Bitcoin Forum

Bitcoin => Development & Technical Discussion => Topic started by: Gavin Andresen on October 07, 2010, 02:05:47 AM



Title: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Gavin Andresen on October 07, 2010, 02:05:47 AM
Attached is a little patch that expands the getnewaddress RPC command so it can try to generate a "vanity" bitcoin address.
E.g. I told it to generate an address with "gavin" in it, and it chugged away for an hour or two and came up with:
  12kUimDnb1a6oAPifgavinAaxMmLe43UR6

This is recommended for fun and experimentation only; it takes a long time, and while it is trying to find an address with the right string in it no other RPC commands are accepted.  Including 'stop'.

It'd be kinda cool (and would speed it up a lot) to make it case-insensitive.  Or to match to an arbitrary regular expression.  Or to make it spin off a separate thread and just return "working...."  (and have the thread add the address to the wallet when it is finally found, labeled with the vanity string).

Maybe we should have a Best Bitcoin Address contest  8)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Anonymous on October 07, 2010, 03:18:49 AM
lol you just invented bitcoin customised number plates!


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: HostFat on October 07, 2010, 04:55:38 AM
Question:
does bitcoin own generated addresses? Yes?
So you are owning 2 hours of generated addresses that you won't use anytime, I'm correct?
Are them a waste of addresses?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: BioMike on October 07, 2010, 05:41:04 AM
Can I use this to generate an address like "12kUimDnb1a6oAPifgavinAaxMmLe43UR6"? ;) (I know it will take ages to do.)
Or are there limitations to the address?

Nice addresses that contain:
"SendBitcoinsToBioMike"
"ILoveBitcoins"


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: FreeMoney on October 07, 2010, 06:28:12 AM
It would be cool to add an estimator of the time it will take. It would be cool to see a graph of average time vs number of specified chars. How long did gavin take?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: caveden on October 07, 2010, 07:46:24 AM
Question:
does bitcoin own generated addresses? Yes?
So you are owning 2 hours of generated addresses that you won't use anytime, I'm correct?
Are them a waste of addresses?

As far as I understand, there is no "waste" of addresses. Anyone can by chance generate one of the addresses that he discarded during the process.
If in the process he was saving each attempt, then there would be two owners of a same address.

The chance of this happening is so remote, that there is no reason to worry. (I guess)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: BioMike on October 07, 2010, 07:57:08 AM
Or are there limitations to the address?

From the source:
If [vanity] is specified, is less than 10 characters, and is all valid base58 characters, then an address containing that string is generated.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: jgarzik on October 07, 2010, 08:09:37 AM
This article on base58 includes a list of valid characters:
http://icoloma.blogspot.com/2010/03/create-your-own-bitly-using-base58.html


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Gavin Andresen on October 07, 2010, 02:02:34 PM
RE: "wasting" addresses:

caveden is right, this patch generates and throws away lots and lots of potential bitcoin addresses.

But there are 2^160 possible bitcoin addresses, which is a really, really big number.  The chances of BioMike generating an address that matches my "gavin" address before we're all dead is approximately zero (http://en.wikipedia.org/wiki/Birthday_attack).

And davidonpda:  I haven't tried to figure out how long 10 characters would take-- it is exponential in the number of characters, so 10 characters would probably take years...


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: BioMike on October 07, 2010, 02:34:07 PM
And davidonpda:  I haven't tried to figure out how long 10 characters would take-- it is exponential in the number of characters, so 10 characters would probably take years...

That's what I thought... just wanted to make sure before I started. davidonpda is 10 and will probably never get there haha!

Or, you're very, very, very lucky. ;)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Gavin Andresen on October 07, 2010, 03:12:22 PM
That's what I thought... just wanted to make sure before I started. davidonpda is 10 and will probably never get there haha!

But if it supported regular expressions "david.*on.*pda" would probably be found in a reasonable amount of time...

Of course, if you were unlucky it'd find something like  1davidSpoonLApdaDDY13iu8 (not a real bitcoin address)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: ByteCoin on October 07, 2010, 05:18:06 PM
lol you just invented bitcoin customised number plates!

I believe I was the first. See the following post


I also have the ability to generate useful novelty BitCoin addresses. The best one for me  so far is
1ByteCosnsUNJun4KL3HSt1NfFdXpzoRTy (pesky s)


If there is a demand for it, I might be tempted to start a webservice like the faucet where people can buy vanity addresses for a small bitcoin fee. I have a simple handshake scheme which allows me to generate a new address for you without me finding out your private key. My method sounds like it's faster than Gavin's and mathematically it's non-trivial. It can find addresses containing a short string like "gavin" in a fraction of a second for example.

ByteCoin


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: FreeMoney on October 07, 2010, 10:52:57 PM
lol you just invented bitcoin customised number plates!

I believe I was the first. See the following post


I also have the ability to generate useful novelty BitCoin addresses. The best one for me  so far is
1ByteCosnsUNJun4KL3HSt1NfFdXpzoRTy (pesky s)


If there is a demand for it, I might be tempted to start a webservice like the faucet where people can buy vanity addresses for a small bitcoin fee. I have a simple handshake scheme which allows me to generate a new address for you without me finding out your private key. My method sounds like it's faster than Gavin's and mathematically it's non-trivial. It can find addresses containing a short string like "gavin" in a fraction of a second for example.

ByteCoin

I am surprised, I wouldn't think an improvement that extreme would be possible. Your algorithm must still take exponential time as chars increase right?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Gavin Andresen on October 07, 2010, 11:05:30 PM
ByteCoin: cool!  Are you finding alternative public keys for a given ECC private key?  (are there multiple public keys for a given private ECC key???  I know very little about elliptic curve cryptography)

And to all:  I couldn't resist, I updated the patch so it can search for a regular expression and so it starts a separate thread and doesn't monopolize the RPC thread.  My machine is busy looking for a bitcoin address that matches '^1Gavin' right now.



Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: ByteCoin on October 07, 2010, 11:39:10 PM
ByteCoin: cool!  Are you finding alternative public keys for a given ECC private key?  (are there multiple public keys for a given private ECC key???  I know very little about elliptic curve cryptography)

The maths fundamentally does allow this under certain circumstances but a good implementation checks for it and only accepts the "normal" form. I imagine that the library does a good job and, even if it didn't, a patch would rapidly end such tricks.

My method involves laboriously generating  billions of new addresses every second - but how to do that best requires some thought. There's no way of distinguishing between my novelty addresses and just being very lucky when generating a normal address.

I am surprised, I wouldn't think an improvement that extreme would be possible. Your algorithm must still take exponential time as chars increase right?

Sadly yes.

If you guys want a small number of novelty addresses and are prepared to pay handsomely for them then I can generate some "manually". If there's deeper demand then I will look into automating the process but it would take a lot longer to set up. What would people pay for having the first novelty address starting with "1" and followed by the characters of their choice?

ByteCoin


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Xunie on October 13, 2010, 02:46:01 PM
I would love a regular expression functionality, I vote for PCRE and POSIX ERE functionality! in that order.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: sandos on October 20, 2010, 10:30:37 AM
leet-speak might help with finding things a bit quicker: http://en.wikipedia.org/wiki/Leet

It would basically be a automatically applied transformation from regular text to a regexp which includes the leet-character alternatives. Mostly the numeric ones that are usable I imagine.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: FreeMoney on October 20, 2010, 11:14:00 AM
leet-speak might help with finding things a bit quicker: http://en.wikipedia.org/wiki/Leet

It would basically be a automatically applied transformation from regular text to a regexp which includes the leet-character alternatives. Mostly the numeric ones that are usable I imagine.

