Pages:
Author

Topic: Pollard's kangaroo ECDLP solver - page 41. (Read 59389 times)

member
Activity: 873
Merit: 22
$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk
August 28, 2021, 08:19:27 PM
Please remind me of the link to the script that allows you to convert the saved files(.ws) so that you can see the kangaroo's  data in a readable form ?

Thank you very mach
jr. member
Activity: 37
Merit: 1
August 28, 2021, 04:22:31 PM
Thank you for this great explanation!
How does this "Kangaroo program actually finds the private key from only the public key? isn't that impossible?
full member
Activity: 1162
Merit: 237
Shooters Shoot...
August 27, 2021, 10:37:16 AM
Hey guys can anyone help me? i'm noob to all this.


Start:10000000000000000
Stop :1FFFFFFFFFFFFFFFF
Range width: 2^64
DP size: 15 [0xFFFE000000000000]
[20.33 MK/s][GPU 0.00 MK/s][Count 2^33.38][Dead 1][10:02 (Avg 07:25)][12.4/37.8MB]
Key# 0 [1S]Pub:  0x0230210C23B1A047BC9BDBB13448E67DEDDC108946DE6DE639BCC75D47C0216B1B
       Priv: 0x1A838B13505B26867
Done: Total time 10:02
 / / / /
i got this small private key part (1A838B13505B26867) what is this exaclty? does this belongs to the public key i put in my work file?
another question also, does the private key starts with that 1A838B13505B26867. . . . or they mean it end at . . ..1A838B13505B26867 ?
Thank you guys for help.
Ok.
The Priv: 0x1A838B13505B26867 is the actual entire private key. You could also look at it as:
000000000000000000000000000000000000000000000001A838B13505B26867

and it is the private key of Pub:  0x0230210C23B1A047BC9BDBB13448E67DEDDC108946DE6DE639BCC75D47C0216B1B

Look at the start and stop range in your search:
Start:10000000000000000
Stop :1FFFFFFFFFFFFFFFF
and now the priv key:
priv  :1A838B13505B26867

So everything matches up. You searched in a range and found a private key in that range, by using the private key's pub address.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 27, 2021, 09:59:20 AM
i got this small private key part (1A838B13505B26867) what is this exaclty? does this belongs to the public key i put in my work file?
another question also, does the private key starts with that 1A838B13505B26867. . . . or they mean it end at . . ..1A838B13505B26867 ?
Thank you guys for help.

Exactly where in the private key is the fragment "1A838B13505B26867" located in?

You can only input beginning parts of public (edit: after re-reading the README it is actually supposed to be private) keys inside the Kangaroo input file, there is no way to search based on private key parts.
jr. member
Activity: 37
Merit: 1
August 27, 2021, 07:57:27 AM
Hey guys can anyone help me? i'm noob to all this.


Start:10000000000000000
Stop :1FFFFFFFFFFFFFFFF
Range width: 2^64
DP size: 15 [0xFFFE000000000000]
[20.33 MK/s][GPU 0.00 MK/s][Count 2^33.38][Dead 1][10:02 (Avg 07:25)][12.4/37.8MB]
Key# 0 [1S]Pub:  0x0230210C23B1A047BC9BDBB13448E67DEDDC108946DE6DE639BCC75D47C0216B1B
       Priv: 0x1A838B13505B26867
Done: Total time 10:02
 / / / /
i got this small private key part (1A838B13505B26867) what is this exaclty? does this belongs to the public key i put in my work file?
another question also, does the private key starts with that 1A838B13505B26867. . . . or they mean it end at . . ..1A838B13505B26867 ?
Thank you guys for help.
jr. member
Activity: 81
Merit: 2
August 16, 2021, 08:48:01 AM
compress to uncompress
Code:
import binascii

p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F

def decompress_pubkey(pk):
    x = int.from_bytes(pk[1:33], byteorder='big')
    y_sq = (pow(x, 3, p) + 7) % p
    y = pow(y_sq, (p + 1) // 4, p)
    if y % 2 != pk[0] % 2:
        y = p - y
    y = y.to_bytes(32, byteorder='big')
    return b'\x04' + pk[1:33] + y

with open('add.txt') as f:
  for line in f:
    line=line.strip()
    print(binascii.hexlify(decompress_pubkey(binascii.unhexlify(line))).decode(),file=open("uncomp.txt", "a"))

uncompress to compress

Code:
def cpub(x,y):
 prefix = '02' if y % 2 == 0 else '03'
 c = prefix+ hex(x)[2:].zfill(64)
 return c
with open('add.txt') as f:
  for line in f:
    line=line.strip()
    x = int(line[2:66], 16)
    y = int(line[66:], 16)
    pub04=cpub(x,y)

    print(pub04,file=open("comp.txt", "a"))




cool , will try it today
member
Activity: 330
Merit: 34
August 15, 2021, 06:13:49 AM
compress to uncompress
Code:
import binascii

p = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F

def decompress_pubkey(pk):
    x = int.from_bytes(pk[1:33], byteorder='big')
    y_sq = (pow(x, 3, p) + 7) % p
    y = pow(y_sq, (p + 1) // 4, p)
    if y % 2 != pk[0] % 2:
        y = p - y
    y = y.to_bytes(32, byteorder='big')
    return b'\x04' + pk[1:33] + y

with open('add.txt') as f:
  for line in f:
    line=line.strip()
    print(binascii.hexlify(decompress_pubkey(binascii.unhexlify(line))).decode(),file=open("uncomp.txt", "a"))

uncompress to compress

Code:
def cpub(x,y):
 prefix = '02' if y % 2 == 0 else '03'
 c = prefix+ hex(x)[2:].zfill(64)
 return c
with open('add.txt') as f:
  for line in f:
    line=line.strip()
    x = int(line[2:66], 16)
    y = int(line[66:], 16)
    pub04=cpub(x,y)

    print(pub04,file=open("comp.txt", "a"))

jr. member
Activity: 40
Merit: 7
August 13, 2021, 11:15:00 PM
i have a script to convert compressed keys to uncompressed

Code:
import binascii

p_hex = 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F'
p = int(p_hex, 16)
compressed_key_hex = '0250863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B2352'
x_hex = compressed_key_hex[2:66]
x = int(x_hex, 16)
prefix = compressed_key_hex[0:2]

y_square = (pow(x, 3, p)  + 7) % p
y_square_square_root = pow(y_square, (p+1)/4, p)
if (prefix == "02" and y_square_square_root & 1) or (prefix == "03" and not y_square_square_root & 1):
    y = (-y_square_square_root) % p
else:
    y = y_square_square_root

computed_y_hex = format(y, '064x')
computed_uncompressed_key = "04" + x_hex + computed_y_hex

print computed_uncompressed_key

 but i need script where i can convert uncompressed keys to compressed

i guess that will be pretty simple to make as we need to take x value and add 02 or 03 in front of x. right?

but need working code where i can upload file of uncompressed keys and get all compressed keys :p

edit:

i wrote these code to convert uncompressed to compress but output file is blank.

Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(line, file):
    x = int(line[2:66], 16)
    if len(line) < 70:
        y = bit.format.x_to_y(x, int(line[:2], 16) % 2)
    else:
        y = int(line[66:], 16)
    return Point(x, y, curve=curve.secp256k1)
    if (y % 2 == 0):
        prefix = "02"
    else:
        prefix = "03"
        hx = hex(x)[2:].zfill(64)
        hy = hex(y)[2:].zfill(64)
        file.write(prefix+hx+"\n") # Writes compressed key to file    
    

    
with open("1.txt", "r") as f, open("output.txt", "w") as outf:
    line = f.readline().strip()
    while line != '':
          pub2point(line, outf)
          line = f.readline().strip()

i guess something is missing or i am doing it wrong
full member
Activity: 706
Merit: 111
August 13, 2021, 06:08:58 PM
What are the requirements for using this, I'm using python 3 on windows and still getting errors.

Did you install fastecdsa and bit modules from PyPI first?  Huh

I finally got it to work for me, you're code, this one https://gist.github.com/ZenulAbidin/286a652b160086b3b0f184a886ba68ca
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 11, 2021, 03:18:14 AM
can some one explain x = (i * G)

so if G  = X: 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
               Y: 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

and i    = 11B

how we will calculate x? , i was unable to understand how can we do 2 lines hex G multiplication.

Basically, first you factor i in powers of two like this:

i = 11b = 3 (decimal) = 2 + 1

Then you calculate G, 2G, 4G etc using repeated point doubling and store the results (see https://en.bitcoin.it/wiki/Elliptic_curve_cryptography for the algorithm as well as the one for point addition), then you use point addition add these results depending on the factors of i above.
jr. member
Activity: 81
Merit: 2
August 10, 2021, 11:57:27 PM
can some one explain x = (i * G)

so if G  = X: 0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798
               Y: 0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8

and i    = 11B

how we will calculate x? , i was unable to understand how can we do 2 lines hex G multiplication.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 10, 2021, 05:21:05 AM
~snip

You should put both with statements on a single line so you can read them both at the same time:

Code:
#begin copy from my scipt
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)


def point2pub(R):
    if (R.y % 2 == 0):
        prefix = "02"
    else:
        prefix = "03"
    hx = hex(R.x)[2:].zfill(64)
    return hx

#end copy

def sub(hex1, hex2):
    P = pub2point(hex1)
    Q = pub2point(hex2)
    R = P - Q
    return R

with open("file1.txt", "r") as f1, open("file2.txt", "r") as f2:
    line1 = f1.readline().strip()
    line2 = f2.readline().strip()
    while line1 != '' and line2 != '':
          print(point2pub(sub(line1, line2)))
          line1 = f1.readline().strip()
          line2 = f2.readline().strip()    
    


Make sure you check the indenting, especially if you are pasting this to console since it will choke the interpreter.
jr. member
Activity: 81
Merit: 2
August 10, 2021, 12:48:52 AM
i managed to make this script to do the job but this one only doing subtraction for line 1 of file1 and line 1 of file2 , not doing subtraction for all lines .

maybe need to fix the code

Code:
with open("file1.txt", "r") as f1:
    line1 = f1.readline().strip()

         
def key1(line1):
    x = int(line1, 16)
    return (x)
     
     

with open("file2.txt", "r") as f2:
    line2 = f2.readline().strip()

   
def key2(line2):
    y = int(line2, 16)
    return (y)
   
def add(f1, f2):
    P = key1(line1)
    Q = key2(line2)
    R = P - Q
    hx = hex(R).zfill(64)
    print(hx+"\n")
   

add(f1, f2)
jr. member
Activity: 81
Merit: 2
August 09, 2021, 10:01:48 PM
need help in python

i have 2 files and each file have 32 lines hex values
so i want to

subtract line 1 of "file1.txt" with line 1 of "file2"
subtract line 2 of "file1.txt" with line 2 of "file2"

vice versa and print  output.
i am using code like this but don't know what i am doing wrong



Code:
with open("file1.txt", "r") as f:
    line = f.readline().strip()
    while line != '':
          hex1 = f.readline().strip()

with open("file2.txt", "r") as f:
    line = f.readline().strip()
    while line != '':
          hex2 = f.readline().strip()
   
   
def add(file1.txt, file2.txt):
    P = (hex1)
    Q = (hex2)
    R = hex(P - Q)
    hx = hex(R).zfill(64)
    print(hx)
   


i am not sure but surely @NotATether is hero here , he will help you out
jr. member
Activity: 40
Merit: 7
August 09, 2021, 01:53:15 PM
need help in python

i have 2 files and each file have 32 lines hex values
so i want to

subtract line 1 of "file1.txt" with line 1 of "file2"
subtract line 2 of "file1.txt" with line 2 of "file2"

vice versa and print  output.
i am using code like this but don't know what i am doing wrong



Code:
with open("file1.txt", "r") as f:
    line = f.readline().strip()
    while line != '':
          hex1 = f.readline().strip()

with open("file2.txt", "r") as f:
    line = f.readline().strip()
    while line != '':
          hex2 = f.readline().strip()
   
   
def add(file1.txt, file2.txt):
    P = (hex1)
    Q = (hex2)
    R = hex(P - Q)
    hx = hex(R).zfill(64)
    print(hx)
   
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 09, 2021, 10:48:21 AM
What are the requirements for using this, I'm using python 3 on windows and still getting errors.

Did you install fastecdsa and bit modules from PyPI first?  Huh
full member
Activity: 706
Merit: 111
August 09, 2021, 10:20:13 AM
In that case this should do the trick:


EDIT NUMBER 3: THIS VERSION ACTUALLY WORKS USE THIS ONE

Code:
from fastecdsa import curve
from fastecdsa.point import Point
import bit

G = curve.secp256k1.G
N = curve.secp256k1.q

def pub2point(pub_hex):
    x = int(pub_hex[2:66], 16)
    if len(pub_hex) < 70:
        y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
    else:
        y = int(pub_hex[66:], 16)
    return Point(x, y, curve=curve.secp256k1)



# This function makes all the downscaled pubkeys obtained from subtracting
# numbers between 0 and divisor, before dividing the pubkeys by divisor.
def shiftdown(pubkey, divisor, file, convert=True):
    Q = pub2point(pubkey) if convert else pubkey
    print(Q, 'QQ')
    # k = 1/divisor
    k = pow(divisor, N - 2, N)
    for i in range(divisor+1):
        P = Q - (i * G)
        P = k * P
        if (P.y % 2 == 0):
            prefix = "02"
        else:
            prefix = "03"
        hx = hex(P.x)[2:].zfill(64)
        hy = hex(P.y)[2:].zfill(64)
        file.write(prefix+hx+"\n") # Writes compressed key to file

factor = 32

with open("input.txt", "r") as f, open("output.txt", "w") as outf:
    line = f.readline().strip()
    while line != '':
          shiftdown(line, factor, outf)
          line = f.readline().strip()

This is for all keys in one file, I technically *could* script the case of one set of shifted keys per file, but then it requires an argc/argv switch to toggle the one you want and implementing that will bloat the code size Tongue



EDIT: I had posted an older version of the script which people complained had a bunch of errors, admittingly I did not test this version with the file input since the base script was already "bug free" I thought these should be straightforward changes... well now I know  Embarrassed

After some proper testing, I got rid of a bunch of artifacts from older script versions that were triggering lint errors, and the result is posted here, above.

What are the requirements for using this, I'm using python 3 on windows and still getting errors.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 09, 2021, 10:04:23 AM
Hi. Can you explain how you can learn the upper bits by knowing the range?

If you know that a key will be less than and greater than a maximum and minimum, it limits the values that the higher bits can have (else it wouldn't fit in that range, now would it  Wink)

For example, say that you know that a private key is between 115 and 120 bits long. That automatically means, since private keys are 256 numbers, that the bits after the 120th one (assume 1-based counting for simplicity) are all zero.

Because the ranges in these puzzle addresses are only ever going to be between (range-1) and range bits (i.e. that particular bit will always be set), it is straightforward to determine the higher bits that are zero or in a certain range like 0 to 4 (hex number values), 0 to C, etc. that's what makes brute-forcing possible.
jr. member
Activity: 38
Merit: 1
August 09, 2021, 09:45:06 AM
Just silly question  Grin

is it possible to know this public key is from this range? like 110 or 115?

is there any way to identify?

No, otherwise you would be able to find the upper bits of every private key in existence.


Hi. Can you explain how you can learn the upper bits by knowing the range?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
August 09, 2021, 07:07:59 AM
 can some one please let me know meaning of this line
Code:
y = bit.format.x_to_y(x, int(pub_hex[:2], 16) % 2)
in my understanding
it is saying Y = change x value to Y in binary or multiply pub_hex bla bla . really confusing

 Roll Eyes


It just calculates the Y point from the X point and the polarity of Y (compressed to uncompressed public key).

The [:2] is necessary to get the "02" or "03" at the beginning so we can convert that part from hex to int, then we use "% 2" to check if it represents odd or even Y.

fastecdsa can't work with compressed points, so we have to convert them to uncompressed points first.
Pages:
Jump to: