component of a cryptosystem for another you have constructed a new cryptosystem and need to argue its security. And I guarantee you won't find a good security argument for "Bitcoin script with biased randomness".
To add to the presumption of insecurity that should be applied to all new cryptosystems, let me point out that much of this one is gibberish:
If you swap out one component of a cryptosystem for another you have constructed a new cryptosystem and need to argue its security. And I guarantee you won't find a good security argument for "Bitcoin script with biased randomness".
To add to the presumption of insecurity that should be applied to all new cryptosystems, let me point out that much of this one is gibberish:
Quote
Every Public Address corresponds to exactly one Private Key and vice-versa.
This is simply false.Are you talking about possible collisions?
This thread reminds me of [Calvin & Hobbes](http://www.gocomics.com/calvinandhobbes/2012/11/07)
Oh fantastic, thanks for the info. I surely will try!
*** You cannot use the Brainwallet BIN to HEX converter due to the fact that Brianwallet adds a “0” place holder to every 4 bit BIN sequence. e.g. “1111” converted to HEX is “F” but Brainwallet converts it as “0F” ***
Yes, you can. Just don't add spaces to the binary.
Also, don't use random.org at all. Use a physical coin, or a known-good physical RNG, preferably one that is designed to be unbiased, truly random using physical noise, and separate from a computer.
Ahhh... you are correct! I fixed the note.
I will argue that 256 coin flips from random.org is the best random number possibility available. And assuming that you push the results through an offline computer using brainwallet offline, you will have a VERY SAFE, VERY RANDOM private key.
LOL. A "VERY SAFE" number which is trivially known to a third party. Is someone at "random.org" paying you to encourage people to have them generate their private keys, or did you come by this cluelessness naturally?I haven't looked recently but last I checked random.org methods were secret and not peer reviewed. So not only may the results be trivially maliciously logged (by the site operators or anyone whos compromised their system; or the operators of the VPSes they use (rackspace cloud)), they're probably more likely to be accidentally flawed because their methods are not reviewed.
A. Attacking an idea or postulate is a great thing. Attacking a person and calling them "clueless" is ad hominem and is below your status as a moderator of this board.
B. Random.org is peer reviewed here https://www.random.org/media As well as tested by third party orgs like http://www.ecogra.org/ Their methods are not secret but they are not public either.
C. So lets examine your logic: Since random.org (peer reviewed, certified and in business since 1998) creates a buffer in advance full of billions of ones and zeroes and since it uses https, someone could log the front end usage of these ones and zeros after they leave the buffer and before they hit the https (side note on magnitude: these ones and zeroes from the buffer are used for ALOT of different applications on the site other than coin flips), track the usage by ip, collect and then echo the data once an ip pulls precisely 256 bits of data, run the bits through a key generator, (also try various combinations of the 256bit sequence like only look at the last 256 bits, since the first x bits could have been a test), create a database to collect all of these new bitcoin address and repeatedly query the entire blockchain to see if any of the addresses are extant. If any one address is extant and holds bitcoins, import the corresponding key into a wallet and steal the bitcoins. OK... I will concede. This may be possible. Its not likely considering the high level access, the subterfuge necessary, and the high number of bitcoin addresses to generate & query; not probable, but maybe possible.
So to test your theory I am going to publish a bitcoin address that I created using random.org, leave some BTC there and see if they evaporate. If they magically walk away, then we will know that someone at random.org is malicious. If nothing happens, then Im going to stick with my "SAFE" comment. I will however add a note of caution to the thread warning people that 1) They could get struck by lightning today 2) Earth could get destroyed by a meteor in the next 5 minutes AND 3) Somebody at random.org might guess your intent out of the millions of possible intents by those who use this service, parse through the data looking for precisely 256 bits of interesting target data turn them into a bitcoin key and steal your BTC.
Dear Mythical Hacker at Random.Org: I created this address with the coin flip service on 02/07/2015. I flipped 8 coins at once using Polish Zloties. I pulled precisely 256 bits of data from the buffer to make it easy on you. Please steal my bitcoins.
Here is the address: 1DcS5pEgjnLGJ43h7znVxdcxMfx6pfaZvA
Jump to: