I don't understand much about the technical stuff talked, but i'm worried the more recognition this gets, the more people (bad people) will try to replicate it in order to try to steal.
Topic: Thoughts on this private key stealing mystery - page 3. (Read 23050 times)
Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.
This can be done. Great idea.
This would require in real time, immediately after the theft, determining the relation between the private and public key, then deducing the private key, then sending a transaction with a higher fee.
That would be a program. It would have to be activated by a signal from the victim, and he would have to notice the theft pretty quickly and log the request.
I would note that there could be any number of algorithms each with a variety of constants which could be used to deduce the private key from the public key. Once the bad guys knew these counter attacks existed, they would go to more subtle algorithm.
Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.
This can be done. Great idea.
It can be done but can be abuse by some scammers if this feature will be made. It's like paypal, even if your transaction is legit the sender may open a ticket or dispute about the transaction. So this feature is still not advisable. Before, I was also wondering if we can get back the btc we sent, but now Im understanding well why it cannot be done.
Is it possible to create a similar "capture" program that simply captures and returns the btc back to the sender, along with some sort of message that can be used to flag the transaction? This way, over time, it will be easier to determine the source of the code.
This can be done. Great idea.
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread.What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
Your words make zero sense, stop replying me. Thank you.
Few moths ago I also found a site that looks like a directory of btc address private key which could be import to wallet, I try to pick random wallet keys there around 50-70 address out of thousands listed on the said site but no wallet has balance on them off course the one who listed the directory maybe had already withdraw all btc on those address I just think..lol
Is this the site you are talking about: http://directory.io/If so that is simply a web page that calculates a group of sequential private keys based on the "page number" and then calculates the two possible Bitcoin addresses for each of the private keys on the page.
Nothing special or new there.
Few moths ago I also found a site that looks like a directory of btc address private key which could be import to wallet, I try to pick random wallet keys there around 50-70 address out of thousands listed on the said site but no wallet has balance on them off course the one who listed the directory maybe had already withdraw all btc on those address I just think..lol
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread.What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
Nobody said they did.
Maybe it was a hacked wallet, or a key logger running on a computer whee the transaction occurred.
According to the facts of the OP I think it is safe to say that this was a dev of a company which implemented it into the code.
A malware would act different (f.e. Hardcode priv key's so nobody can recognize it)
If you did read the thread, then you must be smoking something good
Blockchain.info checked their code repository, these addresses are not generated from them.
It is well explained in the thread why it was not a hacked wallet. Because if someone hacked into the wallet, he was no need to import a "blockhash or txhash based address", just hardcode one will be good.
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
Nobody said they did.
Maybe it was a hacked wallet, or a key logger running on a computer whee the transaction occurred.
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread.What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
If you did read the thread, then you must be smoking something good
Blockchain.info checked their code repository, these addresses are not generated from them.
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread.What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified.
And soon there will be many more people trying to steal coins from that kind of addresses.
Not many.There are no more than a dozen people in the whole world who can create and
run such software. Keeping and updating in realtime the database is not simple and cheap task.
You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address"
1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple")
and count the sweep attempts here:
https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
(this block-explorer shows conflicting transactions)
Make that only a few million.... bitcoinj.org and a few 1000 lines of java and you are done. Only need a 5-50 gig leveldb database...
Maybe a few days work plus another few to test it and get the sweep to work...
Wow 
Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.
I am really excited to find out in which priv key generation code this thing is implemented.
hes really a genius and an expert in hes field,its one of a kind to find such discovery Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious.
I am really excited to find out in which priv key generation code this thing is implemented.
but what made me think is how many people in crypto can do this kind of key generating
code hacking,hope this one will alarm the authorities to make precautionary measures.
But regardless, super interesting find. I'm going to read up a lot more on this when I find some free time over the weekend.
first3 methods are nothing new, i saw the same methods in some video , posted here .
using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
Is there a way you can provide me with a link to that video. I would like to aquire some more information on this matter. using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread. first3 methods are nothing new, i saw the same methods in some video , posted here .
using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
What's the video link?
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
Very interesting technical story.
Luckily that in today's age, most generated keys are derived from a high degree of randomness...
Luckily that in today's age, most generated keys are derived from a high degree of randomness...
How do you know for sure?
Luckily that in today's age, most generated keys are derived from a high
degree of randomness, instead of easily guessable keywords / phrases
Sure? degree of randomness, instead of easily guessable keywords / phrases
Jump to: