Will
Topic: Vanitygen: Vanity bitcoin address generator/miner [v0.22] - page 191. (Read 1152778 times)
sucks to have a name with illegal base58 characters in it
Will
Will
What entropy sources it uses?
It uses linux time() (measured in seconds) and process PID when EC_KEY_generate_key() is invoked.
This method sucks! Snuff the weak source of entropy is the favourite side attack for a half-skilled hacker.
Use at least /dev/random And consider pick random bits from hotbits and random.org.
Hi,
great job! I am still running that bash script for a couple of days and it hasn't found a simple ^1Abcd type of address yet.
Thanks a bunch for this!!! At first I was unable to compile the source, but I found out which package to install for PCRE support: libpcre3 and libpcre3-dev.
It's testing away now with 10,000 keypairs a second. Wow, this really could get me hooked on trying out OpenCL coding, if only I had the time...
great job! I am still running that bash script for a couple of days and it hasn't found a simple ^1Abcd type of address yet.
Thanks a bunch for this!!! At first I was unable to compile the source, but I found out which package to install for PCRE support: libpcre3 and libpcre3-dev.
It's testing away now with 10,000 keypairs a second. Wow, this really could get me hooked on trying out OpenCL coding, if only I had the time...
It would be interesting to have an estimated time of finding a match, based on the rate.
I have a system with 2 CPUs. According to the CPU usage applet, the original bitcoind + vanity patch uses both CPUs, but vanitygen seem to use only one.
Unfortunately I'm unable to provide a fix, sorry.
Unfortunately I'm unable to provide a fix, sorry.
I've just pushed a bugfix, and can't reproduce the problem now. Could you try again?
Yep, imported keys show up immediately in the GUI now. Thanks sipa!
Waiting for the first GPU vanity address miner.
What entropy sources it uses?
It uses linux time() (measured in seconds) and process PID when EC_KEY_generate_key() is invoked.Code:
openssl-1.0.0d/crypto/bn/bn_rand.c:144
time(&tim);
RAND_add(&tim,sizeof(tim),0.0);
EC_KEY_generate_key() adds entropy (based on time()) every 1000000 keys or so.
Basically private key (integer) starts from random number and increases for 1000000 keys.
Then new entropy added and new private key generated.
Should be secure after first iteration (1M).
What entropy sources it uses?
Currently, it is difficult to import the private key into bitcoin. Sipa's showwallet branch has a new command called "importprivkey" that accepts the base-58 encoded private key. Vanitygen has been tested to work with that version of bitcoin, although it had to be restarted to get the imported vanity address to show up on the list in the GUI.
I've just pushed a bugfix, and can't reproduce the problem now. Could you try again?
PS: yes, it's quite normal your code is a lot faster - the vanity patch just tried generating random keys until a match was found, requiring generating 256 random bits + an EC multiplication per attempt. Your code only needs an EC addition per attempt.
Am I reading this right, that it generates 23k addresses per second? And this particular address was found after 80,000?
That's correct!
For comparison, I couldn't even get 1,000/sec out of the patched client. Is that normal?
Am I reading this right, that it generates 23k addresses per second? And this particular address was found after 80,000?
Vanitygen is a command-line vanity bitcoin address generator.
If you're tired of the random, cryptic addresses generated by regular bitcoin clients, you can use vanitygen to create a more personalized address. Add unique flair when you tell people to send bitcoins to 1stDownqyMHHqnDPRSfiZ5GXJ8Gk9dbjL. Alternatively, vanitygen can be used to generate random addresses offline.
Vanitygen accepts as input a pattern, or list of patterns to search for, and produces a list of addresses and private keys. Vanitygen's search is probabilistic, and the amount of time required to find a given pattern depends on how complex the pattern is, the speed of your computer, and whether you get lucky.
The example below illustrates a session of vanitygen. It is typical, and took about 10 sec to finish, using my Core 2 Duo E6600 CPU on x86-64 Linux:
Vanitygen includes components to perform address searching on your CPU (vanitygen) and your OpenCL-compatible GPU (oclvanitygen). Both can be built from source, and both are included in the Windows binary package. Also included is oclvanityminer, the vanity address mining client. Oclvanityminer can be used to automatically claim bounties on sites such as ThePiachu's vanity pool.
Current version: 0.22
Windows x86+x64 binaries here. PGP signature here
Get the source from GitHub. Includes Makefiles for Linux and Mac OS X.
FAQ
What types of patterns can vanitygen search for?
Vanitygen can search for simple prefixes or regular expression matches.
Prefixes are exact strings that must appear at the beginning of the address. When searching for prefixes, vanitygen will ensure that the prefix is possible, and will provide a difficulty estimate. Exact prefixes are case-sensitive by default, but may be searched case-insensitively using the -i option.
Prefixes are also very fast to search, and a list of thousands of prefixes may be specified with little or no reduction in key search rate.
Regular expressions are programmable pattern filters. They are very powerful, and can be used to match prefixes, suffixes, varying-length sequences, etc.. For a quick tutorial, see http://www.regular-expressions.info/quickstart.html. To enable regular expressions, use the -r command line option. Unfortunately, regular expressions are very slow, and will have a significant impact on key search rate. Because of this, regular expressions should only be used if their expressive power is needed.
Oclvanitygen is only effective at searching for prefixes. Regular expressions will not work effectively with oclvanitygen, as oclvanitygen is currently unable to execute the regular expression on the GPU.
How do I specify a list of patterns?
Vanitygen can accept a list of patterns to search for, either on the command line, or from a file or stdin using the -f option. File sources should have one pattern per line.
Upon finding a match for a given pattern, vanitygen will stop searching for additional matches for that pattern. To search for multiple matches for each pattern, use the -k option.
How do I import the private key into bitcoin?
If you wish to spend coins received on a vanity address created by vanitygen, you must import the private key into a bitcoin client. There are two popular methods of doing this with the standard Satoshi bitcoin client:
If I stop vanitygen when it reports 60% complete, how do I have it restart where it left off?
You don't need to. The percentage displayed just shows how probable it is that a match would be found in the session so far. If it finds your address with 5% on the display, you are extremely lucky. If it finds your address with 92% on the display, you are unlucky. If you stop vanitygen with 90% on the display, restart it, and it finds your address with 2% on the display, your first session was unlucky, but your second session was lucky.
When I double-click on vanitygen, a black window appears for a split-second and disappears, what do I do?
Currently, vanitygen only runs on the command line, and does not have a graphical user interface. To use vanitygen, you need to open a command line window and change to the directory where you extracted the vanitygen program. An easy way to do this in Windows 7, hold down the shift key, right-click on the folder where you unzipped vanitygen, and select "Open command window here." Then, you can type the vanitygen command at the prompt.
Can I use vanitygen to find someone else's private key from their bitcoin address?
Yes. Vanitygen is a cryptographic brute-forcing application, and can be used to search for a complete address. However, you will be unhappy with the amount of time required for it to find a match.
How do I report a bug? What do I do if it crashes?
Post to this thread, send me a PM, or send me an email! Please run vanitygen with the -v flag for verbose output, and please include the console output in your report.
How do I build vanitygen from source?
Please refer to the file INSTALL in the source distribution.
What key search rate can I expect from hardware X?
Detailed list forthcoming. Some ballpark estimates are listed below.
Dual-core desktop CPUs, 32-bit mode: 100-250 Kkey/s.
Dual-core desktop CPUs, 64-bit mode: 150-450 Kkey/s.
Quad-core desktop CPUs, 32-bit mode: 200-400 Kkey/s.
Quad-core desktop CPUs, 64-bit mode: 300-750 Kkey/s.
As vanitygen performs a lot of large integer arithmetic, running it in 64-bit mode makes a huge difference in key search rate, easily a 50% improvement over 32-bit mode. If you are using a 64-bit edition of Windows, and not using a GPU, be sure to use vanitygen64.exe.
In custom builds, CPU performance will be less than expected if the OpenSSL library is an older version (<1.0.0d) or is not built with the appropriate optimizations enabled.
General formulas for expected performance on GPUs
NVIDIA GeForce 96xx, 98xx, GT 1xx, GT 2xx, GTX 2xx (G90/GT200):
Key/s = (CUDA Cores) x (Shader MHz) x 17
AMD Radeon 58xx, 59xx, 67xx, 68xx (VLIW5):
Key/s = (Stream Processors) x (Core MHz) x 20.1
AMD Radeon 69xx (VLIW4):
Key/s = (Stream Processors) x (Core MHz) x 13.6
AMD GCN, NVIDIA Fermi/Kepler: Please contribute some numbers!
Unfortunately, AMD VLIW4 does not perform as well as VLIW5 with the same number of cores/clocks. Oclvanitygen is sensitive to integer multiply throughput, and VLIW5 can multiply concurrently with other operations, whereas multiply consumes all four ALUs in VLIW4. At similar clocks, a hobbled Radeon 5830 will outperform a Radeon 6970.
I have a lot of compute power, and want to make vanity addresses for others. How do I do it?
The difficulty with this is convincing your customer that, once you provide them with a vanity address, you do not have a copy of their private key. Some methods of doing this have been discussed on the forum, and vanitygen currently supports one of them. To generate an address securely, your customer generates a private key, and provides you with the public key part. You use this public key as part of the address search, and when you find a match, you provide them with a partial private key. The customer then adds the partial private key to their private key to get the vanity address. Because the customer never disclosed their part of the private key, only they have access to the complete private key.
There are many ways to get a key pair, but to do address-for-hire, you need the complete public key in hexadecimal format. The bitcoin address is not sufficient. One way to generate one and get this is to use the keyconv utility, keyconv -G, and get the following parts:
The customer saves the privkey part in a secure location, and provides you with the Pubkey (hex) part.
Then, you run vanitygen or oclvanitygen, and specify the customer's public key:
Because a public key was specified, vanitygen now provides a PrivkeyPart rather than a Privkey result, which is useful only to your customer. The customer then takes the partial private key produced by vanitygen and adds it to their private key. This can be done using ThePiachu's handy website, or using the keyconv utility:
Here, keyconv is able to recreate the final address found by vanitygen, based on the two private key parts. It is also able to create the final private key. This is infeasible for someone who does not have both parts of the private key, and provides your customer with real security.
This process is very complicated. A simpler way to do it is to use a bounty pool such as vanity pool.
How do I participate in vanity pool?
To do this, use the oclvanityminer program. Oclvanityminer works much like a familiar bitcoin miner. It connects to a bounty server, downloads a list of bounties, automatically chooses one, searches for a match, and submits the results back to the server when one is found. Oclvanityminer periodically reconnects to the bounty server to check if bounties have been claimed, or more profitable bounties have been posted. An example session:
Note that vanitypool and oclvanityminer are currently under development.
How secure are the addresses generated by this program? Will someone be able to guess the private key and steal my BTC?
Vanitygen uses the OpenSSL random number generator. This is the same RNG used by bitcoin and a good number of HTTPS servers. It is regarded as well-scrutinized. On Linux, the RNG will be seeded from /dev/urandom. Guessing the private key of an address found by vanitygen will be no easier than guessing a private key created by bitcoin itself. Nonetheless, if you feel the default RNG is unable to provide numbers that are sufficiently difficult to guess, vanitygen can be directed to seed the RNG from an external file using the -s option.
To speed up address generation, vanitygen uses the RNG to choose a private key, and literally increments the private key in a loop searching for a match. As long as the starting point is not disclosed, if a match is found, the private key will not be any easier to guess than if every private key tested were taken from the RNG. Vanitygen will also reload the private key from the RNG after 10,000,000 unsuccessful searches (100M for oclvanitygen), or when a match is found and multiple patterns are being searched for.
What security measures should I take?
What are the other methods of generating vanity addresses?
The original method of generating vanity addresses is a patch to the official bitcoin client created by Gavin Andresen. Details can be found here.
Forum user Nyhm created an in-browser vanity address generator.
There is a new vanity address generator for Android.
If you're tired of the random, cryptic addresses generated by regular bitcoin clients, you can use vanitygen to create a more personalized address. Add unique flair when you tell people to send bitcoins to 1stDownqyMHHqnDPRSfiZ5GXJ8Gk9dbjL. Alternatively, vanitygen can be used to generate random addresses offline.
Vanitygen accepts as input a pattern, or list of patterns to search for, and produces a list of addresses and private keys. Vanitygen's search is probabilistic, and the amount of time required to find a given pattern depends on how complex the pattern is, the speed of your computer, and whether you get lucky.
The example below illustrates a session of vanitygen. It is typical, and took about 10 sec to finish, using my Core 2 Duo E6600 CPU on x86-64 Linux:
Code:
$ ./vanitygen 1Boat
Difficulty: 4476342
Pattern: 1Boat
Address: 1BoatSLRHtKNngkdXEeobR76b53LETtpyT
Privkey: 5J4XJRyLVgzbXEgh8VNi4qovLzxRftzMd8a18KkdXv4EqAwX3tS
Vanitygen includes components to perform address searching on your CPU (vanitygen) and your OpenCL-compatible GPU (oclvanitygen). Both can be built from source, and both are included in the Windows binary package. Also included is oclvanityminer, the vanity address mining client. Oclvanityminer can be used to automatically claim bounties on sites such as ThePiachu's vanity pool.
Current version: 0.22
Windows x86+x64 binaries here. PGP signature here
Get the source from GitHub. Includes Makefiles for Linux and Mac OS X.
FAQ
What types of patterns can vanitygen search for?
Vanitygen can search for simple prefixes or regular expression matches.
Prefixes are exact strings that must appear at the beginning of the address. When searching for prefixes, vanitygen will ensure that the prefix is possible, and will provide a difficulty estimate. Exact prefixes are case-sensitive by default, but may be searched case-insensitively using the -i option.
Prefixes are also very fast to search, and a list of thousands of prefixes may be specified with little or no reduction in key search rate.
Regular expressions are programmable pattern filters. They are very powerful, and can be used to match prefixes, suffixes, varying-length sequences, etc.. For a quick tutorial, see http://www.regular-expressions.info/quickstart.html. To enable regular expressions, use the -r command line option. Unfortunately, regular expressions are very slow, and will have a significant impact on key search rate. Because of this, regular expressions should only be used if their expressive power is needed.
Oclvanitygen is only effective at searching for prefixes. Regular expressions will not work effectively with oclvanitygen, as oclvanitygen is currently unable to execute the regular expression on the GPU.
How do I specify a list of patterns?
Vanitygen can accept a list of patterns to search for, either on the command line, or from a file or stdin using the -f option. File sources should have one pattern per line.
Upon finding a match for a given pattern, vanitygen will stop searching for additional matches for that pattern. To search for multiple matches for each pattern, use the -k option.
How do I import the private key into bitcoin?
If you wish to spend coins received on a vanity address created by vanitygen, you must import the private key into a bitcoin client. There are two popular methods of doing this with the standard Satoshi bitcoin client:
- Use the importprivkey command. To do this, select Help -> Debug Window, and in the window, on the bottom line, enter importprivkey
, e.g.
Code:
importprivkey 5J4XJRyLVgzbXEgh8VNi4qovLzxRftzMd8a18KkdXv4EqAwX3tS
- Jackjack's pywallet script is an all-in-one tool that directly modifies the wallet.dat file. This works with a normal, unpatched bitcoin client, but does require Python with the bsddb package.
If I stop vanitygen when it reports 60% complete, how do I have it restart where it left off?
You don't need to. The percentage displayed just shows how probable it is that a match would be found in the session so far. If it finds your address with 5% on the display, you are extremely lucky. If it finds your address with 92% on the display, you are unlucky. If you stop vanitygen with 90% on the display, restart it, and it finds your address with 2% on the display, your first session was unlucky, but your second session was lucky.
When I double-click on vanitygen, a black window appears for a split-second and disappears, what do I do?
Currently, vanitygen only runs on the command line, and does not have a graphical user interface. To use vanitygen, you need to open a command line window and change to the directory where you extracted the vanitygen program. An easy way to do this in Windows 7, hold down the shift key, right-click on the folder where you unzipped vanitygen, and select "Open command window here." Then, you can type the vanitygen command at the prompt.
Can I use vanitygen to find someone else's private key from their bitcoin address?
Yes. Vanitygen is a cryptographic brute-forcing application, and can be used to search for a complete address. However, you will be unhappy with the amount of time required for it to find a match.
How do I report a bug? What do I do if it crashes?
Post to this thread, send me a PM, or send me an email! Please run vanitygen with the -v flag for verbose output, and please include the console output in your report.
How do I build vanitygen from source?
Please refer to the file INSTALL in the source distribution.
What key search rate can I expect from hardware X?
Detailed list forthcoming. Some ballpark estimates are listed below.
Dual-core desktop CPUs, 32-bit mode: 100-250 Kkey/s.
Dual-core desktop CPUs, 64-bit mode: 150-450 Kkey/s.
Quad-core desktop CPUs, 32-bit mode: 200-400 Kkey/s.
Quad-core desktop CPUs, 64-bit mode: 300-750 Kkey/s.
As vanitygen performs a lot of large integer arithmetic, running it in 64-bit mode makes a huge difference in key search rate, easily a 50% improvement over 32-bit mode. If you are using a 64-bit edition of Windows, and not using a GPU, be sure to use vanitygen64.exe.
In custom builds, CPU performance will be less than expected if the OpenSSL library is an older version (<1.0.0d) or is not built with the appropriate optimizations enabled.
General formulas for expected performance on GPUs
NVIDIA GeForce 96xx, 98xx, GT 1xx, GT 2xx, GTX 2xx (G90/GT200):
Key/s = (CUDA Cores) x (Shader MHz) x 17
AMD Radeon 58xx, 59xx, 67xx, 68xx (VLIW5):
Key/s = (Stream Processors) x (Core MHz) x 20.1
AMD Radeon 69xx (VLIW4):
Key/s = (Stream Processors) x (Core MHz) x 13.6
AMD GCN, NVIDIA Fermi/Kepler: Please contribute some numbers!
Unfortunately, AMD VLIW4 does not perform as well as VLIW5 with the same number of cores/clocks. Oclvanitygen is sensitive to integer multiply throughput, and VLIW5 can multiply concurrently with other operations, whereas multiply consumes all four ALUs in VLIW4. At similar clocks, a hobbled Radeon 5830 will outperform a Radeon 6970.
I have a lot of compute power, and want to make vanity addresses for others. How do I do it?
The difficulty with this is convincing your customer that, once you provide them with a vanity address, you do not have a copy of their private key. Some methods of doing this have been discussed on the forum, and vanitygen currently supports one of them. To generate an address securely, your customer generates a private key, and provides you with the public key part. You use this public key as part of the address search, and when you find a match, you provide them with a partial private key. The customer then adds the partial private key to their private key to get the vanity address. Because the customer never disclosed their part of the private key, only they have access to the complete private key.
There are many ways to get a key pair, but to do address-for-hire, you need the complete public key in hexadecimal format. The bitcoin address is not sufficient. One way to generate one and get this is to use the keyconv utility, keyconv -G, and get the following parts:
Code:
$ ./keyconv -G
Pubkey (hex): 041d2e778ae6d9124736df131cd22d3a2483f336c55156d87a84c4bdc6d89f8518e33de85ae0f907a7128c476281bc8cc7742b43a54ccc2c7824dc4c4a438a7fbc
Privkey (hex): 61E00B1C57E7F0D508C7C3795F90C0ACEC1DCAF6A7B82C951D23F728FD53E4BE
Address: 15wRE5VA5uhxs5o6LayZC6imES2SeZeXd4
Privkey: 5JZPftgcsaG5Unp24cf47zP7JZEZkfnSAZzefezAVNRomKHZE8f
The customer saves the privkey part in a secure location, and provides you with the Pubkey (hex) part.
Then, you run vanitygen or oclvanitygen, and specify the customer's public key:
Code:
$ ./vanitygen -P 041d2e778ae6d9124736df131cd22d3a2483f336c55156d87a84c4bdc6d89f8518e33de85ae0f907a7128c476281bc8cc7742b43a54ccc2c7824dc4c4a438a7fbc 1Boat
Difficulty: 4476342
Pattern: 1Boat
Address: 1BoatWxEHyVXkjS78d16LMuj8YMdZ1Kce8
PrivkeyPart: 5KCwog8Ndt64ZicNSGoDBRf4vACBptM2GUtSJCmkbqpieC8idcP
Because a public key was specified, vanitygen now provides a PrivkeyPart rather than a Privkey result, which is useful only to your customer. The customer then takes the partial private key produced by vanitygen and adds it to their private key. This can be done using ThePiachu's handy website, or using the keyconv utility:
Code:
$ ./keyconv -c 5JZPftgcsaG5Unp24cf47zP7JZEZkfnSAZzefezAVNRomKHZE8f 5KCwog8Ndt64ZicNSGoDBRf4vACBptM2GUtSJCmkbqpieC8idcP
Address: 1BoatWxEHyVXkjS78d16LMuj8YMdZ1Kce8
Privkey: 5J1Jieusaa6vegTQZ7PNG3hMcsM2FjgHPK1BkPjbYyQsWb9k5vj
Here, keyconv is able to recreate the final address found by vanitygen, based on the two private key parts. It is also able to create the final private key. This is infeasible for someone who does not have both parts of the private key, and provides your customer with real security.
This process is very complicated. A simpler way to do it is to use a bounty pool such as vanity pool.
How do I participate in vanity pool?
To do this, use the oclvanityminer program. Oclvanityminer works much like a familiar bitcoin miner. It connects to a bounty server, downloads a list of bounties, automatically chooses one, searches for a match, and submits the results back to the server when one is found. Oclvanityminer periodically reconnects to the bounty server to check if bounties have been claimed, or more profitable bounties have been posted. An example session:
Code:
$ ./oclvanityminer -u https://vanitypool.appspot.com/ -a 1samr7UZxtC6MEAFHqr1h3Kq453xJJbe4
Searching for pattern: "1satoshi" Reward: 0.100000 Value: 0.000007 BTC/MkeyHr
Difficulty: 51529903411245
Searching for pattern: "1Satoshi" Reward: 0.100000 Value: 0.000007 BTC/MkeyHr
Next match difficulty: 25764951705622 (2 prefixes)
[6.14 Mkey/s][total 62914560][Prob 0.0%][50% in 33.6d]
Note that vanitypool and oclvanityminer are currently under development.
How secure are the addresses generated by this program? Will someone be able to guess the private key and steal my BTC?
Vanitygen uses the OpenSSL random number generator. This is the same RNG used by bitcoin and a good number of HTTPS servers. It is regarded as well-scrutinized. On Linux, the RNG will be seeded from /dev/urandom. Guessing the private key of an address found by vanitygen will be no easier than guessing a private key created by bitcoin itself. Nonetheless, if you feel the default RNG is unable to provide numbers that are sufficiently difficult to guess, vanitygen can be directed to seed the RNG from an external file using the -s option.
To speed up address generation, vanitygen uses the RNG to choose a private key, and literally increments the private key in a loop searching for a match. As long as the starting point is not disclosed, if a match is found, the private key will not be any easier to guess than if every private key tested were taken from the RNG. Vanitygen will also reload the private key from the RNG after 10,000,000 unsuccessful searches (100M for oclvanitygen), or when a match is found and multiple patterns are being searched for.
What security measures should I take?
- Secure any systems used to generate addresses. Don't run web browsers on them. Keep malware and unauthorized individuals out.
- Ensure that any private keys reported by vanitygen are stored and transmitted securely.
- The command line method of importing private keys into bitcoin requires you to enter your private key on the command line. Bitcoin takes a long time to perform an import, and while it is running, your private key will be visible in the output of "ps," so be careful! Also, the private key may be leaked to your shell history file. Kill your shell and shred your shell history file after importing.
What are the other methods of generating vanity addresses?
The original method of generating vanity addresses is a patch to the official bitcoin client created by Gavin Andresen. Details can be found here.
Forum user Nyhm created an in-browser vanity address generator.
There is a new vanity address generator for Android.
Jump to: