Topic: Need Urgent Help To Recover My Old Lost Wallet (Read 411 times)

You are knocking on the wrong door, what you need is a service, a programmer could do what you are looking for in exchange of a fee.
Btw, you can't reproduce the exact conditions of when your private key was generated, the purpose of randomly generated key is to avoid reproducing it again.

I suggest to open a service request here https://bitcointalk.org/index.php?board=52.0
And ask for a willing programmer, you will see how fast you get what you need.

Good luck, hope you find your coins.

---

You know what? Now that I think about it, puzzle 120 and 125 both have 2 outputs, they never revealed the keys, if somehow some anonymous individual claimed the few bucks on your address and at the same time revealed the keys for 120 and 125 but without revealing any algorithm/ program, it would be really great, ! Right?

i have shared examples of the public key and the remaining WIF Characters , not the real one , i am aware  that this sensitive information can't be shared with anyone .


well , it's not a sold fake hex edited wallet or something like this , it's my own wallet from 2011 / 2012

nothing wrong with the case , i have been reading through Secp256k1 in the past few years and i know that it's impossible to bruteforce a 256bit private key , but in my case i have some bits missing from the end of the wif , it's not easy as i know because the checksum is missing too , so i was thinking that i can try ( even if it's not possible ) to do it through the same entropy that was core using in 2011 / 2012 .

at least i know the start range of my old private key .

i have tried to write some simple python codes that using the random module , but the problem is the random here is repeated and i need something to be done that makes the code saves the work from the last point and start from it , i guess diving in the ocean through public keys will not lead me to anything .


i think that the randomness logic that bitcoin core was using can be found in the Key.cpp in the core source code , but i don't have such knowledge to implement it through python .


so i need a little helping hand to arrange things together , maybe i know something but it's scrambled in my head so i don't know the right ordering of it .

i want to just try it , even if i fails , i have been already in this for few years .

i want to just try it , even if it fails

i am not willing to share any of my private info with anyone , i am aware of this .

It's not really "gold" since it's such a special situation, where over half of the bits of the private key is known. Just curious if someone manages to find a way where multiple transactions (with proper nonces) actually weakens the security of such a key.

I would like to say it is only joke from my side. THERE IS NO POSSIBILITY to crack in this way.


thanks Digaran, you know for what.

Don't you think paying pennies for gold is a bit of insult? If you want the challenge accepted, make it 100 btc.

Actually, let's make it a challenge.

This is a 120 bit private key with the remaining part all zeros: 5HpHagT65TZzG1PH3CSu63k8EXXXXXXXXXXXXXXXXXXXXXCggk4

This number of bits have been solved in the infamous puzzle challenge, but with great computational effort.

The address is 1HCQXqpBwLpwWQ2F2995PwcAPVkTdtpAHe - I've now used it in four transactions so that gives you four signatures. Feel free to claim it. I will in addition give you 0.03 BTC if you give a full explanation with code after claiming it.

Do u mean that you can use Lattice attack only with one signature? Have u sources or studies to show about this attack?

The problem is that the nonces are different, which when swapped means that the "private keys" are different

Little explanation.

what we know: if we have two outputs:) if one , it doesn't matter.

1.  We know:

a. partial WIF of privatekey
b. r1,s1,z1 and r2,s2,z2  ( two transactions)

2. What we can do?

a. first we must re-arrange the transactions outputs as : nonce is privatekey, and privatekeys is a nonce.!  -> yes we can

b. we know partial WIF of privatekey as nonce - we can use Monte Carlo together with LLL

c. recentering for partial integers plus BKZ or LLL.

becouse: IF OP has partial WIF example knowns MSB , not known middle, and Known LSB - it is easy even for 23 missing characters.

Post Scriptum: depends how much MSB with LSB we know - maybe we need implement enumeration.

It is possible that there is some way to use lattice attacks to reduce the problem when there are multiple signatures, but it is a different and more difficult problem than the more well known lattice attack against weak nonces, since in this case it would be assumed the nonces are not weak.

Okay, but since I've provided you puzzle #66's partial WIF, go and solve it quickly now.

I'm "nicely" asking if you just mistyped since having access to the unsolved puzzles' public keys makes more sense than getting their partial WIF.
If that's not what you mean, you must be misunderstanding the few other posts that you've replied to.

regards,

So if the puzzle creator were to spend a few satoshis from puzzle 130, you could solve the key by having the second transaction output + the existing partial WIF/key? Can you explain how do you find leakage of private key from second outputs?

You mean the unsolved puzzle output's "Public Key" right? not partial WIF.
Because otherwise this wont make any sense.