Haha, clever.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: grondilu on October 20, 2010, 07:07:44 PM
IllSend1000BTCtoWhoEvrMakesDisAddr


Good luck

:)


More seriously, I think this app is useless, but very much fun.  I'm looking forward to see a stable version.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Gavin Andresen on October 20, 2010, 07:22:17 PM
IllSend1000BTCtoWhoEvrMakesDisAddr

Awww, even replacing the lower-case-l's with 1's it ain't right:
Code:
$ bitcoind validateaddress I11Send1000BTCtoWhoEvrMakesDisAddr
{
    "isvalid" : false
}


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: grondilu on October 20, 2010, 07:36:24 PM
IllSend1000BTCtoWhoEvrMakesDisAddr

Awww, even replacing the lower-case-l's with 1's it ain't right:
Code:
$ bitcoind validateaddress I11Send1000BTCtoWhoEvrMakesDisAddr
{
    "isvalid" : false
}

Hum ?  What did I get wrong ?  I thought it would be ok.   I guess I didn't understand what base58 is exactly...  My bad.


edit:
ok I checked Satoshi's code (in base58.h), and now I know :

//
// Why base-58 instead of standard base-64 encoding?
// - Don't want 0OIl characters that look the same in some fonts and
//      could be used to create visually identical looking account numbers.
// - A string with non-alphanumeric characters is not as easily accepted as an account number.
// - E-mail usually won't line-break if there's no punctuation to break at.
// - Doubleclicking selects the whole number as one word if it's all alphanumeric.
//


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: khal on April 29, 2011, 09:54:15 AM
Vanity key tried 29'800'000.

How long will it take to find an adress matching : "^1Khalahan[A-Z0-9]" ? :D


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: ByteCoin on April 29, 2011, 10:47:32 AM
How long will it take to find an address matching : "^1Khalahan[A-Z0-9]" ? :D

You need to search about 1.28E14 keys. Using my software (if I remember the performance correctly) that'd take me about 4 years.

ByteCoin


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: khal on April 29, 2011, 11:07:35 AM
Wow... i should be a little less gluttonous though... or really lucky :p
Thanks for the estimation.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: mathx on May 29, 2011, 05:54:48 PM
Wow... i should be a little less gluttonous though... or really lucky :p
Thanks for the estimation.

Is your software using the GPU too? Whats the nominal market value for this derivative market? :)

You sharing your vanity generation code? :)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: gmaxwell on May 29, 2011, 06:19:28 PM
If there is a demand for it, I might be tempted to start a webservice like the faucet where people can buy vanity addresses for a small bitcoin fee. I have a simple handshake scheme which allows me to generate a new address for you without me finding out your private key. My method sounds like it's faster than Gavin's and mathematically it's non-trivial. It can find addresses containing a short string like "gavin" in a fraction of a second for example.
ByteCoin

I think the claim that you can do this search without knowing the private key is surprising and dubious.

I'd be interested in hearing more about how you propose to do this.
 



Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: mathx on May 29, 2011, 06:27:55 PM
I have a simple handshake scheme which allows me to generate a new address for you without me finding out your private key.

How does this work? You HAVE to explain it or the public wont trust your keys. Furthermore, some segment of the population has to understand it fully, the rest will follow the herd of smart people.

Til then tho, there's no market.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: ploum on May 29, 2011, 06:29:04 PM

But there are 2^160 possible bitcoin addresses,

Just to give some perspective: in order to run out of addresses, each human currently living on the planet (±6 billions) has to generate 500 million of addresses for each single nano-second (10⁻⁹s) during the entire age of the universe (15 billions of years).

I think that, from that point of view, the system is pretty safe.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: davout on June 04, 2011, 04:08:26 AM
Just to give some perspective: in order to run out of addresses, each human currently living on the planet (±6 billions) has to generate 500 million of addresses for each single nano-second (10⁻⁹s) during the entire age of the universe (15 billions of years).
Read "the restaurant at the end of the universe" you might then want to review your statement :D


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: grondilu on June 04, 2011, 04:56:12 AM
Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:

Code:
#!/bin/bash
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
# binary, for any purpose, commercial or non-commercial, and by any
# means.
#
# In jurisdictions that recognize copyright laws, the author or authors
# of this software dedicate any and all copyright interest in the
# software to the public domain. We make this dedication for the benefit
# of the public at large and to the detriment of our heirs and
# successors. We intend this dedication to be an overt act of
# relinquishment in perpetuity of all present and future rights to this
# software under copyright law.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
#
#
# Requires bc, dc, openssl, xxd
#

base58=({1..9} {A..H} {J..N} {P..Z} {a..k} {m..z})
bitcoinregex="^[$(printf "%s" "${base58[@]}")]{34}$"

decodeBase58() {
    local s=$1
    for i in {0..57}
    do s="${s//${base58[i]}/ $i}"
    done
    dc <<< "16o0d${s// /+58*}+f"
}

encodeBase58() {
    # 58 = 0x3A
    bc <<<"ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }" |
    tac |
    while read n
    do echo -n ${base58[n]}
    done
}

checksum() {
    xxd -p -r <<<"$1" |
    openssl dgst -sha256 -binary |
    openssl dgst -sha256 -binary |
    xxd -p -c 80 |
    head -c 8
}

checkBitcoinAddress() {
    if [[ "$1" =~ $bitcoinregex ]]
    then
        h=$(decodeBase58 "$1")
        checksum "00${h::${#h}-8}" |
        grep -qi "^${h: -8}$"
    else return 2
    fi
}

hash160() {
    openssl dgst -sha256 -binary |
    openssl dgst -rmd160 -binary |
    xxd -p -c 80
}

hash160ToAddress() {
    printf "%34s\n" "$(encodeBase58 "00$1$(checksum "00$1")")" |
    sed "y/ /1/"
}

publicKeyToAddress() {
    hash160ToAddress $(
    openssl ec -pubin -pubout -outform DER 2>/dev/null |
    tail -c 65 |
    hash160
    )
}

makeBitcoinPair() {
    openssl ecparam -genkey -name secp256k1 |
        tee >(gpg -ae -r grondilu) |
        openssl ec -pubout |
        publicKeyToAddress
}

timestamp() {
    hash160ToAddress "$(hash160)"
}

bigEndianHex2littleEndianHex() {
    local s=''
    while read -n 2 char
    do s=$char$s
    done
    echo $s
}

bitcoinHash() {
    bigEndianHex2littleEndianHex |
    xxd -p -r |
    openssl dgst -sha256 -binary |
    openssl dgst -sha256 -binary |
    xxd -p -c 80 |
    bigEndianHex2littleEndianHex
}

vanityAddress() {
    local pub priv
    while [[ ! "$pub" =~ $1 ]]
    do
        priv="$(openssl ecparam -genkey -name secp256k1 2>/dev/null)"
        pub="$(openssl ec -pubout 2>/dev/null <<<"$priv" | publicKeyToAddress)"
    done
    echo "$pub
    $priv"
}


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: 029xue on June 04, 2011, 07:46:00 AM
The idea is cool, but I think there's a big problem in safty.

After you generated a bitcoin address, that means you hold the 'wallat.data' of this address and of source you've a copy of the file.

After you sending this wallet to others, you may still have a copy of the file, how could others believe that you won't use/steal there bitcoins from this wallat?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: publickeyhash on June 04, 2011, 01:47:07 PM
Of source big problem with wallat safty!
Copy "wallat.pasta" to use/steal there bitcoins from open sesame wallat!


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: slowmining on June 04, 2011, 02:16:08 PM
I would love this using the GPU.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: ByteCoin on June 05, 2011, 12:47:50 AM
I think the claim that you can do this search without knowing the private key is surprising and dubious.

I'd be interested in hearing more about how you propose to do this.
 

How does this work? You HAVE to explain it or the public wont trust your keys.

At the moment addresses are used as fairly ephemeral things and the recommendation is to use a new receiving address for each payment. This limits the utility of vanity addresses and so I don't believe it's worth implementing. This may change in future however as new bitcoin services arise.

It can be implemented securely but the method touches on some issues I should currently keep confidential. However it's an elementary problem for any half-way decent cryptographer.

ByteCoin


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: unk on June 06, 2011, 02:50:31 AM
[removed useless thoughts because i'm out of practice enough that i forgot i was a 'halfway-decent cryptographer' and was barking up the wrong tree]

as an aside, i still think grondilu's script is cleverly minimalist, but the thought of running it as a loop that creates multiple openssl processes for each iteration almost makes me ill.  :-)  (i'm also still annoyed that my own minimalist c client failed to send a transaction to hal correctly in testing the script, depriving him of the bitcoin he sent as a bounty and instead giving it to someone who solved the relevant problem in a better, less cumbersome way!)

bytecoin, i've been thinking idly about mathematically nontrivial ways to generate billions of ec keys quickly since you mentioned it, but i confess that i haven't yet stumbled on your method yet.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: gmaxwell on June 10, 2011, 02:57:08 PM
At the moment addresses are used as fairly ephemeral things and the recommendation is to use a new receiving address for each payment. This limits the utility of vanity addresses and so I don't believe it's worth implementing. This may change in future however as new bitcoin services arise.

It can be implemented securely but the method touches on some issues I should currently keep confidential. However it's an elementary problem for any half-way decent cryptographer.

Indeed. I spent a while thinking about it and realized I was being stupid. The number of times the point was added initially (the private key) is unknown but you can keep adding it more without difficulty and get additional keys, then just add that value to the private key.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: foo on June 11, 2011, 12:18:06 AM
Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: TiagoTiago on June 13, 2011, 02:04:06 PM
If someone sets up a service, could they use a single stream of random new addresses and test for matches for all currently open requests instead of wasting time throwing away addresses that could match one of the many requests filed?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: grondilu on June 16, 2011, 12:43:41 PM
Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

Which version of bash are you running?  (I suspect yours doesn't accept ${1^^})

Mine is
GNU bash, version 4.1.5(1)-release (i486-pc-linux-gnu)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: foo on June 16, 2011, 01:02:17 PM
Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

Which version of bash are you running?  (I suspect yours doesn't accept ${1^^})

Mine is
GNU bash, version 4.1.5(1)-release (i486-pc-linux-gnu)

GNU bash, version 3.2.39(1)-release (x86_64-pc-linux-gnu)

I tried your script on several Linux servers, apparently none of them had a new enough bash... Could you rewrite that line so it works on bash versions that are actually included in distributions?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on June 20, 2011, 09:04:55 AM
So I've got a compiled bitcoin.exe using minGW according to this thread:  http://forum.bitcoin.org/?topic=5851.msg86700#msg86700

Now, how do I go about applying this patch?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on June 20, 2011, 04:48:29 PM
Sorry for bumping, but I just can't figure this out on my own.  I think the command should be something like this:

patch -p1 < vanity.patch

But I don't want to just start typing things in without knowing what I am doing...


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: joan on June 20, 2011, 05:21:53 PM
Also interested in this.
I think the patch was done against the subversion repo so it probably won't work…
Also, it looks like the sources have been reorganized since then.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on June 25, 2011, 10:47:17 PM
I'm unable to find the option to attach files to posts, so I'm forced to copy paste this here:

Code:
diff -urpN orig/bitcoin-0.3.23/src/main.h bitcoin-0.3.23/src/main.h
--- orig/bitcoin-0.3.23/src/main.h 2011-06-12 01:17:13.000000000 +0200
+++ bitcoin-0.3.23/src/main.h 2011-06-26 00:16:53.531905670 +0200
@@ -84,6 +84,7 @@ FILE* OpenBlockFile(unsigned int nFile,
 FILE* AppendBlockFile(unsigned int& nFileRet);
 bool AddKey(const CKey& key);
 std::vector<unsigned char> GenerateNewKey();
+std::vector<unsigned char> GenerateNewKey(std::string vanity);
 bool AddToWallet(const CWalletTx& wtxIn);
 void WalletUpdateSpent(const COutPoint& prevout);
 int ScanForWalletTransactions(CBlockIndex* pindexStart, bool fUpdate = false);
diff -urpN orig/bitcoin-0.3.23/src/rpc.cpp bitcoin-0.3.23/src/rpc.cpp
--- orig/bitcoin-0.3.23/src/rpc.cpp 2011-06-12 01:17:13.000000000 +0200
+++ bitcoin-0.3.23/src/rpc.cpp 2011-06-26 00:14:12.042318453 +0200
@@ -6,6 +6,7 @@
 #include "cryptopp/sha.h"
 #undef printf
 #include <boost/asio.hpp>
+#include <boost/xpressive/xpressive_dynamic.hpp>
 #include <boost/iostreams/concepts.hpp>
 #include <boost/iostreams/stream.hpp>
 #ifdef USE_SSL
@@ -309,19 +310,61 @@ Value getinfo(const Array& params, bool
 }
 
 
+vector<unsigned char> GenerateNewKey(string vanity)
+{
+    using namespace boost::xpressive;
+    sregex re = sregex::compile(vanity);
+
+    RandAddSeedPerfmon();
+    unsigned int tried = 0;
+    for (;;)
+    {
+        CKey key;
+        key.MakeNewKey();
+        string strAddress = PubKeyToAddress(key.GetPubKey());
+        ++tried;
+        if (tried%100000 == 0) printf("Vanity key tried %u\n", tried);
+        if (!regex_search(strAddress, re)) continue;
+
+        if (!AddKey(key))
+            throw runtime_error("GenerateNewKey() : AddKey failed");
+        return key.GetPubKey();
+    }
+}
+
+void VanitySearchThread(void* parg)
+{
+    Array* a = (Array*)parg;
+    string vanity = (*a)[1].get_str();
+    string strAddress = PubKeyToAddress(GenerateNewKey(vanity));
+    string strLabel = (*a)[0].get_str();
+
+    SetAddressBookName(strAddress, strLabel);
+
+    delete a;
+}
+
 Value getnewaddress(const Array& params, bool fHelp)
 {
-    if (fHelp || params.size() > 1)
+    if (fHelp || params.size() > 2)
         throw runtime_error(
-            "getnewaddress [account]\n"
+            "getnewaddress [account] [vanity]\n"
             "Returns a new bitcoin address for receiving payments.  "
             "If [account] is specified (recommended), it is added to the address book "
-            "so payments received with the address will be credited to [account].");
+            "so payments received with the address will be credited to [account]."
+            "If [vanity] is specified, is less than 10 characters, and is all valid"
+            "base58 characters, then an address containing that string is generated.");
 
     // Parse the account first so we don't generate a key if there's an error
     string strAccount;
     if (params.size() > 0)
         strAccount = AccountFromValue(params[0]);
+    if (params.size() > 1)
+    {
+        Array* a = new Array(params);
+        CreateThread(VanitySearchThread, (void*)a);
+        return "...searching...";
+    }
 
     // Generate a new key that is added to wallet
     string strAddress = PubKeyToAddress(GetKeyFromKeyPool());

