Title: strange bitcoin addresses, algorithms and bruteforce Post by: Satnamakoto on November 28, 2021, 05:58:31 PM "Playing" with algorithms in python I made a P2PKH address generator that only generates accounts without numbers,
it catches my attention because the only address that I had seen with these characteristics was this "1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC" which contains +50000BTC. I opened the web bitadress and generated batches and batches of addresses and I did not find a single address with those characteristics and my code makes it effortless. 1BuZfZWqretuiaqGvyTWHFTnpGpGWyJDrw 1PMQEZQhmpqMTxKiiDwtBAEGiDhcBpvkMu 1DVfPvpHLKfrfNcoFFxkiMpdTzVPAtPHim 1JQkNuomDSCuNzfCWxwKwnjwAozEwUvKFZ 1RexbQMbXfZiGmRZfQaMuLZJwUYyhsczN 1PmHuzhduYfVjEsmKtHdCefTuHhPvyPwYR 1KGcjMLuaFXKavvxNjeEUBRevTqWdoWbiV 1DgExfLoPucCTeEkdxUMJEChJGPdubsrUr 1FcdVrQEUcimMeZfiZbNULZDHkPScjAhFL 1JAybccmkWVzpMQHfbyHtmcMwTcyYZtLSf 1CqTkABMdEvzvNjVhVyHHmXKKMWXQMnUpT 1KvXHtTEcZkXuGRgAJwXMVAxZFGAvLTEBt 1AdphDXEdsqdgLdtQwyoHbzaRbuibULMcX 1BKTtqdhhyovYesyksYmCzqmDBqRDfBZqb 1CskFvQZgGhCzzCXwPwoHvgtxPwAkSrDSk 1WBbtbvSpbWHqKjqLUjZNppMsdWMktXqg 1LPczwFBTrxLfgbcjDXtVcjjKLXQeXYmeU 1MxMVVhJqHGTyukSFUDTnMQhRfkhXtdLks 1CaFNNQnMbzsYNSrgEfDnHmPLdeVBUUwpA 1JnpEEVpjUMBdppXcSgTSxVdJZGBetaUCg 1EcyPzVFLkMLRBeYgarQwgFoGkjDEtEVuC which opens up a series of questions. 1-how many addresses are there with this characteristic? 1- what are the probabilities of finding this type of address? 2- If a brute force code is executed with my code, how many addresses will I find with these characteristics? 3- as these types of addresses are considerably strange and proportionally in less quantity, does my code make them vulnerable? Does the owner of "1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC" have a strangely vulnerable address? If so, and read this, I hope you move your money to a more secure address. If you like my strange but interesting post, comment or you can leave a small donation 3QWcjuY72EyouLmkRY4FbuoM1V7mA6tyqv Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: jackg on November 28, 2021, 06:12:19 PM The set of addresses that contains just letters is the second biggest set.
You've limited base 58 to be around base 49. I'm not certain of the range produced from running the hashing algorithm to get addresses but I think the range is quite big still. As I reread this it feels similar to the argument for n-1 character addresses being less secure than n character long addresses - which is false but seems like it might be logical to someone new. I'd be interested if you could change it to numbers and release the times it takes to generate those addresses though (I think it should take about 49/9=5.44x longer - but I'm not that sure). Edit: from my calculation above, you could visualise the range of the public keys being produces as if they're in base10 0-9 without 9 or 8. Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: DaveF on November 28, 2021, 08:01:09 PM This has been discussed before. There is no less security to having addresses with just letters. Yes in theory if you are running any of the brute forcing key cracking software it will get there sooner.
So instead of finding the key after the heat death of the universe, it will happen a week or two before that. Still long after the sun has gone nova and reduced the earth to a cinder. -Dave Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: BlackHatCoiner on November 28, 2021, 08:18:56 PM 1-how many addresses are there with this characteristic? Depends on what you mean
1- what are the probabilities of finding this type of address? Well, that's some tough calculation that I can't do at the moment, I may do it tomorrow. You may get close to the answer if you generate hundreds of thousands of addresses and divide the ones who do not contain numbers in their base58Check with the total ones you generated.Now, answering to both: 3- as these types of addresses are considerably strange and proportionally in less quantity, does my code make them vulnerable? Yes in theory if you are running any of the brute forcing key cracking software it will get there sooner. This is so not true! There's nothing wrong with these addresses. Their base58 encoding just didn't happen to return numbers. They're as secure they all are. Whether that's 1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC, 1111111111111111111114oLvT2 (lowest) or 1QLbz7JHiBTspS962RLKV8GndWFwi5j6Qr (highest). Remember, they are just RIPEMD-160 hashes represented in a special format. Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: mynonce on November 28, 2021, 10:18:45 PM ... Do you have the private keys?1BuZfZWqretuiaqGvyTWHFTnpGpGWyJDrw 1PMQEZQhmpqMTxKiiDwtBAEGiDhcBpvkMu 1DVfPvpHLKfrfNcoFFxkiMpdTzVPAtPHim ... "Playing" with algorithms ... Back in 2015 ...Hi guys, someone found a bitcoin puzzle. The creator of this set of puzzles didn't mention anything until people solved some. 2 years later, the creator reacted and disappeared.... While playing around with my bot, I found out this mysterious transaction: 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX no digits either, only uppercase letters https://bitcoin.stackexchange.com/questions/3730/what-is-the-longest-known-vanity-address-generated (https://bitcoin.stackexchange.com/questions/3730/what-is-the-longest-known-vanity-address-generated) It belongs to etotheipi, author of the Armory Bitcoin Client, and was found using vanitygen, as he said in a bitcointalk forum post: Yessir! I got a little crazy with vanitygen and succeeded. It should've taken about 70 days of computation time but I got lucky and found it in about a week... (notice no digits either, only uppercase letters). Unfortunately, it's so cool that people don't even recognize it as a Bitcoin address :( [moderator's note: consecutive posts merged] Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: pooya87 on November 29, 2021, 05:25:51 AM Does the owner of "1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC" have a strangely vulnerable address? Nobody can answer this question apart from the owner of that address because the security of it depends on how it was created. Although this may look odd to you but it is perfectly within the realm of possibility that this was created randomly and the owner may not even have realized its characteristics!the only address that I had seen with these characteristics And how much have you searched for it? Randomly trying to generate a handful of addresses doesn't count though.I'm too lazy to download, write some code and process 16 GB file (1,484,589,749 addresses) but you can do it if you like from here: https://bitcointalk.org/index.php?topic=5265993.0 and see if your assessment was correct. Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: odolvlobo on November 29, 2021, 09:02:50 AM 1-how many addresses are there with this characteristic? Hard to say. Less than 4933 (6.0x1055) because most of those would have an invalid checksum. More like 4927 x (49/58)6, or 1.6x1045 if you assume that the last 6 are the checksum. 1- what are the probabilities of finding this type of address? In a random address, for each digit, the probability of being a letter is 49/58, so the probability of 33 of them being a letter is (49/58)33, or about 1 out of 261. It is not that rare. 2- If a brute force code is executed with my code, how many addresses will I find with these characteristics? If you generate addresses at random, 1 out of 261 will have only letters. 3- as these types of addresses are considerably strange and proportionally in less quantity, does my code make them vulnerable? Does the owner of "1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC" have a strangely vulnerable address? If so, and read this, I hope you move your money to a more secure address. No, because there is no way to generate only private keys of addresses with only letters. Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: TheArchaeologist on December 01, 2021, 09:08:28 AM You make it sound like you found some very special addresses, however as odolvlobo already pointed out this is something that is not rare at all. I generated 10000 addresses at random, which resulted in 28 addresses without any number in it (except for the leading 1 ofcourse). So about 1 in 357 addresses generated:
Code: 1PEABXGPwwmHzLuaMscUbmtbLiLyEEcvok-> L25Nv43gMQ8AkHEugnyaPsgARw6Bojd2bFaqjAqBWaXfCKPpXHM6 I included the WIF to prove they are real. Please don't use any of this addresses for real! Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: PawGo on December 01, 2021, 10:31:49 AM It is nothing else than people's ability to detect patterns. If someone would define Base58 differently (digits at the end?), we would see completely different addresses.
You think that something is 'normal' because it is more probable to observe. I bet you have never seen an address which contains only digits or only one specific character (let's ignore the issue with checksum for a moment). People who play lottery usually don't choose consecutive numbers because they 'feel' there must be gap between numbers, while the chance to hit is exactly the same for both cases. Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: LoyceV on December 01, 2021, 10:32:54 AM 1-how many addresses are there with this characteristic? If you're talking about funded addresses: you can get the data from List of all Bitcoin addresses with a balance (https://bitcointalk.org/index.php?topic=5254914.0)If you want to know this for all Bitcoin addresses ever used (https://bitcointalk.org/index.php?topic=5265993.0), I can get you the data, but I still don't have a VPS for it. Quote 3- as these types of addresses are considerably strange and proportionally in less quantity You may be interested in Rare address hall of fame (https://bitcointalk.org/index.php?topic=90982.0) :)Quote Does the owner of "1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC" have a strangely vulnerable address? With 3 billion dollars in it, It would have been long gone if it wouldn't be secure. My first assumption was it's an old address and the owner must have lost access, but it was funded in 2014 (https://blockchair.com/bitcoin/transaction/2a29fdb4e188f827da3c3175856b3ed95819b323bb303a46b8036534e78c76db) with (at the time) 31 million dollars. So my new assumption is the owner knew exactly what he was doing, and is just hodling his coins.Quote If you like my strange but interesting post, comment or you can leave a small donation It's better to remove this request, and put the Bitcoin address in your profile (https://bitcointalk.org/index.php?action=profile;u=3413022).I'd be interested if you could change it to numbers and release the times it takes to generate those addresses though (I think it should take about 49/9=5.44x longer - but I'm not that sure). My guess it it takes much, much longer than that (5.44^33 times longer sounds about right.). I don't think it's possible to generate a Bitcoin address with only numbers.Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: TheArchaeologist on December 01, 2021, 10:57:26 AM 1-how many addresses are there with this characteristic? I took a look at all p2pkh addresses (so the ones starting with a '1'). I found over 1.5 million addresses with the characteristics you described which have been funded at least once:Code: 1AAaaCnWptsdikfLwQKpPAkVvGWwXmcTwH Update: also checked all the p2sh addresses (so the ones starting with a '3'). There were almost 800,000 addresses matching your characteristics which have been funded at least once: Code: 3AAAaXsDdNutaLfEPDbNinkctrdtCKaDtw So the same conclusion as I had generating random addresses: they are not that special! There around 2.3 million (!) addresses matching your characteristics already in use. Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: NotATether on December 01, 2021, 02:11:16 PM You can't specifically target addresses that only have letters in them because there's no hint that tells which private key makes a particular address - it's just "plug a privkey in and hope it corresponds to an address of that characteristic".
Title: Re: strange bitcoin addresses, algorithms and bruteforce Post by: HCP on December 02, 2021, 03:21:44 AM It's only "strange" because we generally consider Bitcoin addresses to be a mix of all the Base58Check characters... but it's really no different to addresses missing a given set of characters. For example: addresses missing the characters [b, B, i, t, T, c, C, o, i, n, N].
Basically, it is impossible for all addresses to contain all the characters... so there are always likely to be groups of addresses that are missing a given set of characters (assuming that set is relatively small). |