[WARNING] Sol Noctis Bull Coin Keys Compromised / Scam - page 5.

guigui371

legendary

Activity: 2114

Merit: 1693

C.D.P.E.M

Quote from: krogothmanhattan on March 17, 2020, 05:48:57 PM

Response from topworldcoins...after i linked this thread and explained issue...so the last email.

Hello,

We are responsible for the coins we sell to our buyers and issues with our coins. For others, we can't help, because we don't know how it was purchased.

Kind regards,
Helen

Not a very good PR

imagine the following answer from Ford :
"we are only responsible for the car we sell directly to our clients. For Ford car owners that didn't purchase brand new from us we can't help (even if we fucker up as a car manufacturer) because we don't know how it was purchased"

just my 2 cents

krogothmanhattan

legendary

Activity: 2520

Merit: 3238

The Stone the masons rejected was the cornerstone.

Response from topworldcoins...after i linked this thread and explained issue...so the last email.

Hello,

We are responsible for the coins we sell to our buyers and issues with our coins. For others, we can't help, because we don't know how it was purchased.

Kind regards,
Helen

Lesbian Cow

legendary

Activity: 3066

Merit: 1757

Quote from: guigui371 on March 17, 2020, 02:53:51 PM

Quote from: snarfbag on March 08, 2020, 10:53:31 AM

I purchased several Binary Bulls last year and gave them out as gifts. One particular coin, I loaded with extra Bitcoin to total 0.015 BTC and gave it to a family member. I just noticed it was swept on Feb 20th, and replaced with 0.001 BTC about 5 minutes later in a separate transaction.

https://www.blockchain.com/btc/address/1Lh975rtt1RwDJ1SHGX8mn1iHwe7kaVfMQ

Has this mystery been solved yet?

It looks like the corrupted private keys have found a solution (congrats ciwil).

And I was talking to @yogg over the phone and he will also code a script to convert the private key back to the normal format (with the covid19 he is some extra free time on his hand Grin

)

I completed the purchase of this coin from snarfbag just today due to my travels and it should be on its way to me shortly. Once I have it I will look to Top World Coins for some answers. I will update on this thread as I have more information.

guigui371

legendary

Activity: 2114

Merit: 1693

C.D.P.E.M

Quote from: snarfbag on March 08, 2020, 10:53:31 AM

I purchased several Binary Bulls last year and gave them out as gifts. One particular coin, I loaded with extra Bitcoin to total 0.015 BTC and gave it to a family member. I just noticed it was swept on Feb 20th, and replaced with 0.001 BTC about 5 minutes later in a separate transaction.

https://www.blockchain.com/btc/address/1Lh975rtt1RwDJ1SHGX8mn1iHwe7kaVfMQ

Has this mystery been solved yet?

It looks like the corrupted private keys have found a solution (congrats ciwil).

And I was talking to @yogg over the phone and he will also code a script to convert the private key back to the normal format (with the covid19 he is some extra free time on his hand Grin

)

snarfbag

copper member

Activity: 100

Merit: 18

Quote from: cwil on March 16, 2020, 11:39:12 PM

I've swept the key, please provide an address to which you'd like to receive your funds.

Please keep it, it's yours! That is some good work to crack their code. I would not have figured that out. Sweeping my Eagle coin was so simple in comparison.

tweetious

sr. member

Activity: 2161

Merit: 420

Cryptoshi Blockomoto

Thank you cwil ! great work, really appreciated!

teeGUMES

legendary

Activity: 1253

Merit: 1203

One mystery solved. Great work cwil. Hopefully this code is easy enough for someone to host somewhere and we can have our own sol noctis bull redeemer page.

Edits

member

Activity: 369

Merit: 29

Jinkies, hes cracked it!

Good work cwil.

cwil

sr. member

Activity: 285

Merit: 262

EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9 is represented as ca76964390a3d7b99f0451a0a95a55a2098f9700cf6b0a2369a76b311d60427a in hex, and this is the private key for 13NgxJBSk2bwWd2W4cr4XQqNNQTmyoCM4a.

It looks like Sol Noctis took a private key in hex format and converted it to base58 without any of the necessary preprocessing to generate a WIF-encoded key. The 0x80 mainnet flag is not prepended, nor is the 0x01 flag to denote a compressed public key appended. Lastly the checksum is missing.

Some quick/dirty code follows to generate a proper WIF-encoded key from what you received:

Code:

const crypto = require('crypto');
const bs58 = require('bs58');
let sha256 = crypto.createHash('sha256');

let privkey = bs58.decode('EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9').toString('hex');
console.log(privkey);
privkey = '80' + privkey + '01';
console.log(privkey);
let hash = sha256.update(Buffer.from(privkey, 'hex')).digest('hex');
console.log(hash);
sha256 = crypto.createHash('sha256');
let hash2 = sha256.update(Buffer.from(hash, 'hex')).digest('hex');
console.log(hash2);
let checksum = hash2.slice(0, 8);
console.log(checksum);
privkey += checksum;
console.log(privkey);
let encoded = bs58.encode(Buffer.from(privkey, 'hex'));
console.log(encoded);

I've swept the key, please provide an address to which you'd like to receive your funds.

snarfbag

copper member

Activity: 100

Merit: 18

Here's the actual peeled key from my Bull:

anonymousminer

legendary

Activity: 1456

Merit: 1242

Quote from: 2stout on March 16, 2020, 08:05:39 PM

Quote from: anonymousminer on March 16, 2020, 07:58:47 PM

Quote from: owlcatz on March 16, 2020, 07:48:25 PM

Quote from: ZipReg on March 16, 2020, 05:15:04 PM

Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.

The bulls certainly have an issue.... nobody has been able to sweep one. The private key is some 44 character garbage.

Doesn't a 44 character private key correspond to a private key Base64?

please give it a shot:

public key: 13NgxJBSk2bwWd2W4cr4XQqNNQTmyoCM4a
private key under hologram: EdLEZieDbChBMHJp858568iYuhcKWQNBWbBKeQMuckc9

2stout

hero member

Activity: 2604

Merit: 607

Quote from: anonymousminer on March 16, 2020, 07:58:47 PM

Quote from: owlcatz on March 16, 2020, 07:48:25 PM

Quote from: ZipReg on March 16, 2020, 05:15:04 PM

Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.

The bulls certainly have an issue.... nobody has been able to sweep one. The private key is some 44 character garbage.

Doesn't a 44 character private key correspond to a private key Base64?

anonymousminer

legendary

Activity: 1456

Merit: 1242

Quote from: owlcatz on March 16, 2020, 07:48:25 PM

Quote from: ZipReg on March 16, 2020, 05:15:04 PM

Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.

The bulls certainly have an issue.... nobody has been able to sweep one. The private key is some 44 character garbage.

owlcatz

legendary

Activity: 3570

Merit: 1959

Quote from: ZipReg on March 16, 2020, 05:15:04 PM

Man that is some BULL, I hope this isn't true somehow.

Yeah for some reason I am not convinced it's the eagles... or the bulls (yet) for that matter. Time will tell.

ZipReg

hero member

Activity: 912

Merit: 747

Man that is some BULL, I hope this isn't true somehow.

2stout

hero member

Activity: 2604

Merit: 607

I sent 0.001 BTC to my own 2019 Sol Noctis Binary Bull to see if behavior snarfbag encountered is replicated. TX ID- 8cc1f8138c9234cfa76c9481ed6f76ba70d3f0978e9a47ca20c6e5b4f98e697d

krogothmanhattan

legendary

Activity: 2520

Merit: 3238

The Stone the masons rejected was the cornerstone.

This is really a shame. I emailed them at [email protected]
And linked this thread. Will see what they respond with.

TheNewAnon135246

legendary

Activity: 2198

Merit: 1989

฿uy ฿itcoin

Quote from: teeGUMES on March 14, 2020, 03:06:13 PM

My first thoughts was that someone had a script running to sweep anything over the load amount and if swept by said script, reload with proper face value. This would be for if somebody fucked up and overloaded a coin while manufacturing.. but the fact that this "script" is still possibly running and private keys not destroyed is alarming.

According to TWC no private keys are stored:

Quote

A private key, which is needed to redeem the face value, is located under the coin’s protective holographic layer. It is automatically printed and is not stored by the manufacturing company, which means only the owner of the Sol Noctis coin has access to it and thus can realize the face value of the coin at any time.

I think it would be best to contact them directly and ask for clarification.

anonymousminer

legendary

Activity: 1456

Merit: 1242

Quote from: teeGUMES on March 14, 2020, 03:06:13 PM

My first thoughts was that someone had a script running to sweep anything over the load amount and if swept by said script, reload with proper face value. This would be for if somebody fucked up and overloaded a coin while manufacturing.. but the fact that this "script" is still possibly running and private keys not destroyed is alarming.

Makes sense. These were some of my favorite coins.... so sad!

teeGUMES

legendary

Activity: 1253

Merit: 1203

My first thoughts was that someone had a script running to sweep anything over the load amount and if swept by said script, reload with proper face value. This would be for if somebody fucked up and overloaded a coin while manufacturing.. but the fact that this "script" is still possibly running and private keys not destroyed is alarming.

Topic: [WARNING] Sol Noctis Bull Coin Keys Compromised / Scam - page 5. (Read 4398 times)