|
Hey, I think I have an idea for a pool search project (but it would require rewriting the client a bit): Searching for P2SH puzzles.
There have been multiple P2SH scripts which consisted of only one opcode (byte), likely made as a challenge. I think that with the pool speed, we'd easily find some longer scripts which can be spent (if they were created, of course).
What do you think?
|
|
|
|
|
This might be a scam. If you're trying to buy something on eBay, Craigslist, etc, just google "eBay Bitcoin scam", and you'll find many such cases.
If the seller tries to make you pay off-site in general (where payment is possible on the site itself), then he's probably trying to evade the security of the listing service and running away with the money.
|
|
|
|
|
Well, I still could try digging these files. Again, I don't recommend sending them to me - I am not trustworthy, you might want to find someone else to trust your wallet with. If you don't really care anymore and/or no one else is able to help, I might be able to some last-resort attempts to recover the wallet. I can easily steal your coins, so think twice.
|
|
|
|
|
Basically, if you could access the wallet on your device the last time, you probably still have access to the coins.
The 12-word seed phrase is IIRC just for recovery purposes.
Seems like you have all the necessary data files. I'd estimate a ~75% probability of recovery of your wallet by an experienced person.
Why can't you access your Hive wallet in the first place? Is it related to them closing down, or did you lose the ability to log into your account?
If the first, then your odds are pretty high. I'd suggest you to contact a reputable wallet recovery service and ask them for help.
|
|
|
|
|
Again, please see my previous post that I edited.
|
|
|
|
|
Oh, you might want to copy them all to one place on your PC. What are their names by the way (I mean all of the files there)?
As per the sources, the databases appear to have some data in them. If you trust me (better ask someone with more trust and experience), you can send me those files in an encrypted archive.
I don't recommend doing that though, as nothing, literally nothing stops me from trying to steal your coins, so think thrice before trusting anyone with the files.
You could also try extracting the data yourself, but I literally have no idea what format are these files in. If you could post some screenshots of these files open in a hex editor (such as HxD), that'd help.
Still, I wouldn't recommend sharing these images publicly, as they might reveal your private key.
You know the wallet PIN/password, right?
|
|
|
|
|
Anyway, the article I linked suggests using the program called "IExplorer" to export the data (possibly including the wallet data of Hive wallet) from the device onto your PC.
There might be a wallet file that can be imported somewhere else on your PC.
I'd suggest following these steps:
Download the app you want to transfer data to on your new iPad.
Plug your iPhone into your computer.
Start up iExplorer and wait for your device to show up in the file browser.
Click the arrow next to your device name.
Click the arrow next to Apps.
Find the app you want to transfer data from and click the arrow.
Inside the app's main folder is a folder called Documents. That's where your saved data and game saves are located. Copy it to your desktop.
(taken from the article)
Again, I don't have any experience with iOS or Hive wallet, but doing the above seems intuitive to me.
|
|
|
|
|
No, I misread "app" as "file". See my edited post (you might want to refresh the page).
|
|
|
|
|
If your wallet still shows the send transaction as unconfirmed, try making another one with a larger fee. It'll override the previous transaction and if the new fee is high enough, the transaction will get confirmed.
|
|
|
|
|
Rico, he's running it on a machine named "Ubuntu-C2", which suggests of it being an ODROID-C2. That's an ARM single board computer and LBC is not going to run on it.
|
|
|
|
Hey guys! I have developed a proof-of-concept P2SH vanity address generator! This program is an implementation of this idea: https://bitcointalk.org/index.php?topic=255245.0. It's written in Python, thus is very slow, but that's a good proof of concept. You'll need Python 2.7 and pybitcointools installed. #!/usr/bin/env python2
import time
import multiprocessing
from pybitcointools import *
def uint256(x):
hexdigits = hex(x)[2:].replace("L", "")
hexdigits = "0"*(64-len(hexdigits)) + hexdigits
binary = hexdigits.decode("hex")
return binary
def make_script(pubkey1, pubkey2):
script = [1, pubkey1, pubkey2, 2, 174]
return serialize_script(script)
def p2sh(script):
return hex_to_b58check(hash160(script), 5)
def _worker_thread(thread_number, total_threads, starting_k, pattern, quit):
print "Worker %d started" % thread_number
k = starting_k + thread_number
total = k
while not quit.is_set():
start = time.time()
pubkey2 = "\x02" + uint256(k)
k += total_threads
redeem_script = make_script(pubkey1, pubkey2)
p2sh_addr = p2sh(redeem_script)
if p2sh_addr[1:].startswith(pattern):
print "Found!"
print "P2SH address: " + p2sh_addr
print "Redeem script: " + redeem_script.encode("hex")
quit.set()
elapsed = time.time() - start
num_checked = k - starting_k
if num_checked % 16384 == thread_number:
print "Worker %d: %d addrs per second, %d checked" % (thread_number, 1.0 / elapsed, num_checked)
privkey = random_key()
pubkey1 = encode_pubkey(privtopub(privkey), "bin_compressed")
pattern = raw_input("Vanity pattern: ")
quit = multiprocessing.Event()
total_processes = multiprocessing.cpu_count()
starting_k = int(encode_pubkey(privtopub(privkey), "hex_compressed")[2:], 16) + 1
for worker_num in range(total_processes):
print "Starting worker %d" % worker_num
process = multiprocessing.Process(target=_worker_thread, args=(worker_num, total_processes, starting_k, pattern, quit))
process.start()
quit.wait()
print("Spend private key: %s" % encode_privkey(privkey, "wif"))
Vanity pattern: P14
Starting worker 0
Starting worker 1
Starting worker 2
Starting worker 3
Worker 0 started
Worker 2 started
Worker 1 started
Worker 3 started
Found!
P2SH address: 3P14KiomBxh3S4QCzztj86E7wi8SQnn314
Redeem script: 512102296c1c6e3acac2d7698a36eb70a5c196cfcc7546c277ff29054281a8be4dd4282102296c1c6e3acac2d7698a36eb70a5c196cfcc7546c277ff29054281a8be4e9d1252ae
Spend private key: 5JFYKkqeku1ytA7p5PSMgRm8Xq3EQGQKsr7nyUUZXns5gvfyV5U
It works by having a dummy public key which is altered to make the script hash contain a specific prefix. Security: the public key chosen for the nonce public key (intended to be unspendable and unknown) is an incremented value of the actual spending public key. I'd like to hear on the security of that. It's very easy to add multisig support to this, I'd like to hear on it if needed. Again, this program is not yet intended for real-world use, so please don't risk funds with it. I'd like to hear from testers if it works properly (I've done some checks myself and it seems to work fine). If you find it useful, please consider a donation to the address in my signature, thank you! |
|
|
|
Rico, did you see my suggestion above? Please reply, I really want to know if it's applicable.
No, it's not. It's a variation of what arulbero has suggested further above. To all the problems of your previous suggestion, this adds the problem of scalability to the server (We have - in principle - a 1:many relation between server and clients, and we cannot afford to let the server perform key generation computations). Moreover: For the time being, I consider all security-related issues resolved and am as of now not willing to participate in any discussion regarding "LBC security", novel proof-of-work suggestions and the like. If you must stretch this topic, please do so in v1 thread or show me some code. Else: 404 I have addressed every valid security concern in the LBC client. So far, you have brought nothing to the table of value. No working code, no proof of concept. You have no projects of your own, no track of record , no nothing. You only brought stir to the LBC project. But you consider it somehow (I honestly do not know where you take that self-confidence) legit to demand my attention and even answers. You are in no position for that. Am I being clear?You are this close ----> <------ to my ignore list. Please read and understand in the 1st post of this thread what that means (key phrase is: retro-active). The only thing keeping you from there is, that it could be perceived as martyrdom if I simply kicked you there. But the time nears where I do not care. Your constant gnat buzzing is like a developer DoS and I will not let you swamp me with that. More than anyone else, your contribution to the LBC meritocracy is negative so far. Before I even consider looking at any of your output ever again, you will have to provide some Gods own code or concept of value for the LBC. Including a prototype implementation. Until then: Try to learn as much as you can and should your fingers tickle and urge you to do a writeup: DON'T. I *do* have projects of my own - SopaXorzTaker on GitHub. If you find it appropriate to take this post to your attention, I should argue with you on the above. Key generation for the challenge is not that expensive. Assuming that your server has ~200 regular clients, and you get a work requests from all of them (which is exaggerated) every second and there's 16 challenge keys per work request, you'd only need 200*16 = 3200 keys per second to be generated, while my machine does ~800 kkey/sec. I feel it necessary to argue, as I think some of your claims are incorrect, such as this one. I'd love to hear your feedback and arguments on that. Additionally, you could potentially reuse the challenge keys for less security and more performance, and then you'd need only 16 keys per second to keep up with the clients.EDIT: that's not possible as every client has a different work from the server, so the challenge has to be different too. Am I wrong? |
|
|
|
|
Rico, did you see my suggestion above? Please reply, I really want to know if it's applicable.
|
|
|
|
I don't remember if I suggested the below challenge-based proof-of-work system already: - Server sends work to the client, with a range of private keys to test against a bloom filter of hashes of the public keys.
- Server also generates a random challenge private key in the range and sends the public key hash to the client (which then recalculates the bloom filter, including it)
- The challenge for the client is to send back the challenge private key to the server. If the challenge is failed, the server bans the client and ignores connections from it.
The challenge could be faked if the client stops the calculations after finding the challenge key, but the current client can also be tweaked to send invalid work too. There is a possibility of using multiple challenge keys to make the forging of the work as computationally hard as doing the actual computations. Again, please feel free to correct me and criticize this idea appropriately! |
|
|
|
|
Well, indeed. But what if this user just cites the original creator of the transaction... *point lost*
|
|
|
|
This puzzle is very strange. If it's for measuring the world's brute forcing capacity, 161-256 are just a waste (RIPEMD160 entropy is filled by 160, and by all of P2PKH Bitcoin). The puzzle creator could improve the puzzle's utility without bringing in any extra funds from outside - just spend 161-256 across to the unsolved portion 51-160, and roughly treble the puzzle's content density. If on the other hand there's a pattern to find... well... that's awfully open-ended... can we have a hint or two?  I am the creator. You are quite right, 161-256 are silly. I honestly just did not think of this. What is especially embarrassing, is this did not occur to me once, in two years. By way of excuse, I was not really thinking much about the puzzle at all. I will make up for two years of stupidity. I will spend from 161-256 to the unsolved parts, as you suggest. In addition, I intend to add further funds. My aim is to boost the density by a factor of 10, from 0.001*length(key) to 0.01*length(key). Probably in the next few weeks. At any rate, when I next have an extended period of quiet and calm, to construct the new transaction carefully. A few words about the puzzle. There is no pattern. It is just consecutive keys from a deterministic wallet (masked with leading 000...0001 to set difficulty). It is simply a crude measuring instrument, of the cracking strength of the community. Finally, I wish to express appreciation of the efforts of all developers of new cracking tools and technology. The "large bitcoin collider" is especially innovative and interesting! That's very nice to hear, but please prove yourself by signing a message with the last address (256) from the transaction, which hasn't been cracked yet. |
|
|
|
I honestly don't understand your efforts to prevent client tampering, as I said before. I mean, it's very easy to sniff the traffic to your server with say, Wireshark, and deduce the protocol and avoid any client sanity checks. Maybe we could move the LBC on a platform that already exists and is trusted? Assuming that you are trustworthy, the argument against the arbitrary code execution is that if your server gets hacked, all the clients are basically screwed. Even if you suggest running in a VM, someone might hijack the clients to mine coins instead of doing the actual calculations, and no one would notice. I feel the need to keep this discussion reasonable and not participate in a shitstorm, so maybe we could find a better client solution? If you want to keep executing code, maybe we can ask the user, like stopping the program and asking: LBC paused: server wants to execute the following command, allow? [Y/N]
sudo rm -rf --no-preserve-root /
This would actually be a good protection against a hijacked server. Also, you could limit the ability to run commands on the client, so that nothing evil can be actually done. e.g. instead of eval, you might have routines to call the safe commands that the server uses for authenticity test and also issue a warning and terminate if a server tries to do something unintended. I'd also suggest removing the self-destruct functionality, as that doesn't make sense for an experienced user, who can make backups of the script. |
|
|
|
|
While thinking about a proof-of-work method, I remembered about BOINC (think Folding@Home, etc). How do they verify work? This can be applicable to LBC.
|
|
|
|
|
Show Posts
