Topic: Pollard's kangaroo ECDLP solver - page 14. (Read 55599 times)

Just out of interest.

If I was to create a bitcoin address randomly with Bitcoin Core, Would that be created in a particular higher keyspace - 8000000000000000000000000000000000000000...ffffffffffffffffffffffffffffffffffff ffff (2159...2160-1) for example? or higher? or could it be anywhere in the whole keyspace?

Yeah, I already do that. I've found the most reliable method (most likely to result in a ban) to be a double-barreled approach!

I first document the plagiarism in LoyceV's topic and then I use "Report to moderator" on the offending post and include a link back to my "report" post.

Just use "report to moderator" button that's under the post, mods will find it much quicker than when you post it in a thread.

It's pretty lame plagiarism though, links and emoticons were not copied.

Thanks for spotting, I've reported it here. So many post thieves lately, hopefully this one gets banned! [update: user has been banned]

I hate being so suspicious, but your very first post on this forum being a plagiarism spot feels off to me. Are you stealing posts with one account and then "reporting" it with another to try and get some merit?

He is stealing the post

I wouldn't say that with 100% confidence .. any address that starts with the number "1" (i mean a p2pkh address) is prone to 160 bit range attack using private key cracking tools .. it is well known that this entire first 160 bit range has all addresses (including the 40+ millions with balance) .. this is the problem with hashing public keys .. coz you basically reduced cracking difficulty down from 256 bits to 160 bits .. however, this doesn't mean that bitcoin security got any loopholes .. just watch how only 64 bits are beating the hell out of all crackers trying to solve one address within it .. trying to go through the entire 64 bits, you would have to traverse 18 million trillion private keys .. this number is so huge that the average person will never hear about it in their lifetime coz most likely they will never need to .. ok going forward, getting out of this range and moving up one bit to 65 bit range .. is double that number .. keep doubling on every bit until you reach 160 bits and you would have to crack one quindecillion private keys .. in case you wonder, one quindecillion is a number consisting of 49 digits (1 followed by 48 zeros) .. no machine in our world is known to be able to even count through this whole range within like what, a million generations lifetime?  let alone trying to convert each pvt key to public key hash .. in simple words: practically impossible

Update: edited some wrong calcs.

Yeah I get it thanks. Still the odds of finding one remain almost the same if you scan through 2^255

You simply got it backwards ..

 One private key does NOT open 2^96 addresses
instead,
 One address can be opened by 2^96 private keys

See the difference?

Thanks for the reply!

I'm missing something...So these addresses will have different public keys or not?

Can one private key control 2^96 different wallets?

For example when I import some random private key in Electrum wallet and click on "sweep funds" am I sweeping one wallet or 2^96 different wallets?

For the public address (p2pkh) you perform the following two nested hash functions RIPEMD160(SHA256(public_key)) as far as I remember.

It doesn't spoil your further calculation too much, but the valid range for private keys is any 256-bit number from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140. Anyway, you're in the correct ballpark.  

Couldn't have said it better .. in theory, there are enormous amount of private keys that open one single wallet .. i read somewhere that they found some collisions but were empty wallets .. however, there have been no claims about finding any UTOX with collisions .. although i tend to expect that even when found, it will never be announced .. it would hurt the technology and hurt bitcoin specifically

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function

So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Did you use this Kangaroo tool? Because when I use it with multiple keys it doesn't pass to the next one if the previous key is not in the specified range. I don't know if it's only my problem or I should use a command or something.

I know all that ..for multi keys i never use kangaroo i use keyhunt BSGS mode .. it can search millions of pubkeys at a time but .. and that's a big but .. every single pubkey you add to the list, is gonna cut your speed greatly.. so it's a tradeoff .. but still, result is it would take eternity for you to calculate even a single key out of this .. like i said, tried for several months uninterrupted and got nothing .. nil .. zilch .. the 2^256 range is unimaginably large that even quantum computers would look like an infant trying to squeeze a mountain with its palm

kangaroo can search only one public key each time if have multiple pubkey setups first pubkey will be search
kangaroo can not search multiple keys in the same time because it is use pubkey that search to calculate multiply number for the search
if search multiple pubkey at the same time that means your kangaroo program or script will be worked by calculating multiply many key in the same time
JeanLucPons Kangaroo and another kangaroo in Github work by searching one key

first time I looking for kangaroo or other program that can search multiple pubkey in same time too but not have one becuase it is work by one pubkey search

You was searching 45k public keys at the same time with kangaroo?

Got it .. thanks 👍

I tried with more than 45k public keys of top btc wallets but as i expected, months and months passed without a single private key retrieved .. because in such case you are searching the entire range of private keys using your public keys with kangaroo .. and no animal in the world could ever jump that high 😉

Can anyone explain, there is any chance to use it in btc mainnet?
There is any vulnerability addresses in blockchain that can be hacked with kangaroo ecdlp solver?
Or it's nearly impossible to retrieve private key only from public key and outgoing transactions?