Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 14. (Read 60037 times)

legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
April 27, 2023, 06:16:00 AM

That AI-generated version of my shiftdown is horseshit and will promptly be reported for spam.

Chat gpt version 4 considers the second option to be more visual and productive in terms of using intermediate results.  Grin

On a more serious note, don't use that script. It's slow. I made a C++ shiftdown that is 8x faster than this Python on a single thread, using GMP.

PM me if you want the download. It is not FOSS.
copper member
Activity: 205
Merit: 1
April 27, 2023, 06:00:18 AM

That AI-generated version of my shiftdown is horseshit and will promptly be reported for spam.

Chat gpt version 4 considers the second option to be more visual and productive in terms of using intermediate results.  Grin
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
April 27, 2023, 05:49:21 AM
I suggest using a more efficient way to generate the downscaled public keys by utilizing the add and double operations of elliptic curve cryptography. Here is a modified version of the shiftdown function:

Code:
def shiftdown(pubkey, divisor, file, convert=True):
    Q = pub2point(pubkey) if convert else pubkey
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    R = Point.identity(curve=curve.secp256k1)
    for i in range(divisor):
        R += Q # Equivalent to subtracting (divisor - i) * G
        P = k * R
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+ " " + hx+"\n") # Writes compressed key to file
    file.write("\n") # Writes compressed key to file

This modified version adds the public key Q to a running variable R, which is initially the identity element. On each loop iteration, R is incremented by Q using the add operation, which is much faster than subtracting a multiple of G. Then, the public key P is computed by multiplying R by the inverse of the divisor modulo N, using the pow function. Finally, P is written to the output file in compressed form, as before. This algorithm has a time complexity of O(divisor), which is much faster than the original algorithm's O(divisor^2) time complexity.

That AI-generated version of my shiftdown is horseshit and will promptly be reported for spam. (Although it is also possible that you just pasted my code and stole the attribution for it.)
newbie
Activity: 5
Merit: 0
April 26, 2023, 01:40:12 PM
Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)

# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
    Q = pub2point(pubkey) if convert else pubkey
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor):
        P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+ " " + hx+"\n") # Writes compressed key to file
    file.write("\n") # Writes compressed key to file

with open("input.txt", "r") as f, open("output.txt", "w") as outf:
    line = f.readline().strip()
    while line != '':
        outf.write("original: " +line + "\n")
        shiftdown(line, pow(2,1), outf)
        line = f.readline().strip()

input:
Code:
02e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13
022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4

..d13 is 4 and ...fe4 is 5

output:
Quote
original: 02e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5
02 c62c910e502cb615a27c58512b6cc2c94f5742f76cb3d12ec993400a3695d413

original: 022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4
03 5699b93fc6e1bd29e09a328d657a607b4155b61a6b5fcbedd7c12df7c67df8f5
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5


02c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 is 2

Because i know 4 is even, i know it has to be the first pubkey. Because i know 5 is odd, I know it has to be the second key.

The problem is, that in bigger numbers, you can not determine if it is odd or even.

See,if I add the pubkey of 3
Quote
original: 02f9308a019258c31049344f85f89d5229b531c845836f99b08601f113bce036f9 -> pubkey of 3
02 c62c910e502cb615a27c58512b6cc2c94f5742f76cb3d12ec993400a3695d413 -> not the halve
02 79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798 -> pubkey of 1

original: 02e493dbf1c10d80f3581e4904930b1404cc6c13900ee0758474fa94abe8c4cd13 -> pubkey of 4
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5 -> odd pubkey of 5
02 c62c910e502cb615a27c58512b6cc2c94f5742f76cb3d12ec993400a3695d413 -> even pubkey of 3

original: 022f8bde4d1a07209355b4a7250a5c5128e88b84bddc619ab7cba8d569b240efe4 -> pubkey of 5
03 5699b93fc6e1bd29e09a328d657a607b4155b61a6b5fcbedd7c12df7c67df8f5 -> not the halve
02 c6047f9441ed7d6d3045406e95c07cd85c778e4b8cef3ca7abac09b95c709ee5-> pubkey of 2

You see... You can not determine from the halve if it is the correct one.

Hi,
It is possible to automatically printed output number of decimal; which are reduced.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
April 26, 2023, 01:36:55 PM
Quote
Hi Eter,
It is possible to automatically printed output number of decimal; which are reduced.
Yes, are you wanting to print all results to a .txt file?
newbie
Activity: 5
Merit: 0
April 26, 2023, 01:20:40 PM
full member
Activity: 1232
Merit: 242
Shooters Shoot...
April 18, 2023, 11:47:13 AM
What happens if the number of dead kangaroos exceed the total kangaroo count?
And why do I see average as a few minutes sometimes and as million years other times? Is it a good sign if the average time is low?
Usually means you are in a very small range.

Would need to see your commands/flags you are passing to the program as well as input to understand more.
copper member
Activity: 1330
Merit: 899
🖤😏
April 18, 2023, 11:38:25 AM
What happens if the number of dead kangaroos exceed the total kangaroo count?
And why do I see average as a few minutes sometimes and as million years other times? Is it a good sign if the average time is low?
member
Activity: 127
Merit: 32
April 16, 2023, 04:45:57 AM
WOW! Somebody (maybe the owner) increased the unsolved puzzles prizes again by x10 😱
Now the puzzle #66 prize is 6.6 BTC, #67 is 6.7 BTC... and so on .... puzzle # 160 prize is now 16 BTC 👍🏼🥳
waouuhhh yes exactly I just saw that indeed OP raised the bonus of all #Puzzles by X10 it makes you want even more especially for the lowest ones it becomes very very interesting  Shocked Shocked Grin
jr. member
Activity: 47
Merit: 13
April 16, 2023, 01:36:22 AM
WOW! Somebody (maybe the owner) increased the unsolved puzzles prizes again by x10 😱
Now the puzzle #66 prize is 6.6 BTC, #67 is 6.7 BTC... and so on .... puzzle # 160 prize is now 16 BTC 👍🏼🥳
jr. member
Activity: 50
Merit: 1
April 02, 2023, 08:08:10 PM
i have questions about kangaroo algo, i tested it on cpu ; 30mk per s. not like bsgs 7Terrak per sec is that okey or im missing some configuration on kangaroo ? why we dont use bsgs since its faster than kangaroo ? and one more question, is kangaroo work random or sequencial ? if i put a range he will work sequ Huh thank you
hero member
Activity: 630
Merit: 731
Bitcoin g33k
March 27, 2023, 05:46:43 AM
Sure. Understood. That's why I warned about this user, this is a new user registration and he's posting always URL and writing non-sens stuff to attract users clicking on his phishing links.
copper member
Activity: 1330
Merit: 899
🖤😏
March 27, 2023, 05:28:06 AM
Hello there, where is the private key for #120?

it is
Code:
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630

and the coins were pulled on 2023/02/27
Cool story, but I asked about the Private key not public key,  he claimed to know stuff, So I tested him. 😉
hero member
Activity: 630
Merit: 731
Bitcoin g33k
March 26, 2023, 03:55:38 PM
Hello there, where is the private key for #120?

it is
Code:
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630

and the coins were pulled on 2023/02/27
copper member
Activity: 1330
Merit: 899
🖤😏
March 26, 2023, 03:34:45 PM
Hi Puzzle hunter,
Hello there, where is the private key for #120?
hero member
Activity: 630
Merit: 731
Bitcoin g33k
March 26, 2023, 01:47:54 PM
Hi Puzzle hunter,

The puzzle 120 was found using this method:
https://github.com/demining/CryptoDeepTools/tree/main/06KangarooJeanLucPons


No, it wasn't. It was found using Kangaroo from JeanLucPons and the original software and source is
https://github.com/JeanLucPons/Kangaroo

Warning at this point: if you don't trust this user and the repository he links to, don't run any code from him if you don't know what the code does. If in doubt, use the original software from JLP and not any forks that you are not sure contain malicious code.
newbie
Activity: 2
Merit: 0
March 26, 2023, 01:18:08 PM
Hi Puzzle hunter,

The puzzle 120 was found using this method:
https://github.com/demining/CryptoDeepTools/tree/main/06KangarooJeanLucPons

#120, 119bits private key [2119,2120-1], 17s2b9ksz5y7abUm92cHwG8jEPCzK3dLnT 1.20BTC

800000000000000000000000000000
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
02CEB6CBBCDBDF5EF7150682150F4CE2C6F4807B349827DCDBDD1F2EFA885A2630
Expected time: ~2 months on 256 Tesla V100.

256 GPU card x 60 days x 24h x 300watts = 110 592 kwh x 0.03$ = 3317$ electricity bills but 256k$ of gpu card ;-)

#125 will be this year too i think  Cool

newbie
Activity: 1
Merit: 1
March 20, 2023, 11:54:52 PM
Hello Kangsolvers, have you ever thought about using chat GPT to try to reduce search space based on patterns, using Fermat or regression methods for sequences? Does anyone know if there is any intuitive material about the code? I couldn't find any cool videos on YouTube, only one where the guy runs it on a cloud using processing power from multiple GPUs. I would like to produce some content in this direction and bring more Kangsolvers to the team, and maybe focus more on demystifying how difficult it is to find a key. Sometimes I show sites like privatekeys.pw to a friend, and they actually believe they can just click from page to page and become millionaires by chance. Grin

Anyway, jokes aside, I've been thinking about a possible withdrawal scenario. Let's say I find a key, hooray! Now what? What are the concerns about sending it to Binance, swapping it for dollars, and cashing out? This is obviously different in the case of puzzles.

I'm exploring some ideas and running with limited hardware here, more for studying purposes. But who knows, right? I mean, we do know, it's like a grain of sand on Jupiter lol.

Anyway, I plan to share my results and ideas here, hopefully it will be useful for newcomers, from one noob to another, lost in the secp256.
full member
Activity: 1232
Merit: 242
Shooters Shoot...
March 07, 2023, 07:49:27 AM
Hello, if my list of pubs more 1 million or more 500 millions can i use kangaroo?
are they all checked at the same time or in turn?
One at a time, or in turn as you call it.
newbie
Activity: 4
Merit: 0
March 07, 2023, 06:48:03 AM
Hello, if my list of pubs more 1 million or more 500 millions can i use kangaroo?
are they all checked at the same time or in turn?
Pages:
Jump to: