VanitySearch (Yet another address prefix finder) - page 45.

Telariust

jr. member

Activity: 38

Merit: 18

Quote from: Jean_Luc on June 17, 2019, 02:24:59 AM

Quote from: Telariust

In my opinion, you need to apply sym/endomorph to the candidate and not apply to splitKey or the result of addition

As you don't know the privKey when mining , it is not possible to calculate an offset to add in order to reduce to case 1.
May be I also missed something...

Well of course it’s possible! Are you sure you're a ~~jedi~~dev?) Use Force, Luc!)
Oh, ok, explain, all simple.

I compared ver 1.12 vs 1.13 to understand how you added splitkey support.
You generate starting points from the seed, and add a splitkey to them. That is the whole problem.
With this implementation, it is necessary to apply symY/endomorph to the splitkey.
(what yourself do at the stage of indirect verification of the pair)
And you did not need to make changes to the code of cuda.
It’s convenient, a minimum of edits, everything works, yes. But not with appspot pool.

To make it compatible with the pool, you need to add a splitkey after applying symY/endomorph right before hash160.
It’s not very difficult there, but the performance will suffer, because the operations of adding points are added.

I have fixed a few functions for cpu -nosse only, a rough prototype demonstrating that this is possible.
Code is sloow, and problem not in sse. I think secp->AddDirect() is really tardy. I hope you find a quick solution.

Code:

C:\Users\User\source\repos\VanitySearch-1.15\x64\Release>VanitySearch -stop -t 4 -s "A Strong Password" -kp
Priv : L2JtWKgFrwzjyw4UQjaCMHu8Cq3e6yuq4Thdjd6H462XnTJz9ftE
Pub : 0280C3E351A2F47F1A09A20F130B922C2BE2009F4CB4892901559AE09ABB357389

C:\Users\User\source\repos\VanitySearch-1.15\x64\Release>VanitySearch -stop -t 4 -sp 0280C3E351A2F47F1A09A20F130B922C2BE2009F4CB4892901559AE09ABB357389 -nosse -o __keyinfo.txt 12345
VanitySearch v1.15
Difficulty: 4553521
Search: 12345 [Compressed, with public key]
Start Sat Aug 3 03:39:07 2019
Base Key: A6CDE51DC26E832F9C7AB673FF6B5F8F9D0C7F121E9A115CAC45B7884671F757
Number of CPU thread: 4
0.995 MK/s (GPU 0.000 MK/s) (2^20.92) [P 35.41%][50.00% in 00:00:01][0]

C:\Users\User\source\repos\VanitySearch-1.15\x64\Release>type __keyinfo.txt
Pub Addr: 12345zpQiMCPgjrCHcGwZ6kUsPpiid79MK
PartialPriv: KzN1kLMYrhZfRiWM8RR4dgReCHJeZmeMuPnqKS3KNj7HSe4SUTXA

C:\Users\User\source\repos\VanitySearch-1.15\x64\Release>VanitySearch -rp L2JtWKgFrwzjyw4UQjaCMHu8Cq3e6yuq4Thdjd6H462XnTJz9ftE __keyinfo.txt

Pub Addr: 12345zpQiMCPgjrCHcGwZ6kUsPpiid79MK
Priv (WIF): p2pkh:L5TC4zufJyHogQsVkTTx5hDRYVdnpBr98JknRunUaZfiBieQTxv8
Priv (HEX): 0xF5A25AAD2AA36613D8B58511DBE851C9EBE893141C00AC90823008B942A8E6ED

Code:

void VanitySearch::getCPUStartingKey(int thId,Int& key,Point& startP) {

  if (rekey > 0) {
   key.Rand(256);
  } else {
   key.Set(&startKey);
   Int off((int64_t)thId);
   off.ShiftL(64);
   key.Add(&off);
  }
  Int km(&key);
  km.Add((uint64_t)CPU_GRP_SIZE / 2);
  startP = secp->ComputePublicKey(&km);
  //if(startPubKeySpecified)
  // startP = secp->AddDirect(startP,startPubKey);

