Author

Topic: I Gave Away Bitcoin Private Keys! - Experiment. (Read 372 times)

legendary
Activity: 3808
Merit: 7912
February 03, 2020, 12:20:53 PM
#9
as you can see, there are 6 characters that aren't required in order to find the private key in this particular case.


actually 6 characters in base58 encoding with a checksum covers two things: the 4 byte checksum and also 2 bytes of the data which is the private key. so you still have to search ~65k keys to find the correct one (the only possible result). in your special example you get lucky that compressed private keys have a fixed last byte so the number reduces to 255 keys but still it has to be searched.

Well OP used a compressed private key so luck wasn't at play in my choice of WIF.

Edit:  damn I hate posting from my phone. Had to fix the formatting.
 
legendary
Activity: 2128
Merit: 1293
There is trouble abrewing
as you can see, there are 6 characters that aren't required in order to find the private key in this particular case.

actually 6 characters in base58 encoding with a checksum covers two things: the 4 byte checksum and also 2 bytes of the data which is the private key. so you still have to search ~65k keys to find the correct one (the only possible result). in your special example you get lucky that compressed private keys have a fixed last byte so the number reduces to 255 keys but still it has to be searched.
legendary
Activity: 2268
Merit: 18771
-snip-
This is the right answer. You only need to brute force 8 characters here to be able to derive the entire private key. Given that WIF keys are in Base58Check, then the total possible combinations is 588 = 1.28*1014. Given that we know there are GPUs which can generate over 2 billion keys per second (2*109), then that number is potentially brute forcible in as little as 64,000 seconds, or about 18 hours.

As a contrast, to brute force 45 characters of a compressed WIF (52 characters minus the last 6 and the first one, which will always be "K"), the total possible combinations is 5845 = 2.26*1079, so a difference of over 1065, which turns the 18 hours above in to trillions upon trillions of years.
sr. member
Activity: 644
Merit: 364
In Code We Trust
When in terms of providing prize for someone that could crack the password of a system in particular, a private key, I think you should have an intention rather than just figuring out if there is a relative threat that supercomputers could do to the system. In such a case that incorporation of a new ideas to better strengthen the bitcoin system as what the developers and the company are doing, they are asking individuals to hack their system and in return, they will hire them for improvements.

But it seems to be that bitcoin system is already precise and well built, in addition, its protocol couldn't be change, the only possible thing we could do is to do the opposite, which is to discourage everyone to be enthusiast about cracking bitcoin private keys down.
legendary
Activity: 3808
Merit: 7912
Hello!

I recently launched a new project called BitcoinRoot.

On the website, I slowly revealed the private keys to a topped up Bitcoin wallet.

As I was presenting my new project to my own community and to other crypto communities I noticed that people were ready to deploy all sorts of scripts and apply all sorts of tools to get it cracked before anyone else to reap the prize, which was around $25.

To check out the project I have published a very short video about it here - https://www.youtube.com/watch?v=rEn5obPY5wU

Now, this brings a question. If people have an incentive to crack a private key with only 14 unknowns and with such a small prize at stake. What incentive is there for supercomputers and quantum computers to crack a million dollar worth of BTC wallets!

Is this a big concern for the future of Bitcoin?



 Seems like you didn't do all of your homework.

  The compressed WIF is a base58 encoded version of the private key to which superfluous data in the form of a leading network byte and an additionional x01 plus a 4-byte checksum suffix are added before the conversion.  There weren't 14 unknowns for calculating the private key - I would guess more like 7 or 8 unknowns.


 Random private key - 5BB6F9F60C4895ED1633996AF36512B95C4CACC801649898B828587010407F05

Compressed WIF - KzHzWbfHQk9QKWwY3yMjWGvWXuWGHDB7qjoDdA5YndCcbTUx1aFn

Compressed WIF decoded to hex - 805BB6F9F60C4895ED1633996AF36512B95C4CACC801649898B828587010407F0501BFAE1BCD

The first byte (80) and the last 5 bytes (01BFAE1BCD) are irrelevant to the private key itself:

Change the last 5 bytes to 0s
805BB6F9F60C4895ED1633996AF36512B95C4CACC801649898B828587010407F050000000000
and convert to base58 -
KzHzWbfHQk9QKWwY3yMjWGvWXuWGHDB7qjoDdA5YndCcbTHWJdNw
KzHzWbfHQk9QKWwY3yMjWGvWXuWGHDB7qjoDdA5YndCcbTUx1aFn <--- actual WIF compressed of the private key

as you can see, there are 6 characters that aren't required in order to find the private key in this particular case.

 We need not worry about supercomputers or quantum computers unless we're going to publish our nearly complete private keys' WIFs online.  I think, if we can refrain from that, our funds will be SAFU.



 
copper member
Activity: 2198
Merit: 1837
🌀 Cosmic Casino
Now, this brings a question. If people have an incentive to crack a private key with only 14 unknowns and with such a small prize at stake. What incentive is there for supercomputers and quantum computers to crack a million dollar worth of BTC wallets!

Is this a big concern for the future of Bitcoin?

Investing in super computers and quantum computers just to crack bitcoin wallets would be very costly to begin with and Knowing how bitcoin's price can drop in a single day, how sure would one be that the price of bitcoin will still be in thousands of dollars after people realize that wallets have been cracked (that is if the supercomputers even manage to crack a few)?

So it's not worth it and there is no need to be concerned.
Ucy
sr. member
Activity: 2674
Merit: 403
Compare rates on different exchanges & swap.
Interesting.

I guess it'll even be more unattractive to crack if large amount of bitcoin is split into smaller amounts (also offers better decentralization).
Coin decentralization or splitting of large amount into small amounts is indeed a good thing. Fees has to be considered though.
I think people who attempt to crack cheap private keys, will eventually understand it's a waste of money, energy, resources and time.
legendary
Activity: 2576
Merit: 1860
That is why security is always in a tight race against threats. Threats have always been around and are always considered by developers. Threats are ever present, with or without quantum computers.

Locks, vaults, secret storage, hardware wallets, encryption, and so on and so forth are basically created for safekeeping because, as what you seem to imply, people is always attracted to money. And this is also the reason why hackers are always trying to knock down security walls of wallets of exchanges. Sometimes, they succeed.

However, in terms of quantum computer, I have yet to hear a crypto expert really bothered by its potential. I have yet to hear a crypto expert voicing anxiety over the possible threat of quantum computers. The respectable Bitcoin advocate, Andreas Antonopoulos, has this to say on this threat, "zip, bupkis, nada."
member
Activity: 271
Merit: 15
Hello!

I recently launched a new project called BitcoinRoot.

On the website, I slowly revealed the private keys to a topped up Bitcoin wallet.

As I was presenting my new project to my own community and to other crypto communities I noticed that people were ready to deploy all sorts of scripts and apply all sorts of tools to get it cracked before anyone else to reap the prize, which was around $25.

To check out the project I have published a very short video about it here - https://www.youtube.com/watch?v=rEn5obPY5wU

Now, this brings a question. If people have an incentive to crack a private key with only 14 unknowns and with such a small prize at stake. What incentive is there for supercomputers and quantum computers to crack a million dollar worth of BTC wallets!

Is this a big concern for the future of Bitcoin?

Jump to: