Tool or method for finding public key of Bitcoin address

Airfin Same

newbie

Activity: 17

Merit: 1

Quote from: digaran on January 08, 2024, 05:05:15 PM

Quote from: AH00RA on January 08, 2024, 04:42:54 PM

i don't know if there is anyone here who has solved one of Satoshi's puzzles or not.

but let us
suppose we can find the private key of a puzzle.
will this key be enough to import the btc in a new wallet (like Electrum)??

or, in addition to the private key, will a two-step verification or multi-signature or something like this, be required?

It depends on which puzzle you have solved, if it's 66, 67 then you won't succeed with electrum, you'd need to either have a bot that automatically double spends the tx or talk with a large mining pool to privately include your tx in a block, because once 66 or 67 start moving on chain and having their public keys revealed, it would take seconds for looters to brute force the public key for the private key just to double spend your transaction and loot for free.

But if it's 130, 135 etc, go ahead and use electrum with Tor.
There is no multi signature etc.

how is this possible?
does it happens with keys 65 ,64,63

can you tell me how to avoid this using electrum if it possible

mjojo

newbie

Activity: 11

Merit: 0

Quote from: digaran on November 16, 2023, 12:11:34 PM

Quote from: ?? on ??

I have designed my own version in Sagemath + Python for find public key when we only knows "hash160 ripemd".

this is another solution but is not fast. and even when you will find , you only find one of 2**96 possibilites

Well all I can see is just talking, if you have a tool efficient in finding collisions then share it so we can judge it's performance, though I wonder why would you increase your search range like that? You'd probably never find a collision but searching in 66 bit range you will definitely find the key.

Quote from: AH00RA on November 16, 2023, 10:17:42 AM

ok.
brute forcing private keys of a btc ddress may take less than public keys but some codes need to work with pubkeys...
for example , keyhunt in bsgs mode, works faster than other tools in this case.
so this tool has an input file or single pubkey to work on it and find the privatekey .

Now for these puzzles (that have no output transactions) we have no pubkeys and we can not use bgsg mode of keyhunt.
is this correct ??

All the low range keys such as 65, 70, 75, 80, 85, 90 could be found fairly easily, e.g, if you had the public key for #66, it would take a minute considering you had a good gear using kangaroo, that's why they are all solved, now the biggest challenge next in line is #130, which will be solved probably in a few month from now.

Also note that when you are brute forcing to find rmd160, you are performing a sha256 + an rmd160 hashing with each iteration, so you'd get much less speed, but when you have a public key you can search much faster. But none of the existing tools are good enough, they are practically useless for high ranges.

Kangaroo and bsgs only work with public keys, both useless now.
Bitcrack vanitygen can search for address/rmd160, both useless now.
Don't waste time on addresses/rmd160, instead work on public key division.😉

hello Sir, I'm noob..just question how to find pub key? I just know to get that we must derivative from base58 => Ripe160 => sha256, I dont know if any method to find pubkey.. thank in advance

bane77

newbie

Activity: 17

Merit: 0

Quote from: release on December 29, 2020, 06:00:10 AM

Hi guys. Just wandering if their is a tool, script or method for finding the uncompressed public key of Bitcoin address. I have heard that you can if an addressed has sent funds. I haven't got a clue on how to find this information. Thanks

Maybe this can help: https://github.com/Mezantrop74/addr2pub

BTCW

copper member

Activity: 193

Merit: 255

Click "+Merit" top-right corner

Quote from: release on December 29, 2020, 06:00:10 AM

Hi guys. Just wandering if their is a tool, script or method for finding the uncompressed public key of Bitcoin address. I have heard that you can if an addressed has sent funds. I haven't got a clue on how to find this information. Thanks

Check out my simple and fast blockchain parser.

With some clever regex, it should be a walk in the park to list all public keys that have been exposed when spending.

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: AH00RA on January 10, 2024, 05:46:33 PM

Thank you for the answer.

as i understood, if my target is #130 and i have the private key, at the same time as importing to my wallet, looters will also start working,
but considering the range of the private key that they want to brute force and the time they spend on it, definitely "My transaction will be confirmed sooner and they or other bots don't stand a chance.

is it correct?

Yes, for any keys above 100 bit range, once you solve it, you will be safe to send it to your own address because looters won't be able to solve the key in time.
Only the puzzle 66, 67, 68, 69, 71, 72 up to 100 could be solved if their public keys were revealed. Easily.

Puzzles 130 and above are totally safe.

AH00RA

newbie

Activity: 5

Merit: 0

Thank you for the answer.

as i understood, if my target is #130 and i have the private key, at the same time as importing to my wallet, looters will also start working,
but considering the range of the private key that they want to brute force and the time they spend on it, definitely "My transaction will be confirmed sooner and they or other bots don't stand a chance.

is it correct?

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: AH00RA on January 08, 2024, 04:42:54 PM

i don't know if there is anyone here who has solved one of Satoshi's puzzles or not.

but let us
suppose we can find the private key of a puzzle.
will this key be enough to import the btc in a new wallet (like Electrum)??

or, in addition to the private key, will a two-step verification or multi-signature or something like this, be required?

It depends on which puzzle you have solved, if it's 66, 67 then you won't succeed with electrum, you'd need to either have a bot that automatically double spends the tx or talk with a large mining pool to privately include your tx in a block, because once 66 or 67 start moving on chain and having their public keys revealed, it would take seconds for looters to brute force the public key for the private key just to double spend your transaction and loot for free.

But if it's 130, 135 etc, go ahead and use electrum with Tor.
There is no multi signature etc.

AH00RA

newbie

Activity: 5

Merit: 0

i don't know if there is anyone here who has solved one of Satoshi's puzzles or not.

but let us
suppose we can find the private key of a puzzle.
will this key be enough to import the btc in a new wallet (like Electrum)??

or, in addition to the private key, will a two-step verification or multi-signature or something like this, be required?

AH00RA

newbie

Activity: 5

Merit: 0

ok.
thank you for your response.
i will take a look if you share the source.

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: ?? on ??

I have designed my own version in Sagemath + Python for find public key when we only knows "hash160 ripemd".

this is another solution but is not fast. and even when you will find , you only find one of 2**96 possibilites

Well all I can see is just talking, if you have a tool efficient in finding collisions then share it so we can judge it's performance, though I wonder why would you increase your search range like that? You'd probably never find a collision but searching in 66 bit range you will definitely find the key.

Quote from: AH00RA on November 16, 2023, 10:17:42 AM

ok.
brute forcing private keys of a btc ddress may take less than public keys but some codes need to work with pubkeys...
for example , keyhunt in bsgs mode, works faster than other tools in this case.
so this tool has an input file or single pubkey to work on it and find the privatekey .

Now for these puzzles (that have no output transactions) we have no pubkeys and we can not use bgsg mode of keyhunt.
is this correct ??

All the low range keys such as 65, 70, 75, 80, 85, 90 could be found fairly easily, e.g, if you had the public key for #66, it would take a minute considering you had a good gear using kangaroo, that's why they are all solved, now the biggest challenge next in line is #130, which will be solved probably in a few month from now.

Also note that when you are brute forcing to find rmd160, you are performing a sha256 + an rmd160 hashing with each iteration, so you'd get much less speed, but when you have a public key you can search much faster. But none of the existing tools are good enough, they are practically useless for high ranges.

Kangaroo and bsgs only work with public keys, both useless now.
Bitcrack vanitygen can search for address/rmd160, both useless now.
Don't waste time on addresses/rmd160, instead work on public key division.😉

AH00RA

newbie

Activity: 5

Merit: 0

ok.
brute forcing private keys of a btc ddress may take less than public keys but some codes need to work with pubkeys...
for example , keyhunt in bsgs mode, works faster than other tools in this case.
so this tool has an input file or single pubkey to work on it and find the privatekey .

Now for these puzzles (that have no output transactions) we have no pubkeys and we can not use bgsg mode of keyhunt.
is this correct ??

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: AH00RA on November 14, 2023, 09:42:36 PM

if we have only HASH160 then How to findout publickey (comprssd or uncomprssd) for that address ??

Since hash algorithms are irreversible, it is not possible to compute the message (public key in case of the output script you posted) from the hash digest.

digaran

copper member

Activity: 1330

Merit: 899

🖤😏

Quote from: AH00RA on November 14, 2023, 09:42:36 PM

thanks for your response.

if we have a transaction like this :
https://www.blockchain.com/explorer/addresses/btc/13zb1hQbWVsc2S7ZTZnP2G4undNNpdh5so

then we have just input in this wallet address but we do not see any output from wallet,
so we can not gain any 130 or 66 character pubkey from sigscript.

we have only pkscript like this :
Pkscript
OP_DUP
OP_HASH160
20d45a6a762535700ce9e0b216e31994335db8a5
OP_EQUALVERIFY
OP_CHECKSIG

i want to ask you ,
if we have only HASH160 then How to findout publickey (comprssd or uncomprssd) for that address ??

Well, a bite that big might choke you, first you need to grow some teeth before starting to chew. 😉

If you haven't figured out how these puzzles and in general Bitcoin works, whatever you are attempting is not going to work.
Now to answer your question, if an address has any output( sending out) then you can derive the public key by going to this site called Bitcointools.site in there you can insert address and if that address has any spent transaction recorded on block chain, it will show it to you.

Technically though, the only way to find that address's public key aka puzzle #66, you either brute force to find the private key or you'd try to break 2 hash functions to get the "public key". To reverse 2 hash functions, you'd need to at least brute force 2^81 different hashes, but brute forcing for private key would only take a maximum 2^66 key generation processes.

If by any chance you are from middle east, you might find your native language topic here :
https://bitcointalk.org/index.php?board=11.0

AH00RA

newbie

Activity: 5

Merit: 0

thanks for your response.

if we have a transaction like this :
https://www.blockchain.com/explorer/addresses/btc/13zb1hQbWVsc2S7ZTZnP2G4undNNpdh5so

then we have just input in this wallet address but we do not see any output from wallet,
so we can not gain any 130 or 66 character pubkey from sigscript.

we have only pkscript like this :
Pkscript
OP_DUP
OP_HASH160
20d45a6a762535700ce9e0b216e31994335db8a5
OP_EQUALVERIFY
OP_CHECKSIG

i want to ask you ,
if we have only HASH160 then How to findout publickey (comprssd or uncomprssd) for that address ??

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: release on December 31, 2020, 12:37:58 AM

Thanks that helps. The issue I am still having is that when a address sends btc and I look at the scriptsig and extract the last 130 hex characters and enter it it the tools suggested in this thread it doesn't have any relation to the address or it's an invalid public key.

As a worked example... have a look at this recent tranasction: https://www.blockchain.com/btc/tx/bee2768770f68a31543eda6fd40da75e4432f434cf8c3312497cdeebb4a2ac6c

If we look at the sigscript:

Code:

47304402200c794238b992fbdda63b1606edc07c5b48a29e003e7cf9d4894baa7baf3b063b022012ed8593d439dc05e3639d60434028e8b0a2207a139ec58bf5e719e019f09485012102ebb666614f5faff4aa43e5f1be868ebc5f1be67c8553924410d8d0111a9912d2

Firstly we try the final 130 chars:

Code:

8593d439dc05e3639d60434028e8b0a2207a139ec58bf5e719e019f09485012102ebb666614f5faff4aa43e5f1be868ebc5f1be67c8553924410d8d0111a9912d2

Doesn't begin with "04", so it's not an uncompressed key... not surprising, given that it is a relatively recent transaction and most legacy addresses used today will be using "compressed" keys.

Then we try the final 66:

Code:

02ebb666614f5faff4aa43e5f1be868ebc5f1be67c8553924410d8d0111a9912d2

"02", so it's likely a compressed public key... if we put that into the Address tool I listed earlier, we can see it outputs:

Which matches the bitcoin address from the transaction:

NOTE: This tool was not designed for "compressed" keys... it will complain that it has an "invalid public key length":

But it will still generate the correct address.

Now, let's look at this much older transaction: https://www.blockchain.com/btc/tx/b9d69463c500b81dc2ff600d0b528b15fb816c4dab11e424151de0bcbea7f26f

The sigscript of the first input is:

Code:

473044022018c35ebde490ca56f6d073a20ec3199f461ee9c99d2c020fdecd8711bdb9cc5802205fd0ce0f61ee2566cafd4254bc1d34a4fcf02d2a55c281a0a95a8c332bff2443014104f52193d56ffda6ef5fbc3b4ada7768c347321f47f1a999b0ca9b8374d8228275ee2c1ecf45c718538288667ad367f97a00116bd0630c76cc01f26161ce70057a

The last 130 chars are:

Code:

04f52193d56ffda6ef5fbc3b4ada7768c347321f47f1a999b0ca9b8374d8228275ee2c1ecf45c718538288667ad367f97a00116bd0630c76cc01f26161ce70057a

Starts with 04... quite likely an uncompressed public key... So, feeding that into the tool:

And we can see the address checks out:

pooya87

legendary

Activity: 3472

Merit: 10611

You will continue being confused and will face new problems any time you see a different transaction from the last one you saw when you jump in at the middle instead of starting at the beginning!
You should start by first understanding the structure of a transaction (https://developer.bitcoin.org/reference/transactions.html#raw-transaction-format) then follow it up by learning how bitcoin scripts work (https://en.bitcoin.it/wiki/Script) and finally start looking at transactions to try and find the public keys in them.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: release on December 31, 2020, 12:37:58 AM

The issue I am still having is that when a address sends btc and I look at the scriptsig and extract the last 130 hex characters and enter it it the tools suggested in this thread it doesn't have any relation to the address or it's an invalid public key.

Are you sure that it's an uncompressed key? Is it a bech32 or other forms of address type? Most of the keys are compressed public keys and you'll be looking at 66 hex characters or 33 bytes. Could you give an example of the transaction in question?

release

member

Activity: 184

Merit: 14

Thanks that helps. The issue I am still having is that when a address sends btc and I look at the scriptsig and extract the last 130 hex characters and enter it it the tools suggested in this thread it doesn't have any relation to the address or it's an invalid public key.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18748

Quote from: release on December 29, 2020, 07:16:01 AM

Ok I get that but the full public key is 130 characters. Is it the first 65 (X value)

A full public key is 130 hexadecimal characters, which corresponds to 520 bits. This is composed of the following three things concatenated (joined) together:

Code:

Prefix byte - always 04 for uncompressed public keys
x coordinate - 256 bit number (64 characters)
y coordinate - 256 bit number (64 characters)

A compressed public key is 66 hexadecimal characters, which corresponds to 264 bits. This is composed of the following two things concatenated together:

Code:

Prefix byte - either 02 or 03, depending on whether the y coordinate is even or odd respectively
x coordinate - 256 bit number (64 characters)

Because of the nature of the elliptic curve that bitcoin uses, each x coordinate can produce two valid y coordinates, one of which will be even and one of which will be odd. Knowing the x coordinate and whether y is even or odd allows you to calculate the correct y coordinate.

Quote from: HCP on December 29, 2020, 09:31:14 PM

This online tool will do it for you: https://gobittest.appspot.com/Address

If you don't care about the steps and just want the final result, then the link BlackHatCoiner shared above - https://iancoleman.io/bitcoin-key-compression/ - might be better, since it will automatically compress or uncompress your public key and provide both addresses.

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: release on December 29, 2020, 05:46:27 PM

Ok I think I have found how to do that now. How about a method to do the reverse (turn uncompressed public key into address)?

This online tool will do it for you: https://gobittest.appspot.com/Address

Just ignore the box labelled "0 - Private ECDSA Key"... and put the public key in the box labelled "1 - Public ECDSA Key" and then press "Send"... it'll show you the step by step guides and the address at the bottom... but the method is basically the same as BlackHatCoiner posted above:

1 - Public ECDSA Key

Code:

044F355BDCB7CC0AF728EF3CCEB9615D90684BB5B2CA5F859AB0F0B704075871AA385B6B1B8EAD809CA67454D9683FCF2BA03456D6FE2C4ABE2B07F0FBDBB2F1C1

2 - SHA-256 hash of 1

Code:

34D7F0FE7AFE22D2BE114044D87F928C7F9044B0F104696E51594890F38CCD15

3 - RIPEMD-160 Hash of 2

Code:

E4E517EE07984A4000CD7B00CBCB545911C541C4

4 - Adding network bytes to 3

Code:

00E4E517EE07984A4000CD7B00CBCB545911C541C4

5 - SHA-256 hash of 4

Code:

A3FEB7F37B0EC2B6C7E8B7F8C24C5A2F57FAD84BD56861EE5872B335C9F720D0

6 - SHA-256 hash of 5

Code:

532576DD2D179AD8377DEC7EA13D447D1345A857AA5A904B4ED4AC67B5888B75

7 - First four bytes of 6

Code:

532576DD

8 - Adding 7 at the end of 4

Code:

00E4E517EE07984A4000CD7B00CBCB545911C541C4532576DD

9 - Base58 encoding of 8

Code:

1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a

release

member

Activity: 184

Merit: 14

Ok I think I have found how to do that now. How about a method to do the reverse (turn uncompressed public key into address)? So I can verify that the public key I am gathering is correct.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: release on December 29, 2020, 07:16:01 AM

Ok I get that but the full public key is 130 characters. Is it the first 65 (X value)

I think it'll be easier to represent it in a transaction with an uncompressed public key.

Let's inspect this address: 1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a

TXID: 3410bc9f7671d30225678a870f8d695cad1af6f64b0a319a487d3b86540794ab
ScriptSig: 48

3045022100a9830934fffb69c597f68a1d5f5b6621a5d384ba4a4c81c316c08f652ed8036202206 cef70d41b95bfd53c6ee3cc0a69ab7c96d9a1ef18ffbf100505851ba53d266b01 - Signature

41

044f355bdcb7cc0af728ef3cceb9615d90684bb5b2ca5f859ab0f0b704075871aa385b6b1b8ead8 09ca67454d9683fcf2ba03456d6fe2c4abe2b07f0fbdbb2f1c1 - Public key.

Yes, you can interpret the last 130 characters (or 65 bytes) of a scriptsig as the public key. Clients generating uncompressed public keys are a rarity nowadays, given bech32 and the inefficiency of uncompressed public keys.

release

member

Activity: 184

Merit: 14

I am referring to addresses that have spent coins and therefore exposed public key.

BlackHatCoiner

legendary

Activity: 1512

Merit: 7340

Farewell, Leo

Quote from: release on December 29, 2020, 06:00:10 AM

Hi guys. Just wandering if their is a tool, script or method for finding the uncompressed public key of Bitcoin address. I have heard that you can if an addressed has sent funds. I haven't got a clue on how to find this information. Thanks

An address that has never spent any coins hasn't revealed its public key. Public keys are hashed multiple times to get our addresses. Specifically, these are the steps of how we end up with an address:

1) We generate a 256-bit private key.

Code:

18e14a7b6a307f426a94f8114701e7c8e774e7f9a47e2c2035db29a206321725

2) We, then, perform ECDSA to get our public key (compressed):

Code:

0250863ad64a87ae8a2fe83c1af1a8403cb53f53e486d8511dad8a04887e5b2352

(Compressed means only the x coordinate. We don't have to carry the y since it can be calculated from y² = x³ + 7. Since y² returns 2 different values, we use the prefix 02 or 03 in front of the compressed public key to determine if y is odd or even)

3) We hash that compressed public key with SHA-256:

Code:

0b7c28c9b7290c98d7438e70b3d3f7c848fbd7d1dc194ff83f4f7cc9b1378e98

4) After that, we perform RIPEMD-160 hashing to the SHA-256 result:

Code:

f54a5851e9372b87810a8e60cdd2e7cfd80b6e31

5) Add version byte in front of RIPEMD-160 hash (00 for Main Network):

Code:

00f54a5851e9372b87810a8e60cdd2e7cfd80b6e31

6) Again, SHA-256 to the previous result:

Code:

ad3c854da227c7e99c4abfad4ea41d71311160df2e415e713318c70d67c6b41c

7) We hash the SHA-256 result with SHA-256 again:

Code:

c7f18fe8fcbed6396741e58ad259b5cb16b7fd7f041904147ba1dcffabf747fd

8) The first 4 bytes of the last SHA-256 result is address' checksum:

Code:

c7f18fe8

9) Extend the RIPEMD-160 hash from part 5 with these 4 bytes:

Code:

00f54a5851e9372b87810a8e60cdd2e7cfd80b6e31c7f18fe8

10) Convert this to base58 and here you go:

Code:

1PMycacnJaSqwwJqjawXBErnLsZ7RkXUAs

[from bitcoin.it]

Got a little off-topic, but anyway. As far as I know, you can find the uncompressed public key from the scriptSig of a transaction (P2PKH address).

Quote from: release on December 29, 2020, 07:16:01 AM

Ok I get that but the full public key is 130 characters. Is it the first 65 (X value)

You can do it pretty easily here: iancoleman.io/bitcoin-key-compression. You can also convert compressed public keys to uncompressed with the equation I mentioned above.

release

member

Activity: 184

Merit: 14

Quote from: ranochigo on December 29, 2020, 06:22:37 AM

I actually posted[1] about this a few days back I think.

So the format of P2PKH sigscript is the signature followed by the public key. So basically, extract the sigscript, identify the signature and there should be a OP_Pushbytes_65 (since we're talking about uncompressed) which is 41 in hex. You should get the public key pertaining to that specific address.

You can probably write a script to separate and identify the public key pretty easily.

[1] https://bitcointalksearch.org/topic/m.55912788

Ok I get that but the full public key is 130 characters. Is it the first 65 (X value)

release

member

Activity: 184

Merit: 14

Any way that's available I just thought that getting it from sigscript was only way possible

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

I actually posted[1] about this a few days back I think.

So the format of P2PKH sigscript is the signature followed by the public key. So basically, extract the sigscript, identify the signature and there should be a OP_Pushbytes_65 (since we're talking about uncompressed) which is 41 in hex. You should get the public key pertaining to that specific address.

You can probably write a script to separate and identify the public key pretty easily.

[1] https://bitcointalksearch.org/topic/m.55912788

witcher_sense

legendary

Activity: 2464

Merit: 4415

🔐BitcoinMessage.Tools🔑

Quote from: release on December 29, 2020, 06:00:10 AM

Hi guys. Just wandering if their is a tool, script or method for finding the uncompressed public key of Bitcoin address. I have heard that you can if an addressed has sent funds. I haven't got a clue on how to find this information. Thanks

In essence, bitcoin address is a hash of public key. Given that hash function is a one-way function, there are no methods or tools exist to calculate it "back". When you send your bitcoins, you are signing a message with your private key and also reveal your public key, so that everyone in the network can verify that you actually have a private key, meaning that you have a right to spend coins.

release

member

Activity: 184

Merit: 14

Hi guys. Just wandering if their is a tool, script or method for finding the uncompressed public key of Bitcoin address. I have heard that you can if an addressed has sent funds. I haven't got a clue on how to find this information. Thanks

Topic: Tool or method for finding public key of Bitcoin address (Read 1387 times)