Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: Vanity addresses are unsafe - page 2. (Read 481 times)

bitmover
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Re: Vanity addresses are unsafe
August 18, 2020, 09:00:15 PM
#4
Quote from: o_e_l_e_o on August 18, 2020, 07:55:12 PM
There is nothing inherently different between trying to brute force a vanity address and a regular address. The fact that the first few characters have a pattern that humans recognize is completely irrelevant at a code level.

Exactly.

A vanity address generator is not a magical tool. It does the same that a wallet does: generates a new address from a private key.
However, the vanity generator will be generating private keys / addresses  pairs until it finds one that matches the text you are looking for.

If you software is safe, in an offline environment, it is safe.



somehow offtopic:
It would be amazing if there was a third party software for ledger nano / trezor that could generate vanity addresses from the hardware wallet seed. That would be much safer.
o_e_l_e_o
legendary
Activity: 2268
Merit: 18775
Re: Vanity addresses are unsafe
August 18, 2020, 07:55:12 PM
#3
Quote from: Lionel on August 18, 2020, 06:01:41 PM
All the addresses that begin with any keyword like "GIFT" or any business name like "bitstamp" are a very infinitesimal fraction of all possible addresses, so this attack is feasible for a moderately equipped hacker team.
There is nothing inherently different between trying to brute force a vanity address and a regular address. The fact that the first few characters have a pattern that humans recognize is completely irrelevant at a code level.

All the addresses which begin with "HQ3G" or "LdRc" are a similarly small fraction of all possible addresses as those beginning "GIFT". Given those two addresses have a combined bounty of $1.5 billion, why are there not thousands of "moderately equipped hacker teams" creating competing transactions trying to clear them out by now?

Vanity addresses will be insecure if you generate them on an online computer or use an online service to generate them for you, but they are not insecure simply because they have a particular string of characters at the start.


RHavar
legendary
Activity: 1463
Merit: 1886
Re: Vanity addresses are unsafe
August 18, 2020, 06:06:45 PM
#2
Before trying to educate people on something, you should make sure you know the subject matter yourself. In this case, you're exactly wrong. Assuming the vanity-address generating software is written correctly, a vanity address is no easier to brute force than any other address.

At it's most fundamental level, vanity address generation is just generating addresses in a loop until you find one that looks pretty and you use that.

A worked example: this is the ultimate vanity address:
Code:
1BitcoinEaterAddressDontSendf59kuE
  tell me the private key, and I'll give you 13.24 BTC.
Lionel
sr. member
Activity: 613
Merit: 305
Re: Vanity addresses are unsafe
August 18, 2020, 06:01:41 PM
#1
If i , with my humble PC, am able to generate a vanity address in reasonable time ...
then a team of hackers with a cluster of PCs can generate all the possible vanity addresses, and constantly monitor them for stealing the funds as soon as they receive a tx.

All the addresses that begin with any keyword like "GIFT" or any business name like "bitstamp" are a very infinitesimal fraction of all possible addresses, so this attack is feasible for a moderately equipped hacker team.
Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: