Author

Topic: Searching (who am I kidding, crack) private keys using FPGA and mining chips (Read 1237 times)

newbie
Activity: 10
Merit: 0

3rd. The really cool idea is to start mining using your super algorithm. For less than a dollar, you'll make millions and revolutionize the industry! Most importantly, you don't need to learn FPGAs and true programming for that.


Mining?
Ossi you really have no clue what you're talking about.
Already after your first post one explained you where the difference between mining and key generating is.

Still don't get it?
newbie
Activity: 2
Merit: 0
The same Sad  User 'OssyRozenberg' has not chosen to allow messages from newbies. You should post in their relevant thread to remind them to enable this setting.
newbie
Activity: 1
Merit: 0
Running a ESP32 cluster
Could you stop posting foolishness in my thread?

Hi Ossy! Are You planning to sell this solution?
This is a private development with limited disclosure. Maybe later I'll be able to give more information.
Initially, it was an open source work. Send me a PM and I'll give you some early material.

Hey Ossy. Tried to PM you but unfortunately you don't accept PMs from newbies. Would you mind PMing me any material that would be helpful in the construction of a "treasure hunter" like yours? This sounds like an extremely fun project.
newbie
Activity: 26
Merit: 1
he wanted to sell us the FPGA

1st. I never sold anything. Or show me my offer.

2nd. I see no point in arguing with you about adruino (sic!) codes. My grandson uses arduino in school projects, you could discuss with him.

3rd. The really cool idea is to start mining using your super algorithm. For less than a dollar, you'll make millions and revolutionize the industry! Most importantly, you don't need to learn FPGAs and true programming for that.
newbie
Activity: 10
Merit: 0
Could you stop posting foolishness in my thread (sic!)

who is still (since years) posting here foolish ideas?
At the beginning he wanted to sell us the FPGA as the ultimate solution and now it's become ASIC after all.
This German guy is clearly a pro.

Here is a Bitcoin address generator running on ESP32 ... for just a few Dollar  Grin

// dev module default 4mb huge app partition

// output format: private key*compressed public key*counter

#include "secp256k1.h"
#include "secp256k1_preallocated.h"

uint8_t secret[32];
double life = 0;

void setup() {
  delay(1);     
  Serial.begin(115200);
}

void loop() {
    secp();
    life++;
}

// --------------------------------------------------------------------------------------------
void secp(){
  secp256k1_context *ctx = NULL;

  int res;   
  size_t len;
  size_t context_size = secp256k1_context_preallocated_size(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN);

  ctx = secp256k1_context_create(SECP256K1_CONTEXT_VERIFY | SECP256K1_CONTEXT_SIGN);

// generate random private key - full 8 bit range 0-ff
  for (int i = 0; i<32; i++) {
    secret = random(0,256);
  }

// computing corresponding pubkey
  secp256k1_pubkey pubkey;
  res = secp256k1_ec_pubkey_create(ctx, &pubkey, secret);

// serialize the pubkey in compressed format
  uint8_t pub[33];
  len = sizeof(pub);
  secp256k1_ec_pubkey_serialize(ctx, pub, &len, &pubkey, SECP256K1_EC_COMPRESSED);

    print_hex(secret, sizeof(secret));
    Serial.print("*");
    print_hex(pub, sizeof(pub));
    Serial.print("*");
    Serial.println(life);

  secp256k1_context_destroy(ctx);
}

// ---------------------------------------------------------------------------------------

void print_hex(const uint8_t * data, size_t data_len){
  char arr[3];
  for(int i=0; i    if(data<0x10){ Serial.print("0"); }
    Serial.print(data, HEX);
  }
}
newbie
Activity: 26
Merit: 1
Running a ESP32 cluster
Could you stop posting foolishness in my thread?

Hi Ossy! Are You planning to sell this solution?
This is a private development with limited disclosure. Maybe later I'll be able to give more information.
Initially, it was an open source work. Send me a PM and I'll give you some early material.
newbie
Activity: 2
Merit: 0
So, a long-awaited update of the calculating boards: https://ibb.co/hMxysrG
Hi Ossy! Are You planning to sell this solution?
newbie
Activity: 10
Merit: 0
Now it contains specialized hashing chips (ASIC). It is a little more expensive than mining chips, but faster. Power consumption is reduced to ~90W per device. This solution allows to use of passive convection cooling or simple external airflow.

And still no performance data  Grin

There is no need for FPGA/ASIC for secp256k1. Just use as many cores you can get.

90 Watt?
Running a ESP32 cluster will outperform this fancy "Schatzgraber".
ESP32 is 2 core 240MHz at 37mA for under 1 USD.





newbie
Activity: 26
Merit: 1
So, a long-awaited update of the calculating boards: https://ibb.co/hMxysrG

Google photos (I don't know why it is blocked here):
https://photos. app . goo . gl/5GkEsYtgRKTGMCUZA
old version https://photos. app . goo . gl/3zBWC2ZBXuMnWeZg6

Now it contains specialized hashing chips (ASIC). It is a little more expensive than mining chips, but faster. Power consumption is reduced to ~90W per device. This solution allows to use of passive convection cooling or simple external airflow.
At the same time, bitmine chips seem to be more common.
So, both solutions are valid.
newbie
Activity: 26
Merit: 1
I think there's an update. Follow the link: https://ibb.co/k8BQcph
Artix7 is used on the main board. Under the heatsink.

Satoshi is not saying that it will remain impossible.
In the WP, Satoshi proposed a core 2 duo CPU as the reference mining device. Industry has changed since then. But the core technology of bitcoin has not changed. And even if this changes, there will be compatibility with abandoned wallets that will never change in blockchain.
Think about it, we will use quantum computers and ancient keys as before generated from set of 2^160  Cheesy
full member
Activity: 233
Merit: 253
Searching (who am I kidding, crack) private keys using FPGA and mining chips

It is amazing, that Satoshi thought about it:

Back in 2010, someone is asking ...
Although extremely unlikely, what would happen if two Bitcoin clients generated the same Bitcoin address? Would payments be delivered to whichever client encountered the payment first? If there is a mechanism in place to prevent such collisions, please explain it.

And Satoshi is answering ...
...
If you were to intentionally try to make a collision, it would currently take 2^126 times longer to generate a colliding bitcoin address than to generate a block.  You could have got a lot more money by generating blocks.
...

Satoshi is not saying that it will remain impossible.

Thus, mining abandoned addresses is more profitable than mining new coins. Over time, the situation will change in this direction IMHO.
WBR, Ossy.
jr. member
Activity: 50
Merit: 3
I think there's an update. Follow the link:
https://ibb.co/k8BQcph
newbie
Activity: 26
Merit: 1
So a small historical digression into the ancient wallets movement*.
All wallets are created between 2009 - 2012, usually contain 50 BTC and never moved before.

2015-2020 May, 8 only.

1EdKmyzcyudUJofYxFpudCvvL3hCmX6S8a
1BbfhhMKs8Ax6pD7a6sjrJJ1ikj8FRDvB9
17NY72dwYaDWdRVixojtPB5RmEsJXxvBvY
1KecPAAih1o66XrxdNyFe388K2eqotMoLc
112qJLTCR3QGVyQ6RBH2765gw3gVozBhvU
152Qfxi5oJ84Ec2MVRZryyxeY2gbnhZAhc
168KmKMWPiD6zTPv5bBVXgRKu29ZegR4Ps
1724SVrgVffLtzDspyQ7HRjuARbevPRe3D

2019 June - Bitmain's chip vulnerability found.

2020 May - present day.

17XiVVooLcdCUCMf9s4t4jTExacxwFS5uh
1CKr6T5sG6uV8oGZH46W2zf8Uj7xB3kTqY
1o7JBP3aSnjR8Fq4AYu6fZVa752YeKp6q
1PzdZZ7J4UffQRbVUkcRjWvVCGxYGB9Dfp
19uJJJD5XtQ2VRCKahSehkdbKsAoJy39Nb
133YCWtjy5MgBEcPAPRCVmkbvmEQe8d6oA
14uQTyDtkSjurkN7piJo3XkzB2LNenkRz6
1Cq58tPadWqTnv2zU3TxZmRSV9XjpSLMew
12Rf4ep2H2eLBbzsqex4G4ajAvpy1HARPn
13KKUHYT2MPTdDkA6XAhFFxDQGDb1GgiFm
16hqbeAuVSmQxaEPA14q9qV3RhhdUYSAQX
16qxewbNQwHYdjQHx9HjEtxXaac9gvituH
16yevHBZG3LSEgMBnEJLhzhSVCd2j7nUXS
179s1AHXYrmzzchdLPaMYVX3qh8SvnhD3n
19Ghp4E3AMgbN62qN8osioaxCENGZWQeoU
19M9bCvvq7ndRs9qV4yuZMycwUYytNB2Xq
1Ad9fAZjGAH1vfL88LhJBSB7h9Dq68BWCu
1BS4NfZ3LtirYp9bJrihQn7QgAyixU3nJL
1BhRJqyS62Yzx4AXwGuN9UZnvp9JorVdfn
1DziNMP2JXwWcxNdqJ2BLy6QjmdmFYbxjx
1E6UhG329LfJ3SxEW7oetPnpq5NyW4pP2m
1HMZUnetUmjavpCUVaLUhyMqfJRciAw3jt
1HW8E6q52wBiMgKWxJpqCa2yGhuydyU1UF
1HcDMPfBVJynh8am1hkyWKfk9bXnS5T3Nz
1LTL4AeuxUFoT5Q2USG6j4KR5ZQTWu5KdJ
1MJFFMaZriohY3udf1buUqAHcdP1totNo5
1MPMsap53sW1c3GLycySHGNC8unWHpQKNL
1224C6udXxe5ZG4vCgyT6QoK6xB5C4xBhj
1GrNaEgRUc1NvqMPDRpcQTuAK4ccwW53Th
1P5XyzMsdAG3wVXFBDw5ZF5bKKceuKAymV
1BzvZCMrWzhi3hav8TvDvNeYZYhVEsi4vY
16ZVMa3QE6w4TMSp4fhZffwkmYEghyUF3B
1J5B9Ksc8NAYiYQZtAeCsnTKMuFpvWBGnA
17oHBjufGZCYB9UzMxT62cFkX5GaFSXquc
1CG7xb5H3fMpt8uRP9EAtP8PoP9zjjVFtS
1JtNKGQW5N9ZWuPS7PP15yFSUph762khn2
1QKNqersmGeFbCj8kd9N8zxr52pEjUUEiz
18FB9NKFEMNAuQfiytpH1tu9u4FvrcK1DA
1JnpGtF3F8sXUegxcxwugtzQ4Pyh1Qwry2
1GzuafWGso6L2PuCGuMYHNaGejV866JAmc
1G8yZ7ZBYmffDXXhG3bf36WoFG9g54zSZF
1V2VdzwdFS6izqHgSX16Wgq5pyQGnjWMj
14nV5B2FxoWtgSvDS4N3puii1pyuund4jz
16WhYuuoXx2RvDVn6uLAiUsZrF4GhDNLEe
17BThALE4nZ76uUG87BgF4C8theiGsQLNr
18T1No5pNmDZfSCMvLDzNKNHweQFPVHLyN
18sLtMhEFSqLGez73VYAY3NV34QukygG8G
18y7UT8VjT28VWeh3mSmF99xm2mBEDeLti
19YSWQueQYywqTLXsji2ZMuqap1AkqobzW
19xH51AGLMKGsKChDp38DRVQgSdFh3iMUh
1BtsLk3SZyqAwYDAXaJV6WRf28nzpTnjAP
1CvsLRmCZj9pUMb2AqganwkUkXnMDwiu1H
1DRofMEZhQd6JHmZrxrh5BDL6BwnqAihDh
1E6V8fWHqJNTtWq8NCv8GaGb2at119Js7B
1EQer6fMUjrq8QPDTktGJEMAvjwcK4gFAC
1HfCbNJ6JV4QeKfFFw7EdLKByYxneBspBa
1HgkSkWfZC1NCmN4ynNjPa5kEgAHyHVmWm
1KJg2TayyjXyubVg8icUXLkWaoSE5M4348
1LXSKJgpDPz9hqBPiTdHaM4avmEa7QnWMb
1Mim794Te79hABSj2HVFJcV2BxYnKTF9qD
1PPUdLVNUXJLiadUtjNcGYf1njzP7JTkJs
1PytY1Yg7uH3RFw2mZ1uhWd5ZfzVtk8WnX
1239hnHKzy6Bw7JTJHaeeE55RA1eeYzUkF
13m9rdLPeC9ugtxezxxzkbR7ZvqVeyoUPM
15Dx4cswPZ9tm97N9yrh6uqgLmZru3BKB8
15PJf2toEtmrfsXnopZv3JxDeYEWfquP5S
17KQKhXiMhtHjspvyLtdbWogSnnDfMXgeE
17u1CPmTsGadso2M76dk74rJ3VbpTUk9An
18NZeMVhUoBxYM89A19X6AfCzYsZEwGuM2
19Y2ZHU2hPKi2tSjZaKM6s5d33ytt2FKRM
19ZFzq5qkUSpmg5AoAXs38egDZrSb789jz
19nf62Jt6PuGrWP55oH1yCPwybJAabYcEZ
1AsUySXfuijqxTY1MjQf1jRXyuocZisEMQ
1BQQKYVM72VtViQbv3kVjgkexaHYNnDHzz
1BtUa7nZ5eztsztk3zwvjaQyWhb7GBcKa8
1C6sU3hG8JMHKj7ajYm6Wqghn7QaTAnGPB
1F2GosD8ftcXmPFvgVbHKHR8mh5DPEQ4CV
1Gm7vPCZsCG7EMKeXtpaoBMU4tzrUZbJ1r
1J2W2P774QqnhpBfacSuqKHeVLRv2qG8JE
1MqAnu21Pq5xtbT1UEfjQnpnGt6xm16WqR
1PCZnzs7kLFwjN4fJ44Zy9oZzsUxXg881W
1n5LQLKqUyS6DPRYXCMJnb5cwcpUr8JJm
17Fk6irmBLXcC6d4Dty9GbxVyVaAfiPjmd
1FKaEgoErzoBJiegKcxQSUSeBnna7VJsAi
1PnMnhdtWHAjAxmpbuA5pTzfbtuLRmYLdz
152w6rNt2xWUD5VFGp6utevqxFnwYYcd7b
1CiycPBiSU2gA536roas7ijsTzVQ9CyyVD
18BQd41ex2FJhsrbATuXpeePDPUsUCB8jt
15SpRiB8kXnJ2DME4GSGa7mHjTUAR8ciM1
1P7gtVWQdHdR7Ne81VoHs8QbMMPVk49E2H
19PjWBusY8Dd6oYb5hnPvA1YuQu1R82CQV
1FHti3e5Apzq8hf9yS5BXXetyhrTykbUoM
1G3rgj7Uv7aukePsdsp6Ef3JWMW3yPYQtr
15svZC2KDWaM5K2uqXBwvu4P73gbriDMmU
1NJgf235dsyVp6xfH3qNbfQX1DLq2PRTZh
1AEFS8s27coKMopmsPjeBeecEiVc74iXkM
1NxPnUoJ3HinAacVNRod3sTcBLvWt3hKGx
1MU5kHYHgKyLQVKTx8xAuyDN8Vwo5mDbjY

*The list contains only virgin wallets. There are a lot more opened old wallets.
If you have a piggy bank in an ancient wallet, it is strongly recommended to transfer your BTC to a modern multisig wallet.
newbie
Activity: 26
Merit: 1
Do you have a working prototype?
On the previous page.

Any Benchmark?
On the previous page.

How long to solve Puzzle #100?
You didn't know what question to ask and chose this one?.. Learn this site before: https://learnmeabitcoin.com/beginners/keys_addresses  Wink



newbie
Activity: 10
Merit: 0
Do you have a working prototype?
Any Benchmark?

How long to solve Puzzle #100?
newbie
Activity: 26
Merit: 1
newbie
Activity: 26
Merit: 1
bro,have any good news?
Everything is as usual. Silicon crisis, lockdown, missed deadlines. But the work continues.
legendary
Activity: 2170
Merit: 1789
bro,have any good news?
Even if he did, why would he share it with you? I suggest you stop hoping for people to crack a wallet and share the private keys in some public space. Might as well crack it on your own.

Oh, you should also stop posting in this thread and make a new one if you're interested in things like this. OP is nearly 2 years old.
newbie
Activity: 9
Merit: 0
bro,have any good news?
jr. member
Activity: 31
Merit: 5
One note about the "random" in generation of old wallets (until the middle of 2012).
The entire cluster below belonged to one owner. The entire cluster was generated at about the same time (two months). Just look at the wallets and answer me - is this random or not?  Roll Eyes

12Rf4ep2H2eLBbzsqex4G4ajAvpy1HARPn
13KKUHYT2MPTdDkA6XAhFFxDQGDb1GgiFm
16hqbeAuVSmQxaEPA14q9qV3RhhdUYSAQX
16qxewbNQwHYdjQHx9HjEtxXaac9gvituH
16yevHBZG3LSEgMBnEJLhzhSVCd2j7nUXS
179s1AHXYrmzzchdLPaMYVX3qh8SvnhD3n
19Ghp4E3AMgbN62qN8osioaxCENGZWQeoU
19M9bCvvq7ndRs9qV4yuZMycwUYytNB2Xq
1Ad9fAZjGAH1vfL88LhJBSB7h9Dq68BWCu
1BS4NfZ3LtirYp9bJrihQn7QgAyixU3nJL
1BhRJqyS62Yzx4AXwGuN9UZnvp9JorVdfn
1DziNMP2JXwWcxNdqJ2BLy6QjmdmFYbxjx
1E6UhG329LfJ3SxEW7oetPnpq5NyW4pP2m
1HMZUnetUmjavpCUVaLUhyMqfJRciAw3jt
1HUthdvt7ipCrxaFn4KBbAdhAN26CQt3dm
1HW8E6q52wBiMgKWxJpqCa2yGhuydyU1UF
1HcDMPfBVJynh8am1hkyWKfk9bXnS5T3Nz
1LTL4AeuxUFoT5Q2USG6j4KR5ZQTWu5KdJ
1MJFFMaZriohY3udf1buUqAHcdP1totNo5
1MPMsap53sW1c3GLycySHGNC8unWHpQKNL



You found the treasure.
newbie
Activity: 26
Merit: 1
What is the keys/second that you're getting from this setup, if you recorded this metric during testing?
Very much. About 3 orders of magnitude higher than the known solutions.
Additionally, we have developed our own chip. It should be much more efficient and fast. Or more efficient only  Grin
newbie
Activity: 26
Merit: 1
Note 2.
"It takes a million years to iterate over all combinations of private keys and get the first luck!"
1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm has a private key 0000000000000000000000000000000000000000000000000000000000000001  Roll Eyes
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
How was the progress of this? I have two farms with more than 6 thousand s9's.
This is being tested now. Some T9's do not want to work with our motherboard. This is a rare problem, but we want to understand why.
Don't throw your s9's, they might come in handy later  Wink

What is the keys/second that you're getting from this setup, if you recorded this metric during testing?
newbie
Activity: 26
Merit: 1
One note about the "random" in generation of old wallets (until the middle of 2012).
The entire cluster below belonged to one owner. The entire cluster was generated at about the same time (two months). Just look at the wallets and answer me - is this random or not?  Roll Eyes

12Rf4ep2H2eLBbzsqex4G4ajAvpy1HARPn
13KKUHYT2MPTdDkA6XAhFFxDQGDb1GgiFm
16hqbeAuVSmQxaEPA14q9qV3RhhdUYSAQX
16qxewbNQwHYdjQHx9HjEtxXaac9gvituH
16yevHBZG3LSEgMBnEJLhzhSVCd2j7nUXS
179s1AHXYrmzzchdLPaMYVX3qh8SvnhD3n
19Ghp4E3AMgbN62qN8osioaxCENGZWQeoU
19M9bCvvq7ndRs9qV4yuZMycwUYytNB2Xq
1Ad9fAZjGAH1vfL88LhJBSB7h9Dq68BWCu
1BS4NfZ3LtirYp9bJrihQn7QgAyixU3nJL
1BhRJqyS62Yzx4AXwGuN9UZnvp9JorVdfn
1DziNMP2JXwWcxNdqJ2BLy6QjmdmFYbxjx
1E6UhG329LfJ3SxEW7oetPnpq5NyW4pP2m
1HMZUnetUmjavpCUVaLUhyMqfJRciAw3jt
1HUthdvt7ipCrxaFn4KBbAdhAN26CQt3dm
1HW8E6q52wBiMgKWxJpqCa2yGhuydyU1UF
1HcDMPfBVJynh8am1hkyWKfk9bXnS5T3Nz
1LTL4AeuxUFoT5Q2USG6j4KR5ZQTWu5KdJ
1MJFFMaZriohY3udf1buUqAHcdP1totNo5
1MPMsap53sW1c3GLycySHGNC8unWHpQKNL
newbie
Activity: 26
Merit: 1
How was the progress of this? I have two farms with more than 6 thousand s9's.
This is being tested now. Some T9's do not want to work with our motherboard. This is a rare problem, but we want to understand why.
Don't throw your s9's, they might come in handy later  Wink



We also ordered a special SHA-256 chip (ACIC) for a personal device. It will be much more effective in a small volume. Additionally, we are losing our dependence on Bitmain chips.
Of course, if you have an Bitmain ASIC you have the chips by default. This problem does not concern you. But for making our own devices, it is difficult to buy new chips in large quantities...
newbie
Activity: 9
Merit: 0
How was the progress of this? I have two farms with more than 6 thousand s9's.
newbie
Activity: 26
Merit: 1
Also, are you only planning to use the ASIC chips to compute one SHA256?
I said earlier: the data must be prepared. For example, shifted by nonce (4-byte) and some other operations. The nonce should be loaded as well (is now a part of data). A golden nonce in Bitcoin mining is a nonce which results in a hash value lower than the target. What happens if the target == 0xFFFF....FF? Wink Right: any result will be returned.
There are several ways to generate keys. In some, you have to complete 100k SHA256 hashes (or 50k double hashes). This way allows to reduce the enumeration range, by the way.
Finally, which ASIC do you mean? There are many chips: https://en.bitcoin.it/wiki/List_of_Bitcoin_mining_ASICs
Only Bitmain has four actual chips right now. All chips are different, have different OCD paths, "some ASIC chip" does not exist.
newbie
Activity: 10
Merit: 0
I can only see this as a thread attempting to find someone greedy enough to PM OP and get scammed hard.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Did you test this setup yet? Also, are you only planning to use the ASIC chips to compute one SHA256? Because according to this https://bitcoin.stackexchange.com/questions/84616/how-specific-are-asics-design-can-they-single-hash-sha256 the way they are designed let's them only take a "fragment" of a double hash as input so they are unsuitable for computing single hashes.

So there's a lot of SHA256d hardware scrap lying around in the world but you need to wire logic gates and circuit boards together to create an ASIC that's designed for RIPEMD160(SHA256) and another kind for HMACSHA512. Unfortunately I don't think the ASICs used in bitcoin miners can handle those computations (keeping in mind the word ASIC is a generic term for hardware with logic gates optimized to do one function).

But I'd love to see benchmarks of SHA256 on your FPGA vs. a CPU and GPU. And also those of SHA512 and their HMACs while you're at it.
newbie
Activity: 26
Merit: 1
A bit update. The final version of PCBs are ready and sent to me. Hopefully it arrives before christmas...
FPGAs are already received  https://ibb.co/k8BQcph
This year viscous as jelly broke all plans and schedules...  Cry
newbie
Activity: 26
Merit: 1
A small calculation of effectiveness of using mining chips in bruteforce. Mining chips can greatly reduce the cost compared to FPGA-only solution.
S9 is capable of 14 TH/s (average). The main obstacle for bruteforce of HD wallets is 100.000 hashes. The chip does two hashes by default. In addition, it can load new data during hashing. Using cross-loading, this eliminates the load time losses. Thus, only 50.000 hashes need to be done without load time losses. How many wallets can hash this device? 280 M.wallets/s. S17 Pro can hash 1120 M.w/s.

In reality, the speed will be slightly lower because the hashboard is not designed to high speed communication (for maximum efficiency it is necessary to design ad hoc device). However, in just a few weeks many popular ASICs (T9/S9 etc) will become scrap. These are millions of free SHA-256 co-processors. Design a control board that can turn them into "seedpick" seems like a good idea.
ASIC's consumption will be halved (approximately) plus cascading to a pool. If you had a S9 farm this can be a powerful treasure hunt tool.

Let me remind I do not design a cracker. It will not be able to crack modern wallets. This is a forced restriction that I have programmed. If you have savings on old wallets (created until mid 2012 or started from "1"), just transfer BTC to modern ones and be safe. But abandoned wallets must be opened! As of January, out of the 18.14 million BTC that existed at that time, almost 60% had never moved.

After halving with the current price of Bitcoin treasure hunting becomes more profitable than mining. A rainbow table is valuable too, even if an address with a balance was not found.
Both in mining and in hunting, luck is at the basis. Finding a block using one ASIC is also difficult like finding a treasure with my device. But by combining the power we can do more. The pool is effective in both cases. Consider this factor when trying to calculate how long it will take to find the first treasure Wink

I would like to know the opinion of the community, will such a control board for the resurrection of bitmain scrap be interesting for ASIC's owners? https://ibb.co/pwPgTpG
newbie
Activity: 26
Merit: 1
newbie
Activity: 26
Merit: 1
I have MVP on my desk but you keep explaining to me how it works Smiley

SHA256 is the basic function of bitcoin used at all stages of its work. Mining chip is not a panacea but acceleration of this function speeds up the whole process. Of course this requires some algorithmic tricks. like a diagnostic codes for a one-time hash generation, adjustment of target to issuing each result, etc.

FPGAs can optimize computations very well. For example, it is known that SHA-512 is faster than SHA-256 on 64 bit machines. HMACSHA512 is not identical, but the optimization paths are the same. I do not ignore this stage - I do not see a problem on this stage.

Why did you decide that it is impossible to count HMACSHA512 as fast as a SHA256? FPGA counts only two stages out of many. I talked about the instruction pipelining in the first post in this sense. This eliminates downtime for the chips. Using a mining chip reduces the power and cost of equipment. This problem can be solved completely on the FPGA but it will be more expensive.

P2PK is changes everything Smiley This is a bit more combinations, but it also eliminates half of the heavy functions from the algorithm Smiley
Of course the same exhaustion method can be applied to P2PKH too.

Brain wallets are a classic example of a limited dictionary. The dictionary is limited to typical passwords from the list or simple words and phrases. Most brain wallets are encrypted with a combination of no more than three words, usually one. https://eli5.eu/brainwallet/detail/1PzYwVuTotg15ridCGNnAo8u3dr6bE2Yxy.html
English contains a little more than one million words. My device will complete enumerate them in a few weeks.

You say the right things such as "MD5 is safe", "cryptonight is ASICs resistant", etc. But from my point of view, you never programmed on verilog. It is not the same with .NET or PHP cryptography implementations Wink The bitcoin algorithm is well protected from reverse decryption. But against from exhaustive algorithm it is poorly protected. I repeat, security calculations are outdated and do not include the power of ASICs and FPGAs. Direct evidence now flashing LEDs to my eye Smiley
legendary
Activity: 3472
Merit: 10611
i am talking about the numbers you are posting here which are irrelevant. they are the number of double SHA256 hashes that miners can compute not the number of HASH160 that a chip can compute.
not to mention that your final number is way off the mark when you are talking about the combination of words in a 12 word seed. because it is not just about hashing, it is about converting that seed phrase to a BIP32 entropy which requires PBKDF2 (ie. a bunch of HMACSHA512 among other things) then performing the BIP32 steps which consists of first choosing a derivation path which is unknown to you and then performing a bunch of point multiplication and HMACSHA512 among other things to get the child private keys. then another point multiplication to get the public key and then hashing. you are simply ignoring all these very time consuming steps and focusing on one small hash.

As for deterministic keys (did you mean this?) "the number of private keys is unimaginably high". But most number of a real ancient wallets are P2PK Wink
using P2PK doesn't change anything. the protection of these outputs is based on the fact that converting a private key to public key is still an irreversible function with the current technology and will remain that way for at least another decade.

Quote
I did not know that LBC are scam. However, this is theoretically possible, as are brain wallets too. This is based on the finiteness of the dictionary.
it has nothing to do with the dictionary being finite, it is all about people who chose a weak set of words for their brain wallet that were too common and could be guessed easily. something like choosing "123", "qwerty" or "password" as your password.
newbie
Activity: 26
Merit: 1
Hello pooya87!
Pls explain what you mean "doesn't mean they are the same"? The SHA algorithm is defined at the standard level.
RIPEMD160 is just one of the key generation steps. For this I use FPGA. And for the curves too. I never suggested using a mining chip only. It just a co-processor.
As for deterministic keys (did you mean this?) "the number of private keys is unimaginably high". But most number of a real ancient wallets are P2PK Wink
I did not know that LBC are scam. However, this is theoretically possible, as are brain wallets too. This is based on the finiteness of the dictionary.
legendary
Activity: 3472
Merit: 10611
you are too confused about how things work!
first of all a bitcoin mining machine (ASIC) is computing an entirely different hash algorithm than the hash algorithm used in creating an address. just because you see the words "SHA" doesn't mean they are the same. one is SHA256(SHA256) and the other is RIPEMD160(SHA256). you can never use an ASIC to find HASH160 hashes.

secondly hash is not even the important part! the real "bottleneck" is elliptic curve point multiplication and the fact that the number of private keys is unimaginably high that even if you could build a dedicated machine to compute them and then have millions of them working day and night you still have to spend millions of years to cover a small portion of it.

by the way those two projects you named have nothing to do with hacking. LBC is mostly a scam project that has infected its users in the past and not to mention that is is designed to "solve a puzzle" that was created by someone intentionally for them to solve. and brainwallet is just taking advantage of the fact that some people in the past never listened to those warning them not to try and create their own private key with a weak self created entropy.
newbie
Activity: 26
Merit: 1
Happy New Year at all!

On this forum have repeatedly discussed ways to crack wallets in the Bitcoin blockchain. Typical hacking methods are key enumeration (LBC https://lbc.cryptoguru.org/about) and dictionary attack / brain wallets (https://eli5.eu/brainwallet/).
It is believed that breaking a wallet takes millions of years, but let me disagree. These calculations were done for household PCs.
In fact, there are only two bottlenecks. This is the key generation speed and the key verification speed.

Today, the mining chips make 71 Gh/s (BM1387). Bitfury Clarke is already 120 Gh/s. BM1391 produces 170-200 Gh/s, 1397 - already 440-500 Gh/s (in S17+). Do not forget that this is the speed of a double SHA-256 (SHA-256).
If we take the standard algorithm for addresses calculating (https://gobittest.appspot.com/Address) it is not difficult to notice that most of the steps are the same SHA-256 and SHA-256 (SHA-256). One RIPEMD-160 stage and several bit shifts. Is it possible to use the mining chip as a coprocessor when generating keys? Yes, it is possible, but more on that later.

The second bottleneck is checking the balance at the address found. The system should turn to the blockchain and make sure that there are bitcoins on the addresses belonging to the key pair. Compared to hashing speed, it is very slow.
The situation changes if you know a wallet or a private key with a balance. In this case, you should only verify a few bytes.

Armed with this knowledge, I assembled the simplest device based on the S9 hashboard and Cyclone IV FPGA evaboard. This works correctly and I was able to crack test wallets with a simple (low order) key.

Findings:
1. A hashboard is poorly suited for simultaneous computing. It is necessary to connect the chips in parallel, but not in a daisy chain.
2. It is necessary to organize the instruction pipelining in the FPGA for acceleration of calculations.

Now a little about the economy. Why is all this necessary?
I do not want to steal user funds. This is not possible in my system if your wallet is not generally known.
However, there are a lot of forgotten wallets in the blockchain. Some wallets contain thousands of bitcoins. And these wallets remain motionless for many years. You can consider this as a treasure, which has the right to change the owner, imho.

Take for example the Antminer S17e (64Th), whose current profitability is 0.5 btc/year.
The device contains 144 BM1397 chips with approximately 440 Gh at each.
We’ll make the calculation for a wallet protected by seed phrase with a 12-word. The English BIP39 dictionary contains 2048 words. With high probability the old wallet is encrypted in English (or Hex, lol).
((2048 ^ 12) / (144 * (440^9))) / (86400 * 365) = 1939618 years it will take one ASIC to search for all the combinations.
However, if we’ll track 10,000 wallets, then 1939618/10000 = 194 years to search for at least one match. And even if we have 100 ASICs, it turns out 2 years to search for at least one match (based on average luck).
These calculations are very simplified, but they show the order of numbers.

For 2 years, these same 100 ASICs will get 2*100*0.5 = 100 bitcoins. Provided there are no changes in the network’s hashrate and the power of ASICs (no).

At the same time, the difficulty of the seeds of abandoned wallets will never change.
And finding at least one wallet like 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF can pay for the mining of 100 ASICs for 1600 years. Their name is Legion 12ib7dApVFvg82TXKycWBNpN8kFyiAN1dr, 12tkqA9xSoowkzoERHMWNKsTey55YEBqkv, 1PeizMg76Cf96nUQrYg8xuoZWLQozU5zGW etc.

Thus, mining abandoned addresses is more profitable than mining new coins. Over time, the situation will change in this direction IMHO.

WBR, Ossy.

Update. 6 march 2020.
Pic1 - Structure
Pic2 - Algorithm
1. Defined prototype architecture.
2. The distribution of tasks is determined.
3. Alpha version of bitstream is tested.

Tasks are shared between mining chips and FPGA. In current configuration the prototype is capable to generate (and compare) up to 1500G keys (addresses) per second.
The current prototype is contains only 20 mining chips. After improving the technology computing power will be multiplied.
Jump to: