Pages:
Author

Topic: [WARNING] Sol Noctis Bull Coin Keys Compromised / Scam - page 5. (Read 4180 times)

sr. member
Activity: 285
Merit: 262
EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9 is represented as ca76964390a3d7b99f0451a0a95a55a2098f9700cf6b0a2369a76b311d60427a in hex, and this is the private key for 13NgxJBSk2bwWd2W4cr4XQqNNQTmyoCM4a.

It looks like Sol Noctis took a private key in hex format and converted it to base58 without any of the necessary preprocessing to generate a WIF-encoded key. The 0x80 mainnet flag is not prepended, nor is the 0x01 flag to denote a compressed public key appended. Lastly the checksum is missing.

Some quick/dirty code follows to generate a proper WIF-encoded key from what you received:

Code:
const crypto = require('crypto');
const bs58 = require('bs58');
let sha256 = crypto.createHash('sha256');

let privkey = bs58.decode('EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9').toString('hex');
console.log(privkey);
privkey = '80' + privkey + '01';
console.log(privkey);
let hash = sha256.update(Buffer.from(privkey, 'hex')).digest('hex');
console.log(hash);
sha256 = crypto.createHash('sha256');
let hash2 = sha256.update(Buffer.from(hash, 'hex')).digest('hex');
console.log(hash2);
let checksum = hash2.slice(0, 8);
console.log(checksum);
privkey += checksum;
console.log(privkey);
let encoded = bs58.encode(Buffer.from(privkey, 'hex'));
console.log(encoded);

I've swept the key, please provide an address to which you'd like to receive your funds.
copper member
Activity: 100
Merit: 18
Here's the actual peeled key from my Bull:

legendary
Activity: 1456
Merit: 1242
Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.
The bulls certainly have an issue.... nobody has been able to sweep one.  The private key is some 44 character garbage.

Doesn't a 44 character private key correspond to a private key Base64?
please give it a shot:

public key: 13NgxJBSk2bwWd2W4cr4XQqNNQTmyoCM4a
private key under hologram: EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9
hero member
Activity: 2562
Merit: 607
Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.
The bulls certainly have an issue.... nobody has been able to sweep one.  The private key is some 44 character garbage.

Doesn't a 44 character private key correspond to a private key Base64?
legendary
Activity: 1456
Merit: 1242
Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.
The bulls certainly have an issue.... nobody has been able to sweep one.  The private key is some 44 character garbage.
legendary
Activity: 3570
Merit: 1959
Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.
hero member
Activity: 912
Merit: 747
Man that is some BULL, I hope this isn't true somehow.
hero member
Activity: 2562
Merit: 607
I sent 0.001 BTC to my own 2019 Sol Noctis Binary Bull to see if behavior snarfbag encountered is replicated.  TX ID- 8cc1f8138c9234cfa76c9481ed6f76ba70d3f0978e9a47ca20c6e5b4f98e697d
legendary
Activity: 2520
Merit: 3238
The Stone the masons rejected was the cornerstone.
This is really a shame. I emailed them at [email protected]
And linked this thread. Will see what they respond with.
legendary
Activity: 2198
Merit: 1989
฿uy ฿itcoin
My first thoughts was that someone had a script running to sweep anything over the load amount and if swept by said script, reload with proper face value. This would be for if somebody fucked up and overloaded a coin while manufacturing.. but the fact that this "script" is still possibly running and private keys not destroyed is alarming.

According to TWC no private keys are stored:

Quote
A private key, which is needed to redeem the face value, is located under the coin’s protective holographic layer. It is automatically printed and is not stored by the manufacturing company, which means only the owner of the Sol Noctis coin has access to it and thus can realize the face value of the coin at any time.

I think it would be best to contact them directly and ask for clarification.
legendary
Activity: 1456
Merit: 1242
My first thoughts was that someone had a script running to sweep anything over the load amount and if swept by said script, reload with proper face value. This would be for if somebody fucked up and overloaded a coin while manufacturing.. but the fact that this "script" is still possibly running and private keys not destroyed is alarming.

Makes sense.  These were some of my favorite coins.... so sad!
legendary
Activity: 1253
Merit: 1203
My first thoughts was that someone had a script running to sweep anything over the load amount and if swept by said script, reload with proper face value. This would be for if somebody fucked up and overloaded a coin while manufacturing.. but the fact that this "script" is still possibly running and private keys not destroyed is alarming.
legendary
Activity: 3780
Merit: 1418
Maybe sol noctis doesnt realized things can be verified on the chain  Cheesy

Disappointingly watching  Undecided
legendary
Activity: 2366
Merit: 1048

I'm leaning towards this is a scam. But it's weird because the coin is real silver.
Looking at the price you can get quite a bunch of silver for the price of a single one of these, and any worthy scam would surely use true silver to keep going for longer.
sr. member
Activity: 382
Merit: 265

Lesbian Cow on my mobile account (view trust of this account to confirm)  If you bought this coin from me I would like to buy it back for whatever you paid me plus shipping costs to me. If you did not buy it from me I still want to buy it from you as I want to get to the bottom of this situation.  Please pm me on this account if you will sell it to me.

I bid 0.0001 btc more than transvestite lamb because I collect scam memorabilia.
copper member
Activity: 100
Merit: 18
Someone else shared a sol noctis private key with me and it's 44 digits which isn't a private key format I'm familiar with. I tried a few things (no, it's not 2 mini keys) and it's not missing a bunch of trailing zeroes.

I posted my Bull coin private key above. It's garbage.
sr. member
Activity: 382
Merit: 265
Here's the transactions.


This is weird af. I'm pretty sure it means the maker retained the private keys and somehow thought nobody would notice...

I trust OP and his photo looks legit. The only way that photo was faked is if he post-dated it with today's date, peeled it in February, and then waited until today to release the photo which would be a lot of effort to go through for nothing to gain  Wink

Someone else shared a sol noctis private key with me and it's 44 digits which isn't a private key format I'm familiar with. I tried a few things (no, it's not 2 mini keys) and it's not missing a bunch of trailing zeroes.

I'm leaning towards this is a scam. But it's weird because the coin is real silver.
copper member
Activity: 100
Merit: 18
1Lh975rtt1RwDJ1SHGX8mn1iHwe7kaVfMQ

Do you know with 100% CERTAINTY that your friend didn't sweep / replace the original .001 funds? Did anyone other than your friend have access to the peeled coin and its private key? (I'm simply trying to play the devil's advocate before we jump to the most obvious conclusion.)

Regards,
Chris

The coin is in my possession. Please see the photos I posted earlier; they are likely on part 1 of this now 2 part thread. The coin was sitting in a drawer since Christmas and the hologram is intact.
copper member
Activity: 100
Merit: 18
Hi snarfbag,

Lesbian Cow on my mobile account (view trust of this account to confirm)  If you bought this coin from me I would like to buy it back for whatever you paid me plus shipping costs to me. If you did not buy it from me I still want to buy it from you as I want to get to the bottom of this situation.  Please pm me on this account if you will sell it to me.

Cheers.  

I bought 3 Bull coins total from two different sellers so I can't say for certain who sold me this particular one. I'm fine with selling it back; funds will go towards a replacement coin type for the original giftee. In the meantime, I'll take some more photos / videos of it to document its state.

I can also post the private key here for my peeled Bull coin. I'll be curious to see if anyone can sweep it. If you can, great, please keep it and post here how it was done:

public key: 13NgxJBSk2bwWd2W4cr4XQqNNQTmyoCM4a
private key under hologram: EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9

I kept the hologram so I can take a picture of the key as well if needed.
legendary
Activity: 2676
Merit: 2203
BitcoinPenny.com
1Lh975rtt1RwDJ1SHGX8mn1iHwe7kaVfMQ

Do you know with 100% CERTAINTY that your friend didn't sweep / replace the original .001 funds? Did anyone other than your friend have access to the peeled coin and its private key? (I'm simply trying to play the devil's advocate before we jump to the most obvious conclusion.)

Regards,
Chris
Pages:
Jump to: