Topic: Public Adresses - when do they start to exist? (The art of coin destruction) (Read 1497 times)

It's just base-58 encoding plus a checksum

https://en.bitcoin.it/wiki/Base58Check_encoding

1BergmannsBitcoinGraveXYZ999ABC1 is not a valid address because the checksum is not correct

You need to first convert your base-58 string to hexadecimal, calculate the checksum, and convert it back base-58. Read https://en.bitcoin.it/wiki/Technical_background_of_Bitcoin_addresses

The calculation is tedious but a high school student should be able to do it.

thank you.

And how do you know "759d6677091e973b9e9d99f19c68fbf43e3f0" is bitcoineaterdontsen ?

If I wanted to created an adress

1BergmannsBitcoinGraveXYZ999ABC1 -- how could I do that?

I have answered this question many times, in many different ways. Address is just a special way to present an integer. There is no magic in it at all.

1111111111111111111114oLvT2 = 0000000000000000000000000000000000000000

1BitcoinEaterAddressDontSendf59kuE = 759d6677091e973b9e9d99f19c68fbf43e3f05f9

I "generated" the following one in 10 seconds which has never been used:

1BitcoinEaterAddressDontSents7VUGT = 759d6677091e973b9e9d99f19c68fbf43e3f0680

If you just want to generate an address like 1BitcoinEaterAddressDontSendf59kuE, you don't need ECDSA. ECDSA will not give you an address like 1BitcoinEaterAddressDontSendf59kuE before the death of our sun.

How can I run this? Is it on my system? I tried the prompt, it is annoying to type, it know "echo", but it doesn't know -xxd

(sorry, as I said, I don't know anything about coding and so)

edit: can someone explain how is it possible to find a public adress like bitcoineaterdontsend? It seems to me that this is the highest degree in the art of destroying bitcoins, so I want to explain how to do it (theoretically).

It's because after changing anything in the fist 21 bytes, you must recalculated the checksum (the last 4 bytes).


So the first line should be:

And then you get: 12kAovPuREtsCckGsZePjFfNMFaN1dsq7g - this one is valid.

Ok, I tried it

your code is


I just changed the first line and submited the code again


This created the adress

which is no valid adress ...

btw, one more question, something about high-school mathematics:
There are 62! possibilities to type a random sign-chain which matches the adress-formular (34 signs consisting of the alphabet, up and down, plus numbers 0-9)? This means it are

3.1469973 * 10^85 possibilites?

But it are just

16^40 (=2^160) possible public adresses, which are

1,461*10^48

So I need to try

5*10^36 times to randomly find a public adress?

[I want to write an article about the art of coin destruction, and I think this will be some kind of fun with cryptographic background]

I changed the code into the link to a webpage that can run the script for you.

Of course much easier is to use blockchain.info to evaluate all the 3 steps for you, from the random 20 bytes: https://blockchain.info/address/112233445566778899AA112233445566778899AA
But then you won't learn anything

Great! So I just have to variate a chain of 40 numbers with hexadecimal signs and search blockchain.info for it ... this is not completely self-made, but it's a good way to do it.

@piotr_n - thank you for the descriptions. Unfortunately I have zero experience with python or any other coding-software.

I don't know why you'd want to conduct such an experiment, but to achieve your goal, you do not need to read about ECDSA.

You do it like this:

1.
Pick up any random 20 bytes (e.g 112233445566778899AA112233445566778899AA) and put the version byte (00), in front of it:

2.
Calculate the check sum - run sha256 over the 21 bytes and then again over the result:
This will give you the double sha256 of the 21 byes:
The first 4 bytes (c1255966) is the checksum you need - just append it at the end of your previous 21:

3.
Use any base58 encoder to convert these 25 bytes (that represent a 200-bit big integer, MSB encoded) into a string.
For instance, you can do it with such a simple python script: http://codepad.org/mVzFVQpu (put the hex-encoded 25 bytes in the first line)
Executing the script above will output the base58 encoded string - that is a valid bitcoin address, for which most likely nobody knows a private key.


You can repeat this procedure for any random 20 bytes you can think of.
A chance of someone having a private key for 20 bytes that you'd choose randomly is always bigger than zero, but astronomically low.

In theory there is no single address that would not refer to a specific private key.
That's because the hash in the address is 200 bits long while a private key is 256-bits.
So statistically for each valid bitcoin address there are 2^56 matching private keys.

thank you. That's a great trick, I will use it

About 11111 and bitcoineater:

I somewhere read you need millions of years to find a public adress like bitcoineaterdontsend by random. So I am curious how it is done and I don't trust it to be a real coin-destruction.

1. buy a hexadecimal dice

2. throw 40 times

3. for example the result is 0123456789abcdef0123456789abcdef00000000, get the address from https://blockchain.info/address/0123456789abcdef0123456789abcdef00000000

4. the address is 171vsZ3PsK9vcyajd3FW1m2AfLzs68Z8o



The easiest way is send your bitcoin to 1111111111111111111114oLvT2 or 1BitcoinEaterAddressDontSendf59kuE

Thanks for all the great answers.


Yes, that's what I want. Just for experimentation. I want to destroy bitcoins without loosing the private key (that would be too easy), so I need an adress nobody has the priv key.

I think this thing gets complicated and I need to read something about ECDSA (thank you for the link).

I just tried by random to find something on blockchain.info with

0000001020000400000000000000010

but no, doesn't work.

If I find a never-used public adress and search for it on blockchain.info - do I find something? I think I should,

look here

1MrutCLR2raaijByukG9FSXhtPXaW8ue7L

Nobody will ever know the priv key for this adress, I just created it with brainwallet by randomly tipping a passphrase and closing the window (but that's too easy, as I said)

So - some easy step-by-step guide to find a public adress without the priv key?


--- this is for an article "How to destroy Bitcoins", and I think it leads quiet funny into cryptography

The mathematics is complicated - it takes quite a bit of knowledge to actually understand the whole process. If you want to start out I would suggest reading about ECDSA (as nearly all cryptography is based on that at the moment) and this article will give you a good insight to start with - http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/3/.

As to your second question, it's already been answered above - that address is considered valid (as the miner's do not care whether someone has the private key) but in all probability someone doesn't have it so it cannot be spent.

Ok, let me do it again

1. "Bitcoin address" is just a human readable expression of a number.

For example, my donation address 1CiZPrEJdN4FJcqdLdgVLzT8tgCXxT5ion is equivalent to the hexadecimal number 80857aaa19a17c0ef98fe525316ce131492a5c40; 1BitcoinEaterAddressDontSendf59kuE is equivalent to 759d6677091e973b9e9d99f19c68fbf43e3f05f9; 1111111111111111111114oLvT2 is equivalent to 0000000000000000000000000000000000000000


2. All integers from 0 to 2^160-1 are valid bitcoin addresses

So 0000000000000000000000000000000000000000 = 0 is a valid bitcoin address. Do you need a private key to generate a "0"? Obviously no.

The address (before getting 58 encoded)  is 25 bytes. First byte is always zero. Next 20 is the hash of a (hypothetical) public key.
The remaining 4 bytes is a checksum of the previous 21.
It's easy to brute force such strings to match a certain b58 text pattern.
Much more complex though is to generate random private keys, originate a public key from that and hashing the public key - bruteforcing such to meet a pattern takes much more time.

Yes, you can create a valid address without a private key, but you won't be able to spend from it.

Of course, this is a great simplification.

To be useful to you, you must have the private key.  Your wallet has this key in it when you generate a new address.  That is why it is so important to protect your wallet.

Now, when you generate an address in your wallet, the blockchain does not, and does not need to know anything about it.  You may publish your (public) address anywhere.  When someone sends funds to your address, they are actually encrypting a message that only the private key can decrypt.  That private message is inside the transaction and it ends up in the blockchain.  So, lose your wallet, the funds cannot ever be spent again, until a currently unlikely advance in mathematics or computation power takes place.

Bitcoin uses public key cryptography.  Public key cryptography is based on a pair of mathematics operations that are inverses of each other, but where 1 is relatively easy and the other is relatively hard.

An example is multiplication and division by 29.  It is much easier to multiply by 29 than it is to divide by 29, using pencil and paper.

To be useful in a situation where everyone wants to steal your money, it is important for the inverse operation to be very difficult.  

A way to do this was published in the early 1980s (RSA).  An article was published in Byte magazine explaining it, and that article has some flaws.  The copies of the article at many libraries that I visited were unobtrusively removed, and there were rumors that the NSA did not like this knowledge becoming public.  I am afraid respectful of the NSA.  I suspect they owned the black helicopter that flew over my house one day, but I could not see the N number.

Now, this information is public.  Please see WikiPedia.  Note well, that step "5. Determine d as d ≡ e−1" is not what you think it is, unless you have studied mathematics.

There is a worked example on that WikiPedia page.

Sorry, I don't understand the mathematics.
The BitcoineaterAdress - how was it created? Did someone created addresses to bruteforce the bitcoineater-public-adress?

Yes, but it's practically impossible to find the private key for it.

See - 1BitcoinEaterAddressDontSendf59kuE

Please read carefully: all integers from 0 to 2^160-1 are valid bitcoin addresses.