And BTW, specific puzzle output's partial WIF should be similar to the closest solved outputs' WIF since they're all encoded starting from bunch of zeroes.
Like #66's partial WIF, which should be: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3.......
Based from:

• #65: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZM21gaY8WN2CdwnTG57
• #64: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZ6FxoaD5r1kYegmtbaT
• #63: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYv5Z9J7hv7VYYN3XL3Y
• #62: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYpCemuaUp7NigjvtJug
• #61: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYmLDHsih379uP9zbHSD

@j2002ba2  has right. the QC wil not be used for "cracking" curve.

Any one who has minimal knowledge about "typing programing" of QC , knows that QC cannot be implement for decrypt anything.

Could you provide some more context? There appear to be serious development in quantum computing and quantum cryptography as far as my experience goes.

How do you "know" about QC? Did you try understanding all the formulas? I did look into it, and now I really know that quantum computers are destined to utter failure.

Quantum computing is a scam. It will never be able to do anything meaningful, besides generating noise.

No it is not the same. as I see you have  no knowledge about this. topic close.

The principle is the same, there is a private key in a certain key range that we only know the corresponding address or public key. Whether it is a WIF missing characters or a puzzle with a key intentionally created in a certain range. The methods used for finding that key is the same too.

Then why aren't you "quickly" solving the famous puzzle to claim the reward? The search space for the key there is smaller than the search space OP has.
[/quote]


Becouse I can't : I do not know the partial WIF , if you know please share, and seconds there is only one output.

This is why I can't solve  the famous puzzle. if you know math you should known that.



NotAtether:


you wrote: we all know that quantum computers will be able to defeat ECDSA, NO! , it is impossible. maybe in next thousend year.

Because, it is not guaranteed that such information will be safe from future kind of attacks, for example, we all know that quantum computers will be able to defeat ECDSA and use the transactions of public keys to get the private key back without even using any WIF characters, so why make the OP take an unnecessary (even if its theoretically unpractical) risk?

No. The entropy your device generates should not be deterministic for you to reproduce it if you could find some "specs" otherwise it would not be safe to begin with.

Then why aren't you "quickly" solving the famous puzzle to claim the reward? The search space for the key there is smaller than the search space OP has.

 

 
[/quote]
Yeah, so you have tested it, with how many missing characters exactly? Was it 21 or 19 missing? THIS IS TRUE, you can't solve such a key "very quickly". I'd love to see how you can help! show us the magic.
[/quote]


digaran it is not magic , real normal math with implement some kinds additional operation on curve. it is not magic, there is no magic stuff. I will explain little more with recentering and partial integer signatures with LLL

nothing more. There is no magic there are only relations.


to OP: please show the public key and the wif

Could you give us the public address of your wallet?

Yeah, so you have tested it, with how many missing characters exactly? Was it 21 or 19 missing? THIS IS TRUE, you can't solve such a key "very quickly". I'd love to see how you can help! show us the magic.

THIS IS NOT TRUE! if on btc address are spent transactions , and you have remaining of the WIF  characters, you can solve very quickly.
I have tested:) I can help

Are you talking to me or advising others against me? Lol, even if OP shared both public key and the remaining of the WIF  characters, nobody could solve the key in a few thousand  years, a 256 bit private key is not something we could simply brute force.

I don't know if there is a public key, but this seems more like a sold wallet case where the buyer thinks he can get help from here to find his fortune.  No public key/ address, means there is something wrong with this case.

Are you asking if you can use the same derivation path?

DO NOT share such information with anyone here or in your personal message.

- Jay -

Can you share the public key and then the characters of your WIF which you have?

What do you mean you have the device entropy details?

When generating a private key, your computer collects entropy from various sources. Mouse movements, network activity, thermal noise etc. You can't just redo the process and expect to get the same entropy, because the entropy is dependent on beyond RAM and probably other hardware info. In fact, I think that preventing the recovery of an entropy is what the Cryptographically Secure Random Number Generator is trying to accomplish in the first place, for if it wasn't, other programs could work out your private keys.

No, even if you have the same specs as your old specs when you generated this WIF key it's still impossible to recover the missing 21 characters it would take decades to brute force these missing characters.

I think you were thinking that you can generate the same WIF key by having the same entropy that is impossible never heard someone succeed in doing this even me I tried that thing past year's ago without success, I just want to recover my old private key due to backup corruption but no it doesn't work.

Be careful on the post below that asks for public addresses and the WIF key with missing characters.

i have opened a topic here in the past year asking if i could recover my missing wif characters

https://bitcointalksearch.org/topic/my-own-bitcoin-wif-missing-characters-help-5407589

Since i was trying to recover my 21 Wif missing character over the past few years with No Luck i was so disappointed , yes i know that 21 characters is too much , too much bits missing to be bruteforced  .

i have a question but due my lack of knowledge i need some help .


could i use my exact device entropy details that was used to generate the private key through bitcoin core in 2011 or 2012


i have my exact old computer specs and the exact ram memory that was used and other important info .

if this possible i want a python code or something using this entropy details i could try to hope to find a collision to my address or the change addresses in my wallet at that time .


any help will be appreciated too much