Should apply cleanly to bitcoin-0.3.23.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on June 25, 2011, 11:32:58 PM
Thanks!  ;)  What's the command to apply it to a build?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: cschmitz on June 26, 2011, 12:33:07 AM
I think this is inherently a bad idea, especially coming from one of the core developers of bitcoin.
Throwing away part of the network just to appeal to random nerdery is a horrible idea to implement when in the end, the core developers should really worry about using the resources of the system as efficiently as possible, after all the infrastructural components of the system are the basis of everything.
People thought  ipv4 was sufficient once, people thought 512kb ram were sufficient, etc. Being wasteful with a core resource in IT, given its short but rich history, is just wrong on so many fronts, i wouldnt even know where to start.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: TiagoTiago on June 26, 2011, 12:49:14 AM
Shhhh! If people start wasting their hash/s it will get easier for the rest of us to crack blocks! <.<


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: unk on June 26, 2011, 02:07:27 AM
I think this is inherently a bad idea, especially coming from one of the core developers of bitcoin.
Throwing away part of the network just to appeal to random nerdery is a horrible idea to implement when in the end, the core developers should really worry about using the resources of the system as efficiently as possible, after all the infrastructural components of the system are the basis of everything.
People thought  ipv4 was sufficient once, people thought 512kb ram were sufficient, etc. Being wasteful with a core resource in IT, given its short but rich history, is just wrong on so many fronts, i wouldnt even know where to start.

it's hard, intuitively, to reason about numbers as large as the keyspace of the implicated private keys. but resource inefficiency isn't even plausibly a concern in this space. it's not at all like ip addresses.

maybe a comparison will help: if the world population grew by a factor of a thousand and then every person lived for a thousand years and generated a thousand keys per second while they lived, there would still be no issue with 'wasting' keys.

if that's still counterintuitive, you can think about it like this: if this idea were a problem merely because a developer of the bitcoin client encourages it, then bitcoin would not be secure, as the idea does not need the support of any bitcoin developers. i can generate and throw away thousands (i still cannot do billions like bytecoin because my maths are rusty) of keys a second, and nobody can stop me from doing that. if i
(or even ten thousand people acting in the same way) could compromise addresses that way, then bitcoin would be worthless from the perspective of financial security.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: joan on June 26, 2011, 08:58:26 AM
Should apply cleanly to bitcoin-0.3.23.
I admit I haven't tried, but I think this would not apply smoothly to what's currently in the git repo (which I think is what SgtSpike is using?). As mentioned, the sources have been reorganized.
GenerateNewKey() for example is now in the class CKeyStore, not global to main.h / rpc.cpp. This is where GenerateNewKey(std::string vanity) should be too.

I do have some kind of patch too but I haven't worked out the threading yet. So it just hangs until it finds a match, which is not very nice.
SgtSpike, I think you are under Windows, do you use TortoiseGit? It will make things easy when you want to create/apply patches.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on June 26, 2011, 09:31:29 AM
I use MinGW.  I know next to nothing about c++ or compiling (web programmer here), so I was hoping there would be an easy way to include a patch (or diff?) file when I run the compile command.  If I find something that works, I won't upgrade my client until I absolutely have to in the future.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on June 26, 2011, 10:46:38 AM
Thanks!  ;)  What's the command to apply it to a build?

You need the patch utility. There are a couple of implementations for windows out there. Just unpack the bitcoin sources into a directory, download the patch, open a cmd window and type this:

Code:
> cd \path\to\bitcoin-sources
> patch -p1 < \path\to\vanity-0.3.23.patch

(Disclaimer: that's untested). Then compile as usual. I only compiled bitcoind (headless) since that's what I use anyway.


I think this is inherently a bad idea, especially coming from one of the core developers of bitcoin.

I understand he did it for the lulz and in no way he seriously endorses its usage. After all, you have to jump through a couple of hoops to get it working.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: marcus_of_augustus on June 26, 2011, 11:51:05 AM

... it seems like intentionally creating identifiable addresses goes counter to security through anonymity from the get-go ...


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: TheSeven on June 26, 2011, 12:17:29 PM
YAY! Pooled bitcoin vanity address mining! ;D


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: unk on June 26, 2011, 03:29:44 PM
... it seems like intentionally creating identifiable addresses goes counter to security through anonymity from the get-go ...

obviously, you wouldn't choose a 'vanity' address if you didn't want it to leak some information. but just because bitcoin provides anonymity doesn't mean everyone cares to be anonymous in every transaction.

for example, many people post in this forum under their real names and have bitcoin addresses in their signatures. that involves 'intentionally creating identifiable addresses' in much the same way.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: inh on June 26, 2011, 05:34:43 PM
Someone mod poclbm (simplest python miner I could find) to use the GPU for address generation. The CPU is so slow!


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: marcus_of_augustus on June 26, 2011, 11:02:51 PM
... it seems like intentionally creating identifiable addresses goes counter to security through anonymity from the get-go ...

obviously, you wouldn't choose a 'vanity' address if you didn't want it to leak some information. but just because bitcoin provides anonymity doesn't mean everyone cares to be anonymous in every transaction.

for example, many people post in this forum under their real names and have bitcoin addresses in their signatures. that involves 'intentionally creating identifiable addresses' in much the same way.

I wonder how many who are doing this realise they are effectively tying the value of their bitcoins to their reputations?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: FreeMoney on June 27, 2011, 03:11:16 AM
... it seems like intentionally creating identifiable addresses goes counter to security through anonymity from the get-go ...

obviously, you wouldn't choose a 'vanity' address if you didn't want it to leak some information. but just because bitcoin provides anonymity doesn't mean everyone cares to be anonymous in every transaction.

for example, many people post in this forum under their real names and have bitcoin addresses in their signatures. that involves 'intentionally creating identifiable addresses' in much the same way.

I wonder how many who are doing this realise they are effectively tying the value of their bitcoins to their reputations?

Only their donations are tied (with proper caution) to them and how could you get donations without tying in your rep?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: cschmitz on June 27, 2011, 04:21:57 AM
maybe a comparison will help: if the world population grew by a factor of a thousand and then every person lived for a thousand years and generated a thousand keys per second while they lived, there would still be no issue with 'wasting' keys.

its not a math issue its a conceptual issue. also lol³ at your "thousand keys per second" analogy for a system that by definition wants to be around 2033.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: EricJ2190 on June 27, 2011, 04:59:33 AM
The point is, nothing extra (except electricity) is being consumed by generating vanity addresses. An address that is generated then discarded may as well have never been generated. The network never has any indication that this address ever existed.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: TiagoTiago on June 28, 2011, 09:14:06 PM
If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on June 28, 2011, 09:30:17 PM
If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?
I think someone quotes something along the lines of billions of years in a previous discussion regarding this.

I suppose it depends on how efficient your algorithms are, but I wouldn't count on finding anything anytime soon.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: EricJ2190 on June 28, 2011, 10:12:09 PM
If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

Never. Even if the whole generating network was behind it, it would probably never even stumble upon a previously used address, much less one that is worth more than the number of blocks it could have generated instead. Generating blocks is trivial compared to this.

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112). The probably of finding a block at 35 times the current difficulty is around 1/(2^64). Therefore, it would take 2^48 (281 trillion) times longer to find a previously used address. So if it takes you ten minutes to find a block, it will take over five billion years to find a used address.

Now keep in mind that we don't have 4 billion users, most users have far less then 65 thousand addresses, and the current difficulty is much lower then I used in these calculations. Mining sounds a lot more profitable.

NOTE: I assumed generating an address took equal time as generating a proof-of-work hash. However, I believe generating an address is actually slower since it involves both EC key generation and hashing.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: no_alone on June 29, 2011, 07:06:59 PM
If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

Never. Even if the whole generating network was behind it, it would probably never even stumble upon a previously used address, much less one that is worth more than the number of blocks it could have generated instead. Generating blocks is trivial compared to this.

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112). The probably of finding a block at 35 times the current difficulty is around 1/(2^64). Therefore, it would take 2^48 (281 trillion) times longer to find a previously used address. So if it takes you ten minutes to find a block, it will take over five billion years to find a used address.

Now keep in mind that we don't have 4 billion users, most users have far less then 65 thousand addresses, and the current difficulty is much lower then I used in these calculations. Mining sounds a lot more profitable.

NOTE: I assumed generating an address took equal time as generating a proof-of-work hash. However, I believe generating an address is actually slower since it involves both EC key generation and hashing.

Dont you just like probability


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: joan on June 29, 2011, 09:17:04 PM
If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

(…)

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112).

The probability for two addresses to match is much higher than 1/(2^112) though. It's more complex than doing 2^160/2^48. Check the Birthday attack (http://en.wikipedia.org/wiki/Birthday_attack).
Also, TiagoTiago mentionned using current mining resources to generate addresses, so I guess it's fair to say that the 2^16 figure is underestimated, that would be more like… 2^16 per second. (But there is not 4 billion miners, yet)

While we are on probabilities, and I'm by no means an expert in these, someone mentioned in a previous page of this thread that to find the "1Kahlahan…" vanity address (8 fixed chars) would take roughly 1.28e14 attempts.
I think this is underestimated. (It seems to come from the intuitive 58^8).
My own computation gives me 2.99e+15, which is an order of magnitude higher. (I decode the base58 and do the maths on the hash160).


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Yeti on June 29, 2011, 09:50:40 PM
Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

grondilu, my hero! This script works very nicely without patching the source code (I just use a Bitcoin binary)!

I did the following modifications to make it compatible with GNU Bash 3.x:

Code:
encodeBase58() {
    # 58 = 0x3A
    n=`echo $1 | tr '[:lower:]' '[:upper:]'`
    bc <<<"ibase=16; n=$n; while(n>0) { n%3A ; n/=3A }" |
    tac |
    while read n
    do echo -n ${base58[n]}
    done
}
...
publicKeyToAddress() {
    hash160ToAddress $(openssl ec -pubin -pubout -outform DER 2>/dev/null | tail -c65 | hash160)
}

It found a simple two letter address very quickly. Now if someone could port this to OpenCL, that would be great!


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: EricJ2190 on June 29, 2011, 10:14:44 PM
If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

(…)

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112).

The probability for two addresses to match is much higher than 1/(2^112) though. It's more complex than doing 2^160/2^48. Check the Birthday attack (http://en.wikipedia.org/wiki/Birthday_attack).
Also, TiagoTiago mentionned using current mining resources to generate addresses, so I guess it's fair to say that the 2^16 figure is underestimated, that would be more like… 2^16 per second. (But there is not 4 billion miners, yet)

While we are on probabilities, and I'm by no means an expert in these, someone mentioned in a previous page of this thread that to find the "1Kahlahan…" vanity address (8 fixed chars) would take roughly 1.28e14 attempts.
I think this is underestimated. (It seems to come from the intuitive 58^8).
My own computation gives me 2.99e+15, which is an order of magnitude higher. (I decode the base58 and do the maths on the hash160).


The 2^16 figure is just the for the number of addresses actually being used by each normal user, not what you can generate. My point in that part was that there are no more than 2^48 bitcoin addresses that would be of any interest to find a private key for.

For the Birthday Attack, this just means it would be easier to find some two private keys that result in a common but unspecified address. However, we are not looking for any collision here. We specifically are looking for a key with an address in the set of previously used addresses. This is the same as PoW hashing, which I am comparing it with, where we are looking for value with a hash in the set of acceptable hashes.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on June 30, 2011, 07:15:05 AM
Hmm, if I quote the regex in the shell, the generated address is shorter:

Code:
$ ./bitcoind getaddressesbyaccount ''
[
    "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
    ...
]
$ ./bitcoind getnewaddress '' '^11'
...searching...
$ ./bitcoind getaddressesbyaccount ''
[
    "11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4",
    "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
    ...
]
$ ./bitcoind getnewaddress '' ^11
...searching...
$ ./bitcoind getaddressesbyaccount ''
[
    "113wjPuzxuDn3WjjautVdQu28DhA8zqhy3",
    "11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4",
    "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
    ...
]
$ _

Does that make sense? I understand addresses have a fixed length.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Yeti on June 30, 2011, 07:59:37 AM
Nope, probably a bug. The address you generated is not a valid bitcoin address.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on June 30, 2011, 08:41:35 AM
Nope, probably a bug. The address you generated is not a valid bitcoin address.

bitcoind disagrees:

Code:
$ for I in 113wjPuzxuDn3WjjautVdQu28DhA8zqhy3 11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4 12345Vypv2QSmuRXcciT5oEB27mPbWGeva; do
>     ./bitcoind validateaddress $I |grep -E 'isvalid|address'
> done
    "isvalid" : true,
    "address" : "113wjPuzxuDn3WjjautVdQu28DhA8zqhy3",
    "isvalid" : true,
    "address" : "11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4",
    "isvalid" : true,
    "address" : "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
$ _

A different installation of bitcoin (version 0.3.21) on a different computer gives the same output.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Yeti on June 30, 2011, 09:07:15 AM
Ok, good to know. Then all the "checkAddress" scripts are wrong. They seem to check for a fixed length.

I should have known that since the bitcoin client probably does internal checks when generating an address. ;)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on June 30, 2011, 09:24:13 AM
The wiki (https://en.bitcoin.it/wiki/Address) says:

Quote
Mainline addresses can be 25-34 characters in length, and testnet addresses can be 26-34 characters in length. Most addresses are 33 or 34 characters long, though.

I had already read that when I first knew about bitcoin, but I read so many things in a couple of days that it's no surprise I've forgotten many of them :).


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Yeti on June 30, 2011, 09:56:36 AM
Yeah, the regex that is used in grondilu's scripts is pretty simple. It just checks for base58 characters and a length of 34. Theymos' PHP script validates the checksum, afai can tell.

grondilu, do you have a newer version of your bash lib with checksum check? Otherwise I'm tempted to port the checksum check to bash.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Ryland R. Taylor-Almanza on July 01, 2011, 12:01:32 AM
Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: BitVapes on July 01, 2011, 06:03:10 AM
Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

someone posted a working patch for the latest bitcoin source, it compiled fine for me in linux.  I verified it worked by having it "search" for a 1-byte vanity address 'a' and it gave me one.

I let it run for a few minutes trying to find one with 'BitVapes' but I'm sure it would take over 9,000 years.   I did notice it only tied to one cpu core so I kicked off multiple instances to max out my cpus before shutting it down for fear of melting my box on this basically futile but fun effort.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on July 01, 2011, 06:31:14 AM
Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

someone posted a working patch for the latest bitcoin source, it compiled fine for me in linux.  I verified it worked by having it "search" for a 1-byte vanity address 'a' and it gave me one.

I let it run for a few minutes trying to find one with 'BitVapes' but I'm sure it would take over 9,000 years.   I did notice it only tied to one cpu core so I kicked off multiple instances to max out my cpus before shutting it down for fear of melting my box on this basically futile but fun effort.
Just curious - does the patch say how many addresses it generates and looks through per second?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: BitVapes on July 01, 2011, 06:55:19 AM
Just curious - does the patch say how many addresses it generates and looks through per second?

not that I can tell, it just says "Searching..."


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: joan on July 01, 2011, 08:30:35 AM
It should dump a message in the log every 100K attempts though.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on July 01, 2011, 09:28:44 AM
Just curious - does the patch say how many addresses it generates and looks through per second?

Look in the debug.log for lines like "Vanity key tried 100000". Give it some minutes (20?) to appear though.

What I really miss in the debug log is a timestamp; shouldn't be hard to add even when not being able to say hello in C++ :).


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: samr7 on July 01, 2011, 05:40:14 PM
I have an observation to make about this.

The parts of the address after the leading "1" would appear to be computed from a pseudorandom integer ranging 0 .. (256^24)-1.

The largest possible value is 33 base-58 digits long, approximately:

23.33798 x 58^32

If the address value is chosen randomly between 0 and the value above, then:

95.715% will be equal or greater than 58^32, and that group will produce an address with 33 characters following the "1", where the first letter is in the set "23456789ABCDEFGHJKLMNPQR".

3.894% will be less than 58^32 and greater than or equal to 256^23.  These will produce an address with 32 characters following the "1", with any base-58 character except "1" as the first letter.

0.391% will be less than 256^23, i.e. the most significant byte is 0.  The base-58 encoder will prefix these with at least two 1s instead of one.

So, the easier vanity addresses start with "23456789ABCDEFGHJKLMNPQR".  If you want a vanity address starting with any letter from "STUVWXYZabcdefghijkmnopqrstuvwxyz", you're going to have to spend a lot more cycles to find it.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: SgtSpike on July 01, 2011, 05:55:39 PM
I have an observation to make about this.

The parts of the address after the leading "1" would appear to be computed from a pseudorandom integer ranging 0 .. (256^24)-1.

The largest possible value is 33 base-58 digits long, approximately:

23.33798 x 58^32

If the address value is chosen randomly between 0 and the value above, then:

95.715% will be equal or greater than 58^32, and that group will produce an address with 33 characters following the "1", where the first letter is in the set "23456789ABCDEFGHJKLMNPQR".

3.894% will be less than 58^32 and greater than or equal to 256^23.  These will produce an address with 32 characters following the "1", with any base-58 character except "1" as the first letter.

0.391% will be less than 256^23, i.e. the most significant byte is 0.  The base-58 encoder will prefix these with at least two 1s instead of one.

So, the easier vanity addresses start with "23456789ABCDEFGHJKLMNPQR".  If you want a vanity address starting with any letter from "STUVWXYZabcdefghijkmnopqrstuvwxyz", you're going to have to spend a lot more cycles to find it.
Interesting...  I have noticed a lot fewer lower case letters in addresses than upper case, and wondered why that was....


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on July 01, 2011, 07:38:12 PM
I don't understand anything of what you just said. Anyway...

If you want a vanity address starting with any letter from "STUVWXYZabcdefghijkmnopqrstuvwxyz", you're going to have to spend a lot more cycles to find it.

That must be why "1ibm" was available ;).


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: davux on July 04, 2011, 02:15:16 AM
Hmm, if I quote the regex in the shell, the generated address is shorter:

Code:
$ ./bitcoind getnewaddress '' '^11'

[...]

$ ./bitcoind getnewaddress '' ^11

In the shell, '^11' and ^11 are exactly the same thing, because the '^' character doesn't have any magical meaning here, so it doesn't need to be quoted.

Does that make sense? I understand addresses have a fixed length.

No, they don't.

There's no relation between the length of the addresses and the way you wrote the vanity regex.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on July 04, 2011, 06:58:17 AM
Hmm, if I quote the regex in the shell, the generated address is shorter:

Code:
$ ./bitcoind getnewaddress '' '^11'

[...]

$ ./bitcoind getnewaddress '' ^11

In the shell, '^11' and ^11 are exactly the same thing, because the '^' character doesn't have any magical meaning here, so it doesn't need to be quoted.

Which is exactly the reason why generated addresses should be the same length.

...Or at least that's what I thought before I remembered (before reading your response) that addresses don't have a fixed length. The fact that giving a quoted parameter resulted in a shorter address must have been just a coincidence.

Thanks in any case ;).


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: pB11 on July 04, 2011, 05:27:56 PM
It seems someone already played with cool-looking addresses/hashes back in 2010:
http://blockexplorer.com/address/11126yHiXjavR3oNVwV2GRNso2ah4MnZtm (http://blockexplorer.com/address/11126yHiXjavR3oNVwV2GRNso2ah4MnZtm)  (there was >1k BTC at this address!)

Code:
HASH160                                   BTC_IN
0000000000000000000000000000000000000000 00000000.07110007
0000000000000000000000000000000000000001 00000000.01000000
000001aa6aa32fb6138c08d5e91f9a502656abdb 00000000.00000001
0000094d87949ffa143d5f3c049a5f071a16a941 00000000.00000001
00000d645142c1b4c07e6a14a854acf4412d8713 00000000.00000001
00000f3b345053879dc45e2ffa23deb781af36e3 00000000.00000001
000013bd967f59213494a10a3fdf49e0b79371cd 00000000.00000001
000018fc5a9d6eae103f0e572ff02c6e8412d42c 00000000.00000001
00001a969f9529cedba0cb353553667874e5c263 00000000.00000001
000020b4868dbb9f9ea4ae2cb23a05b6c7a50737 00000000.00000001
00002ccc7e36c6e7077dc186d33e5f60c76edf58 00000000.00000001
00002e5019ebe4c717080cae027fdb7b1c5045c4 00000000.01000000
000032a07a118a18f4ca16ad4255fbf91a12f0a3 00000000.00000001
00003629f51465a2d757e25dcf189cc260fc392d 00000000.00000001
00003710b5473b680675ba9c0d52ef954103481c 00000000.00000001
00003ddb3d79d74da3ccd4593419f4f2a55a68f8 00000000.79000000
00004020b6275ee5743080928fefe7fe90ef838c 00000000.00000001
0000435e719970dc7aa64245dc7e984f191c1c56 00000000.02000000
000046035080a1bdce64d087aca6d9017a0557a4 00000000.04000000
000048f2b372c547a768bf61f436f2394cc21787 00000000.00000001
00004ed54c20dd73ccba1e102992084b39b556f8 00000000.00000001
000051da44a22641488b8718034be843b795aa82 00000000.00000001
00005831c8aba83829c9aea53b885e752aed62f0 00000000.00000001
00005859982da7cc90ffccb6a11138293d6a7ed7 00000000.00000001
00005af355dd005383792ab27b03b2cd3663a49d 00000000.00000001
00005e2615c19b97a819558e8e8380d5eea3e098 00000000.01000000
00005fea533cbb8cd290f43e0aeea80891837ba2 00000000.00000001
000060df7b6b95c47f0b311f581ad8a471c027b8 00000000.00000001
000062c4f36e984e1c38d64ed3e83fac0b8875d2 00000000.00000001
00006a5f1c919936181de6397671dfdee5eb3f8e 00000001.00000000
00006b7527baa323ae799ae76fbc7755f5c8cb68 00000000.00000001
0000782ec52331217996d5ed7e8fac6d3db7e2c7 00000005.68000000
00007eea3c271357c4254b2f6dd58d6184828f0f 00000000.00000001
0000830a9b1f296aa3f1c468f63be4933422f249 00000008.55000000
00009b759340b8d90771ebf2da76312900d9663d 00000000.00000001
0000a281962dc5123c9d83c977b6e4fbeb5effdb 00000000.00000001
0000a2948d8d534848124a606e43724e37f4b815 00000000.00000001
0000a635cad79b5825dab5176a0bdc59124068b7 00000000.00000001
0000aba36b6f4e822a12885a26d9392101070d4c 00000000.00000001
0000adbae47afaa49642252bb3ad5764aaa91f75 00000000.00000001
0000b7d68d18879c2a2c1e07001398cecb755180 00000000.00000001
0000c32bc79b9e8c8a2afb72462636be440dcc5d 00000000.00000001
0000cce1bcb7f8d8e34548e277cb43620ac50c6e 00000000.00000001
0000cd341be1f51cef57ac0207d098212a4b000a 00000000.00000001
0000cfcee541e4815bb92f4e6b8f5d6d210d2ace 00000000.00000001
0000d10e7744f0885a4fbd20c8ec1a0b82ece4a3 00000000.00000001
0000e30fb7a987abc3c28ca6398c18dc17edd608 00000100.29000000
0000ebb22c6afe1fd46bf1ca17cae2a9496df9ac 00001137.00000000
0000f02e3d9d88a95a015219a8b69a5b9d6cfbcb 00000078.21000000
000105c698a07fabe70f165eb6dae2ee681c03b3 00000517.88000000
000146b7dbf1ca1d1df70500d7c8ca13f19fa15f 00000000.05000000
00014bdcadd62ce646cdbbd68776102e802b1556 00000031.81000000
0001aaf0074a13876565da1abb94fb0ee1607467 00000000.05148120
0001c2d11f347e1d47d05fea3ad5d86efceda60a 00000009.49152769
...
ffff0c753b76620e152890565a7285171ad528ce 00000000.01000000
ffff235734d335de7da59b46d4e2229f03569dc9 00000041.26800000
ffff5ea334aadbe15678ef8ef9046296ee2ccdfa 00000004.80000000
ffff78aece539fb0dca39fbc2200bfb3583d477d 00000921.98226031
ffff97c97e1ccab5bc88350310e8ec76b30f7380 00000013.81000000
ffff9d832765e995c0e3a0e147934043f15add6b 00000003.80000000
ffffd66277094fb1186572d2c5a03056d1a7569f 00000000.50000000
fffff69ea5a3bdc76955591088ddfe5ec555d6cc 00001475.47000000
fffff9fabcf4e7a9bd5f9a44078fdba199c69b38 00000000.00000013
ffffffffffffffffffffffffffffffffffffffff 00000000.01000000
Small perl (64-bit) script to dump entire transaction database :
Code:
open F,'<blk0001.dat'; binmode F; local $/; $_=<F>;
while(/(.{8})\x19\x76\xA9\x14(.{20})\x88\xAC/sg){
  $c=unpack('Q',$1);
  $h=$2;
  $balance{$h}+=$c;
}
for(sort keys %balance){
  $c=$balance{$_};
  $s=sprintf('%016d',$c);
  substr($s,8,0)='.';
  print unpack('H*',$_)." $s\n";
}
1 million addresses soon!
(it counts only inputs, not generation or outputs)


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Yeti on July 05, 2011, 10:44:05 AM
Aw, man! Looks like somebody generated a lot of words to be used at firstbits.com. I wanted a nice firstbits vanity address that would be essentially my nick, but 1yeti is gone. :( I wasn't fast enough, now I'm 1yetiax. >:(

In case you want one of these (http://blockexplorer.com/address/1F4qoe6uLzhedknmJySdnokbd2HNxjB1jv), you are probably gonna have to pay him a premium.

They're not interested in case-sensitivity (unlike me) which gives them the edge.

This is why we can't have nice things!


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Ryland R. Taylor-Almanza on July 05, 2011, 01:38:09 PM
Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

someone posted a working patch for the latest bitcoin source, it compiled fine for me in linux.  I verified it worked by having it "search" for a 1-byte vanity address 'a' and it gave me one.

I let it run for a few minutes trying to find one with 'BitVapes' but I'm sure it would take over 9,000 years.   I did notice it only tied to one cpu core so I kicked off multiple instances to max out my cpus before shutting it down for fear of melting my box on this basically futile but fun effort.
Is that the one in the first post of this thread?


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: BitVapes on July 05, 2011, 07:08:36 PM
Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

someone posted a working patch for the latest bitcoin source, it compiled fine for me in linux.  I verified it worked by having it "search" for a 1-byte vanity address 'a' and it gave me one.

I let it run for a few minutes trying to find one with 'BitVapes' but I'm sure it would take over 9,000 years.   I did notice it only tied to one cpu core so I kicked off multiple instances to max out my cpus before shutting it down for fear of melting my box on this basically futile but fun effort.
Is that the one in the first post of this thread?

no that one didn't work in the latest bitcoin sources, but here (http://forum.bitcoin.org/index.php?topic=1387.msg283882#msg283882) is the updated one


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Ryland R. Taylor-Almanza on July 06, 2011, 09:01:26 PM
I'm unable to find the option to attach files to posts, so I'm forced to copy paste this here:

Code:
diff -urpN orig/bitcoin-0.3.23/src/main.h bitcoin-0.3.23/src/main.h
--- orig/bitcoin-0.3.23/src/main.h 2011-06-12 01:17:13.000000000 +0200
+++ bitcoin-0.3.23/src/main.h 2011-06-26 00:16:53.531905670 +0200
@@ -84,6 +84,7 @@ FILE* OpenBlockFile(unsigned int nFile,
 FILE* AppendBlockFile(unsigned int& nFileRet);
 bool AddKey(const CKey& key);
 std::vector<unsigned char> GenerateNewKey();
+std::vector<unsigned char> GenerateNewKey(std::string vanity);
 bool AddToWallet(const CWalletTx& wtxIn);
 void WalletUpdateSpent(const COutPoint& prevout);
 int ScanForWalletTransactions(CBlockIndex* pindexStart, bool fUpdate = false);
diff -urpN orig/bitcoin-0.3.23/src/rpc.cpp bitcoin-0.3.23/src/rpc.cpp
--- orig/bitcoin-0.3.23/src/rpc.cpp 2011-06-12 01:17:13.000000000 +0200
+++ bitcoin-0.3.23/src/rpc.cpp 2011-06-26 00:14:12.042318453 +0200
@@ -6,6 +6,7 @@
 #include "cryptopp/sha.h"
 #undef printf
 #include <boost/asio.hpp>
+#include <boost/xpressive/xpressive_dynamic.hpp>
 #include <boost/iostreams/concepts.hpp>
 #include <boost/iostreams/stream.hpp>
 #ifdef USE_SSL
@@ -309,19 +310,61 @@ Value getinfo(const Array& params, bool
 }
 
 
+vector<unsigned char> GenerateNewKey(string vanity)
+{
+    using namespace boost::xpressive;
+    sregex re = sregex::compile(vanity);
+
+    RandAddSeedPerfmon();
+    unsigned int tried = 0;
+    for (;;)
+    {
+        CKey key;
+        key.MakeNewKey();
+        string strAddress = PubKeyToAddress(key.GetPubKey());
+        ++tried;
+        if (tried%100000 == 0) printf("Vanity key tried %u\n", tried);
+        if (!regex_search(strAddress, re)) continue;
+
+        if (!AddKey(key))
+            throw runtime_error("GenerateNewKey() : AddKey failed");
+        return key.GetPubKey();
+    }
+}
+
+void VanitySearchThread(void* parg)
+{
+    Array* a = (Array*)parg;
+    string vanity = (*a)[1].get_str();
+    string strAddress = PubKeyToAddress(GenerateNewKey(vanity));
+    string strLabel = (*a)[0].get_str();
+
+    SetAddressBookName(strAddress, strLabel);
+
+    delete a;
+}
+
 Value getnewaddress(const Array& params, bool fHelp)
 {
-    if (fHelp || params.size() > 1)
+    if (fHelp || params.size() > 2)
         throw runtime_error(
-            "getnewaddress [account]\n"
+            "getnewaddress [account] [vanity]\n"
             "Returns a new bitcoin address for receiving payments.  "
             "If [account] is specified (recommended), it is added to the address book "
-            "so payments received with the address will be credited to [account].");
+            "so payments received with the address will be credited to [account]."
+            "If [vanity] is specified, is less than 10 characters, and is all valid"
+            "base58 characters, then an address containing that string is generated.");
 
     // Parse the account first so we don't generate a key if there's an error
     string strAccount;
     if (params.size() > 0)
         strAccount = AccountFromValue(params[0]);
+    if (params.size() > 1)
+    {
+        Array* a = new Array(params);
+        CreateThread(VanitySearchThread, (void*)a);
+        return "...searching...";
+    }
 
     // Generate a new key that is added to wallet
     string strAddress = PubKeyToAddress(GetKeyFromKeyPool());

Should apply cleanly to bitcoin-0.3.23.
Can a trusted user here provide a windows binary of the bitcoin client with this patch? I've been trying to help my friend make vanity addresses for a while, but my windows compiling skills are very limited.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: nealmcb on July 11, 2011, 01:26:50 AM
I think vanity addresses are cool, e.g. for nonprofits that accept bitcoin donations, among a variety of similar scenarios.

So ByteCoin, I'd encourage you to go ahead with your service, if you really can convince folks that you wouldn't find out their private address.


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Aresdos on July 14, 2011, 07:40:16 AM
If someone can make and PM me a link to a windows binary that'll help me create vanity addresses, I'd be extremely greatful and might even have a bit bitdecimals I can share in gratitude.. And I'm sure there's others that would be greatful too if you'd link it here... :D


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: Joric on July 14, 2011, 08:04:16 AM
If someone can make and PM me a link to a windows binary that'll help me create vanity addresses, I'd be extremely greatful and might even have a bit bitdecimals I can share in gratitude.. And I'm sure there's others that would be greatful too if you'd link it here... :D
You probably need vanitygen.

"There are plenty of quality tools to do this right now already.  So why use vanitygen?  The main reason is that it is fast, about two orders of magnitude faster than the official bitcoin client with the vanity address patch applied."

source https://github.com/samr7/vanitygen
win32 binary http://www.sendspace.com/file/fu84yv
gpg signature http://insight.gotdns.org/~samr7/vanitygen-0.12-win32.zip.asc
forum thread http://forum.bitcoin.org/index.php?topic=25804.0

I also wrote a python script (pywallet.py, currently 1.1) specially for importing private keys generated by vanitygen.
It works directly with the database, so you have to shut down the bitcoin client to import a key.
Installing it is super-easy, a way easier than building the entire client with a showwallet patch.
Both python and bsddb module are available as binary distributions.
After installing run the script as "python.exe pywallet.py --importprivkey=<your_private_key>".

python: http://www.python.org/ftp/python/2.7.2/python-2.7.2.msi
bsddb: http://pybsddb-win.googlecode.com/files/bsddb3-5.1.2.win32-py2.7.exe (run as administrator)
pywallet: https://raw.github.com/joric/pywallet/master/pywallet.py



Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: dserrano5 on July 14, 2011, 08:51:42 AM
I've successfully compiled the bitcoin client with the patch that implements the 'importprivkey' command. Would anyone trust me enough to try running it? It's for linux 64 bits (but I can compile it for 32 bits if requested).


Title: Re: Vanity bitcoin addresses: a new way to keep your CPU busy
Post by: miguelmorales85 on September 07, 2017, 09:17:59 PM
I'm unable to find the option to attach files to posts, so I'm forced to copy paste this here:

Code:
diff -urpN orig/bitcoin-0.3.23/src/main.h bitcoin-0.3.23/src/main.h
--- orig/bitcoin-0.3.23/src/main.h 2011-06-12 01:17:13.000000000 +0200
+++ bitcoin-0.3.23/src/main.h 2011-06-26 00:16:53.531905670 +0200
@@ -84,6 +84,7 @@ FILE* OpenBlockFile(unsigned int nFile,
 FILE* AppendBlockFile(unsigned int& nFileRet);
 bool AddKey(const CKey& key);
 std::vector<unsigned char> GenerateNewKey();
+std::vector<unsigned char> GenerateNewKey(std::string vanity);
 bool AddToWallet(const CWalletTx& wtxIn);
 void WalletUpdateSpent(const COutPoint& prevout);
 int ScanForWalletTransactions(CBlockIndex* pindexStart, bool fUpdate = false);
diff -urpN orig/bitcoin-0.3.23/src/rpc.cpp bitcoin-0.3.23/src/rpc.cpp
--- orig/bitcoin-0.3.23/src/rpc.cpp 2011-06-12 01:17:13.000000000 +0200
+++ bitcoin-0.3.23/src/rpc.cpp 2011-06-26 00:14:12.042318453 +0200
@@ -6,6 +6,7 @@
 #include "cryptopp/sha.h"
 #undef printf
 #include <boost/asio.hpp>
+#include <boost/xpressive/xpressive_dynamic.hpp>
 #include <boost/iostreams/concepts.hpp>
 #include <boost/iostreams/stream.hpp>
 #ifdef USE_SSL
@@ -309,19 +310,61 @@ Value getinfo(const Array& params, bool
 }
 
 
+vector<unsigned char> GenerateNewKey(string vanity)
+{
+    using namespace boost::xpressive;
+    sregex re = sregex::compile(vanity);
+
+    RandAddSeedPerfmon();
+    unsigned int tried = 0;
+    for (;;)
+    {
+        CKey key;
+        key.MakeNewKey();
+        string strAddress = PubKeyToAddress(key.GetPubKey());
+        ++tried;
+        if (tried%100000 == 0) printf("Vanity key tried %u\n", tried);
+        if (!regex_search(strAddress, re)) continue;
+
+        if (!AddKey(key))
+            throw runtime_error("GenerateNewKey() : AddKey failed");
+        return key.GetPubKey();
+    }
+}
+
+void VanitySearchThread(void* parg)
+{
+    Array* a = (Array*)parg;
+    string vanity = (*a)[1].get_str();
+    string strAddress = PubKeyToAddress(GenerateNewKey(vanity));
+    string strLabel = (*a)[0].get_str();
+
+    SetAddressBookName(strAddress, strLabel);
+
+    delete a;
+}
+
 Value getnewaddress(const Array& params, bool fHelp)
 {
-    if (fHelp || params.size() > 1)
+    if (fHelp || params.size() > 2)
         throw runtime_error(
-            "getnewaddress [account]\n"
+            "getnewaddress [account] [vanity]\n"
             "Returns a new bitcoin address for receiving payments.  "
             "If [account] is specified (recommended), it is added to the address book "
-            "so payments received with the address will be credited to [account].");
+            "so payments received with the address will be credited to [account]."
+            "If [vanity] is specified, is less than 10 characters, and is all valid"
+            "base58 characters, then an address containing that string is generated.");
 
     // Parse the account first so we don't generate a key if there's an error
     string strAccount;
     if (params.size() > 0)
         strAccount = AccountFromValue(params[0]);
+    if (params.size() > 1)
+    {
+        Array* a = new Array(params);
+        CreateThread(VanitySearchThread, (void*)a);
+        return "...searching...";
+    }
 
     // Generate a new key that is added to wallet
     string strAddress = PubKeyToAddress(GetKeyFromKeyPool());

Should apply cleanly to bitcoin-0.3.23.

wow this is like looking into a really old history book. Glad we have other vanity software to create wallets