Bitcoin Forum>Other>Meta
Author

Topic: Messages signed from an address with a leaked private key (Read 448 times)

tranthidung
legendary
Activity: 2170
Merit: 3858
Farewell o_e_l_e_o
Messages signed from an address with a leaked private key
December 16, 2020, 08:24:25 AM
#12
Quote from: AB de Royse777 on December 14, 2020, 06:51:57 PM
Most probably these users did not have a clue what they were doing so really we can not question them. It was an innocent mistake from ignorance of course.  However, I was a bit suspicious before getting your point and checking the default link (LOL) https://brainwalletx.github.io/#sign
People who signed a message like that and staked their signed message on the forum did not read the guide from brainwalletx and from the topic here. They skip all fundamental guides and warnings.

Basically, they would recognize that sign a message is to prove the ownership (theirs) on that address (they must own private key to sign a message). It is weird when they do know the address they used does not belong to them. They can not know how the process goes but the address is not theirs (not sure how they can easily skip this important element).

In real life, how do I sign my signature on paper (contract, ie.) if the name is not mine?

Thanks OP for this interesting finding.  Cheesy
TheBeardedBaby
legendary
Activity: 2184
Merit: 3134
₿uy / $ell
Re: Messages signed from an address with a leaked private key
December 16, 2020, 06:32:14 AM
#11
here's some people using the same address in their profiles :
https://bitcointalksearch.org/user/crypto-549786


https://bitcointalksearch.org/user/michael-cf-1443438


Weird thing,  tho...

I still think checking the Signed Message thread for duplicates is a good idea.
Pmalek
legendary
Activity: 2730
Merit: 7065
Farewell, Leo. You will be missed!
Re: Messages signed from an address with a leaked private key
December 16, 2020, 06:10:32 AM
#10
You missed a few members.

Another newbie used that address to sign a message.
dYnamxX. This is the link.

smartcontracts100 signed a message using the same address here. You can see that from Csmiami quote of his message just below the post. But in September 2020, he edited his post and removed the signature. Not sure what he though he would achieve with that since Csmiami quoted his message. The original post can also be found on loyce.club.

Then we have vareole who used the same address here. His original post.
Little Mouse
legendary
Activity: 2044
Merit: 1981
Marketing Campaign Manager |Telegram ID- @LT_Mouse
Re: Messages signed from an address with a leaked private key
December 16, 2020, 12:29:32 AM
#9
Quote from: PrimeNumber7 on December 15, 2020, 11:51:03 PM
The address 1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN has received over 59 btc over hundreds of transactions. It is unlikely that the 11 people are the only ones that have made this mistake.
It's more a technical issue than simply calling it a mistake which most of the people may not be aware of including me. I would have done the same technical mistake if I were in the same situation. I didn't get what does exactly a blank passphrase is referring but that's what creates this address and people used this address by thinking it's their address. As you can see here- 50 BTC lost because of blank passphrase
and
here- Weird Transactions in Wallet that I didn't make, this is kind of weird to me also.
PrimeNumber7
copper member
Activity: 1624
Merit: 1899
Amazon Prime Member #7
Re: Messages signed from an address with a leaked private key
December 15, 2020, 11:51:03 PM
#8
Quote from: AB de Royse777 on December 14, 2020, 06:51:57 PM
Now everything is making sense to me.


Quote
When you try to sign a message using brainwallet, you will that address and its corresponding private key by default and you need to enter your own private key. These users simply didn't change the address, just wrote the message and clicked on "sign message" button.
Most probably these users did not have a clue what they were doing so really we can not question them. It was an innocent mistake from ignorance of course.  However, I was a bit suspicious before getting your point and checking the default link (LOL) https://brainwalletx.github.io/#sign

The address 1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN has received over 59 btc over hundreds of transactions. It is unlikely that the 11 people are the only ones that have made this mistake.



Quote from: hosseinimr93 on December 14, 2020, 05:34:55 PM
To all admins and recovery team:
Please don't accept recovery appeals made using the address above.

This is hardly the only private key that is publicly known (I would disagree with the description of "leaked" to describe this private key) that presumably new users use. There is an argument to require any signing address have a nominal unspent output in order to accept the signature.

I also believe a signed message is only one data point the recovery team looks at when deciding if they will recover an account or not. I believe they also look at things like your ISP, browser fingerprint, and possibly some other things.
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: Messages signed from an address with a leaked private key
December 15, 2020, 10:30:22 PM
#7
Quote from: AB de Royse777 on December 14, 2020, 06:32:51 PM
The most odd discovery for me. So, all these users had the same private key, and they were intentionally posting the address with signed messages? Why did they do it?

Two of those users just signed a message from that private key for the sake of OgNasty's merit thread. The rest of those users but Singertime637 posted them in the BTC address staking thread. My guess is that most of them are newbies and did not know how to create a bitcoin signed message so they went to brainwallet's site and made a signature using the default private key, and thought that was the proper way to do it.
Bitcoin_Arena
copper member
Activity: 2030
Merit: 1788
฿itcoin for all, All for ฿itcoin.
Re: Messages signed from an address with a leaked private key
December 15, 2020, 04:24:40 PM
#6
Quote from: Little Mouse on December 15, 2020, 07:56:06 AM
And surprisingly, shasan has approved a loan which have been requested by signing a message from this address  Cheesy although the loan applicant so far seems to be trusted.
It's probably because She or he was using the account as collateral, so they were obliged to pay up the loan, but they haven't been active since Jan 2019
Quote from: https://bitcointalk.org/index.php?action=trust;u=523357
shasan    2018-11-04    Reference    Gave Singertime637's 15$ PayPal loan by taking his account as collateral and s/he repaid on time.
Little Mouse
legendary
Activity: 2044
Merit: 1981
Marketing Campaign Manager |Telegram ID- @LT_Mouse
Re: Messages signed from an address with a leaked private key
December 15, 2020, 07:56:06 AM
#5
Quote from: hosseinimr93 on December 14, 2020, 05:34:55 PM
Singertime637 (signed message
And surprisingly, shasan has approved a loan which have been requested by signing a message from this address  Cheesy although the loan applicant so far seems to be trusted. The Pharmacist has given a positive feedback to that account also.
Check this- https://bitcointalksearch.org/topic/m.47605487
AB de Royse777
legendary
Activity: 2464
Merit: 3878
Visit: r7promotions.com
Re: Messages signed from an address with a leaked private key
December 14, 2020, 06:51:57 PM
#4
Now everything is making sense to me.


Quote
When you try to sign a message using brainwallet, you will that address and its corresponding private key by default and you need to enter your own private key. These users simply didn't change the address, just wrote the message and clicked on "sign message" button.
Most probably these users did not have a clue what they were doing so really we can not question them. It was an innocent mistake from ignorance of course.  However, I was a bit suspicious before getting your point and checking the default link (LOL) https://brainwalletx.github.io/#sign



hosseinimr93
legendary
Activity: 2380
Merit: 5213
Re: Messages signed from an address with a leaked private key
December 14, 2020, 06:41:59 PM
#3
Quote from: AB de Royse777 on December 14, 2020, 06:32:51 PM
By the way, "wallet" this passphrase gives me a different address which is this:
Code:
158zPR3H2yo87CZ8kLksXhx3irJMMnCFAN

What am I missing?
You are right.
It was my mistake. Sorry. I confused this address with another one.
For getting that address, you need to leave the passphrase box empty.
I edited the OP.

Quote from: AB de Royse777 on December 14, 2020, 06:32:51 PM
Before they do the new address, I would like to know their stories of using that address to sign their first message.
When you try to sign a message using brainwallet, you will see that address and its corresponding private key by default and you need to enter your own private key. These users simply didn't change the address, just wrote the message and clicked on "sign message" button.
AB de Royse777
legendary
Activity: 2464
Merit: 3878
Visit: r7promotions.com
Re: Messages signed from an address with a leaked private key
December 14, 2020, 06:32:51 PM
#2
The most odd discovery for me. So, all these users had the same private key, and they were intentionally posting the address with signed messages? Why did they do it?

I was not aware about this brainwallet demo address thing at all.

By the way, "wallet" this passphrase gives me a different address which is this:
Code:
158zPR3H2yo87CZ8kLksXhx3irJMMnCFAN



What am I missing?

Quote from: hosseinimr93 on December 14, 2020, 05:34:55 PM
To all users who have signed message from the address above:
If you are still active in the forum, sign a new message from a new address.
Before they do the new address, I would like to know their stories of using that address to sign their first message.

Edit:
I requested DaveF to send you 5 merits on me.
hosseinimr93
legendary
Activity: 2380
Merit: 5213
Re: Messages signed from an address with a leaked private key
December 14, 2020, 05:34:55 PM
#1
1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN

brainwallet is using the address above as a demo address for signing messages.


https://brainwalletx.github.io/#sign

(This address can also be generated if you don't enter anything as passphrase in brainwallet address generator and actually is the weakest brainwallet.)

There are some users in the forum that have used this address for signing message.
 
To all admins and recovery team:
Please don't accept recovery appeals made using the address above.

To all users who have signed message from the address above:
If you are still active in the forum, sign a new message from a new address.


Users below have used the address above for signing message.

RagingBull (signed message, archive)
shahzadafzal (signed message, archive)
hitrawal91 (signed message, archive)
bitcoinermatt (signed message, archive)
Singertime637 (signed message, archive)
Martin958 (signed message, archive)
hammad745 (signed message, archive)
Martin958 (signed message, archive)
Michael CF (signed message, archive)
thsaudtl1 (signed message, archive)
THINK2b44 (signed message, archive)

Three more users founded by Pmalek:
dYnamxX (signed message, archive)
smartcontracts100 (signed message, archive from loyce.club)
vareole (signed message, archive from loyce.club)

Two users have used the address above in their profile (Founded by TheBeardedBaby):
$crypto$ (archive)
Michael CF (archive)


PS:
I used Ninjastic.space to find users above. Thank you TryNinja.

Bitcoin Forum>Other>Meta
Jump to: