Pollard's kangaroo ECDLP solver - page 45.

wedom

jr. member

Activity: 48

Merit: 11

Quote from: studyroom1 on July 29, 2021, 04:19:33 PM

...
which script you used bro

If we are talking about

Quote from: brainless on July 06, 2021, 01:38:34 AM

for 10 bit down = 1024 pubkeys
for 20 bit down = 1024*1024 = 1048576 pubkeys
for 30 bit down = 1024*1024*1024 = 1073741824 pubkeys

then NotATether posted it several posts above:
https://gist.github.com/ZenulAbidin/286a652b160086b3b0f184a886ba68ca

If we are talking about

Quote from: brainless on July 06, 2021, 01:38:34 AM

1048576 and 1073741824 pubkeys with each other addition and mutiplication will return you 260 pubkeys apear where 16 pubkeys sure inside 10 bit down from main pubkey
these 260 pubkeys again played for get 30 bit down for 1/720 pubkeys

only Brainless knows this, it is his secret. I don't know if he told anyone about it

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: yoyodapro on July 29, 2021, 08:18:45 PM

my server has over 40TB of storage space and 3TB of ram, im also using the work split option on the kangaroo clients to keep the ram table low. each work file gets to about 3GB then saves to the harddrive freeing up the ram

Bro, maybe is more good variant for you downgrade bitrange of public key first, for example from 120 to 110 bits ? You get more public keys but get more chans for success I think.

Or I can give you my publick key, and I know part of privkey of 120 bit, and you can find a second part if you find a privkey for my publick key. Huh

p.s. If yo give me access to server like yours, I will find a 120 bit privkey in max 2 months. Message me if you interested.

say me privkeys for one of this publick key and I will provide you privkey for 2^120

0459072d8ff6febcfaf3ffed4ad9d46c80393afa17f70ffb2bbc1bab46f6acd46342693b1dac18b e1980a7b8a92fedcba8edce3d38941127290fc3ffbfce68bc1a

048491faa68191040f3426d04448eb03bccbe9bceefa4197a193fb7b83c9bd43f1537ed4ca73a8a fb6ab6ee963ff3b73804c94c021060fb2f3e0d43a786c417f54

04748e8cea5c8ac8218fa12fa15371b78cd2968487d764ce8d35150b3ff97fa58661febc68ecf87 34d2c5ecaec469f2afad60a52033302df31093b9769f3b7085d

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: BitcoinADAB on July 29, 2021, 08:27:52 PM

Quote from: yoyodapro on July 29, 2021, 08:18:45 PM

my server has over 40TB of storage space and 3TB of ram, im also using the work split option on the kangaroo clients to keep the ram table low. each work file gets to about 3GB then saves to the harddrive freeing up the ram

That sounds good.
But one should always know, that kangaroo is not deterministic.

Quote from: Jean_Luc on May 29, 2020, 07:39:51 AM

...
Anyway, I'm working on the merger to reduce memory consumption.
I added the plot of probability of success:

Quote from: Jean_Luc on May 29, 2020, 02:50:05 AM

Hi,

I did a small program to calculate chance of finding the key (without taking in consideration DP overhead) after a certain number or group operation.
Each value are the result of 100.000 trials so we can expect a precision of 0.3%.

0.5*sqrt(N) P=4.606 %
1.0*sqrt(N) P=17.162 %
1.5*sqrt(N) P=34.138 %
2.0*sqrt(N) P=52.314 %
2.5*sqrt(N) P=68.049 %
3.0*sqrt(N) P=80.350 %
3.5*sqrt(N) P=88.846 %
4.0*sqrt(N) P=94.103 %
4.5*sqrt(N) P=97.164 %
5.0*sqrt(N) P=98.746 %
5.5*sqrt(N) P=99.424 %
6.0*sqrt(N) P=99.752 %

I will increase accuracy and number of point and add a nice plot to the README of the Kangaroo program.

Kangaroo never stop if not found, if DP is wrong - no luck unfortunately, JeanLuck with 1 GPU make 1 Gkey/sec around. So if someone have a 40 petakeys per second hi work 40 time faster and hi have no server for hundreds of $, if someone deduct publick keys first, hi will be more like with expensive server.

BitcoinADAB

copper member

Activity: 76

Merit: 11

Quote from: yoyodapro on July 29, 2021, 08:18:45 PM

my server has over 40TB of storage space and 3TB of ram, im also using the work split option on the kangaroo clients to keep the ram table low. each work file gets to about 3GB then saves to the harddrive freeing up the ram

That sounds good.
But one should always know, that kangaroo is not deterministic.

Quote from: Jean_Luc on May 29, 2020, 07:39:51 AM

...
Anyway, I'm working on the merger to reduce memory consumption.
I added the plot of probability of success:

Quote from: Jean_Luc on May 29, 2020, 02:50:05 AM

Hi,

I did a small program to calculate chance of finding the key (without taking in consideration DP overhead) after a certain number or group operation.
Each value are the result of 100.000 trials so we can expect a precision of 0.3%.

0.5*sqrt(N) P=4.606 %
1.0*sqrt(N) P=17.162 %
1.5*sqrt(N) P=34.138 %
2.0*sqrt(N) P=52.314 %
2.5*sqrt(N) P=68.049 %
3.0*sqrt(N) P=80.350 %
3.5*sqrt(N) P=88.846 %
4.0*sqrt(N) P=94.103 %
4.5*sqrt(N) P=97.164 %
5.0*sqrt(N) P=98.746 %
5.5*sqrt(N) P=99.424 %
6.0*sqrt(N) P=99.752 %

I will increase accuracy and number of point and add a nice plot to the README of the Kangaroo program.

yoyodapro

jr. member

Activity: 50

Merit: 7

my server has over 40TB of storage space and 3TB of ram, im also using the work split option on the kangaroo clients to keep the ram table low. each work file gets to about 3GB then saves to the harddrive freeing up the ram

BitcoinADAB

copper member

Activity: 76

Merit: 11

Quote from: BitcoinADAB on July 29, 2021, 07:02:34 PM

Quote from: yoyodapro on July 29, 2021, 04:59:27 PM

I created a pool for Kangaroo, Puzzle 120(Full Range) DP 22, All kangaroos recorded by server so you can leave and rejoin at anytime.

With DP 22 you would need to store ~300,000,000,000 distinguished points to solve #120 and then comparing them.

Quote from: Jean_Luc on June 16, 2020, 03:00:26 AM

We (me and zielar) solved #115 after ~2^33.36 DP (DP25) (More than 300GB of DP). I do not know exactly how long the run takes due to unwanted interruption.
Cheesy

#120, DP22 -> ~10TB of distinguished points and then comparing them

yoyodapro

jr. member

Activity: 50

Merit: 7

Quote from: BitcoinADAB on July 29, 2021, 07:02:34 PM

Quote from: yoyodapro on July 29, 2021, 04:59:27 PM

I created a pool for Kangaroo, Puzzle 120(Full Range) DP 22, All kangaroos recorded by server so you can leave and rejoin at anytime.

With DP 22 you would need to store ~300,000,000,000 distinguished points to solve #120 and then comparing them.

And..? Lol

BitcoinADAB

copper member

Activity: 76

Merit: 11

Quote from: yoyodapro on July 29, 2021, 04:59:27 PM

I created a pool for Kangaroo, Puzzle 120(Full Range) DP 22, All kangaroos recorded by server so you can leave and rejoin at anytime.

With DP 22 you would need to store ~300,000,000,000 distinguished points to solve #120 and then comparing them.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: wedom on July 27, 2021, 04:21:29 AM

Does this help? Another transaction ID will be created with a different recipient address and with a higher commission. I just don’t remember whether the bitcoin core takes into account the spent of those transactions that are still in the mempool

Yeah it should be untouchable, child-pays-for-parent cannot divert the transaction unless the receiver has sloppily exposed their own private key that they are sending prize money to.

yoyodapro

jr. member

Activity: 50

Merit: 7

I created a pool for Kangaroo, Puzzle 120(Full Range) DP 22, All kangaroos recorded by server so you can leave and rejoin at anytime.

This server is open to the public however it is by invitation only. If you would like more info Please DM me or reply to my thread https://bitcointalksearch.org/topic/building-a-public-server-for-the-bitcoin-puzzle-transactions-kangaroobitcrack-5350839

Will be hosting a discussion soon about the fairest way to split the prize, but until then we still need to find the address!

studyroom1

jr. member

Activity: 40

Merit: 7

Quote from: brainless on July 06, 2021, 01:38:34 AM

" I got it down to 104 bits today, but with 32,000 pubkeys; better than the normal 2^16 normally required, but I can't figure out a way to shrink it down to one key... "

for 10 bit down = 1024 pubkeys
for 20 bit down = 1024*1024 = 1048576 pubkeys
for 30 bit down = 1024*1024*1024 = 1073741824 pubkeys

1048576 and 1073741824 pubkeys with each other addition and mutiplication will return you 260 pubkeys apear where 16 pubkeys sure inside 10 bit down from main pubkey
these 260 pubkeys again played for get 30 bit down for 1/720 pubkeys
now you can start to find with above tip

which script you used bro

wedom

jr. member

Activity: 48

Merit: 11

Quote from: ssxb on July 29, 2021, 05:24:02 AM

Quote from: brainless on July 06, 2021, 01:38:34 AM

" I got it down to 104 bits today, but with 32,000 pubkeys; better than the normal 2^16 normally required, but I can't figure out a way to shrink it down to one key... "

for 10 bit down = 1024 pubkeys
for 20 bit down = 1024*1024 = 1048576 pubkeys
for 30 bit down = 1024*1024*1024 = 1073741824 pubkeys

1048576 and 1073741824 pubkeys with each other addition and mutiplication will return you 260 pubkeys apear where 16 pubkeys sure inside 10 bit down from main pubkey
these 260 pubkeys again played for get 30 bit down for 1/720 pubkeys
now you can start to find with above tip

can you share script to do these calculations or explain a way please

How to reduce to 260 keys ... I've been looking for this method for almost 3 weeks. ))) I would also like a hint

ssxb

jr. member

Activity: 81

Merit: 2

Quote from: NotATether on July 29, 2021, 06:26:51 AM

Quote from: ssxb on July 29, 2021, 05:24:02 AM

can you share script to do these calculations or explain a way please

Again, if you go a few pages back you'll find a division script in Python.

Quote from: NotATether on July 04, 2021, 07:55:24 AM

This was previously posted in this thread but deleted for some reason, it's a snippet from iceland2k14's Github that divides a pubkey by an arbitrary number and returning all the parts in between. I polished it a bit to print the compressed and uncompressed keys: https://gist.github.com/ZenulAbidin/286a652b160086b3b0f184a886ba68ca

Here's the script output when called with a random (uninteresting - with no balance) pubkey, divided by 48. The keys divided by 0, 1, 2, 3 and so on are printed in order:

~snipped

once you use script and devide with 48 , my question is what range than i have to set to scan if i devide 48
and what about if i divide with 96 what range
and what about like odd number 55

ssxb

jr. member

Activity: 81

Merit: 2

Quote from: NotATether on July 29, 2021, 06:26:51 AM

Quote from: ssxb on July 29, 2021, 05:24:02 AM

can you share script to do these calculations or explain a way please

Again, if you go a few pages back you'll find a division script in Python.

Quote from: NotATether on July 04, 2021, 07:55:24 AM

This was previously posted in this thread but deleted for some reason, it's a snippet from iceland2k14's Github that divides a pubkey by an arbitrary number and returning all the parts in between. I polished it a bit to print the compressed and uncompressed keys: https://gist.github.com/ZenulAbidin/286a652b160086b3b0f184a886ba68ca

Here's the script output when called with a random (uninteresting - with no balance) pubkey, divided by 48. The keys divided by 0, 1, 2, 3 and so on are printed in order:

~snipped

consider me as child , i am just 16 year old and trying to learn things , can you please explain who to get lower keys with this script as @COBRAS said this is generating big number of keys

COBRAS

member

Activity: 873

Merit: 22

$$P2P BTC BRUTE.JOIN NOW ! https://uclck.me/SQPJk

Quote from: NotATether on July 29, 2021, 06:26:51 AM

Quote from: ssxb on July 29, 2021, 05:24:02 AM

can you share script to do these calculations or explain a way please

Again, if you go a few pages back you'll find a division script in Python.

Quote from: NotATether on July 04, 2021, 07:55:24 AM

This was previously posted in this thread but deleted for some reason, it's a snippet from iceland2k14's Github that divides a pubkey by an arbitrary number and returning all the parts in between. I polished it a bit to print the compressed and uncompressed keys: https://gist.github.com/ZenulAbidin/286a652b160086b3b0f184a886ba68ca

Here's the script output when called with a random (uninteresting - with no balance) pubkey, divided by 48. The keys divided by 0, 1, 2, 3 and so on are printed in order:

~snipped

NotATeater, your script not generate 260 pubkey, yours script generate 260 000. You remeber this ? And so, say how to transfrom yours 260000 to 260 ?

