Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 17. (Read 60037 times)

jr. member
Activity: 48
Merit: 11
September 09, 2022, 09:46:26 PM
Congratulations to the winner!
The solution is not my. I was looking in a different range.

Puzzle #64
PrivKey Hex: 000000000000000000000000000000000000000000000000F7051F27B09112D4
Pubkey Compressed: 03100611c54dfef604163b8358f7b7fac13ce478e02cb224ae16d45526b25d9d4d
Address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN

Congratulations!!!
legendary
Activity: 952
Merit: 1386
September 06, 2022, 09:52:56 AM
You have 50% chance it is 2^256 and 50% chance it is less.
You have 25% chance it is 2^255 and 25% chance it is less.
You have 12.5% chance it is 2^254 and 12.5% chance it is less.
You have 6.25% chance it is 2^253 and 6.25% chance it is less.
etc.
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
September 06, 2022, 09:46:27 AM
Just out of interest.

If I was to create a bitcoin address randomly with Bitcoin Core, Would that be created in a particular higher keyspace - 8000000000000000000000000000000000000000...ffffffffffffffffffffffffffffffffffff ffff (2159...2160-1) for example? or higher? or could it be anywhere in the whole keyspace?

I would be comfortable to say it will at least be in the 254 to 256 bit range 99% of the time

You would have to intentionally create an address in the weak 160 bit range or below to be able to receive such weak address .. fun fact is though, even the strongest private key (256 bit) will generate an address that can be opened by another private key in the first 160 bit range .. good luck finding one of those copycats though
jr. member
Activity: 77
Merit: 7
September 05, 2022, 09:12:14 PM
Just out of interest.

If I was to create a bitcoin address randomly with Bitcoin Core, Would that be created in a particular higher keyspace - 8000000000000000000000000000000000000000...ffffffffffffffffffffffffffffffffffff ffff (2159...2160-1) for example? or higher? or could it be anywhere in the whole keyspace?
hero member
Activity: 510
Merit: 4005
August 31, 2022, 08:42:33 PM
Just use "report to moderator" button that's under the post, mods will find it much quicker than when you post it in a thread.
Yeah, I already do that. I've found the most reliable method (most likely to result in a ban) to be a double-barreled approach! Smiley

I first document the plagiarism in LoyceV's topic and then I use "Report to moderator" on the offending post and include a link back to my "report" post.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 31, 2022, 02:19:17 AM
He is stealing the post
Thanks for spotting, I've reported it here. So many post thieves lately, hopefully this one gets banned! Smiley

I hate being so suspicious, but your very first post on this forum being a plagiarism spot feels off to me. Are you stealing posts with one account and then "reporting" it with another to try and get some merit? Undecided

Just use "report to moderator" button that's under the post, mods will find it much quicker than when you post it in a thread.

It's pretty lame plagiarism though, links and emoticons were not copied.
hero member
Activity: 510
Merit: 4005
August 30, 2022, 10:42:30 PM
He is stealing the post
Thanks for spotting, I've reported it here. So many post thieves lately, hopefully this one gets banned! [update: user has been banned] Smiley

I hate being so suspicious, but your very first post on this forum being a plagiarism spot feels off to me. Are you stealing posts with one account and then "reporting" it with another to try and get some merit? Undecided
jr. member
Activity: 34
Merit: 1
August 30, 2022, 07:45:26 PM
I would like to present an interval ECDLP solver based on the Pollard's kangaroo method.
This program is fully open source and available on GitHub: https://github.com/JeanLucPons/Kangaroo
It has GPU support (CUDA Only) and works on both Linux and Windows.
This program is currently under development.

Thanks to test it and to share ideas of improvements here Wink
He is stealing the post
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
August 29, 2022, 11:01:33 AM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function
Thanks for the reply!

I'm missing something...So these addresses will have different public keys or not?

Can one private key control 2^96 different wallets?

For example when I import some random private key in Electrum wallet and click on "sweep funds" am I sweeping one wallet or 2^96 different wallets?

You simply got it backwards ..

 One private key does NOT open 2^96 addresses
instead,
 One address can be opened by 2^96 private keys

See the difference?
Yeah I get it thanks. Still the odds of finding one remain almost the same if you scan through 2^255
I wouldn't say that with 100% confidence .. any address that starts with the number "1" (i mean a p2pkh address) is prone to 160 bit range attack using private key cracking tools .. it is well known that this entire first 160 bit range has all addresses (including the 40+ millions with balance) .. this is the problem with hashing public keys .. coz you basically reduced cracking difficulty down from 256 bits to 160 bits .. however, this doesn't mean that bitcoin security got any loopholes .. just watch how only 64 bits are beating the hell out of all crackers trying to solve one address within it .. trying to go through the entire 64 bits, you would have to traverse 18 million trillion private keys .. this number is so huge that the average person will never hear about it in their lifetime coz most likely they will never need to .. ok going forward, getting out of this range and moving up one bit to 65 bit range .. is double that number .. keep doubling on every bit until you reach 160 bits and you would have to crack one quindecillion private keys .. in case you wonder, one quindecillion is a number consisting of 49 digits (1 followed by 48 zeros) .. no machine in our world is known to be able to even count through this whole range within like what, a million generations lifetime?  let alone trying to convert each pvt key to public key hash .. in simple words: practically impossible

Update: edited some wrong calcs.
newbie
Activity: 62
Merit: 0
August 29, 2022, 04:19:17 AM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function
Thanks for the reply!

I'm missing something...So these addresses will have different public keys or not?

Can one private key control 2^96 different wallets?

For example when I import some random private key in Electrum wallet and click on "sweep funds" am I sweeping one wallet or 2^96 different wallets?

You simply got it backwards ..

 One private key does NOT open 2^96 addresses
instead,
 One address can be opened by 2^96 private keys

See the difference?
Yeah I get it thanks. Still the odds of finding one remain almost the same if you scan through 2^255
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
August 27, 2022, 06:00:24 PM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function
Thanks for the reply!

I'm missing something...So these addresses will have different public keys or not?

Can one private key control 2^96 different wallets?

For example when I import some random private key in Electrum wallet and click on "sweep funds" am I sweeping one wallet or 2^96 different wallets?

You simply got it backwards ..

 One private key does NOT open 2^96 addresses
instead,
 One address can be opened by 2^96 private keys

See the difference?
newbie
Activity: 62
Merit: 0
August 27, 2022, 02:13:31 PM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function
Thanks for the reply!

I'm missing something...So these addresses will have different public keys or not?

Can one private key control 2^96 different wallets?

For example when I import some random private key in Electrum wallet and click on "sweep funds" am I sweeping one wallet or 2^96 different wallets?
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
August 27, 2022, 01:11:35 PM
a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .

For the public address (p2pkh) you perform the following two nested hash functions RIPEMD160(SHA256(public_key)) as far as I remember.

It doesn't spoil your further calculation too much, but the valid range for private keys is any 256-bit number from 0x1 to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140. Anyway, you're in the correct ballpark.  Wink
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
August 27, 2022, 12:05:04 AM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function

Couldn't have said it better .. in theory, there are enormous amount of private keys that open one single wallet .. i read somewhere that they found some collisions but were empty wallets .. however, there have been no claims about finding any UTOX with collisions .. although i tend to expect that even when found, it will never be announced .. it would hurt the technology and hurt bitcoin specifically
jr. member
Activity: 56
Merit: 26
August 26, 2022, 12:55:01 PM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?

Yes exactly and for a simple fact :

16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (and every other wallet address of this type) is encoded on 160 bits (and not on 256 bits like the majority of other crypto parameters in bitcoin protocol)
16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN is base58 encoded and is 3ee4133d991f52fdf6a25c9834e0745ac74248a4 (20*8bytes = 160bits) in hexadecimal
(
Unlike public keys that are encoded on 256 bits

a simple wallet address (p2pkh) is simply obtained by the function hash160(public_key)

So if you have the possibility to browse the entire 1-2^256 space and to compute the hash160 function for every hash160(public_key)  derived from 1-2^256 private keys you will find an average of 2^(256-160) = 2^96 public key with hash160=16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN .


But even if 2^96 seems big its far away smaller from 2^256. And it's pretty impossible to have a collision between two random public key in the using age of bitcoin.

But theoretically if you find any public key derived from a private key with hash160(public_key)=  '16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN' or = to any other non zero wallet address you will able to unlock the coins.

Because the verification in the bitcoin protocol to prove that you are the owner of the private key is simply "have you signed the transaction with the private key associated to a public key that gives 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (or any other target address) with hash160 function
newbie
Activity: 62
Merit: 0
August 26, 2022, 11:14:41 AM
So there are 2^96 different private keys in the entire 2^256 space that can "unlock" for example this address: 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN (Puzzle 64)? Can anyone confirm this?
newbie
Activity: 1
Merit: 0
August 23, 2022, 09:58:11 AM
Can anyone explain, there is any chance to use it in btc mainnet?
There is any vulnerability addresses in blockchain that can be hacked with kangaroo ecdlp solver?
Or it's nearly impossible to retrieve private key only from public key and outgoing transactions?

I tried with more than 45k public keys of top btc wallets but as i expected, months and months passed without a single private key retrieved .. because in such case you are searching the entire range of private keys using your public keys with kangaroo .. and no animal in the world could ever jump that high 😉
Did you use this Kangaroo tool? Because when I use it with multiple keys it doesn't pass to the next one if the previous key is not in the specified range. I don't know if it's only my problem or I should use a command or something.
member
Activity: 185
Merit: 15
Two things you should never abandon: Family & BTC
August 20, 2022, 11:08:21 PM
Can anyone explain, there is any chance to use it in btc mainnet?
There is any vulnerability addresses in blockchain that can be hacked with kangaroo ecdlp solver?
Or it's nearly impossible to retrieve private key only from public key and outgoing transactions?

I tried with more than 45k public keys of top btc wallets but as i expected, months and months passed without a single private key retrieved .. because in such case you are searching the entire range of private keys using your public keys with kangaroo .. and no animal in the world could ever jump that high 😉

You was searching 45k public keys at the same time with kangaroo?


kangaroo can search only one public key each time if have multiple pubkey setups first pubkey will be search
kangaroo can not search multiple keys in the same time because it is use pubkey that search to calculate multiply number for the search
if search multiple pubkey at the same time that means your kangaroo program or script will be worked by calculating multiply many key in the same time
JeanLucPons Kangaroo and another kangaroo in Github work by searching one key

first time I looking for kangaroo or other program that can search multiple pubkey in same time too but not have one becuase it is work by one pubkey search

I know all that ..for multi keys i never use kangaroo i use keyhunt BSGS mode .. it can search millions of pubkeys at a time but .. and that's a big but .. every single pubkey you add to the list, is gonna cut your speed greatly.. so it's a tradeoff .. but still, result is it would take eternity for you to calculate even a single key out of this .. like i said, tried for several months uninterrupted and got nothing .. nil .. zilch .. the 2^256 range is unimaginably large that even quantum computers would look like an infant trying to squeeze a mountain with its palm
member
Activity: 406
Merit: 47
August 19, 2022, 09:54:43 PM
Can anyone explain, there is any chance to use it in btc mainnet?
There is any vulnerability addresses in blockchain that can be hacked with kangaroo ecdlp solver?
Or it's nearly impossible to retrieve private key only from public key and outgoing transactions?

I tried with more than 45k public keys of top btc wallets but as i expected, months and months passed without a single private key retrieved .. because in such case you are searching the entire range of private keys using your public keys with kangaroo .. and no animal in the world could ever jump that high 😉

You was searching 45k public keys at the same time with kangaroo?


kangaroo can search only one public key each time if have multiple pubkey setups first pubkey will be search
kangaroo can not search multiple keys in the same time because it is use pubkey that search to calculate multiply number for the search
if search multiple pubkey at the same time that means your kangaroo program or script will be worked by calculating multiply many key in the same time
JeanLucPons Kangaroo and another kangaroo in Github work by searching one key

first time I looking for kangaroo or other program that can search multiple pubkey in same time too but not have one becuase it is work by one pubkey search
full member
Activity: 706
Merit: 111
August 18, 2022, 05:35:39 PM
Can anyone explain, there is any chance to use it in btc mainnet?
There is any vulnerability addresses in blockchain that can be hacked with kangaroo ecdlp solver?
Or it's nearly impossible to retrieve private key only from public key and outgoing transactions?

I tried with more than 45k public keys of top btc wallets but as i expected, months and months passed without a single private key retrieved .. because in such case you are searching the entire range of private keys using your public keys with kangaroo .. and no animal in the world could ever jump that high 😉

You was searching 45k public keys at the same time with kangaroo?
Pages:
Jump to: