I'm wondering if there is there any knowledge (or speculation!) of the methodology which was used in the creation of the transaction?
A few words about the puzzle. There is no pattern. It is just consecutive keys from a deterministic wallet (masked with leading 000...0001 to set difficulty).
|
|
|
I don't why out of sudden doublespend or replacemant is a problem with puzzle 66 but wasn't before with other puzzles ...
Or 67, 68, 69?
|
|
|
life is too short to guess even 30 bit.. Everything is great up to 50bit. Above that, I either don't have enough CPU or RAM or the number of GPUs or all together. And I don't have money to rent 100 GPUs.
|
|
|
if your are trying to break a seed and get all the keys from deterministic wallet that not gonna work...
Something other than that. If you haven't seen what this script does, it's not worth explaining. Start in order from Puzzle 15.
|
|
|
why you can not solve 130 then with this code ?
Cause 130 isn't 60 i guess... I keep 3600 as timeout for 130.
|
|
|
many people make similar mistakes when they are in a hurry. To be honest, I only noticed the error myself. The main thing is that 1000 kW hours of energy were not wasted. Please Thank you very much - I changed it in the original post. This is proof that I'm not an AI...I admit when I'm wrong. anyway, I just solved Puzzle 60 in 16 seconds - STARTED: Sat Dec 23 11:52:59 2023
- [Puzzle]: 60
- [Lower range limit]: 576460752303423488
- [Upper range limit]: 1152921504606846975
- [Using 12 CPU cores for parallel search]:
- [Core]: 11, [Random seed]: b'a\xc6?\xb5\xd8$\xc9*\xe1'
- [Core]: 12, [Random seed]: b'\x17\xd7%&\xaa&\xbfL\x94'
- [Core]: 02, [Random seed]: b'\xca[s\xfex3\x9d\xe3I'
- [Core]: 04, [Random seed]: b'\xf9\x84Z\x16\xeb\xd4\xef%\x83'
- [Core]: 03, [Random seed]: b'\xab\xba\xaa\x90\xd0\xd5H\xa0\xeb'
- [Core]: 05, [Random seed]: b'\xd6\x1aA{]\xb3s\xc8\x0f'
- [Core]: 06, [Random seed]: b'<\x04t\xacV0LB\xc5'
- [Core]: 08, [Random seed]: b'\xde\x1d\x1f\xef\xab\x8aL\xbb\xc6'
- [Core]: 10, [Random seed]: b'\x03\xadO\x97\xd8\xdf \xf4\x08'
- [Core]: 11, [Random seed]: b'*E\x99\xf3f\xe9\xf6\xb48'
- [Core]: 12, [Random seed]: b'\xa0\xb7\xf4r\xc2*\x1b"\xc4'
- [Core]: 01, [Random seed]: b'ahP+B\xb6rJ\xf6'
- PUZZLE SOLVED: Sat Dec 23 11:53:15 2023, total time: 16.213455915 sec
- WIF: KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYkzijLsc5qE43yZ5eLV
- PUZZLE SOLVED! Stopping the loop.
import sys, os, time, hashlib, gmpy2, random, multiprocessing from multiprocessing import Pool, cpu_count from gmpy2 import mpz import secp256k1 as ice
if os.name=='nt':os.system('cls') else:os.system('clear') t = time.ctime() sys.stdout.write(f"\033[?25l") sys.stdout.write(f"\033[01;33m[+] STARTED: {t}\n") sys.stdout.flush()
MODULO = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F) ORDER = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141) GX = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798) GY = gmpy2.mpz(0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8)
class Point: def __init__(self, x=0, y=0): self.x = gmpy2.mpz(x) self.y = gmpy2.mpz(y)
PG = Point(GX, GY) ZERO_POINT = Point(0, 0)
def multiply_by_2(P, p=MODULO): x_squared = P.x**2 % p c = (3 * x_squared * gmpy2.invert((P.y + P.y) % p, p)) % p
R = Point() R.x = (c**2 - 2 * P.x) % p R.y = (c * (P.x - R.x) - P.y) % p
return R
def add_points(P, Q, p=MODULO): dx = Q.x - P.x dx_inv = gmpy2.invert(dx, p) dy_dx_inv = (Q.y - P.y) * dx_inv
R = Point() R.x = (dy_dx_inv**2 - P.x - Q.x) % p R.y = (dy_dx_inv * (P.x - R.x) - P.y) % p
return R
def mod_pow(base, exponent, modulus): result = 1 base = base % modulus
while exponent > 0: if exponent % 2 == 1: result = (result * base) % modulus exponent = exponent // 2 base = (base * base) % modulus
return result
def x_to_y(X, y_parity, p=MODULO): X_cubed = (X**3) % p X = (X_cubed + 7) % p
Y = (p + 1) // 4 tmp = mod_pow(X, Y, p)
if gmpy2.is_odd(tmp) != y_parity: tmp = -tmp % p
return tmp
def compute_point_table(): points = [PG] for k in range(255): points.append(multiply_by_2(points[k])) return points
POINTS_TABLE = compute_point_table() STOP_EVENT = multiprocessing.Event()
def check(P, Pindex, DP_rarity, A, Ak, B, Bk): check = gmpy2.f_mod(P.x, DP_rarity) if check == 0: A.append(mpz(P.x)) Ak.append(mpz(Pindex)) message = "\r[+] [Pindex]: {}".format(Pindex) messages = [] messages.append(message) output = ''.join(messages) + "\r" sys.stdout.write(output) sys.stdout.flush() return comparator(A, Ak, B, Bk) else: return False
def comparator(A, Ak, B, Bk): global STOP_EVENT result = set(A).intersection(set(B))
if result: t = time.ctime() total_time = time.time() - starttime sol_kt = A.index(next(iter(result))) sol_kw = B.index(next(iter(result))) HEX = "%064x" % abs(Ak[sol_kt] - Bk[sol_kw]) dec = int(HEX, 16) wifc = ice.btc_pvk_to_wif(HEX) wifu = ice.btc_pvk_to_wif(HEX, False) caddr = ice.privatekey_to_address(0, True, dec) uaddr = ice.privatekey_to_address(0, False, dec) pid = os.getpid() # Get the process ID core_number = pid % cpu_count() # Calculate the CPU core number sys.stdout.write("\033[?25h") sys.stdout.flush() print(f"\033[32m[+] PUZZLE SOLVED: {t}, total time: {total_time:.9f} sec, Core: {core_number+1:02} \033[0m") print(f"\033[32m[+] WIF: \033[32m {wifc} \033[0m") with open("KEYFOUNDKEYFOUND.txt", "a") as file: file.write("\n\nSOLVED " + t) file.write(f"\nTotal Time: {total_time:.9f} sec") file.write("\nPrivate Key (decimal): " + str(dec)) file.write("\nPrivate Key (hex): " + HEX) file.write("\nPrivate key (wif) Compressed : " + wifc) file.write("\nPrivate key (wif) Uncompressed: " + wifu) file.write("\nBitcoin address Compressed: " + caddr) file.write("\nBitcoin address Uncompressed: " + uaddr) file.write( "\n-------------------------------------------------------------------------------------------------------------------------------------------\n" )
STOP_EVENT.set() # Set the stop event to signal all processes
ECMULTIPLY_MEMO = {}
def ecmultiply(k, P=PG, p=MODULO): if k == 0: return ZERO_POINT elif k == 1: return P elif k % 2 == 0: if k in ECMULTIPLY_MEMO: return ECMULTIPLY_MEMO[k] else: result = ecmultiply(k // 2, multiply_by_2(P, p), p) ECMULTIPLY_MEMO[k] = result return result else: return add_points(P, ecmultiply((k - 1) // 2, multiply_by_2(P, p), p))
def mulk(k, P=PG, p=MODULO): if k == 0: return ZERO_POINT elif k == 1: return P elif k % 2 == 0: return mulk(k // 2, multiply_by_2(P, p), p) else: return add_points(P, mulk((k - 1) // 2, multiply_by_2(P, p), p))
def generate_powers_of_two(hop_modulo): return [mpz(1 << pw) for pw in range(hop_modulo)]
# Configuration for the Puzzle puzzle = 60 compressed_public_key = "0348e843dc5b1bd246e6309b4924b81543d02b16c8083df973a89ce2c7eb89a10d" lower_range_limit = 2 ** (puzzle - 1) upper_range_limit = (2 ** puzzle) - 1 power = (puzzle // cpu_count()) + 1 Nt = Nw = (2 ** power // puzzle) * puzzle + cpu_count() DP_rarity = (puzzle * puzzle) hop_modulo = (puzzle // 2) + cpu_count()
powers_of_two = generate_powers_of_two(hop_modulo) T, t, dt = [], [], [] W, w, dw = [], [], []
if len(compressed_public_key) == 66: X = mpz(compressed_public_key[2:66], 16) Y = x_to_y(X, mpz(compressed_public_key[:2]) - 2) else: print("[error] pubkey len(66/130) invalid!")
print(f"[+] [Puzzle]: {puzzle}") print(f"[+] [Lower range limit]: {lower_range_limit}") print(f"[+] [Upper range limit]: {upper_range_limit}")
W0 = Point(X, Y) starttime = oldtime = time.time() Hops = 0
def search_worker( Nt, Nw, puzzle, power, starttime, lower_range_limit, upper_range_limit ): global STOP_EVENT pid = os.getpid() core_number = pid % cpu_count() #Random Seed Config constant_prefix = b'' # b'' is back to no constant prefix_length = len(constant_prefix) length = 9 ending_length = length - prefix_length ending_bytes = os.urandom(ending_length) random_bytes = constant_prefix + ending_bytes print(f"[+] [Core]: {core_number+1:02}, [Random seed]: {random_bytes}") random.seed(random_bytes) t = [mpz(random.randint(lower_range_limit, upper_range_limit)) for _ in range(Nt)] T = [mulk(ti) for ti in t] dt = [mpz(0) for _ in range(Nt)] w = [mpz(random.randint(lower_range_limit, upper_range_limit)) for _ in range(Nw)] W = [add_points(W0, mulk(wk)) for wk in w] dw = [mpz(0) for _ in range(Nw)]
Hops, Hops_old = 0, 0 oldtime = time.time() starttime = oldtime
while True: for k in range(Nt): Hops += 1 pw = T[k].x % hop_modulo dt[k] = powers_of_two[pw] solved = check(T[k], t[k], DP_rarity, T, t, W, w) if solved: STOP_EVENT.set() break t[k] = mpz(t[k]) + dt[k] # Use mpz here T[k] = add_points(POINTS_TABLE[pw], T[k])
for k in range(Nw): Hops += 1 pw = W[k].x % hop_modulo dw[k] = powers_of_two[pw] solved = check(W[k], w[k], DP_rarity, W, w, T, t) if solved: STOP_EVENT.set() break w[k] = mpz(w[k]) + dw[k] # Use mpz here W[k] = add_points(POINTS_TABLE[pw], W[k])
if STOP_EVENT.is_set(): break
if __name__ == "__main__": process_count = cpu_count() print(f"[+] [Using {process_count} CPU cores for parallel search]:")
# Create a pool of worker processes pool = Pool(process_count) results = pool.starmap( search_worker, [ ( Nt, Nw, puzzle, power, starttime, lower_range_limit, upper_range_limit, ) ] * process_count, ) pool.close() pool.join() Loop script in bash (seed hunter) #!/bin/bash
while true; do timeout 30 python3 puzzle.py sleep 2 if [ -n "$(find . -maxdepth 1 -type f -name 'KEYFOUNDKEYFOUND.txt' -print -quit)" ]; then echo "[+] PUZZLE SOLVED! Stopping the loop." break fi done set the timeout as you wish.
|
|
|
Combinations is not a random generating! . Besides it's combinations of points on curve, not private keys.
It is not feasible to directly select points on a curve that correspond to specific private key, especially without knowing the corresponding public key. Without the private key, it is virtually impossible to reverse the process. On planet earth, on all the beaches in the world, the number of grains of sand is 2^77.
Now imagine people who add and subtract grains of sand to find the unique single grain in the desert (curve) .
|
|
|
Maybe this code. I don't know what else to think of I sent you a PM what to look at....
|
|
|
I guess it is not big deal. it should be possible to solve in one day or so.
To find a 66-bit private key within 10 days, we would need to check approximately 200 (billion) giga/hashes - addresses per second. It doesn't matter if it's an even or odd number. The only way to make this that fast is aliens to land and solve this..
|
|
|
@nomachine: you quoted him, so I see his messages... damn it took me a while to find out about the great button IGNORE and I can highly recommend using it. You will find it under his name. Believe me or not - it helps! Thanks, Done.
|
|
|
One does not become a university professor after posting one liner or few liner generic sh*tposts. You still haven't answered the question of where your scientific works are. Where can we read online?
|
|
|
Hi mate,
how it is going so far? How much is the real rate of keys/s?
Quantum computers, in theory, could provide a speedup for certain types of search problems, but finding hash collisions for cryptographic hash functions is not one of them. Cryptographic primitives like hash functions and ECDSA are designed to be resistant to preimage attacks, and quantum computers do not break this resistance. Quantum computation do not pose an immediate threat to the security of Bitcoin or other widely used cryptographic systems. This approach is more of a proof-of-concept or educational exercise rather than a practical implementation for breaking Bitcoin's security. Quantum algorithm/hardware for solving such problems would need to be carefully designed to provide actual advantages over classical approaches. Example: https://arxiv.org/pdf/2302.06639.pdfIBM Quantum Backend don't have the hardware (arithmetic circuits) available for "126 133 Cat Qubits" If someone succeeds in doing this, they will know exactly who is capable of it in the scientific community and they have their addresses where they live. All other talk is just good advertising for these quantum backend providers. Are you sure ? From what i know ECDSA is vulnerable to quantum computers attack. Maybe not that one IBM allows to use for free for 10 minutes. But generally : IT'S VULNERABLE. https://security.stackexchange.com/questions/34940/is-ecdsa-breakable-by-quantum-computersDid you read the link above? Theoretically it is. Practically not. Equipment required for something like this goes beyond home garages conditions. Even ordinary quantum computers. A special laboratory is needed for such a computer. Not to mention that laser generated (radiated) random numbers are needed combined with a quantum computer. And such a quantum computer must have a special kind of qubit for Shor's algorithm, special efficiency power supplies, sub-zero cooling and a fully controlled environment. Development and deployment of practical, large-scale quantum computers capable of breaking these algorithms are still in the early stages. Many technical challenges need to be addressed before quantum computers become a practical threat to current cryptographic systems. Laser-generated random numbers, on the other hand, are not directly related to the security of ECDSA or other cryptographic algorithms. Random number generation is a separate aspect of cryptography that is crucial for key generation and other cryptographic processes.
|
|
|
Hi mate,
how it is going so far? How much is the real rate of keys/s?
Quantum computers, in theory, could provide a speedup for certain types of search problems, but finding hash collisions for cryptographic hash functions is not one of them. Cryptographic primitives like hash functions and ECDSA are designed to be resistant to preimage attacks, and quantum computers do not break this resistance. Quantum computation do not pose an immediate threat to the security of Bitcoin or other widely used cryptographic systems. This approach is more of a proof-of-concept or educational exercise rather than a practical implementation for breaking Bitcoin's security. Quantum algorithm/hardware for solving such problems would need to be carefully designed to provide actual advantages over classical approaches. Example: https://arxiv.org/pdf/2302.06639.pdfIBM Quantum Backend don't have the hardware (arithmetic circuits) available for "126 133 Cat Qubits" If someone succeeds in doing this, they will know exactly who is capable of it in the scientific community and they have their addresses where they live. All other talk is just good advertising for these quantum backend providers.
|
|
|
# Implement the SHA-256 compression function using a quantum oracle search for target address prefix 20d45 sha256_compression_function(qc, binary_message, expression="message[0] == '1' and message[1] == '0' and message[2] == '1' and message[3] == '1'")
You are applying sha256 on the privatekey and compare it to the #66 hash160??? How should this ever return something related to #66? Also is the sha256_compression_function just trying random bits? I just looked at the whole code now...you are right. The expression "message[0] == '1' and message[1] == '0' and message[2] == '1' and message[3] == '1'" in the sha256_compression_function is hardcoding specific conditions based on the target address. In a real scenario, the conditions would depend on the actual hash function and Bitcoin address generation process. The absence of ecdsa.SigningKey.from_string is notable. For example signing_key = ecdsa.SigningKey.from_string(private_key_bytes, curve=ecdsa.SECP256k1) If we doesn't have this, there must be an encoder that does it. Let's say fastecdsa SEC1Encoder which is fully hardcoded in C. This method is commonly used in classical (non-quantum) code for dealing with ECDSA (Elliptic Curve Digital Signature Algorithm) signatures in Bitcoin. If you are working with Bitcoin addresses, you would typically use libraries like ecdsa/fastecdsa to handle key generation and signing. I'm losing 0.001 part of a second just for that in Python. ECDSA signing function is the most time consuming and is a bottleneck in the overall speed. It's painfully slow. I would love to throw it out as well, but i can't. That's not how things works. The code seems to be treating the quantum computation as a search problem, attempting to find a hash collision that matches the target address. However, the actual Bitcoin address generation process involves public key derivation, hash functions, and elliptic curve cryptography, which are not accurately represented in the code.
|
|
|
I doubt if 10 minutes for 66 even on a super computer is enough and after the 10 minutes its $1.60 per minute so 130 would cost a lot more money than 66. eventually the cost will go down.
Keep in mind the limitations imposed by the IBM Quantum provider, such as the number of allowed jobs, 10 minutes execution time, and queuing times (a shared resources). Instead of applying Controlled-X gates individually in a loop, you can use Qiskit's QuantumCircuit.mct (Multiple-Control Toffoli) gate to combine multiple Controlled-X gates into a single operation. qc.mct(list(range(16)), 16) def sha256_compression_function(qc, message_bits, expression): # Ensure the length of message_bits is 256 assert len(message_bits) == 256,
# Apply Controlled-X gates based on the message bits qc.mct(list(range(16)), 16) # Combine Controlled-X gates into a single operation
# Manually construct the boolean conditions from the expression qc.x([i for i, char in enumerate(expression) if char == '1' and i < 16]) Good Luck ! p.s. I think it takes at least a week or two to hit something with this...... Every day is $1.60x1440. High class gambling. I need to make changes to the Kangaroo_CPU.dll file. How can I do this? I cannot see its content. I tried various programs but I could not see the codes. The programs give errors, I think it is encrypted
DLLs and SOs are binary files that contain compiled code. If you have access to the source code of the library, it is always better to make the necessary changes there and recompile the library. This is the safest and most recommended approach. If not, the question arises as to what is hidden in them?
|
|
|
they never have anything constructive to say anyways
How many accounts do you have here? 5? Do you ask yourself questions from one account and then answer from another? You probably have a lot of fun thanking yourself for the advice. then do your homework and don't beg others to do it for you. This is not a job market portal
This is an infestation of those seeking for The sum of two public keys. It's like they cloned themselves.
|
|
|
Has anyone come across the private keys of these two public keys? 02767761d4b43b130134b0fd8348a020c43f4d247a00aa488cb0f6fdb1584a202f 03bd303397e428bf036db49510b70b86d0025f73744b6324a579de16dc591e2056
If yes, Pm me... I shall offer a token of appreciation for this.
Why would anyone do this for addresses with a balance $0.00 ?
|
|
|
I checked this script. He's very slow. These scripts are all a waste of time. You need to look towards the GPU, you can increase the speed by 1.5 - 2 times if you use spin 32/64, exactly the same as in the GPU kangaroo code. I've already added a loop to the GPU for cheking. Python scripts are kindergarten I agree. But what to do with those who do not have a PC. Digaran runs scripts on the phone. It needs poor man scripts.
|
|
|
About the public keys in Python..... You can use fastecdsa SEC1Encode to do this all in one call (from Point X and Y). Here is link https://github.com/AntonKueltz/fastecdsa/blob/main/fastecdsa/encoding/sec1.py#L37or https://github.com/AntonKueltz/fastecdsa/blob/main/fastecdsa/tests/encoding/test_sec1.py#L47AntonKueltz does very interesting things here Let's get back to the topic. With the same encoder, the same speed can be achieved as with the secp256x1 as ice..... import sys, secrets, hashlib, binascii from fastecdsa.encoding.sec1 import SEC1Encoder from fastecdsa.curve import secp256k1 while True: dec = secrets.SystemRandom().randrange(36893488147419103231, 73786976294838206463) h160 = hashlib.new('ripemd160', hashlib.sha256(bytes.fromhex(binascii.hexlify(SEC1Encoder.encode_public_key(secp256k1.G * dec, compressed=True)).decode('utf-8'))).digest()).digest() message = "\r{}".format(h160.hex());messages = [] messages.append(message);output = "\033[01;33m" + ''.join(messages) + "\r" sys.stdout.write(output);sys.stdout.flush() if h160.hex() == "20d45a6a762535700ce9e0b216e31994335db8a5": with open("KEYFOUNDKEYFOUND.txt", "a") as f: f.write(f'Private key (dec) : {dec}\n') break Maybe they use the same encoder? You have managed to search a total random keys of 9213815776839680 total 66 bit range is 73786976294838206463 now if you wanted to search sequentially it would take you around 8008 months to completely search the whole range, and you don't know how many keys you have generated multiple times with random mode. You have better chances if you buy lottery tickets. Don't waste your money on it. Lets see what santa has for us.
There is also a third option. Something between sequential and random.To incorporate randomness into the script, you can shuffle the order in which the sequential chunks are processed. Script divides the key search range into cpu_count chunks and assigns each chunk to a separate process using concurrent.futures.ProcessPoolExecutor. The more cpu cores you have, the better. (don't do this on a smartphone) import time import os import sys import hashlib import binascii import concurrent.futures from concurrent.futures import ProcessPoolExecutor from multiprocessing import cpu_count from fastecdsa.encoding.sec1 import SEC1Encoder from fastecdsa.curve import secp256k1 import random
def find_key_range(lower, upper, target_binary): for dec in range(lower, upper): h160 = hashlib.new('ripemd160', hashlib.sha256(bytes.fromhex(binascii.hexlify(SEC1Encoder.encode_public_key(secp256k1.G * dec, compressed=True)).decode('utf-8'))).digest()).digest() message = "\r[+] {}".format(h160.hex()) sys.stdout.write(message) sys.stdout.flush() if h160 == target_binary: with open("KEYFOUNDKEYFOUND.txt", "a") as f: f.write(f'Private key (dec) : {dec}\n') return dec
def main(): os.system("clear") t = time.ctime() sys.stdout.write(f"\033[?25l") sys.stdout.write(f"\033[01;33m[+] {t}\n")
puzzle = 66 target_binary = bytes.fromhex('20d45a6a762535700ce9e0b216e31994335db8a5') lower_range_limit = 2 ** (puzzle - 1) upper_range_limit = (2 ** puzzle) - 1
sys.stdout.write(f"[+] Puzzle: {puzzle}\n") sys.stdout.write(f"[+] Lower range limit: {lower_range_limit}\n") sys.stdout.write(f"[+] Upper range limit: {upper_range_limit}\n")
process_count = cpu_count() num_processes = process_count sys.stdout.write(f"[+] Using {process_count} CPU cores for parallel search\n")
chunks = [(lower_range_limit + i * (upper_range_limit - lower_range_limit) // num_processes, lower_range_limit + (i + 1) * (upper_range_limit - lower_range_limit) // num_processes) for i in range(num_processes)]
random.shuffle(chunks)
for chunk in chunks: lower, upper = chunk find_key_range(lower, upper, target_binary)
sys.stdout.write("\n[+] Key not found in the specified range.\n")
if __name__ == "__main__": main()
|
|
|
|