}

void VanitySearch::checkAddresses(bool compressed, Int key, int i, Point p1) {

  unsigned char h0[20];
  Point pte1[1];
  Point pte2[1];

  Point ptmp;

  // classic

  if (startPubKeySpecified) {
ptmp = secp->AddDirect(p1, startPubKey);
  }
  else {
ptmp = p1;
  }

  secp->GetHash160(searchType,compressed, ptmp, h0);
  prefix_t pr0 = *(prefix_t *)h0;
  if (hasPattern || prefixes[pr0].items)
   checkAddr(pr0, h0, key, i, 0, compressed);

  // Endomorphism #1
  pte1[0].x.ModMulK1(&p1.x, &beta);
  pte1[0].y.Set(&p1.y);

  if (startPubKeySpecified) {
ptmp = secp->AddDirect(pte1[0], startPubKey);
  }
  else {
ptmp = pte1[0];
  }

  secp->GetHash160(searchType, compressed, ptmp, h0);

  pr0 = *(prefix_t *)h0;
  if (hasPattern || prefixes[pr0].items)
   checkAddr(pr0, h0, key, i, 1, compressed);

  // Endomorphism #2
  pte2[0].x.ModMulK1(&p1.x, &beta2);
  pte2[0].y.Set(&p1.y);

  if (startPubKeySpecified) {
ptmp = secp->AddDirect(pte2[0], startPubKey);
  }
  else {
ptmp = pte2[0];
  }

  secp->GetHash160(searchType, compressed, ptmp, h0);

  pr0 = *(prefix_t *)h0;
  if (hasPattern || prefixes[pr0].items)
   checkAddr(pr0, h0, key, i, 2, compressed);

  // Curve symetrie
  // if (x,y) = k*G, then (x, -y) is -k*G

  p1.y.ModNeg();

  if (startPubKeySpecified) {
ptmp = secp->AddDirect(p1, startPubKey);
  }
  else {
ptmp = p1;
  }

  secp->GetHash160(searchType, compressed, ptmp, h0);
  pr0 = *(prefix_t *)h0;
  if (hasPattern || prefixes[pr0].items)
   checkAddr(pr0, h0, key, -i, 0, compressed);

  // Endomorphism #1
  pte1[0].y.ModNeg();

  if (startPubKeySpecified) {
ptmp = secp->AddDirect(pte1[0], startPubKey);
  }
  else {
ptmp = pte1[0];
  }

  secp->GetHash160(searchType, compressed, ptmp, h0);

  pr0 = *(prefix_t *)h0;
  if (hasPattern || prefixes[pr0].items)
   checkAddr(pr0, h0, key, -i, 1, compressed);

  // Endomorphism #2
  pte2[0].y.ModNeg();

  if (startPubKeySpecified) {
ptmp = secp->AddDirect(pte2[0], startPubKey);
  }
  else {
ptmp = pte2[0];
  }

  secp->GetHash160(searchType, compressed, ptmp, h0);

  pr0 = *(prefix_t *)h0;
  if (hasPattern || prefixes[pr0].items)
   checkAddr(pr0, h0, key, -i, 2, compressed);

}

bool VanitySearch::checkPrivKey(string addr, Int &key, int32_t incr, int endomorphism, bool mode) {

  Int k(&key);
  Point sp = startPubKey;

  if (incr < 0) {
   k.Add((uint64_t)(-incr));
   k.Neg();
   k.Add(&secp->order);
   //if (startPubKeySpecified) sp.y.ModNeg();
  } else {
   k.Add((uint64_t)incr);
  }

  // Endomorphisms
  switch (endomorphism) {
  case 1:
   k.ModMulK1order(&lambda);
   //if(startPubKeySpecified) sp.x.ModMulK1(&beta);
   break;
  case 2:
   k.ModMulK1order(&lambda2);
   //if (startPubKeySpecified) sp.x.ModMulK1(&beta2);
   break;
  }

  // Check addresses
  Point p = secp->ComputePublicKey(&k);
  if (startPubKeySpecified) p = secp->AddDirect(p, sp);

  string chkAddr = secp->GetAddress(searchType, mode, p);
  if (chkAddr != addr) {

   //Key may be the opposite one (negative zero or compressed key)
   k.Neg();
   k.Add(&secp->order);
   p = secp->ComputePublicKey(&k);
   if (startPubKeySpecified) {
   //sp.y.ModNeg();
   p = secp->AddDirect(p, sp);
   }
   string chkAddr = secp->GetAddress(searchType, mode, p);
   if (chkAddr != addr) {
   printf("\nWarning, wrong private key generated !\n");
   printf(" Addr :%s\n", addr.c_str());
   printf(" Check:%s\n", chkAddr.c_str());
   printf(" Endo:%d incr:%d comp:%d\n", endomorphism, incr, mode);
   return false;
   }

  }

  output(addr, secp->GetPrivAddress(mode ,k), k.GetBase16());

  return true;

}

void reconstructAdd(Secp256K1 *secp, string fileName, string outputFile, string privAddr) {

  bool compressed;
  int addrType;
  Int lambda;
  Int lambda2;
  lambda.SetBase16("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72");
  lambda2.SetBase16("ac9c52b33fa3cf1f5ad9e3fd77ed9ba4a880b9fc8ec739c2e0cfc810b51283ce");

  Int privKey = secp->DecodePrivateKey((char *)privAddr.c_str(),&compressed);
  if(privKey.IsNegative())
   exit(-1);

  vector lines;
  parseFile(fileName,lines);

  for (int i = 0; i < (int)lines.size(); i+=2) {

   string addr;
   string partialPrivAddr;

   if (lines[i].substr(0, 10) == "Pub Addr: ") {

   addr = lines[i].substr(10);

   switch (addr.data()[0]) {
   case '1':
   addrType = P2PKH; break;
   case '3':
   addrType = P2SH; break;
   case 'b':
   case 'B':
   addrType = BECH32; break;
   default:
   printf("Invalid partialkey info file at line %d\n", i);
   printf("%s Address format not supported\n", addr.c_str());
   continue;
   }

   } else {
   printf("Invalid partialkey info file at line %d (\"Pub Addr: \" expected)\n",i);
   exit(-1);
   }

   if (lines[i+1].substr(0, 13) == "PartialPriv: ") {
   partialPrivAddr = lines[i+1].substr(13);
   } else {
   printf("Invalid partialkey info file at line %d (\"PartialPriv: \" expected)\n", i);
   exit(-1);
   }

   bool partialMode;
   Int partialPrivKey = secp->DecodePrivateKey((char *)partialPrivAddr.c_str(), &partialMode);
   if (privKey.IsNegative()) {
   printf("Invalid partialkey info file at line %d\n", i);
   exit(-1);
   }

   if (partialMode != compressed) {

   printf("Warning, Invalid partialkey at line %d (Wrong compression mode, ignoring key)\n", i);
   continue;

   } else {

   // Reconstruct the address
   Int fullPriv;
   Point p;
   Int e;
   string cAddr;
   bool found = false;

Int save_partialPrivKey = partialPrivKey;

   // No sym, no endo
   e.Set(&privKey);
   CHECK_ADDR();

   // No sym, endo 1
   e.Set(&privKey);
   //e.ModMulK1order(&lambda);
partialPrivKey.Set(&save_partialPrivKey);
partialPrivKey.ModMulK1order(&lambda);
   CHECK_ADDR();

   // No sym, endo 2
   e.Set(&privKey);
   //e.ModMulK1order(&lambda2);
partialPrivKey.Set(&save_partialPrivKey);
partialPrivKey.ModMulK1order(&lambda2);
   CHECK_ADDR();

   // sym, no endo
   e.Set(&privKey);
   //e.Neg();
   //e.Add(&secp->order);
partialPrivKey.Set(&save_partialPrivKey);
partialPrivKey.Neg();
partialPrivKey.Add(&secp->order);
   CHECK_ADDR();

   // sym, endo 1
   e.Set(&privKey);
   //e.ModMulK1order(&lambda);
   //e.Neg();
   //e.Add(&secp->order);
partialPrivKey.Set(&save_partialPrivKey);
partialPrivKey.ModMulK1order(&lambda);
partialPrivKey.Neg();
partialPrivKey.Add(&secp->order);
   CHECK_ADDR();

   // sym, endo 2
   e.Set(&privKey);
   //e.ModMulK1order(&lambda2);
   //e.Neg();
   //e.Add(&secp->order);
partialPrivKey.Set(&save_partialPrivKey);
partialPrivKey.ModMulK1order(&lambda2);
partialPrivKey.Neg();
partialPrivKey.Add(&secp->order);
   CHECK_ADDR();

   if (!found) {
   printf("Unable to reconstruct final key from partialkey line %d\n Addr: %s\n PartKey: %s\n",
   i, addr.c_str(),partialPrivAddr.c_str());
   }

   }

  }

}

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: malevolent on July 26, 2019, 10:23:19 AM

If you don't measure it yourself, you won't know if it doesn't pull more power from the PCIe slot. Reference GTX 750 Ti peaks at 140W as shown in the graph above, even thought nVidia claims it should pull no more than 60 watts: https://www.geforce.com/hardware/desktop-gpus/geforce-gtx-750-ti/specifications That said if it's not one of the cheapest boards it shouldn't be an issue.

Since I don't have a way of checking how much power is going through the PCIe port I will have to hack some numbers together from the pull though the UPS it's plugged into.
And the draw though the 12V rail of a power supply.
Don't know how accurate it will be, but it will show a big overage like the one you pointed out (60 vs 145) no way it will show 75 vs 81.

However, for now lets either table this or move it to a new / different thread because I do not want to derail this thread from what Jean_Luc is doing.

-Dave

malevolent

legendary

Activity: 3472

Merit: 1724

Quote from: DaveF on July 26, 2019, 07:11:22 AM

It's at the 75W mark.
NVidia's own specs don't have the power connector:

From https://www.nvidia.com/en-us/geforce/graphics-cards/gtx-1650/

If you don't measure it yourself, you won't know if it doesn't pull more power from the PCIe slot. Reference GTX 750 Ti peaks at 140W as shown in the graph above, even thought nVidia claims it should pull no more than 60 watts: https://www.geforce.com/hardware/desktop-gpus/geforce-gtx-750-ti/specifications That said if it's not one of the cheapest boards it shouldn't be an issue.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

It's at the 75W mark.
NVidia's own specs don't have the power connector:

From https://www.nvidia.com/en-us/geforce/graphics-cards/gtx-1650/

Quote

Maximum GPU Temperature (in C) 92
Graphics Card Power (W) 75
Recommended System Power (W) 300
Supplementary Power Connectors None

With that being said, YES it's at the limit of the PCIe spec, but it's one of the best MK/s card at the moment.
Also, and this might be a local thing but, where I live (Long Island, NY) there are a lot of local PC shops that have these 2nd/3rd/4th gen i3 / i5 machines (4GB Ram / old small slow drive) for well under $100 many at the $49.99 price point.

So if you want a machine to run VanitySearch, that will do 500MK/s and not spend a lot you can get this done for ~$250. If you are worried about killing the PCIe slot or the fact that the power supply is old and might not stand up to it. You can get a spare PC and still be under $350.

That is why I made a separate post about it instead of just adding it to the list.

As with everything YMMV but still, I think it's a great deal.

-Dave

malevolent

legendary

Activity: 3472

Merit: 1724

Quote from: asche on July 25, 2019, 08:31:07 PM

I think PCIe port only provides 75W or so. What this means is the card will run, but only offer limited performance.
Maybe just pick a card with a lower tdp/performance/consumption/Price in that case?

In some cases also the pci-e is enough in theory but power from the PSU directly is preferred to avoid overheating of the MB/PCIe port.

*75W if it follows PCI Express specifications

Which is a huge if:

PCIe slots in older/cheaper boards might die under 24/7 use if a card continuously exceeds this limit.

asche

legendary

Activity: 1484

Merit: 1491

I forgot more than you will ever know.

Quote from: DaveF on July 25, 2019, 01:37:01 PM

What is *VERY* nice is no PCIe plug is required on that card. So you can run it on systems that don't have PCIe coming off the power supply. The one I tested is now in an old Dell core i3 machine that has the crappy stock power supply that had no PCIe.

-Dave

I think PCIe port only provides 75W or so. What this means is the card will run, but only offer limited performance.
Maybe just pick a card with a lower tdp/performance/consumption/Price in that case?

In some cases also the pci-e is enough in theory but power from the PSU directly is preferred to avoid overheating of the MB/PCIe port.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Just added the GTX 1650 to the list of cards:
https://bitcointalksearch.org/topic/m.50823897

You get over 500 MK/s on a $150 card from Amazon. Not to shabby. ( link to the actual card I am using: https://amzn.to/2yevV7i )

What is *VERY* nice is no PCIe plug is required on that card. So you can run it on systems that don't have PCIe coming off the power supply. The one I tested is now in an old Dell core i3 machine that has the crappy stock power supply that had no PCIe.

-Dave

feryjhie

hero member

Activity: 882

Merit: 595

Quote from: gaz1 on July 14, 2019, 12:44:56 PM

Hi All, you can add a command to save a list of 100 addresses in a text file and open the next file to save.

actually there is a command for you to save the generated address on a text file and you can use the command below

Code:

-o outputfile: Output results to the specified file

so the example will be like this VanitySearch.exe -o test.txt 3test and the output will be on text file named test.txt

gaz1

newbie

Activity: 3

Merit: 0

Hi All, you can add a command to save a list of 100 addresses in a text file and open the next file to save.

Telariust

jr. member

Activity: 38

Merit: 18

Quote from: lol.ek on June 19, 2019, 07:59:37 AM

Can this software guess what characters are missing in pair:

Code:

1DLLsqnKALAk9XDx2ugYNBHn6jfLLDiE1
L2vhmg**********3a3pkSrW986Cx2cUyAnj7x2pXvASqvHBkQb8

I really need it for some of my paper wallets...
Thanks!

VanitySearch is not intended for this, but you need the BitCrack program.

FAQ, How to recover a bitcoin PaperWallet using BitCrack.

to avoid offtopic:
post moved to bitcointalk.org/index.php?topic=4453897.msg52106273#msg52106273

Jean_Luc

sr. member

Activity: 462

Merit: 701

Quote from: lol.ek on June 19, 2019, 07:59:37 AM

Hello. First of all: great work!
TL;DR: Can this software guess what characters are missing in pair:

Code:

1DLLsqnKALAk9XDx2ugYNBHn6jfLLDiE1
L2vhmg**********3a3pkSrW986Cx2cUyAnj7x2pXvASqvHBkQb8

Hello,
As it is no, it is not optimized for that. However with few modifications of the code and a powerful hardware it can be done...

lol.ek

newbie

Activity: 1

Merit: 0

Hello. First of all: great work!
TL;DR: Can this software guess what characters are missing in pair:

Code:

1DLLsqnKALAk9XDx2ugYNBHn6jfLLDiE1

L2vhmg**********3a3pkSrW986Cx2cUyAnj7x2pXvASqvHBkQb8

I really need it for some of my paper wallets...

Thanks!

Jean_Luc

sr. member

Activity: 462

Merit: 701

Here is the way the final private key is reconstructed:

1) (privKey + partialKey) mod n
2) (lambda1 * privKey + partialKey) mod n
3) (lambda2 * privKey + partialKey) mod n
4) (-privKey + partialKey) mod n
5) (-lambda1 * privKey + partialKey) mod n
6) (-lambda2 * privKey + partialKey) mod n

As you don't know the privKey when mining , it is not possible to calculate an offset to add in order to reduce to case 1.
May be I also missed something...

Telariust

jr. member

Activity: 38

Merit: 18

Quote from: Jean_Luc on June 16, 2019, 12:50:37 AM

does it support only "add" algorithm for final private key reconstruction ?
Vanitypool supports only uncompressed addresses or both ?

see
gobittest.appspot.com/VanityAll
used add/mul with comp/uncomp = 4 total
(add + uncomp, add + comp, mul + comp, mul + uncomp)
"Solved work" confirms this in the "Solution type"
(most add + uncomp entries because this is vanitygen default)

mul we do not need. I guess this was a trick to get 2x keys for the price of 1M
(like symY/symXBatch/endomorph proposed by arulbero)

we need the splitKey and the addition candidateKey+splitKey not to change

your program gives the result and does not tell which of the 6algos now
when I tried to write the analyzer in python, I failed twice.
At first, I intuitively applied sym/endomorph to the result of the addition of the candidateKey and splitKey, but 5/6 addresses were not recognized.
Well, Of course, I thought, True choice if applied sym/endomorph to the candidateKey before adding with splitKey, but it all happened again.
There is a third option - you apply sym/endomorph to splitKey!
After which the analyzer determined all cases correctly.
I am surprised by this choice, because it makes your calculation incompatible with 5/6 with the pool.
I guess this is due to the late addition of the splitKey to your self-contained code with minimal edits.
In my opinion, you need to apply sym/endomorph to the candidate and not apply to splitKey or the result of addition
imho, after fix u program should also work fine.
(maybe it have some math depend; maybe, I am mistaken and do not take into account some subtlety or dependence)

Jean_Luc

sr. member

Activity: 462

Merit: 701

Hello,
Yes the split key is done using all the 6 ecc algorithms, reduce it to only one is not obvious.
I don't know exactly how Vanitypool is working, does it support only "add" algorithm for final private key reconstruction ?
Vanitypool supports only uncompressed addresses or both ?

Telariust

jr. member

Activity: 38

Merit: 18

VanitySearch is 6x faster than VanityGen, and even 2x faster for compress addr (12x total).
But new 5 ecc algorithms uncompatible with split-key project vanitypool.appspot.com
So we lose 6x, only 2x left.

The developer vanitypool has long lost interest, the design is missing, the site has not been updated for more than 5 years.
The keeper ThePiachu is not able to screw the sorting of html-table on javascript and, at best, keeps the server on.
Therefore, it is naive to hope that 5 new algo will add to the job calculator. Ok?

But Jean_Luc can do something.
You use symm and endomorph to -sp pubkey.
I suppose it was faster and easier to do when you added -sp to the main code so as not to overwrite it.
We can not change the split-key and the math of calculating the final key on vanitypool.
Is it possible to eliminate symm and endomorph overlay on split-key?
I'm not sure, but it seems to me that there is no problem either in calculations or in safety.
With 12x tasks on the pool will again become more profitable than mining.

Chris!

legendary

Activity: 1382

Merit: 1123

Well this certainly deserves a bump. I hope I can figure out how to run it now Grin

Jean_Luc

sr. member

Activity: 462

Merit: 701

Done

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: DaveF on May 22, 2019, 07:59:52 PM

I been slacking in updating my post of card speeds.
https://bitcointalksearch.org/topic/m.50823897
I hope to carve out some time tomorrow or Friday to go though the thread and update it.
Sorry for not keeping it up.

-Dave

Updated.

Jean_Luc could you put a link to my post in the 1st post so people don't have to go through 15 of the 20 pages to find it. (someone sent me a PM about that)

Also, if anyone wants something added w/o posting in this thread or if you do post it and I miss it feel free to drop me a PM.

Thanks,
Dave

Jean_Luc

sr. member

Activity: 462

Merit: 701

Hello,

Many thanks Dave for you work Wink

A friend of me use a GTX 1660 Ti which gives a very good ratio price/performance (especially for integer calculation)

Code:

VanitySearch.exe -gpu -t 0 1testme
VanitySearch v1.13
Difficulty: 888446610539
Search: 1testme [Compressed]
Start Mon May 13 08:35:35 2019
Base Key: CBCC3BD678704956F2126B5B1346102F315D3271B83545A55C160324E98F52BF
Number of CPU thread: 0
GPU: GPU #0 GeForce GTX 1660 Ti (24x64 cores) Grid(192x128)
961.319 MK/s (GPU 961.319 MK/s) (2^35.46) [P 5.16%][50.00% in 00:09:51][0]

Topic: VanitySearch (Yet another address prefix finder) - page 45. (Read 32966 times)