Pages:
Author

Topic: It is necessary to find one private key out of 10 million Bitcoin Addresses (Read 2204 times)

newbie
Activity: 2
Merit: 0
Database All Bitcoin private keys and Altcoin private keys there sites , https://allprivatekeys.com , https://privatekeys.pw

sr. member
Activity: 443
Merit: 350
Sir , Can you please share link to python script that u mentioned.
-snip-

Pls find that code below:

Code:
import gmpy2

modulo = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F
order  = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141
Gx = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798
Gy = 0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8

class Point:
    def __init__(self, x=0, y=0):
        self.x = x
        self.y = y

PG = Point(Gx,Gy)
Z = Point(0,0) # zero-point, infinite in real x,y - plane

# return (g, x, y) a*x + b*y = gcd(x, y)
def egcd(a, b):
    if a == 0:
        return (b, 0, 1)
    else:
        g, x, y = egcd(b % a, a)
        return (g, y - (b // a) * x, x)

def modinv(m, n = modulo):
    while m < 0:
        m += n
    g, x, _ = egcd(m, n)
    if g == 1:
        return x % n

    else: print (' no inverse exist')

def mul2(Pmul2, p = modulo):
    R = Point(0,0)
    #c = 3*Pmul2.x*Pmul2.x*modinv(2*Pmul2.y, p) % p
    c = 3*Pmul2.x*Pmul2.x*gmpy2.invert(2*Pmul2.y, p) % p
    R.x = (c*c-2*Pmul2.x) % p
    R.y = (c*(Pmul2.x - R.x)-Pmul2.y) % p
    return R

def add(Padd, Q, p = modulo):
    if Padd.x == Padd.y == 0: return Q
    if Q.x == Q.y == 0: return Padd
    if Padd == Q: return mul2(Q)
    R = Point()
    dx = (Q.x - Padd.x) % p
    dy = (Q.y - Padd.y) % p
    c = dy * gmpy2.invert(dx, p) % p     
    #c = dy * modinv(dx, p) % p
    R.x = (c*c - Padd.x - Q.x) % p
    R.y = (c*(Padd.x - R.x) - Padd.y) % p
    return R # 6 sub, 3 mul, 1 inv

def mulk(k, Pmulk, p = modulo):
    if k == 0: return Z
    if k == 1: return Pmulk
    if (k % 2 == 0): return mulk(k//2, mul2(Pmulk, p), p)
    return add(Pmulk, mulk((k-1)//2, mul2(Pmulk, p), p), p)

def sub(P1, P2, p = modulo): #scalar subtraction P1-P2
    if P1 == P2: return Z
    if P2.x == P2.y == 0: return P1
    return add (P1, Point(P2.x, modulo - P2.y))

def div(d, Pdiv, p = modulo): #scalar division, i.e multiplication by inverse scalar
    scalar = gmpy2.invert(d, order)
    return mulk(scalar, Pdiv, p)

mulk(x) - returns public point for x
sub - subtraction of points
div - division the point by a number
add - addition of points
jr. member
Activity: 35
Merit: 2
Sir , Can you please share link to python script that u mentioned.

What is the value of the "G - basis point" ? Thanks!

Actually G is the Point of ECDSA secp256k1 curve

in HEX:
Gx = 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
Gy = 483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

in DEC:
Gx = 55066263022277343669578718895168534326250603453777594175500187360389116729240
Gy = 32670510020758816978083085130507043184471273380659243275938904335757337482424

Visually G point is 47.55% on X ordinate and 28.21% on Y ordinate (considering that maximum X and Y values are modul value which is close to 2^256), so approx. Gx is 47.55 * 2^256 and Gy is 28.21% * 2^256
I want to understand how you found the solution for the below equation. Do you use some script?
Thanks!
Q + 13000000*G =
024154b506ab766f42fbe37f699976f84db89f4f2f6bed98325c1a0b6e326dd4e4 +
034d11d3fef403710f1332ae54d99d12e383e9ad1a87d3972ab737b0dffe359be7 =
02464e23afad4a987d1d7c93ffe1d2d1cd196b0c1999b76bf1225e229fd7a1e770

It is not simple addition and multiplication. It is scalar addition. For multiplication also the scalar addition is used. You should learn the scalar addition and multiplication in order to understan this.
Read the basics of scalar addition and multiplication here: https://medium.com/@blairlmarshall/how-does-ecdsa-work-in-bitcoin-7819d201a3ec

I made the calcualtion not manually of course, I used Python script for this (scalar multiplication and addition).

The resulting Point is always has x and y coordinates, but in the showed formula above I used compressed format (prefix 02/03 concatenated with x coordinate). There are 2 wayes to show the point - in compressed format (like was done by me) writing only x coordinate, ot in uncompressed format started with prefix 04 and concatenated with both x and y coordinates.

So, you should learn scalar addition of ECDSA points in order to understand that formula. Also you should be familiar with compressed/uncompressed format of public keys. And do not forget that private key is a number, but public key is a point. Additing one point to another poin you receive a third point. Multiplying point by a number you receive a point.
In ECDSA bitcoin curve you receive the public key of the address as the multiplication of the basis point (G) by a private key (number).

If you do not like to learn and understand all these things by yourself and need a script, write the script parameters and for small bounty I can write it for you.
sr. member
Activity: 443
Merit: 350
What is the value of the "G - basis point" ? Thanks!

Actually G is the Point of ECDSA secp256k1 curve

in HEX:
Gx = 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
Gy = 483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

in DEC:
Gx = 55066263022277343669578718895168534326250603453777594175500187360389116729240
Gy = 32670510020758816978083085130507043184471273380659243275938904335757337482424

Visually G point is 47.55% on X ordinate and 28.21% on Y ordinate (considering that maximum X and Y values are modul value which is close to 2^256), so approx. Gx is 47.55 * 2^256 and Gy is 28.21% * 2^256
I want to understand how you found the solution for the below equation. Do you use some script?
Thanks!
Q + 13000000*G =
024154b506ab766f42fbe37f699976f84db89f4f2f6bed98325c1a0b6e326dd4e4 +
034d11d3fef403710f1332ae54d99d12e383e9ad1a87d3972ab737b0dffe359be7 =
02464e23afad4a987d1d7c93ffe1d2d1cd196b0c1999b76bf1225e229fd7a1e770

It is not simple addition and multiplication. It is scalar addition. For multiplication also the scalar addition is used. You should learn the scalar addition and multiplication in order to understan this.
Read the basics of scalar addition and multiplication here: https://medium.com/@blairlmarshall/how-does-ecdsa-work-in-bitcoin-7819d201a3ec

I made the calcualtion not manually of course, I used Python script for this (scalar multiplication and addition).

The resulting Point is always has x and y coordinates, but in the showed formula above I used compressed format (prefix 02/03 concatenated with x coordinate). There are 2 wayes to show the point - in compressed format (like was done by me) writing only x coordinate, ot in uncompressed format started with prefix 04 and concatenated with both x and y coordinates.

So, you should learn scalar addition of ECDSA points in order to understand that formula. Also you should be familiar with compressed/uncompressed format of public keys. And do not forget that private key is a number, but public key is a point. Additing one point to another poin you receive a third point. Multiplying point by a number you receive a point.
In ECDSA bitcoin curve you receive the public key of the address as the multiplication of the basis point (G) by a private key (number).

If you do not like to learn and understand all these things by yourself and need a script, write the script parameters and for small bounty I can write it for you.
copper member
Activity: 68
Merit: 3
Greetings to all friends. I have such a problem. I am writing a term paper on cryptography analysis. I need to find at least one private key out of 10 million Bitcoin Addresses. All these Bitcoin addresses have a zero balance. My goal is not to make money. That is, do not enrich themselves at the expense of other people's money. This is a course and research work on cryptography. Now I can not explain everything in more detail. But to continue my research I need to know one or two private keys of 10 million Bitcoin addresses. For your help I will thank you with a certain amount of money. I uploaded these 10,000,000 bitcoin addresses to the Google Drive cloud
Find another way to contribute your quota into how Bitcoin can easily be used either than wasting your time on this. These are some of the hedges that make Bitcoin absolutely secured. Trust me, Satoshi thought of this too lmao
newbie
Activity: 43
Merit: 0
What is the value of the "G - basis point" ? Thanks!

Actually G is the Point of ECDSA secp256k1 curve

in HEX:
Gx = 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
Gy = 483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

in DEC:
Gx = 55066263022277343669578718895168534326250603453777594175500187360389116729240
Gy = 32670510020758816978083085130507043184471273380659243275938904335757337482424

Visually G point is 47.55% on X ordinate and 28.21% on Y ordinate (considering that maximum X and Y values are modul value which is close to 2^256), so approx. Gx is 47.55 * 2^256 and Gy is 28.21% * 2^256



I want to understand how you found the solution for the below equation. Do you use some script?
Thanks!
Q + 13000000*G =
024154b506ab766f42fbe37f699976f84db89f4f2f6bed98325c1a0b6e326dd4e4 +
034d11d3fef403710f1332ae54d99d12e383e9ad1a87d3972ab737b0dffe359be7 =
02464e23afad4a987d1d7c93ffe1d2d1cd196b0c1999b76bf1225e229fd7a1e770
sr. member
Activity: 443
Merit: 350
What is the value of the "G - basis point" ? Thanks!

Actually G is the Point of ECDSA secp256k1 curve

in HEX:
Gx = 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
Gy = 483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

in DEC:
Gx = 55066263022277343669578718895168534326250603453777594175500187360389116729240
Gy = 32670510020758816978083085130507043184471273380659243275938904335757337482424

Visually G point is 47.55% on X ordinate and 28.21% on Y ordinate (considering that maximum X and Y values are modul value which is close to 2^256), so approx. Gx is 47.55 * 2^256 and Gy is 28.21% * 2^256

newbie
Activity: 43
Merit: 0

In ECDSA group there is rule for point additions: for p*G=Q (where p is some key, G - basis point and Q - public key for p), and some increment number k, (p+k)*G = p*G + k*G = Q + R, where R is public point for k. It means that you can receive another address from the public key (Q) without knowing the private key (p), just making the point addition to the public point.



What is the value of the "G - basis point" ? Thanks!
sr. member
Activity: 443
Merit: 350
I guess these addresses were generated in "HD wallet" way, i.e there is a dependence between the addresses. However, only creator could say the forlmula. So, of course, knowing the private key to one address, it is possible to find all other keys.

In ECDSA group there is rule for point additions: for p*G=Q (where p is some key, G - basis point and Q - public key for p), and some increment number k, (p+k)*G = p*G + k*G = Q + R, where R is public point for k. It means that you can receive another address from the public key (Q) without knowing the private key (p), just making the point addition to the public point.

I can also generate the group of 10 million addresses, or 100 million addresses or 1 billion addresses, where knowing just 1 private key it will be possible to calculate all the others. The simpliest way is to make step equal to 1, but it is also possible to make any other step (like 1000, 10000 or other) between the neighbour keys, or even some hash to make it more complex to understand (like was implemented in HD wallets).

Example, let's take the number 2^150 (1427247692705959881058285969449495136382746624) as the private key p, (in hex: 40000000000000000000000000000000000000). The corresponding compressed legacy address for this key is 1LzavTBoHPskiD5KAmvVpV6VpN47XZ8bKz and public key Q = 024154b506ab766f42fbe37f699976f84db89f4f2f6bed98325c1a0b6e326dd4e4

So, now I take some "step" between addresses, let's say 13000000 (13 million), and knowing the pubkey Q, I calculate the point sum Q + 13000000*G = 024154b506ab766f42fbe37f699976f84db89f4f2f6bed98325c1a0b6e326dd4e4 + 034d11d3fef403710f1332ae54d99d12e383e9ad1a87d3972ab737b0dffe359be7 which is equal to 02464e23afad4a987d1d7c93ffe1d2d1cd196b0c1999b76bf1225e229fd7a1e770, and easily have the address from this pubkey 1DYKxtsVMrivdAEVvC6AnH46BKzFq3gfHo
I received this address without knowing the private key, i just add step*G (13000000*G) to the public point.
The private key for received address will be p + 13000000 = 2^150 + 13000000 = 1427247692705959881058285969449495136395746624 (in hex: 40000000000000000000000000000000C65D40)
newbie
Activity: 1
Merit: 0
I'm interested in participate in your study, and provide some help
hero member
Activity: 952
Merit: 513
I wish you good luck in being able to find a private key, but as many others have said, it is basically impossible to brute force your way into a private key due to how long it is and how many characters can formulate a private key.

You're going to need a lot of computing power, and a lot more than 10M worth of BTC addresses even if you want a chance of being able to brute force the address.

A question though - where did you get these many addresses?
legendary
Activity: 2268
Merit: 1092
Proper generated private key wil be in the 254,255,256 bits range, wih a random search it will be not feasible.


Is that 254,255,256 million or another number?

I read that as "254, or 255, or 256 bits"

Much, much larger than a few hundred million.
full member
Activity: 706
Merit: 111
Proper generated private key wil be in the 254,255,256 bits range, wih a random search it will be not feasible. So to search within a specific range will be more succesfull. I do respect my friend scorta...but you also need to have a look a this repo...https://github.com/pikachunakapika/BitCrack this repo is a fork of this repo https://github.com/brichard19/BitCrack...the difference with the Picachu fork in comparisson to the original is the added flag -r (random)...so that means you can search within a specific keyrange, with applying flag --keyspace with also a random mode...this means bigger change for succes (read also the original repo of BRichard, all flags what you will see there are also applicable with the Picachu fork...so only added the -r flag (random).
Also a big advantage of this repo's will be, they run on GPU...their is a version for CUDA (Nvidia) and OCL (AMD, Intel) depending on your GPU you will get a speed between 1 and 250 Mkeys...the app of scorta runs on CPU and will have a speed between 5 and 10 k pro CPU core...so that's a huge difference here...


Is that 254,255,256 million or another number?
hero member
Activity: 1918
Merit: 564
I think it is possible. Everything is possible when it comes to computers and algorithms but I don't think you can do it now. Why? You need a tremendous amount of resources versus the decentralized structure of the blockchain all over the world.

Therefore, to be able to do that. You have to build something that overpowers all the connections with super high internet speed and high powered processor to be able to catch that single Bitcoin address out of 10 Million Bitcoin addresses. And what do you get? Nothing. I don't think it is worth a try.
member
Activity: 616
Merit: 30
Short answer: Impossible.


Even if this is possible still this is against the law and against the will of every wallet holder,imagine someone is trying to find the private key.?what if suddenly as that address owner don’t have idea that someone is having his private key and made a deposit of amount in that wallet?meaning you can just have that money.i don’t think this is ethical to be applied

And who knows what’s the true intention behind this,what if Someone is just looking for formula to find if this is possible.

But lucky that this is IMPOSSIBLE to happen because even if OP mentioned that there is zero balance on those addresses yet this can be apply to those who has a balance
newbie
Activity: 11
Merit: 3
Proper generated private key wil be in the 254,255,256 bits range, wih a random search it will be not feasible. So to search within a specific range will be more succesfull. I do respect my friend scorta...but you also need to have a look a this repo...https://github.com/pikachunakapika/BitCrack this repo is a fork of this repo https://github.com/brichard19/BitCrack...the difference with the Picachu fork in comparisson to the original is the added flag -r (random)...so that means you can search within a specific keyrange, with applying flag --keyspace with also a random mode...this means bigger change for succes (read also the original repo of BRichard, all flags what you will see there are also applicable with the Picachu fork...so only added the -r flag (random).
Also a big advantage of this repo's will be, they run on GPU...their is a version for CUDA (Nvidia) and OCL (AMD, Intel) depending on your GPU you will get a speed between 1 and 250 Mkeys...the app of scorta runs on CPU and will have a speed between 5 and 10 k pro CPU core...so that's a huge difference here...
newbie
Activity: 11
Merit: 3
I managed to decrypt the public keys for each Bitcoin Address from the list.

Public keys: https://drive.google.com/drive/folders/1HByDJR9Ck5CdIwTl-v_IzcaVhsG8aKaA

Now I will try to extract a few private keys through the "Baby-step Giant-step" method.


What software do you use the Baby-step Giant-step method?







The baby-step giant-step method works by using a hash table to trade space for time. It's particularly easy to implement since python has hash tables nicely built in as dictionaries.

>>> crack_baby_giant(C, P, n, Q)
Priv key: d = 692847
Time: 0.356 secs

https://github.com/qubd/mini_ecdsa
full member
Activity: 546
Merit: 100
I think your study is impossible. You need to take other simple topic that you can found more reliable source of information. If you want to extend your study and your school just focus on your study because believe this is waste of your time and you will not get an accurate information about that. You are like looking a needle in a filthy area.
newbie
Activity: 5
Merit: 0
I managed to decrypt the public keys for each Bitcoin Address from the list.

Public keys: https://drive.google.com/drive/folders/1HByDJR9Ck5CdIwTl-v_IzcaVhsG8aKaA

Now I will try to extract a few private keys through the "Baby-step Giant-step" method.


What software do you use the Baby-step Giant-step method?




newbie
Activity: 11
Merit: 3
I managed to decrypt the public keys for each Bitcoin Address from the list.

Public keys: https://drive.google.com/drive/folders/1HByDJR9Ck5CdIwTl-v_IzcaVhsG8aKaA

Now I will try to extract a few private keys through the "Baby-step Giant-step" method.
Pages:
Jump to: