Title: string value to search for private keys based on WIF Post by: ripemdhash on July 09, 2023, 10:08:46 AM If anyone is interested - I have created software in Python.
The software takes a string value to search for private keys based on WIF (Wallet Import Format). It shows the beginning and end of each private key. For example, if we want to find private keys for the string "MyFirstBitcoinAddress", it also shows how many common keys there are within a given WIF subset. The result is: Code:
Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 09, 2023, 12:27:36 PM For example: find all WIF and privatekeys with word "SatoshiNakamoto"
:) Code: Searching WIF start as SatoshiNakamoto Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 09, 2023, 12:55:14 PM Cool! i am interested in about getting my own private key with the name "GR Sasa" on it :)
Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 09, 2023, 01:07:04 PM here you are:
Compressed : Code: Searching WIF start as GRSasa uncompressed: Code: start: 0x3b580a2c2019179b5a6d36cf6a0118a1932833d5fa9e4bc03d8648e4d8d42800 stop: 0x3b580a2c2ef4c775c2376de7f6f39b04ea47378f6c06c5a4ea500df9843b4fff or maybe in this subgroups: Code: Searching WIF start as GRSasaGRSasaGRSasaGRSasa Code: Searching WIF start as GRSasaGRSasaGRSasaGRSasaGRSasa this is cool for generating your own "privatekey" based on WIF which is very to remember. It can be a sentence too:) those are better: Code: Searching WIF start as GRSasaBitcoinAddress or: Code: Searching WIF start as GRSasaFirstBitcoinAddress or: Code: Searching WIF start as GRSasaSecondBitcoinAddress Title: Re: string value to search for private keys based on WIF Post by: Cricktor on July 09, 2023, 03:40:07 PM Why would you want to have some known string sequence of characters in your WIF representation of private keys? Private keys are supposed to be a) random (as random as possible!) and b) not to be shown around. I guess b) was not on the priority list at all, but frankly you're shaving off some amount of bits of security from your private key(s) if you do something what you offer here.
I get the point for public addresses and I have created vanity addresses for myself in the past. But why for private keys? Sounds like a dangerous idea to me. Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 09, 2023, 03:42:39 PM it is not dangerous:) if you can create your own "WIF" with info only for you. it doesn't matter.
It is the part of my study of curve. Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 09, 2023, 03:52:56 PM its not dangerous as long as at least 10 of the last WIF characters are random. The rest of 40 characters could be anything ;D
Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 09, 2023, 03:55:05 PM is any one able create for me web page ? I would like put the alorithm to webpage
Title: Re: string value to search for private keys based on WIF Post by: o_e_l_e_o on July 09, 2023, 07:49:56 PM its not dangerous as long as at least 10 of the last WIF characters are random. The rest of 40 characters could be anything ;D What are you talking about? The last 5-6 characters are a checksum, meaning you are only have 4 random characters? So you've just reduced the entropy of your private key from 2256 to 584, which is around 11 million, and could be brute forced in under a second.Vanity private keys are a seriously dumb idea. No one should ever use this. Title: Re: string value to search for private keys based on WIF Post by: BlackHatCoiner on July 09, 2023, 08:06:18 PM Why would you want that? I can understand to an extent why vanity addresses can be useful, but this is, besides dangerously dumb, completely meaningless. If you want to memorize a password / phrase and use that as private key, simply use brainwallet (https://brainwalletx.github.io/) (which is also not recommended). Messing with the private key, the cryptographic piece that needs to be as random as possible, is a recipe for disaster.
Title: Re: string value to search for private keys based on WIF Post by: digaran on July 09, 2023, 08:32:01 PM Nice, any windows binary? I don't use python.
