|
Title: Why has my newly created Bitcoin address already been used? Post by: Yoan_H1 on May 10, 2020, 12:43:29 AM Saludes
A few days ago I created a paper wallet on the bitcoinpaperwallet portal; then I checked it on the Blockchain page, and this one tells me that such address has two blockchain; one for Bitcoin and other for Bitcoin Cash. The Bitcoin Cash in turn is shown with another address. I'm just learning about this topic, and I suppose that up to here everything is normal, but then it happens that when I enter the Bitcoin chain, it appears to me that two transactions have already been made, one in and one out with differences of one minute, as of May 2019, but in the check-in there is a history of transactions to different addresses including this one, whose total sum is the one that is withdrawn in the second transaction, leaving the account at 0, which in my Ignorance this seems to me an inconsistency since the system tells me "total transfers 2". To all this what worries me the most is the following: If each created key is supposed to be random and unique in the Blockchain, at least Bitcoin, why has my newly created Bitcoin wallet already been used? Does this mean that now at least two users have access to the same wallet without our consent? I would greatly appreciate whoever can answer me. Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 10, 2020, 01:28:47 AM If the address you have generated has previous outgoing transactions visible on a blockchain explorer, then yes, someone else has access to one of the private keys that controls that address.
The chance that you have completely randomly generated the same address as someone else is astronomically small. Far more likely is that you have used a malicious version of bitaddress which is generating pre-defined addresses, or you have clipboard malware which has changed your generated address to something different, or potentially an error on your part. Can you confirm the URL of the Bitaddress site you used. Did you download the site and run it offline? Title: Re: Why has my newly created Bitcoin address already been used? Post by: nc50lc on May 10, 2020, 02:05:19 AM The Bitcoin Cash in turn is shown with another address. -snip- It's the same address in "cash address" format, every BCH sent to the '1' address will also reflect to the 'q' address, they are interchangeable for compatibility reasons.The main issue is: you might have clicked a fake bitaddress URL just like o_e_l_e_o said. Title: Re: Why has my newly created Bitcoin address already been used? Post by: Yoan_H1 on May 10, 2020, 02:30:15 AM Hello o_e_l_e_o, thanks for answering.
Excuse me I did not generate the key on Bitaddress.org, but on https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html#, and I did not download it, I ran it directly on the web. Title: Re: Why has my newly created Bitcoin address already been used? Post by: nc50lc on May 10, 2020, 02:58:36 AM There are couple of off-site scam accusations for that paper wallet generator after the change of ownership (https://bitcointalk.org/index.php?topic=169836.msg46727114#msg46727114), but nothing in this forum.
Just do not use that site (or any online address generator in general); if you really want to, use bitaddress (https://www.bitaddress.org)'s source offline instead since bitcoinpaperwallet claims to be a fork of bitaddress. And there's this guy with the same issue: I've recommended this website to my friend. He just got back to me saying, that the wallet he just generated had previous in and out transactions starting in Jan 2019 and ending last month - March 2020. I spoke with him extensively, and I can't find any reasonable explanation. This is the address he "generated" two days ago: https://www.blockchain.com/btc/address/1PoZHV4rrftuv8YuoDgRqji1syuSw141q8 Title: Re: Why has my newly created Bitcoin address already been used? Post by: Yoan_H1 on May 10, 2020, 03:07:25 AM Hi nc50lc, thank you for clarifying this points for me.
Title: Re: Why has my newly created Bitcoin address already been used? Post by: Abdussamad on May 10, 2020, 04:07:44 AM there have been scam accusations against that site on this forum as well. it's definitely a scam operation.
Title: Re: Why has my newly created Bitcoin address already been used? Post by: LoyceV on May 10, 2020, 07:52:01 AM Excuse me I did not generate the key on Bitaddress.org, but on https://bitcoinpaperwalletSCAM.com/bitcoinpaperwallet/generate-wallet.html# Update: It's a confirmed scam! Don't use it anymore!I've used that site several times, but never since it changed ownership. I still have it's source from years ago, and that's what I use. I do the same with bitaddress.org: I don't trust newer versions, even though I have no reason not to trust them, there's also no need to "upgrade". If bitcoinpaperwallet.com really turned into a scam, it would be very nice if someone can find hard evidence in the (open) source. Quote and I did not download it, I ran it directly on the web. But why? The whole point of creating a paper wallet is to have COLD storage. That means the private key can never have touched the internet, and can never have been on a computer that has been online without being wiped after creating the wallet. See:* Download and use offline. Use for example Ubuntu (https://www.ubuntu.com/download) or Knoppix (http://www.knopper.net/knoppix-mirrors/index-en.html) from a LIVE DVD without ethernet/Wi-Fi It's even better not to trust any site's random generator. You can for instance create a private key throwing a dice (read up how to properly do this!), or combine 2 random generators by creating a split key vanity address (https://bitcointalk.org/index.php?topic=1813624.0) on a different system, then combining it with the original. This is a lot more work and prone to failure if you're not sure what you're doing. Another option would be to get a private key from Bitcoin Core and use that as a paper wallet. One last suggestion: test your paper wallet (again: on an offline system) before funding it. Make sure you have the correct private key to access the address. Title: Re: Why has my newly created Bitcoin address already been used? Post by: BrewMaster on May 10, 2020, 10:09:09 AM here is a better thought: instead of using websites or even their source code you can use a popular wallet to create a paper wallet. wallets such as bitcoin core or electrum.
just download them, verify their signature and then go offline on an airgapped machine. run the wallet and create a new key or better yet create a mnemonic with an HD wallet such as electrum. then write that down on a piece of paper as your paper wallet. if you like the design that those sites offer you can always find their source code (or even through the HTML in the site that is open) and save the picture which is usually a jpg file and print your key on that. Title: Re: Why has my newly created Bitcoin address already been used? Post by: 20kevin20 on May 10, 2020, 10:43:28 AM here is a better thought: instead of using websites or even their source code you can use a popular wallet to create a paper wallet. wallets such as bitcoin core or electrum. +1. :D I never felt secure when using paper wallets generated by a website.just download them, verify their signature and then go offline on an airgapped machine. run the wallet and create a new key or better yet create a mnemonic with an HD wallet such as electrum. then write that down on a piece of paper as your paper wallet. if you like the design that those sites offer you can always find their source code (or even through the HTML in the site that is open) and save the picture which is usually a jpg file and print your key on that. If you are not new to PCs and like trying out new stuff, there is one more thing you can do: securely flash Tails (a Linux distro) on a 8GB+ USB stick and use Electrum over there offline (or online, your choice). Plug out your Ethernet cable, optional step: physically disconnect all hard drives from your PC, insert the bootable USB, boot Tails from it and there you have an offline, airgapped PC to safely use Electrum with (Electrum is preinstalled on this distro). And as far as I know, you could use Tails even online with Electrum safely - as long as you've verified the flashed ISO signatures correctly, risks should be minimum. :) Just make sure you store the seed correctly when generating the wallet and you should be good to go. Once you shut down or reboot your PC, everything on the stick will be reset and any new change/file will be deleted. The advantage of this is that afterwards you can just shut down your PC, plug out the USB stick and use it again whenever you like. Moreover, your bootable Tails will run on Tor all the time. Title: Re: Why has my newly created Bitcoin address already been used? Post by: bob123 on May 10, 2020, 10:48:11 AM here is a better thought: instead of using websites or even their source code you can use a popular wallet to create a paper wallet. wallets such as bitcoin core or electrum. just download them, verify their signature and then go offline on an airgapped machine. run the wallet and create a new key or better yet create a mnemonic with an HD wallet such as electrum. then write that down on a piece of paper as your paper wallet. if you like the design that those sites offer you can always find their source code (or even through the HTML in the site that is open) and save the picture which is usually a jpg file and print your key on that. This is the way to go. Don't ever use websites to create a paper wallet (neither online nor offline). The most secure way to generate a paper wallet is to use a live linux distribution on an offline computer. Either use electrum or any other reputable open source software (signature verified) to generate a private key / mnemonic code or just use openssl from the command line. Both works. Just don't ever use a website. The risk is way higher and not worth it. Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 10, 2020, 02:49:55 PM As others have said, there are multiple scam reports against bitcoinpaperwallet.com since the site was sold.
https://www.reddit.com/r/btc/comments/ea6bxg/warning_bitcoinpaperwalletcom_is_compromised/ https://www.reddit.com/r/CryptoCurrency/comments/cyd6uj/bitcoinpaperwalletcom_scam_or_not_4_btc_stolen/ https://np.reddit.com/r/Bitcoin/comments/cs68ri/my_paper_wallet_generated_on/ Am I the only one who generates my paper wallets manually? Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times. Flip a coin 3 times, calculate the checksum using a permanently airgapped computer, pick the last word. Write down on paper, import in to a wallet or iancoleman on your permanently airgapped computer to generate a receiving address (Optional: add in a passphrase and write that down on a separate piece of paper). Whole thing can be done in 15-20 minutes. If you are using paper wallets for long term storage of the majority of your funds, then why not take the time to remove the trust for a third party generating your seed/keys entirely? I do accept that this is outwith the scope of casual users, but if you have the knowledge to do it safely this way, then why rely on someone else's code? Title: Re: Why has my newly created Bitcoin address already been used? Post by: bob123 on May 10, 2020, 03:20:42 PM Am I the only one who generates my paper wallets manually? Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times. Flip a coin 3 times, calculate the checksum using a permanently airgapped computer, pick the last word. Write down on paper, import in to a wallet or iancoleman on your permanently airgapped computer to generate a receiving address (Optional: add in a passphrase and write that down on a separate piece of paper). Whole thing can be done in 15-20 minutes. If you are calculating the checksum on an airgapped computer and generating the address on it, why not simply create the seed/private key on it as well ? That would be my approach. I'd rather spend 2 minutes typing commands than 15 minutes flipping coins :D Is there a specific reason to not gather the entropy from an electronic device? Or do you just like generating it from scratch ? Title: Re: Why has my newly created Bitcoin address already been used? Post by: LoyceV on May 10, 2020, 03:27:30 PM Is there a specific reason to not gather the entropy from an electronic device? You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website.Title: Re: Why has my newly created Bitcoin address already been used? Post by: bob123 on May 10, 2020, 03:35:32 PM You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website. That's why i said the following: Don't ever use websites to create a paper wallet (neither online nor offline). Trust required towards the software is true. But i'd say you can pretty much trust an officially signed open source linux distribution and openssl (or electrum). Because that's basically all you need (or even less when generating it with coinflips). And that's what i was talking about. But i was curious regarding the coinflips from o_e_l_e_o, and why he chose to use them instead of the other possibilities (openssl / electrum / core) on an airgapped computer (which has to be used anyway). Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 10, 2020, 03:54:52 PM If you are calculating the checksum on an airgapped computer and generating the address on it, why not simply create the seed/private key on it as well ? Because there is far less trust involved in performing a single SHA256 hash than there is generating your entire 256 bits of entropy from a piece of software, unless you've written the software yourself or read the entire code, but 99.99% of people can't or won't do that.Is there a specific reason to not gather the entropy from an electronic device? Or do you just like generating it from scratch ? As Loyce says, provided I am using a fair coin (or even better, a variety of coins), there is essentially zero chance that my output isn't truly random.Title: Re: Why has my newly created Bitcoin address already been used? Post by: math09183 on May 10, 2020, 07:11:40 PM Hello o_e_l_e_o, thanks for answering. Excuse me I did not generate the key on Bitaddress.org, but on https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-wallet.html#, and I did not download it, I ran it directly on the web. It is even not possible to enter this page if you use Antivirus! Bitdefender blocks it Title: Re: Why has my newly created Bitcoin address already been used? Post by: Rath_ on May 10, 2020, 08:18:05 PM It is even not possible to enter this page if you use Antivirus! Bitdefender blocks it It depends on the anti-virus software you use. I use Malwarebytes Premium and it doesn't block the website. Title: Re: Why has my newly created Bitcoin address already been used? Post by: PrimeNumber7 on May 10, 2020, 08:22:03 PM Is there a specific reason to not gather the entropy from an electronic device? You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website.Creating a kay "by hand" also has a greater potential to make mistakes. The scope of possible attacks is also greater when using a paper wallet than using an encrypted wallet. Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 10, 2020, 08:41:59 PM You have to trust software to spend your coin when you spend it. Risk and trust can never be zero, but it is all about reducing your risk to a minimum. If I want to spend from my paper wallet, then I will be importing my seed to my permanently airgapped computer, using it to sign a transaction, and then moving my signed transaction to an internet connected computer to broadcast it. Even if I have the most malicious software wallet in existence on my airgapped computer, there is nothing it can do to steal my coins. If it signs a transaction to the wrong address, for example, I can easily pick that up before moving the transaction to my live computer to be broadcast.Creating a kay "by hand" also has a greater potential to make mistakes. I don't disagree with you here, and as I said above I wouldn't recommend this technique to new users by any means. But if someone knows what they are doing, and double checks everything, then it's a more secure method to generate entropy than relying on third party code which you almost certainly haven't audited.Title: Re: Why has my newly created Bitcoin address already been used? Post by: PrimeNumber7 on May 10, 2020, 10:21:08 PM You have to trust software to spend your coin when you spend it. Risk and trust can never be zero, but it is all about reducing your risk to a minimum. Even if I have the most malicious software wallet in existence on my airgapped computer, there is nothing it can do to steal my coins. If it signs a transaction to the wrong address, for example, I can easily pick that up before moving the transaction to my live computer to be broadcast. This is not entirely true, see this (https://bitcointalk.org/index.php?topic=271486.0) thread. In addition to leaking your private key, it could leak additional information. In a simplistic example, the k value could be 20 digits, the malicious software could always have a value of xxxxxxxxxxxxxx[13 digits that is known to the author of the malicious software]yy[the index of a list]zzzzz[the actual message]. The x values would be one of a set of known values allowing the attacker to easily filter possible k values. The y values would be the index in a list, with the entire list being the entire message, such as your seed. I just generated a seed: [concert, eyebrow, peasant, exile, fold, gather, sense, drastic, twice, clip, orchard, defy] The y and z values could be 02peasa to correspond to the 2 index of the above list and the first 5 digits of the seed word. After this happens many times, the attacker would have enough information to easily brute force your entire seed. Or malicious software could simply use a k value known to the attacker, the attacker could check all unconfirmed transactions for that k value, and create a double-spend transaction with a high transaction fee before your transaction is confirmed. Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 10, 2020, 11:45:39 PM Creating a 7 of 7 multi-sig private key should be less risky than creating a private key that requires one signature to spend coin (assuming you can easily replicate the procedure to keep each private key secure). I mean, sure, but that is completely irrelevant to what we are discussing here. Paper wallets which are generated via flipping a coin and paper wallets which are generated via third party code/software will be exactly as easy or difficult to spend from as each other, and exactly as secure or not to spend from as each other, depending on how and where you opt to import the seed/private key. Generating entropy by hand decreases your risk from malicious or flawed code generating non-random entropy. It is irrelevant to the spending process.This is not entirely true, see this (https://bitcointalk.org/index.php?topic=271486.0) thread. In addition to leaking your private key, it could leak additional information. Perhaps I didn't explain myself clearly. My point wasn't "There is no method by which it could leak information", but rather "There is no method by which it could leak information that I can't detect before I choose to broadcast my transaction". If the wallet attempts to reuse a k value, as in your example, then I could detect that by reviewing the source code and realizing it is not using a deterministic process for generating the k value, or by generating multiple different transactions and comparing the R values. The amount of trust you need to place in an airgapped wallet is much lower than the trust you place in any "live" software or mobile wallet, which could steal all your coins immediately upon you importing your seed phrase.Title: Re: Why has my newly created Bitcoin address already been used? Post by: LoyceV on May 11, 2020, 02:21:27 PM You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website. You have to trust software to spend your coin when you spend it. When you sign a message or transaction, you combine what should be a random value with your private key to generate the signature. If you know one, it is trivial to calculate the other with a given signature. Malicious software could possibly leak information via this random value.Whenever I sign a message offline, I use different software to decode the raw transaction and see if it still does what I want. I've never seen a problem there, but it doesn't hurt to be sure. Quote Creating a kay "by hand" also has a greater potential to make mistakes. If only the random part is done "by hand" and the key is generated by software, I don't expect mistakes. But I'd want to make sure the same private key is generated with at least 2 different pieces of software (I imagine malicious software can produce a private key that's not based on your random input).And just in case, after creating the paper wallet and before funding it, I'd reboot a fresh offline LIVE OS to test if the private key still produces the same address, again using different software. Quote The scope of possible attacks is also greater when using a paper wallet than using an encrypted wallet. So encrypt the paper wallet :)Even if I have the most malicious software wallet in existence on my airgapped computer, there is nothing it can do to steal my coins. If it signs a transaction to the wrong address, for example, I can easily pick that up before moving the transaction to my live computer to be broadcast. This is not entirely true, see this (https://bitcointalk.org/index.php?topic=271486.0) thread. In addition to leaking your private key, it could leak additional information.If the wallet attempts to reuse a k value, as in your example, then I could detect that by reviewing the source code and realizing it is not using a deterministic process for generating the k value, or by generating multiple different transactions and comparing the R values. Have you ever checked this much before broadcasting a transaction?Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 11, 2020, 05:12:36 PM That can't be a problem as long as you use the address only once, right? It could also be a problem if you have exposed your master public key to anyone. The combination of knowing a master public key and one of the child private keys allows you to derive all the other child private keys.Have you ever checked this much before broadcasting a transaction? Once or twice, but mostly as a learning exercise for myself rather than any genuine concern that the software I am using is using a non-random k value. However, I generally use Electrum as my interface for accessing paper wallets or other cold storage, which has used RFC 6979 for generating k values since version 1.9, so this isn't an attack vector I am particularly concerned about.Title: Re: Why has my newly created Bitcoin address already been used? Post by: bob123 on May 11, 2020, 06:43:30 PM Even if I have the most malicious software wallet in existence on my airgapped computer, there is nothing it can do to steal my coins. Technically, this isn't completely true :P There are quite a few paper about how to exfiltrate data from air-gapped computers. Those techniques are highly sophisticated and the chances of happening to are close to zero. But some would include:
Those are not just theories, but they have been proven to work. There are a few more extremely fascinating (and highly unlikely) attacks which could extract data from such an air-gapped setup. Quite a few paper have been published which cover exactly that: Exfiltrating data from air-gapped computers. They are quite exciting to read. It is obvious that no typical crypto holder will face such an attack, altough its interesting to know which techniques exist :) Title: Re: Why has my newly created Bitcoin address already been used? Post by: royalfestus on May 11, 2020, 06:52:40 PM Is it by chance possible to change the private key to that address?
Title: Re: Why has my newly created Bitcoin address already been used? Post by: bob123 on May 11, 2020, 07:06:57 PM Is it by chance possible to change the private key to that address? No. The address is basically the hash of the public key. And the public key is derived from the private key. Title: Re: Why has my newly created Bitcoin address already been used? Post by: bitmover on May 11, 2020, 07:18:16 PM Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times. This guys shows in this video how to do it Very interesting, and if you want to do it it worth checking it out. https://www.youtube.com/watch?v=ieHoQ4sGuEY Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 11, 2020, 08:49:41 PM -snip- To be fair, if an attacker is able to install probes on my power supply or a camera in my house, I've got far bigger problems than the safety of my cold storage. :PThis guys shows in this video how to do it It's a nice video, but he is only generating a single private key and not an entire seed phrase, which is far more straightforward. Once you've flipped a coin 256 times, all you have to do is convert the result to Base58Check and you've got yourself a private key. You don't need to worry about word lists or checksums as you would if you were generating a seed phrase.Title: Re: Why has my newly created Bitcoin address already been used? Post by: HCP on May 12, 2020, 02:09:06 AM Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times. Now all you need to do is do your SHA256 hash by hand (http://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html) to generate the checksum and you've got the complete no computer solution to generating a seed mnemonic :PFlip a coin 3 times, calculate the checksum using a permanently airgapped computer, pick the last word. Write down on paper, import in to a wallet or iancoleman on your permanently airgapped computer to generate a receiving address (Optional: add in a passphrase and write that down on a separate piece of paper). Whole thing can be done in 15-20 minutes. It would however blow out your 15-20 minute time frame to probably closer to a day... having to do 64 rounds of SHA256 to get your final hash at a rough speed of 1 round per 15 minutes or so :P There are just some things that are better left to computers ;) Title: Re: Why has my newly created Bitcoin address already been used? Post by: pooya87 on May 12, 2020, 03:37:00 AM Now all you need to do is do your SHA256 hash by hand (http://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html) to generate the checksum and you've got the complete no computer solution to generating a seed mnemonic :P It would however blow out your 15-20 minute time frame to probably closer to a day... having to do 64 rounds of SHA256 to get your final hash at a rough speed of 1 round per 15 minutes or so :P There are just some things that are better left to computers ;) well you don't have to have a checksum since it is not mandatory. you can just pad the entropy with zeros and then derive the mnemonic from that. besides the problem is never with checksum and things like that. the problem that makes people want to flip coins is the Random Number Generators, everything else can still be done with a computer after the number was physically generated using a coin or something like that. Title: Re: Why has my newly created Bitcoin address already been used? Post by: HCP on May 12, 2020, 05:15:57 AM Won't padding out the checksum cause issues down stream when you attempt to restore this in a wallet tho? ???
It'll complain that it's not a valid BIP39 mnemonic. I know Electrum will let you bypass that and go ahead and use it anyway... but surely for max compatibility you'd want a "valid" mnemonic! But yes, I was being facetious about manually calculating the SHA256 hash :P... the setup you are using has a really good mix of "randomness", security and convenience. I like it. Title: Re: Why has my newly created Bitcoin address already been used? Post by: pooya87 on May 12, 2020, 07:20:44 AM Won't padding out the checksum cause issues down stream when you attempt to restore this in a wallet tho? that's true but when someone is going around the conventional methods of creating a mnemonic then the assumption is that they are already using unconventional methods and codes that should take all of this into consideration. Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 12, 2020, 08:14:45 AM If you are going to use something like Electrum on your airgapped device to import your hand-generated seed phrase to give you an address to send to, then you could skip manually calculating the hash for the checksum altogether and just brute force it, as Electrum will tell you when you are using an invalid checksum. With the first 3 bits of entropy already known, there will only be 256 possible words.
everything else can still be done with a computer after the number was physically generated using a coin or something like that. You still need to be sure that the software you are using isn't just spitting out pre-generated addresses regardless of what seed phrase you enter. You could go through the process of performing each operation from seed to address manually, or more simply (as Loyce has said above) you could import your seed phrase in to multiple different wallets (all airgapped of course) and ensure the generated addresses match up.It'll complain that it's not a valid BIP39 mnemonic. I know Electrum will let you bypass that and go ahead and use it anyway... but surely for max compatibility you'd want a "valid" mnemonic! Yeah, there's no good reason to settle for an invalid checksum. If you input a 24 word phrase in to iancoleman which has an invalid checksum and then click "Show entropy details", it will automatically change the final word to the correct checksum, maintaining the same 3 bits of initial entropy. Doing so will obviously then lead to a different wallet with different addresses, so can only lead to more confusion down the line.Title: Re: Why has my newly created Bitcoin address already been used? Post by: HCP on May 13, 2020, 12:34:27 AM Yeah, there's no good reason to settle for an invalid checksum. If you input a 24 word phrase in to iancoleman which has an invalid checksum and then click "Show entropy details", it will automatically change the final word to the correct checksum, maintaining the same 3 bits of initial entropy. That's actually a pretty neat feature of that BIP39 tool... Just need to pick a word that uses the same initial entropy as the N bits of entropy leftover (7 for 12 words, 3 for 24 words) and then pad it out to 11 bits, then click "entropy details" and it'll correct it automagically!So, basically, an offline copy of the BIP39 tool and a coin... and one can randomly generate mnemonics to their hearts content, knowing that they don't need to worry about "bad" RNGs (assuming their coin isn't biased! ;)) Title: Re: Why has my newly created Bitcoin address already been used? Post by: PrimeNumber7 on May 13, 2020, 05:56:48 AM This is not entirely true, see this (https://bitcointalk.org/index.php?topic=271486.0) thread. In addition to leaking your private key, it could leak additional information. Perhaps I didn't explain myself clearly. My point wasn't "There is no method by which it could leak information", but rather "There is no method by which it could leak information that I can't detect before I choose to broadcast my transaction". If the wallet attempts to reuse a k value, as in your example, then I could detect that by reviewing the source code and realizing it is not using a deterministic process for generating the k value, or by generating multiple different transactions and comparing the R values. The amount of trust you need to place in an airgapped wallet is much lower than the trust you place in any "live" software or mobile wallet, which could steal all your coins immediately upon you importing your seed phrase.You need to trust the software you're using. It's a lot more difficult to compromise a coin flip than it is to compromise a recently sold paper wallet website. You have to trust software to spend your coin when you spend it. When you sign a message or transaction, you combine what should be a random value with your private key to generate the signature. If you know one, it is trivial to calculate the other with a given signature. Malicious software could possibly leak information via this random value.In my hypothetical example, there might be 12 combinations in the yyzzzzz portion of the k value that are produced at random, plus one additional message that indicates to an attacker that messages are being "sent", similar to a "ping". Once a single message hidden in the k value is detected, the hacker could look at change addresses for additional hidden messages in the k value. Quote The scope of possible attacks is also greater when using a paper wallet than using an encrypted wallet. So encrypt the paper wallet :)Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 13, 2020, 10:59:50 AM My described scenario would not necessarily reuse a k value. It could possibly use one of thousands of k values that would appear "random" unless you produced and inspected thousands of transactions that you ultimately did not broadcast. Or unless you read the source code to see how the k values were being generated, as I said above.There are additional things that could happen that could cause your private key to become compromised while you are transferring the private key from a paper wallet to your computer, and these things are not possible if your private key was stored on your hard drive. Provided you are importing your paper wallet to an airgapped computer in the privacy of your own house, and you don't have a camera pointed at you while you are doing it or something equally stupid, what kind of things are you referring to that make a paper wallet more risky than an airgapped wallet?Title: Re: Why has my newly created Bitcoin address already been used? Post by: cryptoworld99 on May 13, 2020, 01:19:59 PM Be cautious with services generating your addresses, you should look into bitcore.io it's easy to use
Here is how you can install it and run it https://github.com/bitpay/bitcore#bitcore Title: Re: Why has my newly created Bitcoin address already been used? Post by: The Cryptovator on May 13, 2020, 04:33:01 PM The case is interesting, that's the reason why I always discouraged newbies to use paper wallet. Because a newbie couldn't determine which is scam or phishing website and they might get scam eventually. We should do good practice always, if you use Electrum original software and verify Signature then you may use it as a paper wallet as well since you are allowed to export private keys. Otherwise I will encourage to buy hardware wallet instead of paper wallet if you can afford small investment. Your fund alt least will be safe. But don't forget to write your seed or private keys on multiple paper and keep them safe on multiple places. Don't save into any online machine.
Title: Re: Why has my newly created Bitcoin address already been used? Post by: Btckeypuzzle on May 13, 2020, 09:19:35 PM On the service https: // bitcoinpaperwall ... on the second attempt, the address 1MfPqSDiraPRBVyYASNkF8oc5Ja1ZkdsZn was "generated". I even made a screenshot for memory.
Title: Re: Why has my newly created Bitcoin address already been used? Post by: nc50lc on May 14, 2020, 02:29:35 AM On the service https: // bitcoinpaperwall ... on the second attempt, the address 1MfPqSDiraPRBVyYASNkF8oc5Ja1ZkdsZn was "generated". I even made a screenshot for memory. You're the third person that reported the same issue here so far, there's something really "fishy" on that site.It's either the code is flawed or there's a number of pre-generated keys that's being monitored by the owner. Title: Re: Why has my newly created Bitcoin address already been used? Post by: HCP on May 14, 2020, 04:40:30 AM Not to mention the ones mentioned earlier on reddit and then this one on stackexchange:
https://bitcoin.stackexchange.com/questions/85038/what-did-i-do-wrong-that-caused-me-to-lose-bitcoin It seems indeed that there have been some shenanigans of some sort, since the site was sold: https://www.reddit.com/r/btc/comments/942435/bitcoinpaperwalletcom_is_under_new_ownership/ Hopefully it's just a weak RNG... but you'd have thought that if that was the case, that more people would have been caught up in this. bitcoinpaperwallet was a VERY popular site... :-\ I guess for now, the recommendation is: AVOID bitcoinpaperwallet.com! Title: Re: Why has my newly created Bitcoin address already been used? Post by: LoyceV on May 14, 2020, 07:54:59 AM It seems indeed that there have been some shenanigans of some sort, since the site was sold: https://www.reddit.com/r/btc/comments/942435/bitcoinpaperwalletcom_is_under_new_ownership/ I especially don't like the part on bitcoin paper wallet dot com where it says:Quote Why trust this site? They don't mention the fact that the current owner bought the site. I wonder why O0~snip~ We—started this service in 2013 Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 14, 2020, 08:15:21 AM -snip- Ooft. Having a closer read of the text on their website, it is fully of shady implications like this.Quote This generator is based on BitAddress, the well established and most trustworthy open-source engine for generating addresses using your own browser's JavaScript engine. This is utterly meaningless. "Based on a trusted open-source engine"? All the scam versions of Electrum which were downloaded were "based on a trusted open-source engine".Quote To be more secure, you should download this wallet generator from GitHub and run it offline Can anyone find a GitHub repository? I can't find a single link anywhere on the site. The original is here: https://github.com/cantonbecker/bitcoinpaperwallet, but obviously hasn't been updated in 2 years.Their "endorsement" by Andreas Antonopoulos was from before the site was sold. Worth noting that the Bitcoin Wiki still says it is open-source and links to the now defunct GitHub. This needs updated. I'll make a post in the Wiki board. Title: Re: Why has my newly created Bitcoin address already been used? Post by: SimpleVv0 on May 16, 2020, 08:36:37 PM It's obviously scam, person who bought walletgenerator, has also bitcoinpaperwallet.
After some research, please look at this: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961 and then you can find directory listing is enabled: https://bitcoinpaperwallet.com/bitcoinpaperwallet/ and finally this modified website: https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-walletfe23t9u2fhjnj3f32.html random generator is broken in same way as in the article: Code: var coinImgUrl = "https://bitcoinpaperwallet.com/bitcoinpaperwallet/images/logo-" + whichDesign + ".png"; So, beware of bitcoinpaperwallet.com and walletgenerator.net, they will steal your coins !!! Title: Re: Why has my newly created Bitcoin address already been used? Post by: oriolpont on May 17, 2020, 08:25:34 AM Be cautious with services generating your addresses, you should look into bitcore.io it's easy to use Here is how you can install it and run it https://github.com/bitpay/bitcore#bitcore Please, don't. Bitcore wallet / Copay is unmaintained, at least on the Bitcoin side (they focused mostly on Bcash). Electrum has easy multisig and it is also cross-platform. Title: Re: Why has my newly created Bitcoin address already been used? Post by: TacoDog on May 17, 2020, 05:55:00 PM It's obviously scam, person who bought walletgenerator, has also bitcoinpaperwallet. After some research, please look at this: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961 and then you can find directory listing is enabled: https://bitcoinpaperwallet.com/bitcoinpaperwallet/ and finally this modified website: https://bitcoinpaperwallet.com/bitcoinpaperwallet/generate-walletfe23t9u2fhjnj3f32.html random generator is broken in same way as in the article: Code: var coinImgUrl = "https://bitcoinpaperwallet.com/bitcoinpaperwallet/images/logo-" + whichDesign + ".png"; So, beware of bitcoinpaperwallet.com and walletgenerator.net, they will steal your coins !!! Question Good Sirs! Downloading those sites, running them offline, and only using the "Wallet Details" to enter your dice made HEX PrivKey to get your address, should be ok, right? Or what would be the best option to get an address from an HEX PrivKey? Awesome work discovering this! much thanks! Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 17, 2020, 07:36:45 PM Downloading those sites, running them offline, and only using the "Wallet Details" to enter your dice made HEX PrivKey to get your address, should be ok, right? Not necessarily. A site could quite easily just show you a pre-generated address from a list of pre-generated addresses which all belong to a malicious attacker, regardless of what private key you enter. Downloading the site and running it offline won't protect against that at all.If you are going to go down that route, then you should use multiple sources to make sure that they generate the same address, and the sources you use should be open source. If you are unable to audit the code yourself, then find someone trusted to do it for you, or look for community consensus that the site or service is trusted. Ideally, the computer you enter your private key to should be permanently airgapped rather than just temporarily offline. If you don't have an airgapped computer, then a run a live OS from a USB stick. You could download and verify Electrum from electrum.org, as well as an open source site such as bitaddress.org from their GitHub, and ensure the address generated by each service matches. Title: Re: Why has my newly created Bitcoin address already been used? Post by: bedla on May 17, 2020, 09:56:43 PM I have done simple script to generate 100 addresses bitcoinpaperwallet.com. From these 100 addresses were 24 already used (tx count > 0)
Code: 1KGNd5VeZtuznXkNykoJMF3x17LjNQDq3D If anyone thinks this site is safe in offline mode, it is not. Another test, new seed, computer disconnected from internet. From 100 addresses, 27 were used. Code: 1KGNd5VeZtuznXkNykoJMF3x17LjNQDq3D Last test, 10000 addresses generated, just to find, who lost potentionally the most because of this scammy website. It was 18zSTXqo1PrPLY3v53LaCqdd6WiXPBaw2c, with almost 4 BTC in february this year. To prove this, I have signed message with the private key of this address. Code: Message: bitcoinpaperwallet.com is SCAM! Title: Re: Why has my newly created Bitcoin address already been used? Post by: Chivas Regal on May 18, 2020, 01:33:15 AM Sorry if my question is a little dense; what was the wallet address(es) the OP created and where did the funds that were in those wallets end up going? (Follow the money)
Title: Re: Why has my newly created Bitcoin address already been used? Post by: TacoDog on May 18, 2020, 03:12:10 AM Downloading those sites, running them offline, and only using the "Wallet Details" to enter your dice made HEX PrivKey to get your address, should be ok, right? Not necessarily. A site could quite easily just show you a pre-generated address from a list of pre-generated addresses which all belong to a malicious attacker, regardless of what private key you enter. Downloading the site and running it offline won't protect against that at all.If you are going to go down that route, then you should use multiple sources to make sure that they generate the same address, and the sources you use should be open source. If you are unable to audit the code yourself, then find someone trusted to do it for you, or look for community consensus that the site or service is trusted. Ideally, the computer you enter your private key to should be permanently airgapped rather than just temporarily offline. If you don't have an airgapped computer, then a run a live OS from a USB stick. You could download and verify Electrum from electrum.org, as well as an open source site such as bitaddress.org from their GitHub, and ensure the address generated by each service matches. Sorry if my question is a bit off topic, I'm quite new here and I would really appreciate someone pointing me out to the right direction. So... What would be the best way to create your address? sadly, at the end you will end up trusting someone else... many people say "just buy a hardware wallet" but then ppl are just trusting that company... I liked the idea of creating PrivKeys myself, with dices or any other kind of entropy because that way I am totally sure I am the only one that knows it, but at the end I don't know what to do with it, how do I get an Address from an HEX Priv Key?? What about downloading several paper wallets sites, running them offline in a Live OS and comparing their results to make sure they are giving me the same WIF and Address?? does anyone have a better suggestion?? At the end, what is what most people do to have their OWN wallets? most people download the Bitcoin Core or what?? or they just thrust on someone else's code?? What does most people here do?? (Own nodes I suppose??) Thanks in advance! Title: Re: Why has my newly created Bitcoin address already been used? Post by: nc50lc on May 18, 2020, 03:47:59 AM Sorry if my question is a bit off topic, I'm quite new here and I would really appreciate someone pointing me out to the right direction. If your problem is just generating a paper wallet, then you shouldn't use a random online generator.You can use any well-known client like Bitcoin Core, Electrum, Armory, etc. to create the address and private key. You can use them to create a key pair on an Air-Gap Machine; ofcourse, the steps differ per client. When it comes with trust, those mentioned wallets are "open-source", means that their source code is open for the public to check if there are malicious codes in it. If you can't review it yourself, you can ask someone who's an expert on the programming language of the wallet's source code. For hardware wallets, most are closed-source because if they aren't, then it will be easier to find a vulnerability to hack their firmware/hardware. People are trusting them (the famous ones) because they "stand the test of time". BTW, this topic has been derailed too far, it won't be an issue to create your own thread. Title: Re: Why has my newly created Bitcoin address already been used? Post by: slaman29 on May 18, 2020, 08:04:14 AM The things people can learn about just by reading this section every now and then! Never generated my own wallets but I always thought this paper wallets are not recommended anymore? Or is Bitcoin wiki wrong now?
Flip a coin 11 times, turn the resulting number in to a BIP39 word from the word list. Repeat 22 more times. Flip a coin 3 times, calculate the checksum using a permanently airgapped computer, pick the last word. How do you mean turn resulting number? Coinflip is Heads or Tails only right? Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 18, 2020, 09:14:20 AM Never generated my own wallets but I always thought this paper wallets are not recommended anymore? They aren't recommended for newbies or casual users, because they are difficult to set up securely and difficult to use safely, and there are a lot more things that can go wrong than using a software or hardware wallet. If you know what you are doing, though, then they are one of the safest methods for long term bitcoin storage.How do you mean turn resulting number? Coinflip is Heads or Tails only right? You would assign heads the value of "1" and tails the value of "0" (or vice versa). Flipping the coin 11 times will give you an 11 digit number in binary. Convert that to base 10 and you get a number between 0 and 2047, which will correspond to a word from the BIP39 wordlist which contains 2048 words.Title: Re: Why has my newly created Bitcoin address already been used? Post by: bedla on May 18, 2020, 09:14:51 AM How do you mean turn resulting number? Coinflip is Heads or Tails only right? With 11 flips you have nice 11 bit number, which you can then convert from binary to decimal representation and then use word on the corresponding line - https://github.com/bitcoin/bips/blob/master/bip-0039/english.txtEg you can think about head as 1, tail as 0. For example: Flips: H T H H H T H H T H T Binary: 1 0 1 1 1 0 1 1 0 1 0 Decimal: 1498 -> Increment by one (because lines are numbered from 1, not from 0) -> 1499 BIP-39 word: robust - https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt#L1499 Title: Re: Why has my newly created Bitcoin address already been used? Post by: bob123 on May 18, 2020, 10:46:41 AM I liked the idea of creating PrivKeys myself, with dices or any other kind of entropy because that way I am totally sure I am the only one that knows it, but at the end I don't know what to do with it, how do I get an Address from an HEX Priv Key?? What about downloading several paper wallets sites, running them offline in a Live OS and comparing their results to make sure they are giving me the same WIF and Address?? does anyone have a better suggestion?? It is easy. Download and verify a live linux distribution. Install it onto an USB stick. Boot it. Use /dev/random to gather 256 bit of entropy. Use openssl to generate your private key, public key and address. If you don't trust a linux distribution like debian or arch or don't trust your hardware, you will never be able to use bitcoin securely. In the end, you do need a computer to send a transaction. You need to trust your hardware. Just don't use use shit like online paper wallet generators. Not even offline. And not from github. Just don't use them at all. Title: Re: Why has my newly created Bitcoin address already been used? Post by: slaman29 on May 19, 2020, 07:03:08 AM Never generated my own wallets but I always thought this paper wallets are not recommended anymore? They aren't recommended for newbies or casual users, because they are difficult to set up securely and difficult to use safely, and there are a lot more things that can go wrong than using a software or hardware wallet. If you know what you are doing, though, then they are one of the safest methods for long term bitcoin storage.How do you mean turn resulting number? Coinflip is Heads or Tails only right? You would assign heads the value of "1" and tails the value of "0" (or vice versa). Flipping the coin 11 times will give you an 11 digit number in binary. Convert that to base 10 and you get a number between 0 and 2047, which will correspond to a word from the BIP39 wordlist which contains 2048 words.Interesting. I did not remember reading that at Bitcoin wiki, my only takeaway was that paper wallets do not last long and can get easily damaged without right storage conditions. Thanks very much for the tip on random conversion, and to bedla for explaining it more. I actually understood that, but only after referencing a few sites. IT is definitely not for newbies and not even for a regular user if you do not understand these technical terms! Title: Re: Why has my newly created Bitcoin address already been used? Post by: o_e_l_e_o on May 19, 2020, 07:42:34 AM Interesting. I did not remember reading that at Bitcoin wiki, my only takeaway was that paper wallets do not last long and can get easily damaged without right storage conditions. This is true, but it is also true of other storage mediums as well. Electronic storage is also susceptible to fire, flooding, moisture, etc., and electronic storage will also slowly degrade over time even in perfect storage conditions, as well as having a limited number of write cycles. A laminated piece of paper in a fireproof and waterproof safe would likely outlast you or I.A paper wallet also doesn't actually have to use paper. You can also make a "paper" wallet in the fashion described above by inscribing the resulting seed phrase on a piece of metal, or by buying one of the devices manufactured for this purpose. Title: Re: Why has my newly created Bitcoin address already been used? Post by: LoyceV on May 29, 2020, 12:04:36 PM I have done simple script to generate 100 addresses bitcoinpaperwallet.com. From these 100 addresses were 24 already used (tx count > 0) Can you share how you did this? I'd like to reproduce this. I have a crazy idea, but that's for another topic.Quote Last test, 10000 addresses generated, just to find, who lost potentionally the most because of this scammy website. It was 18zSTXqo1PrPLY3v53LaCqdd6WiXPBaw2c, with almost 4 BTC in february this year. To prove this, I have signed message with the private key of this address. That guy had been funding his address for a while before it got emptied, and even after it got emptied, he continued funding it (after which it got emptied instantly).Title: Re: Why has my newly created Bitcoin address already been used? Post by: bedla on May 29, 2020, 02:49:17 PM Can you share how you did this? I'd like to reproduce this. I have a crazy idea, but that's for another topic. Go through (or skip) seed generation process on that page. This will generate first wallet. After that paste this into your browser developer console. Increase 100 to larger sample if needed. You can also go offline and change console logging level to only INFO, this will make the process faster. Increase 10*i to 100*i or larger, if you see in console many duplicate keys in row. You may need to change element ids, if is your intention to audit different website.Code: for (i = 0; i < 100; i++) {Then get console output (right click, save As in Chrome) and import all to wallet, I have used Electrum (New wallet -> Import private keys -> paste all keys). I cannot reproduce this ATM, so website owner took the phishing version down, or is targetting only specific IP addresses, or found a less stupid way of stealing bitcoins :-) Title: Re: Why has my newly created Bitcoin address already been used? Post by: LoyceV on May 29, 2020, 03:38:29 PM After that paste this into your browser developer console. Thanks, I'll play with it when I have a bit more time.Quote I cannot reproduce this ATM, so website owner took the phishing version down, or is targetting only specific IP addresses, or found a less stupid way of stealing bitcoins :-) It could also be the site owner reset or increased his pool of private keys. If he reuses many keys, you won't quickly find one that's funded already. The addresses may not have been funded yet, but it could still be the owner keep track of them. |