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: ssxb on July 29, 2021, 05:24:02 AM

can you share script to do these calculations or explain a way please

Again, if you go a few pages back you'll find a division script in Python.

Quote from: NotATether on July 04, 2021, 07:55:24 AM

This was previously posted in this thread but deleted for some reason, it's a snippet from iceland2k14's Github that divides a pubkey by an arbitrary number and returning all the parts in between. I polished it a bit to print the compressed and uncompressed keys: https://gist.github.com/ZenulAbidin/286a652b160086b3b0f184a886ba68ca

Here's the script output when called with a random (uninteresting - with no balance) pubkey, divided by 48. The keys divided by 0, 1, 2, 3 and so on are printed in order:

~snipped

ssxb

jr. member

Activity: 81

Merit: 2

Quote from: brainless on July 06, 2021, 01:38:34 AM

" I got it down to 104 bits today, but with 32,000 pubkeys; better than the normal 2^16 normally required, but I can't figure out a way to shrink it down to one key... "

for 10 bit down = 1024 pubkeys
for 20 bit down = 1024*1024 = 1048576 pubkeys
for 30 bit down = 1024*1024*1024 = 1073741824 pubkeys

1048576 and 1073741824 pubkeys with each other addition and mutiplication will return you 260 pubkeys apear where 16 pubkeys sure inside 10 bit down from main pubkey
these 260 pubkeys again played for get 30 bit down for 1/720 pubkeys
now you can start to find with above tip

can you share script to do these calculations or explain a way please

rage0920

newbie

Activity: 5

Merit: 0

does anyone know how to edit the work file..?? i was trying to solve key for 7 days straight and i let it run for 7 days straight and just now i indented another key and its saved in the same save.work file how do i retrieve my 7 days work ..?? please help

racminer

member

Activity: 245

Merit: 17

I remember sometime ago, I ran a full bitcoin node and I wrote a python script that interacts with bitcoin-cli which checked every second the balance for I think this wallet 1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV which pvk is known (empty space brainwallet). I've sent some fraction of bitcoin there and it was sucked up before my script reaction !
In fact, someone with programming skills can write a specific bitcoin-cli to scan a list of known wallets and move funds quickly.
check this https://www.blockchain.com/btc/address/1F3sAm6ZtwLAUnj7d38pGFxtP3RVEvtsbV

wedom

jr. member

Activity: 48

Merit: 11

Quote from: brainless on July 27, 2021, 03:14:56 AM

Quote from: racminer on July 27, 2021, 02:55:18 AM

Quote from: wedom on July 27, 2021, 12:30:08 AM

Quote from: racminer on July 26, 2021, 07:06:07 PM

Hi

1) Suppose I find pvk for puzzle #64
2) I import the bitcoin address 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN
3) I start a full fund transfer to another wallet
4) My transaction shows up in the blockchain (showing number of confirmations)
5) Once my transaction has been launched, the publickey is then visible.

My question is as follow:
Is it possible for someone using "Pollard's kangaroo ECDLP solver" to find the private key fast enough to be able to import the same address 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN and then launch a fund transfer
to a different wallet ? (before enough confirmation on my transaction and of course pay more gas fees than me)

Huh

Theoretically, it is possible. Since, if the public key 64 is known, then it will take several seconds to solve the problem.
Practically unlikely. No one will sit and wait for this key to appear. And it is not known if there will be a second blockchain

Upd. Only if you set a very low commission and the transaction freezes for a long time, then yes. This scenario is possible.
Hmm, we need to write a script that will track the mempool and immediately launch the kangaroo, search and immediately create a transaction with a higher commission. Joke )))

It is not a joke, such scripts exist ... It is not actually hard to do, just install a full node and the rest follows. It is easy to check that such watchdog-scripts are out there.

use electrum
in Tools >> transaction >> Use Replace-By-Fee
by default its checked
un check it
before create your transaction,
you will be safe

Does this help? Another transaction ID will be created with a different recipient address and with a higher commission. I just don’t remember whether the bitcoin core takes into account the spent of those transactions that are still in the mempool

Upd: Anyone with a little bitcoin can just do an experiment. From two identical wallets, send yourself first with a very low commission so that the transaction hangs for a long time in the mempool, and after a while (10-15 minutes) send the same coins from another wallet to another address, but with a higher commission.

Topic: Pollard's kangaroo ECDLP solver - page 45. (Read 60381 times)