This is good for display, not real world use to store. Also can we count how many of a certain checksum exist in a subgroup? Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 09, 2023, 08:49:46 PM Nice, any windows binary? I don't use python. This is good for display, not real world use to store. Also can we count how many of a certain checksum exist in a subgroup? at the moment there is no binary for windows, I will try do it later about checksum -> I understand the question -> I will give an answer during few days Title: Re: string value to search for private keys based on WIF Post by: pooya87 on July 10, 2023, 04:10:47 AM Maybe in a very weird way we could find a utility for something like this. For example having an indicator of what the private key was used for (eg. MyHotWallet). But as others mentioned you are reducing the security of the private key so here is a better idea: why don't you use a different encoding and change the algorithm itself?
that means instead of modifying the key itself, you could just add extra bits on top of the untouched random 256-bit key to indicate the utility. You don't even have to reinvent the wheel, there is Bech32[1] encoding that is very suitable for this purpose. You just replace the HRP part with the string you want. It can contain between 1 to 83 US-ASCII characters then use the key bytes as the data part without modifying it at all. So your final key string would become something like this: MyFirstBitcoinAddress1{unchanged 256-bit encoded key} where 1 is the default separator. I used a version byte (=0) and the BIP350 (Bech32m)[2] in the following: Code: 5JYkir7TsJ4L8bJroCuLgjxxNdbEUgvjVKdUgnwhDMFF5yM2dYu This has so many benefits: - It doesn't reduce key security - The restriction on the size of the "string" you use at the beginning is big enough (83 chars) to contain any note - You don't have to write that much code to guess the range like you did here, everything is pretty straight forward and you can use already existing Bech32 encoding libraries - The code and the result is neat and is easy to verify so the chance of bugs is minimal - The encoding is fast and has a checksum and error detection built in. - It can contain a version for future expansion of the algorithm [1] https://github.com/bitcoin/bips/blob/master/bip-0173.mediawiki [2] https://github.com/bitcoin/bips/blob/master/bip-0350.mediawiki Title: Re: string value to search for private keys based on WIF Post by: NotATether on July 10, 2023, 05:56:21 AM is any one able create for me web page ? I would like put the alorithm to webpage Unless you're plannng to perform the entire vanity calculation in client side Javascript, you're going to need a server for balding the heavy lifting of the calculations. Why would you want that? I can understand to an extent why vanity addresses can be useful, but this is, besides dangerously dumb, completely meaningless. If you want to memorize a password / phrase and use that as private key, simply use brainwallet (https://brainwalletx.github.io/) (which is also not recommended). Messing with the private key, the cryptographic piece that needs to be as random as possible, is a recipe for disaster. Slowly I'm becoming more and more of the position that it's better to use HD seeds instead of individual private keys, for privacy purposes, and since (an array of) vanity addresses cannot be generated from HD seeds, it doesn't really make much sense to use them anymore. :( Title: Re: string value to search for private keys based on WIF Post by: o_e_l_e_o on July 10, 2023, 05:56:35 AM -snip- I still don't see what this achieves other than adding additional risk that you either do something wrong and trash your entropy, or you do something wrong and are unable to recover your coins.If you want to add a note about what your private key is for, then just add a note after the private key? I don't see how this: Code: MyFirstBitcoinAddress1qvpkmem0ne8c5mc2mx69733mxcq206rfhwnln8g5p7javkv26f6dsqdk50w Is any better to this: Code: My first bitcoin address Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 10, 2023, 07:58:42 AM What are you talking about? The last 5-6 characters are a checksum, meaning you are only have 4 random characters? So you've just reduced the entropy of your private key from 2256 to 584, which is around 11 million, and could be brute forced in under a second. Vanity private keys are a seriously dumb idea. No one should ever use this. I DISAGREE! Even with 4 characters as you said, it's still perfectly safe to have a vanity WIF. Let's say there are really 11 million combination left to find the address, still with this it's enough security for me. Because when you have an address, obviously no body will know your private key, so they won't even know that you have a vanity-WIF that is vulnerable for attacks and has only 4 Characters AND they DONT even know the "Words" you used for Vanity-WIF. Are they in Capital letters? How many repeated words? Are they written in small letters etc etc, Unless someone decides to search manually 11 Million times in Blockchain searching for random balance address, but still it would take hundreds of years to manually loop 11 millions time and would most likely not possible because they need to exactly know your Vanity-Words that you used for your WIF to be able to manually search => There are millions of different words! AND they need to guess the correct word with the correct order. If they want to bruteforce the address, as i said they need to know that address actually has vanity WIF and its vanity-words, which is no way to know, so it's not possible and therefore it's definitely safe to have at least 4 random characters for vanity WIF. I find it a good idea to use Vanity-WIF, especially to manually remember the WIF, if its written with words we like to remember and not random shitty characters that if we lost we don't remember anything of it. Summary: It does indeed decrease the security of the key. BUT its still very safe to use. It;s like when you reveal your public key, you just reduced your security public key from 256 bits, to 128 bits. AND SO is with the vanity-wif! Title: Re: string value to search for private keys based on WIF Post by: o_e_l_e_o on July 10, 2023, 08:40:33 AM AND they DONT even know the "Words" you used for Vanity-WIF. Are they in Capital letters? How many repeated words? Are they written in small letters etc etc This is effectively a brain wallet. Literally hundreds of thousands brain wallets have been hacked and had their coins stolen because they are fundamentally insecure.but still it would take hundreds of years to manually loop 11 millions time This is just plain incorrect. Fairly modest hardware is capable of generating in excess of 5 billion keys per second (https://bitcointalk.org/index.php?topic=5112311.msg50823897#msg50823897). 11 million is literally nothing.I find it a good idea to use Vanity-WIF, especially to manually remember the WIF Remembering seed phrases is risky enough. Remembering individual private keys is another level of stupid.BUT its still very safe to use. You are wrong.Title: Re: string value to search for private keys based on WIF Post by: digaran on July 10, 2023, 08:42:12 AM 11 millions! Take it easy tiger! 11 M keys takes less than a second for my laptop to find and there is hashcat, it can search all alphabet, numbers, symbols, all languages, dead or alive and when they take your coins, don't come here whining about it, lol.Last year I talked about vanity private and public keys, it's more of a decorating nature, not that vanity public key is even possible. But vanity private key is a bad idea, memorizing your wife or gf's birthday is the ultimate memory challenge for most men, let alone memorizing a WIF key. It is not recommended, and it has no use really, because you can never show it off to people, the last 6 chars are nothing to worry about, it would take less than a second, the first 2 characters are limited, so you are too much vulnerable as it is. Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 10, 2023, 08:53:51 AM I don't know why many disagree on the posts i do....
I will agree to disagree my agreement if a big mafia guy like Satoshi confirms that he's disagreed about the agreement that i agree with Anyways, no body asked you to have 4 randoms characters. I say at least, but from 10 characters, including checksums, you're safe for years. :-* ;D Title: Re: string value to search for private keys based on WIF Post by: ABCbits on July 10, 2023, 10:36:09 AM It's interesting as hobby project, although as other said people shouldn't use it to store their Bitcoin.
is any one able create for me web page ? I would like put the alorithm to webpage I doubt anyone willing to do it for free. But how about storing it on GitHub repository or GitHub pages? I don't know why many disagree on the posts i do.... At very least, the part 11 million is key could be brute forced quickly is definitely true. For example, check this VanitySearch benchmark https://bitcointalk.org/index.php?topic=5112311.msg50823897#msg50823897 (https://bitcointalk.org/index.php?topic=5112311.msg50823897#msg50823897). I will agree to disagree my agreement if a big mafia guy like Satoshi confirms that he's disagreed about the agreement that i agree with Don't forget even "big mafia guy" could make mistake. Title: Re: string value to search for private keys based on WIF Post by: BlackHatCoiner on July 10, 2023, 11:33:40 AM This has so many benefits I honestly recognize no such things as benefits. "Not reducing the key's security" isn't a benefit. It's the normal state in cryptographic key pairs. Obviously, not reducing the key's security is something good, but it is quite obvious to have that security. I neither understand the rest you said. Why can't you use separate notes to accomplish that?Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 10, 2023, 12:43:47 PM The thing is, nobody will ever know that this address belongs an vanity-wif, so thats why i consider it "Safe".
I would love to create a WIF that is easy to remember, that has for example my family name on it. How on hell could attacker guess my whole family name? No way in a trillion years. To everyone now that disagree me again, here a kiss :-* Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 10, 2023, 12:45:43 PM I'm agree with you.:)
hmm maybe some people here have WIFs generate in this way?:D I will prepare for github soon the code Title: Re: string value to search for private keys based on WIF Post by: o_e_l_e_o on July 10, 2023, 12:47:31 PM The thing is, nobody will ever know that this address belongs an vanity-wif, so thats why i consider it "Safe". "No one will ever know my address comes from a brain wallet, so I consider it safe." - the owner of every brain wallet, minutes before all their coins were stolen.How on hell could attacker guess my whole family name? Are you honestly asking how an attacker could possibly guess public information which could probably be gathered by anyone in the world in 60 seconds by looking at your social media profiles? Lol.Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 10, 2023, 12:55:43 PM Are you honestly asking how an attacker could possibly guess public information which could probably be gathered by anyone in the world in 60 seconds by looking at your social media profiles? Lol. So you're better win 100 times the Lottery to be that smart for performing all those steps. Or you'd better need to know the past and the future. But its impossible You could have put your crush's name, your grand's grandfather name or you could write memories, or anything or something about WW2 in your WIF. Nobody will ever be able to find out those words, because it will be exactly like seed phrase. Guys if you don't agree that its safe, i will delete my account here. You, just need to randomizes some words, other than that it's completely safe :) Title: Re: string value to search for private keys based on WIF Post by: BlackHatCoiner on July 10, 2023, 01:05:57 PM The thing is, nobody will ever know that this address belongs an vanity-wif, so thats why i consider it "Safe". Until someone brute forces millions of vanity-wifs and find one with a balance, which as described is trivial to do with modern computers. You're so arrogant with security. Please avoid using that, you're going to harm yourself. Title: Re: string value to search for private keys based on WIF Post by: GR Sasa on July 10, 2023, 01:07:50 PM Until someone brute forces millions of vanity-wifs and find one with a balance, which as described is trivial to do with modern computers. You're so arrogant with security. Please avoid using that, you're going to harm yourself. If you randomize some words, it will be perfectly safe. it will be like seed BTCphrase. It is secure. When @OP reveal his source code, i'm going to make a vanity WIF with my name printed on it "GRSASA". exactly like this: Code: 5KGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGNyai9d I gotta post the address then, and put 0.01BTC on it. I'll see then if it gets cracked or not. And if solve any of the 32BTC pzuzle, i gotta also put it in such a private key. To prove to the community that its safe, Title: Re: string value to search for private keys based on WIF Post by: o_e_l_e_o on July 10, 2023, 01:12:04 PM If you randomize some words, it will be perfectly safe. it will be like seed phrase. It is secure. No, it isn't.Go ahead and use this. You've been warned multiple times. We can't stop you. But don't expect any sympathy when a bot scanning millions of such addresses each second (as is the case with brain wallets) clears out your funds. Title: Re: string value to search for private keys based on WIF Post by: pooya87 on July 10, 2023, 05:37:35 PM If you want to add a note about what your private key is for, then just add a note after the private key? Why can't you use separate notes to accomplish that? I don't disagree with this question which is why I said the idea itself is weird. On the other hand, the solution I offered is only aiming to solve the main flaw in OP's idea that was reducing the key's security while making the assumption that there is a reason for having such a scheme. That is from purely a problem solving perspective. Title: Re: string value to search for private keys based on WIF Post by: Synchronice on July 11, 2023, 08:17:03 AM This is just what I don't understand, why do people think that randomization lacks security? Something that does not follow a deterministic pattern is more secure because it's less predictable, it's as easy as ABC. When you make something that follows predictable pattern can never be more secure, it breaks the law of randomization.
This really drives me crazy, why do you guys think that randomization is a bad practice? Go ahead and use this. You've been warned multiple times. We can't stop you. But don't expect any sympathy when a bot scanning millions of such addresses each second (as is the case with brain wallets) clears out your funds. I second this! My approach is to learn on someone's mistakes, probably OPs approach is to only learn on his own mistakes. Then let it be that way.Title: Re: string value to search for private keys based on WIF Post by: alexeyneu on July 12, 2023, 04:15:31 AM exactly like this: Code: 5KGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGRSasaGNyai9d Title: Re: string value to search for private keys based on WIF Post by: DaCryptoRaccoon on July 12, 2023, 02:24:27 PM Red Flags.
1. No repo for the code so no one can check how these are generated. 2. Not a wise idea to generate WIF in this format easy to brute force. 3. Looks like a bunch of "convincer" accounts trying to sucker people to use this. Poor effort.. Must try harder. Title: Re: string value to search for private keys based on WIF Post by: ripemdhash on July 12, 2023, 02:43:49 PM Red Flags. 1. No repo for the code so no one can check how these are generated. 2. Not a wise idea to generate WIF in this format easy to brute force. 3. Looks like a bunch of "convincer" accounts trying to sucker people to use this. Poor effort.. Must try harder. Answer for 3: I do not understand , I'm trying to force anyone for use this. It is only showing that we can do a lot with this. Answer for 2 : No if you do not know what kind "sentences is used" you can't brute force -I can put 0,5 btc on addres and give you a publickey then you can start "bruteforcing", if you will not get the BTC you send me 0,5 btc to my account. can we agree? Answer 1: It is in pure python. I do not paste it yet to github. No have time. Title: Re: string value to search for private keys based on WIF Post by: DaCryptoRaccoon on July 12, 2023, 03:18:05 PM In your software, you're generating WIFs with custom characters at the beginning, like "5HpHahMyFirstBitcoinAddress" or "SatoshiNakamoto." While it may seem convenient to generate personalized WIFs, it actually reduces the overall key strength and poses security risks.
Bitcoin private keys are derived from a secure random number generator, ensuring their unpredictability and resistance to brute force attacks. However, by using custom WIFs with specific strings, you are essentially reducing the randomness and predictability of the keys. Attackers who are aware of this custom format can optimize their search by focusing on keys that match the pattern you're using. They can generate WIFs with similar custom strings and systematically search for potential matches. This significantly weakens the security of the private keys generated using your software. t's crucial to prioritize key strength and randomness to protect your assets. Using standard WIFs generated from a secure random number generator ensures a higher level of security. Remember, the strength of Bitcoin lies in its cryptographic algorithms and the randomness of private keys. While it may be tempting to have personalized WIFs, it's essential to consider the potential risks and vulnerabilities associated with such customization. It's always better to rely on proven methods and established security practices when it comes to handling private keys and protecting your Bitcoin. All you are doing is introducing weakness to the key by doing this nothing more. It is no more practical to have a custom WIF than a vanity public key. Title: Re: string value to search for private keys based on WIF Post by: Cricktor on July 12, 2023, 03:53:50 PM What the OP doesn't want to see or realize is that some language words or combinations of them or even common syllabels already vastly limit the key space. It might be that they can't easily be guessed by an attacker but if you assume such a WIF characters scheme your attack space is already way smaller than a totally random private key. You're just bringing the proven deficiencies of brainwallets to WIF private keys for no reason.
Dear OP, if you think this is a good and safe method, no one here can prevent you from doing so yourself. But stop telling this is safe. It isn't and multiple users have told you this. |