I'm no expert either but frankly I don't see how the base security of a random chunk of 128 or 256 bits is hampered by BIP39 representation of it with human readable and easily writable words.
Disclaimer: I still use BIP39 wallets, but the majority of my wallets are Electrum ones. I will derail a little, but the reason why I will do that will be to express an opinion that BIP39 is not bad by default. Yes, there are issues with BIP39, but after all, it still represents a universal way to secure bitcoin, which is addressed to the great majority of people. Bitcoin's cryptographical security is 128 bits. Bitcoin uses the secp256k1 elliptic curve to derive a public key from the equivalent private key. That said, if someone wanted to solve the ECDSA algorithm in reverse order (to derive the private key from the public key), they would need to put an effort that is, on average, equivalent to n/2 = 256/2 = 128 bits. So, there is absolutely no way to get a higher average security than 128 bits. Entropy's security is 128 - 256 bits (but there is catch, because it can actually range from 0 to 256). 12 words in BIP39 is a representation of 128 bits of initial entropy (like you said). 24 words in BIP39 is a represantation of 256 bits of initial entropy. A sequence of bits (entropy) when it's gathered from a good entropy source can be as high as 128 or 256 bits. A sequence of bits (entropy) when it's gathered from a human brain can be as low as 0 bits. Final notes:- 12 words in BIP39 is more than enough, security-wise, provided the entropy is produced from a good source. The problem (if any), lies in PBKDF, which produces the seed from the mnemonic phrase. People say that this can reduce the initial entropy. I silently agree with them, but I a need to educate myself more before writing something here.
- We are doing multisig, passphrases etc., in order to avoid human error as much as we can, or in order to avoid the chance that a thief can compromise one of our backups and retrieve all of our funds. I could theoretically have a 5-of-5 multisig vault where all the cosigners are produced from different, good sources of entropy. I could also make sure that nobody had access to any of these cosigners. Then, I could send some funds to one of the addresses of this vault. Then, an attacker, would still need on average 128 bits of effort to create a script that unlocks my funds on that address.
- It is expotentially easier for a wallet to be compromised by human error, rather than by compromising bitcoin's cryptographical security.
- The private key cd6357efdd966de8c0cb2f876cc89ec74ce35f0968e11743987084bd42fb8944 looks like a random hexadecimal number. If you try to solve the ECDLP backwards, you will indeed need 128 bits of effort to retrieve this private key from the corresponding public key. But if you try something more sophisticated, you will very easily realise that this private key is the sha256("dog"). So bitcoin can give you 128 bits of security but you are responsible not to make stupid moves to diminish this security.
- The most important thing in bitcoin is the backup system. This is where security lies. This is where people lose funds from. If you create a wallet using a reputable entropy source on an airgapped device, write down your seed phrase (12 words) twice, and then store the 2 pieces of paper in separate locations, the only way that you can lose funds is if someone finds these backups. So again, it won't be the BIP39, nor Bitcoin to blame. I t will be your (or better say, our) inability to find a secure place to store our seed phrase.
|
|
|
|
We need an enthusiast who would like to analyze the block through data parsing
Oh so you are looking for a blockchain analyst. Most people (me included) absolutely hate blockchain analysis and believe it leads to censorship. So my guess is, you will not find a lot of people who share your thoughts and needs in this forum. Good luck with that! Cheers. |
|
|
|
BTCROTHERS!
Are there any warriors among you??? Are you ready to take on the challenge, go on an adventure and explore old horizons? We need a guide who has been inside the core and who knows, not from stories, what it is, who has fought with a python. I will give you silver for your bravery. Thank you for your attention.
So what do you need? A bitcoin developer who can code in python? Since your post is completely allegorical, I think we need a bit more info from your side. By the way, if you request for a developer, you should open the thread in the " Services" section. |
|
|
|
Why would anyone want to make a brain wallet in 2024?  I know that there is no practical use for this, but I'm not even sure whether there is any educational value in playing with brain wallets anymore. Unless you want to check how fast brainflayers can swipe any coins you insert in one made from a particular string of text. (No seriously, people are investing a lot of resources into that. Maybe they even have GPUs for that purpose.) I have explained why I implemented it. A user asked me to do it and it was very easy, so I just posted the solution. As far as educational value is concerned, well, let's say I couldn't ignore the user who asked me to write the code for that. Anyway... I couldn't have been more vocal about how nobody should add money to a brain wallet. I even added the warning at the top of the post.
|
|
|
|
Warning:I am placing it here, at the top, to make sure you will see it. Use this script only for fun. The human brain is by orders of magnitude inferior to the dumbest computer when generating entropy (randomness). Background:I was asked to develop a brain wallet generator in Bash. So, I used most of the code I wrote in BASH21 and I slightly changed it to take a phrase as command line argument, to use it to generate the wallet. Prerequisites:sudo apt install base58
sudo apt install xxd
sudo apt install qrencode
#! /bin/bash
###############################################
################# FUNCTIONS ###################
###############################################
calculate_checksum(){
prefix=$1
value=$2
suffix=$3
s1=$(echo -n "${prefix}${value}${suffix}" | xxd -r -p | openssl sha256 | awk '{print $2}')
s2=$(echo -n ${s1} | xxd -r -p | openssl sha256 | awk '{print $2}')
checksum=$(echo ${s2} | head -c 8)
echo ${checksum}
}
hash_160(){
input=$1
sha=$(echo -n ${input} | xxd -r -p | openssl sha256 | awk '{print $2}')
echo -n ${sha} | xxd -r -p | openssl ripemd160 | awk '{print $2}'
}
generate_p2pkh(){
hash160=$1
checksum=$(calculate_checksum "00" ${hash160} "")
echo -n "00${hash160}${checksum}" | xxd -r -p | base58
}
generate_p2sh(){
input=$1
hash160=$(hash_160 "0014${input}")
checksum=$(calculate_checksum "05" ${hash160} "")
echo -n "05${hash160}${checksum}" | xxd -r -p | base58
}
print_keys(){
echo "Entropy: "$1
echo "PK: "$2
echo "WIF: "$3
echo "Public Key: "$4
echo "Compressed Public Key: "$5
echo "HASH160: "$6
echo "Legacy Address: "$7
echo "Segwit Address: "$8
}
print_qr_codes(){
qrencode -s 6 -l M -o legacy_address.png $1
qrencode -s 6 -l M -o segwit_address.png $2
}
###############################################
################# MAIN ########################
###############################################
# CONVERT ENTROPY TO WIF KEY
entropy=$1
pk=$(echo -n ${entropy} | openssl sha256 | awk '{print $2}')
checksum=$(calculate_checksum "80" ${pk} "01")
wif=$(echo -n "80${pk}01${checksum}" | xxd -r -p | base58)
# CONVERT PRIVATE KEY TO COMPRESSED PUBLIC KEY USING OPENSSL SECP256K1
public_key=$(openssl ec -inform DER -text -noout -in <(cat <(echo -n "302e0201010420") <(echo -n ${pk}) <(echo -n "a00706052b8104000a") | xxd -r -p) 2>/dev/null | tail -6 | head -5 | sed 's/[ :]//g' | tr -d '\n' && echo)
x_coord=$(printf ${public_key} | cut -c -66 | cut -c 3-)
last_byte=$(printf ${public_key} | cut -c 129-)
last_int=$(printf "%d" 0x${last_byte})
is_odd=$(expr ${last_int} % 2)
if [ "$is_odd" == 1 ]; then
compressed_public_key=03${x_coord}
else
compressed_public_key=02${x_coord}
fi
# CONVERTING PUBLIC KEY TO COMPRESSED LEGACY ADDRESS
hash160=$(hash_160 ${compressed_public_key})
legacy_address=$(generate_p2pkh ${hash160})
segwit_address=$(generate_p2sh ${hash160})
# PRINT DATA
print_keys "${entropy}" ${pk} ${wif} ${public_key} ${compressed_public_key} ${hash160} ${legacy_address} ${segwit_address} > data.txt
print_qr_codes ${legacy_address} ${segwit_address}
Create a .sh script file anywhere on your computer: Copy paste the code and save it. The easiest way is with nano: nano brainwallet.sh
<paste the code>
Ctrl+o (save)
Ctrl+x (exit)
Make it executable for the current user: Run it: ./brainwallet.sh 'apogio created a brainwallet generator using bash' 1. A file data.txt which includes the sensitive data (keys etc.) of the wallet. 2. A file legacy_address.png which displays a QR code for the wallet's legacy (P2PKH) address. 3. A file segwit_address.png which displays a QR code for the wallet's segwit (P2WPKH-P2SH) address. data.txt file format:Entropy: apogio created a brainwallet generator using bash
PK: 913fc1abf77ae447c662cbd14a0803e519df65f8c40b3bcb20a911f0f31091dc
WIF: L264Cp6WU73fzmQCvJ8Te2EazXTr3A17yAC13NQDQBwQvyUAaiG3
Public Key: 04582ed090da2d4e4fda943923910a0720391a9903fa5259aa9d50cf3710ed40bbc6ce378a86ab86f2b2d6635e8797e9c4fa2021eff4f57942c22395d7ad1afe83
Compressed Public Key: 03582ed090da2d4e4fda943923910a0720391a9903fa5259aa9d50cf3710ed40bb
HASH160: 8ef81d4f19a7f284e68b32dd58931c6817ceb275
Legacy Address: 1E2xBY8kVhGgNZuRK8RwbvimpeW1E6DPat
Segwit Address: 3MpZWJr5ct3Y4zEeSmbA1R17vj2RrRhfNw
1. I don't encrypt the sensitive data, like I did in BASH21. It's one more way, from my side, to convince you that this script should be used only for fun. 2. Make sure to use single quotes to include the phrase. Otherwise Bash will think that each word is a separate command line argument and the results will be totally unexpected. 3. Make sure to remember that in brain wallets, every character matters. Thus, 'I am the best' is different from 'i am the best', or from 'I am the best '.
|
|
|
|
At the peak of the pandemic, I bought 3 boxes of my favourite drink in Germany (Dutch people love the cheaper booze there). But don't worry, I got some bottles for my wife too at that point. It could very well have been 42 bottles in total, the ultimate answer to the universe. Good times  Wow. Sounds good. Ouzo is the best drink in my opinion, especially if you combine it with greek food. If you like Ouzo, and if you ever come in contact with a Greek, ask him to get you Tsipouro from home production. Much better, but no chemicals.
Sounds like you know a thing or two about greek drinks. And there are five to represent the fifth anniversary of the club. Loyce, you get it, right?
Hmmm, is there a secret message in the picture? I alwas like to try and find patterns and clues where they don't exist  I actually tried to engage you all with a riddle, but nobody saw that |
|
|
|
Allow me to highlight the words "try" and "too" Tongue Fasten your seatbelt Intern, you're going to need it! I'm going to start drinking my Ouzo now That's what I am talking about. I am gonna grab some ouzo too. Where have you learnt this holy drink by the way? I need to drink a lot of that actually. To pass out and don't understand a thing haha I'm also trying to figure out what it's about. Looks like someone lost their teeth. I keep trying to ignore the weird part of my brain, which suggests to me that those 5 white teeth(whatever) represent members of the Foxpup gang. Sounds reasonable but the club consists of more than 5 members... So now, I am more confused |
|
|
|
You know, as my Queen said, I must be the newest member of this club. I have, literally, too many reasons (and ways) to make this situation melodramatic. But then, I would be proved inferior to the circumstances. Let me just say, that I am proud to have "met" all of you. I can't talk about how sad I was when I learnt about Leo. So I am sorry, but I have no words for him, except that I miss him more than I expected. Now, let's get more serious. As I have previously said to my Queen, in one of our private moments (yes, we have had some of those moments, for which I am not allowed to speak), I told her that the members of this club have always been helpful towards me. This is why I love to be a member of this massive gang bang. Which also means this is their first time in the foxhole, so try not to be too rough.
So, is this my punishment? Not allowing them to be rough with me? How will I survive without some rough punishments and jokes in here? I am trying too hardly to understand what is getting out of her foxhole. Could anyone explain to me? |
|
|
|
To use it for testing and playing around with, sure. But it should never be advertised as a way to generate your keys. Brain wallets aren't safe. And we humans are bad at randomly picking anything. Such a wallet would be less safe than one created from random sources of entropy. It could lead to loss of funds if you were to deposit bitcoin into a wallet created that way that would then get brute forced by someone.
I have also edited my post above to say this. I am sceptical now, whether I should implement it or not. Perhaps I shouldn't, because I know that seoincorporation is aware he shouldn't use it, but I can't be sure for other people too. |
|
|
|
Hey apogio, is there any plan to add a brain wallet generator to your tools list? I have done one in the past, but i was a mix with Bash and Python, it would be nice to see a tool like that generated only with Bash Script. It would be nice to have a code that runs with: sh brainwallet.sh "List of the words for the brain wallet" If you have some free time to create a tool like this, i would love it, if not, there is no problem at all, thanks for the current tools that you already shared with the community. I can do it, certainly. In fact it is very easy, the only thing that changes is the entropy generation. Instead of getting the entropy from dev/urandom, it will take it from standard input. I will do it and let you know. Edit: just a friendly reminder though. Our brains are not a good entropy source. So I ll implement it just for fun. Don't use it |
|
|
|
Does it go slow to you too?
Yes, it was actually slowing down my whole internet connection at home. I was trying to use watch some videos on YouTube and it was very slow. What saved me was: 1. I changed in-peers and out-peers to much lower values. 2. I used the limit-rate to limit the up and down rate. I think specifically I have set them to: in peers = 8 out peers = 20 limit rate = 2048 I am not sure about the specific issue that you mention though... |
|
|
|
Patience, young padawan... If you want to " last longer" you need patience... (do you want to last longer?  ) Let's wait for the queen to open ballroom's gates...  (^Gazeta speaking words of wisdom -- or trying to)And absolutely avoid anything in plastic bottles that may make you not last at all. My personal record is super high, so I am not afraid about that. In the past, I have managed to last for approximately 12 seconds 56 milliseconds 2 nanoseconds. I know you won't believe it, but I am telling the truth. |
|
|
|
But if you bring the injectibles, I will gladly bring the necessary equipment.
Holy crap I am so ready for this. |
|
|
|
itwas a pleasure to work with you we have now received all three winning images and will start production soon i would then also ask the three winners to publish/prove that they have received the Icarus cards here in the thread (preferably with a picture) Thank you once again. Can you please send a public key via pm, so that we can encrypt our address? Thank you. |
|
|
|
I've already done that and in fact am still drunk. Shall I keep swigging from the boxed wine and if so, for how long?
Isn't 168 hours the customary minimum?
Oh dear foxes. You can only wish it was that easy... The pain will be constant. Some neurons will explode. Wine shouldn't be drunk, but swallowed. There should be injections too. I am here to help, but it's not for the faint-hearted. |
|
|
|
I hope I haven't violated it.
To the letter of the rules, no one has. But in the spirit of the rules, I think we've all been guilty at some point. Myself included. There's no denying it's fun to speculate. But it's also irresponsible and could have serious repercussions. Whatever is decided, rules-wise, I won't be playing any further part in these guessing games and would strongly encourage others to do the same. Personally, I accept what you say. I will stop speculating about it. I think you may exaggerate a bit, but it's obviously for good reason. |
|
|
|
Hi all. a special thanks to the organisers and of course to the other two winners who fully deserved the awards. It was a great competition, full of fun. Let's wait now for the next one  |
|
|
|
In my humble opinion, the best way to scientifically prove some connection between Satoshi Nakamoto's and some other real people, would be to: (a) create a dataset with his posts (b) use linguistic ML models to identify patterns between his, and other notable cryptographers' writing. (c) use sentiment analysis models (deep neural networks) trained by his posts to identify emotional patterns. However, this is very difficult. Satoshi was calm and scientifically accurate. He didn't use his language to produce "noise". He wasn't arrogant. So we should face issues with this "emotional analysis approach". (d) finally, we should use the same models to run some test datasets of posts collected by other scientists' posts. <~>
Ok, sounds like you have some reasons to believe that. What's funny is that Snowden lived in Japan from 2009 till 2011 [1]. Satoshi Nakamoto is clearly a Japanese name. But, of course, the first Bitcoin block was mined in Jan 3rd, 2009, so the timeline doesn't really explain this. As I said, we all speculate here. In my opinion, there is no reason to speculate, but I find it a natural human behaviour to want to find out who Satoshi is. It's our curiousity that leads us there.
[1] https://www.japantimes.co.jp/news/2016/06/04/national/nsa-whistleblower-snowden-says-u-s-government-carrying-out-mass-surveillance-in-japan/ |
|
|
|
I'm almost convinced Edward Snowden is Satoshi
I love it when people create accounts just to post this Since we all speculate here, do you wanna elaborate? How have you come to this conclusion? |
|
|
|
|
Show Posts
