Topic: Pollard's kangaroo ECDLP solver - page 83. (Read 59389 times)

Pollard Kangaroo algorithm needs as input a public key and an interval for private key.

So... you don't use kangaroo without pub key.

One can get a public key from spent transaction, or early P2PK transaction.

Hello,
I was hoping someone would be kind enough to simplify what the program is doing. What I gathered was that it using the Kangaroo algo which essentially picking 2 random points at set intervals and checking for a collision. I think I started trying to read the start of this thread but was totally lost. I have 1 1080ti that I like to tinker with...have made vanity addresses, messed with Bitcrack for the 32btc puzzle but those were easy to understand. I dont like running things unless I learn something

Also I tried running it but the gpu never really started processing anything and couldnt make heads or tails of the output on the CMD

Any simplified explanation would be greatly appreciated so I can use that to then start learning more and tweaking , etc.

Thanks

Another one question:
I open dos in JeanLuc github at kangaroo, and see a data about 64bit, as he wrote there:
"""
Exemple with a 64bit key:

Kangaroo.exe -d 10 -s -w save.work -wsplit -wi 10 ..\VC_CUDA8\in64.txt
"""

I look at info:

Kangaroo v1.6
Start:5B3F38AF935A3640D158E871CE6E9666DB862636383386EE0000000000000000
Stop :5B3F38AF935A3640D158E871CE6E9666DB862636383386EEFFFFFFFFFFFFFFFF

what??)) is it real range or another decoding i need to do or what is it?

So...how do use a kangaroo without pub key?  What all of you looking for without it?

In case of your example you can't find the pubkey of the address 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN. That's because it is a Pay 2 Public Key Hash address. What you tried to do I guess is a base58 decode of the address. The tool at http://gobittest.appspot.com/Address might be of help to you fur understanding purposes. Just fill in the address in the last field and you will get the values all the way to the RIPEMD-160 of the hash of the private key. But since RIPEMD and SHA are hashing algorithms that will only work in one direction there is no way you can calculate the public key.

In case of a P2PKH address the public key becomes known when the address is used for an outgoing transaction. In that case for the unlocking script the public key has to be supplied and it will be checked if it hashes to the correct value. But in your case the address doesn't have any outgoing transactions so the public key is not known to anyone but the person who also has the private key.

How we can recieve a pub key?  try to do all without mistakes

i make a from address 16jY7qLJnxb7CHZyqBP8qca9d51gAjyXQN a pub 3EE4133D991F52FDF6A25C9834E0745AC74248A4 in hash 160, is it right or or everyone use some online stuff for it?

Yes I mean G as in the generator point which is equal to 1 in decimal but the code should allow for any address to be added I just used 1 for simplicity

[/quote]
Sorry, I had more questions but posted too soon.

Kangaroos...sounds like what you want they aren't necessarily kangaroos, just a 'brute force" type of jump. Start at pubk a, add increment to pubka to create pubk b, rinse and repeat. Each time a new pubk is created and 'visited' you want to convert that pubk to a BTC address and write both to a file. rinse and repeat all until a predesignated address is reached (end of range) or end after so many jumps. Anything I missed?


[/quote]

Thats exactly correct yes, consistently adding a specific key, converting output to address, then writing it to a CSV file. How would that look like in a Python code?

For Windows:

Example of input text document that contains ranges and public key you are searching for, let's call it/save it as input.txt:

1000000 = start of range
1FFFFFF  = end of range
03057... = public key you are searching for

Save the input text document in same folder as Kangaroo.exe

Kangaroo doesn't search for an address but a public key.

Can someone wrote how to start kangaroo in range? i try to make it via doc, but not understand... and not understand how it looking for address, where i must to write it?

when you say
you mean add +1 decimal to previous pubkey? The "G" is throwing me off
[/quote]

Yes I mean G as in the generator point which is equal to 1 in decimal but the code should allow for any address to be added I just used 1 for simplicity

[/quote]
Sorry, I had more questions but posted too soon.

Kangaroos...sounds like what you want they aren't necessarily kangaroos, just a 'brute force" type of jump. Start at pubk a, add increment to pubka to create pubk b, rinse and repeat. Each time a new pubk is created and 'visited' you want to convert that pubk to a BTC address and write both to a file. rinse and repeat all until a predesignated address is reached (end of range) or end after so many jumps. Anything I missed?

[/quote]

when you say
you mean add +1 decimal to previous pubkey? The "G" is throwing me off
[/quote]

Yes I mean G as in the generator point which is equal to 1 in decimal but the code should allow for any address to be added I just used 1 for simplicity

when you say
you mean add +1 decimal to previous pubkey? The "G" is throwing me off

Can someone please help me execute a simple concept in python?

I want to create a herd of wild kangaroos with steady jumps (+G for example or +1 in decimal) then convert it to address, and write the results into a CSV file, with a condition to break if the key at the end of the range is reached.  

I just started learning coding so excuse my ignorance. I'm aware it would take millions of years to solve anything with this and that other programing languages are more effective, I just want to experiment with the idea.  

What I was able to come up with for puzzle 120 for example is as follows
==========================

from cryptos import *
import csv

#The public key we want to solve for
PK ='04ceb6cbbcdbdf5ef7150682150f4ce2c6f4807b349827dcdbdd1f2efa885a26302b195386bea3f 5f002dc033b92cfc2c9e71b586302b09cfe535e1ff290b1b5ac'

#addition factor, in this case its G or +1 decimal
K ='0479be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798483ada7726a3c 4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8'

#addition process creating a wild kangaroo (this process needs to be looped to add K to the result over and over again)
X = add_pubkeys(PK, K)

#converting public key to address
addr = pubtoaddr (X)

#writing address to a CSV file
with open('WK.csv', 'w', newline='') as csvfile:

    thewriter = csv.writer(csvfile)

    thewriter.writerow(['address'])
    thewriter.writerow([addr])

#The break condition should be if address result = 1Cyj6SThgWdZWU6w75Rjf8V2bDiZds7AGo (end of puzzle range "ffffffffffffffffffffffffffffff")

=============================================

Any help is much appreciated

Thanks a lot.

If you talk about this wallet: https://www.reddit.com/r/Bitcoin/comments/1sc02w/make_sure_to_secure_your_paperwallet_against/
which image was recently sold on Russian forum here, then you were cheated.

https://bitcointalksearch.org/topic/m.54772780

Missing symbols: 15. Try 24986644000165536000 possible combinations

you need some cores for this matter, besides amazon and google, they will
be able to provide some cores for cheap. let it know if you try,

If you know start range, I think you can try repair with cangaroo. Make from you words what you have a private key, after use this private key as start or search range.... I think is easy repair 8-10 last symbols of privkey.

If no more information is available, then you'd need 2⁷⁰ operations. While searching for it, there would be about 2³⁸ false positives. Currently it's unfeasible.

Every bit of additional information would halve the time.

Here are some questions that might help you:
How missing are the missing characters?
Are they totally erased?
Are there some parts of them visible?
Are there parts which are known to be empty, and certain characters wouldn't fit there?
Was it handwriting or printed?
If it was printed - was it with monospace font?
Is there a QR code (or part of it) available as well?
Was it password-protected (BIP38, starting with "6P")?

I did not mean share the actual priv key, but the information you did give, tells me it is next to impossible...especially since you are missing the first characters. If it was only one section missing, the front, middle, or end, then it would be possible, but missing front and middle characters...that's a tough one. I do not know of any software that can regenerate front and middle, and as someone else stated, it would take quite a long time, if a software did exist.

Assuming you are talking about a WIF it is impossible to construct to a valid WIF when missing 13 characters and live to see the result.