Pages:
Author

Topic: string value to search for private keys based on WIF (Read 359 times)

hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
What the OP doesn't want to see or realize is that some language words or combinations of them or even common syllabels already vastly limit the key space. It might be that they can't easily be guessed by an attacker but if you assume such a WIF characters scheme your attack space is already way smaller than a totally random private key. You're just bringing the proven deficiencies of brainwallets to WIF private keys for no reason.

Dear OP, if you think this is a good and safe method, no one here can prevent you from doing so yourself.

But stop telling this is safe. It isn't and multiple users have told you this.
hero member
Activity: 1220
Merit: 612
OGRaccoon
In your software, you're generating WIFs with custom characters at the beginning, like "5HpHahMyFirstBitcoinAddress" or "SatoshiNakamoto." While it may seem convenient to generate personalized WIFs, it actually reduces the overall key strength and poses security risks.

Bitcoin private keys are derived from a secure random number generator, ensuring their unpredictability and resistance to brute force attacks. However, by using custom WIFs with specific strings, you are essentially reducing the randomness and predictability of the keys.  Attackers who are aware of this custom format can optimize their search by focusing on keys that match the pattern you're using. They can generate WIFs with similar custom strings and systematically search for potential matches. This significantly weakens the security of the private keys generated using your software.

t's crucial to prioritize key strength and randomness to protect your assets.

Using standard WIFs generated from a secure random number generator ensures a higher level of security.

Remember, the strength of Bitcoin lies in its cryptographic algorithms and the randomness of private keys.

While it may be tempting to have personalized WIFs, it's essential to consider the potential risks and vulnerabilities associated with such customization.

It's always better to rely on proven methods and established security practices when it comes to handling private keys and protecting your Bitcoin.

All you are doing is introducing weakness to the key by doing this nothing more. It is no more practical to have a custom WIF than a vanity public key.

member
Activity: 77
Merit: 19
Red Flags.

1.  No repo for the code so no one can check how these are generated.
2.  Not a wise idea to generate WIF in this format easy to brute force.
3.  Looks like a bunch of "convincer" accounts trying to sucker people to use this.

Poor effort..
Must try harder.


Answer for 3: I do not understand , I'm trying to force anyone for use this. It is only showing that we can do a lot with this.
Answer for 2 : No if you do not know what kind "sentences is used" you can't brute force -I can put 0,5 btc on addres and give you a publickey then you can start "bruteforcing", if you will not get the BTC you send me 0,5 btc to my account. can we agree?

Answer 1: It is in pure python. I do not paste it yet to github. No have time.
hero member
Activity: 1220
Merit: 612
OGRaccoon
Red Flags.

1.  No repo for the code so no one can check how these are generated.
2.  Not a wise idea to generate WIF in this format easy to brute force.
3.  Looks like a bunch of "convincer" accounts trying to sucker people to use this.

Poor effort..
Must try harder.
member
Activity: 351
Merit: 37

exactly like this:
Code:
5KGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGNyai9d
but a with a mixed small and big letters.
it will be cracked by me then hehe
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
This is just what I don't understand, why do people think that randomization lacks security? Something that does not follow a deterministic pattern is more secure because it's less predictable, it's as easy as ABC. When you make something that follows predictable pattern can never be more secure, it breaks the law of randomization.
This really drives me crazy, why do you guys think that randomization is a bad practice?

Go ahead and use this. You've been warned multiple times. We can't stop you. But don't expect any sympathy when a bot scanning millions of such addresses each second (as is the case with brain wallets) clears out your funds.
I second this! My approach is to learn on someone's mistakes, probably OPs approach is to only learn on his own mistakes. Then let it be that way.
legendary
Activity: 3472
Merit: 10611
If you want to add a note about what your private key is for, then just add a note after the private key?
Why can't you use separate notes to accomplish that?
I don't disagree with this question which is why I said the idea itself is weird.
On the other hand, the solution I offered is only aiming to solve the main flaw in OP's idea that was reducing the key's security while making the assumption that there is a reason for having such a scheme. That is from purely a problem solving perspective.
legendary
Activity: 2268
Merit: 18748
If you randomize some words, it will be perfectly safe. it will be like seed phrase. It is secure.
No, it isn't.

Go ahead and use this. You've been warned multiple times. We can't stop you. But don't expect any sympathy when a bot scanning millions of such addresses each second (as is the case with brain wallets) clears out your funds.
member
Activity: 194
Merit: 14

Until someone brute forces millions of vanity-wifs and find one with a balance, which as described is trivial to do with modern computers.
You're so arrogant with security. Please avoid using that, you're going to harm yourself.

If you randomize some words, it will be perfectly safe. it will be like seed BTCphrase. It is secure.

When @OP reveal his source code, i'm going to make a vanity WIF with my name printed on it "GRSASA".

exactly like this:
Code:
5KGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGNyai9d
but a with a mixed small and big letters.

I gotta post the address then, and put 0.01BTC on it. I'll see then if it gets cracked or not. And if solve any of the 32BTC pzuzle, i gotta also put it in such a private key.

To prove to the community that its safe,
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
The thing is, nobody will ever know that this address belongs an vanity-wif, so thats why i consider it "Safe".
Until someone brute forces millions of vanity-wifs and find one with a balance, which as described is trivial to do with modern computers.

You're so arrogant with security. Please avoid using that, you're going to harm yourself.
member
Activity: 194
Merit: 14

Are you honestly asking how an attacker could possibly guess public information which could probably be gathered by anyone in the world in 60 seconds by looking at your social media profiles? Lol.
Well, Chances that the attacker is so smarty ass, as smart as Albert Einstein are currently pretty much ≈1 in 2^33 .

So you're better win 100 times the Lottery to be that smart for performing all those steps. Or you'd better need to know the past and the future. But its impossible

You could have put your crush's name, your grand's grandfather name or you could write memories, or anything or something about WW2 in your WIF. Nobody will ever be able to find out those words, because it will be exactly like seed phrase. Guys if you don't agree that its safe, i will delete my account here. You, just need to randomizes some words, other than that it's completely safe Smiley
legendary
Activity: 2268
Merit: 18748
The thing is, nobody will ever know that this address belongs an vanity-wif, so thats why i consider it "Safe".
"No one will ever know my address comes from a brain wallet, so I consider it safe." - the owner of every brain wallet, minutes before all their coins were stolen.

How on hell could attacker guess my whole family name?
Are you honestly asking how an attacker could possibly guess public information which could probably be gathered by anyone in the world in 60 seconds by looking at your social media profiles? Lol.
member
Activity: 77
Merit: 19
I'm agree with you.Smiley


hmm maybe some people here have WIFs generate in this way?Cheesy

I will prepare for github soon the code
member
Activity: 194
Merit: 14
The thing is, nobody will ever know that this address belongs an vanity-wif, so thats why i consider it "Safe".

I would love to create a WIF that is easy to remember, that has for example my family name on it. How on hell could attacker guess my whole family name? No way in a trillion years. To everyone now that disagree me again, here a kiss  Kiss
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
This has so many benefits
I honestly recognize no such things as benefits. "Not reducing the key's security" isn't a benefit. It's the normal state in cryptographic key pairs. Obviously, not reducing the key's security is something good, but it is quite obvious to have that security. I neither understand the rest you said. Why can't you use separate notes to accomplish that?
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
It's interesting as hobby project, although as other said people shouldn't use it to store their Bitcoin.

is any one able create for me web page ? I would like put the alorithm to webpage

I doubt anyone willing to do it for free. But how about storing it on GitHub repository or GitHub pages?

I don't know why many disagree on the posts i do....

At very least, the part 11 million is key could be brute forced quickly is definitely true. For example, check this VanitySearch benchmark https://bitcointalksearch.org/topic/m.50823897.

I will agree to disagree my agreement if a big mafia guy like Satoshi confirms that he's disagreed about the agreement that i agree with

Don't forget even "big mafia guy" could make mistake.
member
Activity: 194
Merit: 14
I don't know why many disagree on the posts i do....

I will agree to disagree my agreement if a big mafia guy like Satoshi confirms that he's disagreed about the agreement that i agree with

Anyways, no body asked you to have 4 randoms characters. I say at least, but from 10 characters, including checksums, you're safe for years.  Kiss Grin
copper member
Activity: 1330
Merit: 899
🖤😏
11 millions!
Take it easy tiger! 11 M keys takes less than a second for my laptop to find and there is hashcat, it can search all alphabet, numbers, symbols, all languages, dead or alive and when they take your coins, don't come here whining about it, lol.

Last year I talked about vanity private and public keys, it's more of a decorating nature, not that vanity public key is even possible.  But vanity private key is a bad idea, memorizing your wife or gf's birthday is the ultimate memory challenge for most men, let alone memorizing a WIF key.

It is not recommended, and it has no use really, because you can never show it off to people, the last 6 chars are nothing to worry about, it would take less than a second, the first 2 characters are limited, so you are too much vulnerable as it is.
legendary
Activity: 2268
Merit: 18748
AND they DONT even know the "Words" you used for Vanity-WIF. Are they in Capital letters? How many repeated words? Are they written in small letters etc etc
This is effectively a brain wallet. Literally hundreds of thousands brain wallets have been hacked and had their coins stolen because they are fundamentally insecure.

but still it would take hundreds of years to manually loop 11 millions time
This is just plain incorrect. Fairly modest hardware is capable of generating in excess of 5 billion keys per second. 11 million is literally nothing.

I find it a good idea to use Vanity-WIF, especially to manually remember the WIF
Remembering seed phrases is risky enough. Remembering individual private keys is another level of stupid.

BUT its still very safe to use.
You are wrong.
member
Activity: 194
Merit: 14
What are you talking about? The last 5-6 characters are a checksum, meaning you are only have 4 random characters? So you've just reduced the entropy of your private key from 2256 to 584, which is around 11 million, and could be brute forced in under a second.

Vanity private keys are a seriously dumb idea. No one should ever use this.

I DISAGREE!

Even with 4 characters as you said, it's still perfectly safe to have a vanity WIF. Let's say there are really 11 million combination left to find the address, still with this it's enough security for me. Because when you have an address, obviously no body will know your private key, so they won't even know that you have a vanity-WIF that is vulnerable for attacks and has only 4 Characters AND they DONT even know the "Words" you used for Vanity-WIF. Are they in Capital letters? How many repeated words? Are they written in small letters etc etc, Unless someone decides to search manually 11 Million times in Blockchain searching for random balance address, but still it would take hundreds of years to manually loop 11 millions time and would most likely not possible because they need to exactly know your Vanity-Words that you used for your WIF to be able to manually
search => There are millions of different words! AND they need to guess the correct word with the correct order. If they want to bruteforce the address, as i said they need to know that address actually has vanity WIF and its vanity-words, which is no way to know, so it's not possible and therefore it's definitely safe to have at least 4 random characters for vanity WIF.


I find it a good idea to use Vanity-WIF, especially to manually remember the WIF, if its written with words we like to remember and not random shitty characters that if we lost we don't remember anything of it.

Summary: It does indeed decrease the security of the key. BUT its still very safe to use. It;s like when you reveal your public key, you just reduced your security public key from 256 bits, to 128 bits. AND SO is with the vanity-wif!
Pages:
Jump to: