Could someone tell me how to set the parameter -m ? And what does 'expected operations' number mean?
On the plot in github I see that there is chance like +- 99% when the number of group operations is 6*sqrt(n).
If for example program shows 'Expected operations: 2^44.10', when may I assume there is no result? 2^44.10? 2^45? Sooner, later?

26 - PawGo
Thanks!

Apart of fact that these calculations makes no sense (as there are few letters of checksum, at the beginning could be only K or L, etc.) then yes. 58^52 is much much bigger than 2^256. You may easily chck it, just google for "58^52 - 2^256" ;-)

Look at this page: https://learnmeabitcoin.com/technical/wif

It explains conversion between WIF and private key (and vice versa). If you change L3 to L4, you will see that checksum is wrong (correct should be "f2b58d69" which produces WIF: L4wMo5Z7UdvqTRmTRAjtowUAqDrKmKpvuWbLZtgFkmWvT6fzPpX2) As you see, the last characters are now changed.
In other words - if you replace one random character in WIF, the most probably you will receive wrong WIF, which will be rejected by wallet if you try to import it.

Let me understand - you copied all the files from the directory into one file in notepad, right? So now you have one file and you cannot extract from it the 'part' of the original wallet?
Could you open the file in notepad and look for sequence: (in text it looks like "   
       b1 ")
00 00 00 00 01 00 00 00 00 00 00 00 62 31 05 00
it should be the beginning of your wallet.

[EDITED]

I must rethink it ;-)

Hello,

Regarding https://bitcointalk.org/index.php?topic=5265788.0, would it be possible to modify kangaroos to work on sparse range?
I would like to launch search on range [a0, ..., ai, ..., aN], where ai = a0+(i*s), with stride 's'.
As I understand now program 'scales down' range to 0->aN', with a corresponding changes on pubkey, right?

Regards,

experimentally...

I would rather say that there is no sooner correct jump, but we maybe we may have false hits in the future - maybe combination of characters 'on left side' will change something, however I do not think so; I have not found any situation like that.

yes, of course.


Maybe it was just a kind of luck that I get 'unknown' character on this position, which allowed me to make my experiments. Of course if we move problem into left side, it will stop giving us any gain.
Initially I asked myself if is there a way to find a value on unknown position which would give us the correct compression byte 01. All the time I was thinking in parallel in two systems - both in hex and in WIF - which could make my reasoning a bit confusing, so I am sorry for if something is not clear enough.
Anyway, I found that there is cycle (64 steps) and it produces 29 possible characters (on 34th position). And this is my algorithm - I take initial WIF, convert to number and try to find first 'correct' - with correct compression byte and checksum. I treat this distance as a initial jump. And then, from obtained number I try to find the cycle.

Set of characters on 34th position has size 29. On 33rd position it is already 58, BUT! set 33+34 is 841 = 29*29. And set 32+33+34 has size 29*29*29. This is one more interesting thing, because it allows us to pre-produce a list of possible combinations for last 4 or 5 characters and use it instead of 58*58*58.

I do not understand question
What do you want to add? On which position?

Hello

I would like to share with you one thing I found recently - maybe you will give me a hint how to use it in the most effective way.
Recently I published my WIF Solver (https://github.com/PawelGorny/WifSolver) with several ways to 'attack' problem of missing characters. I would like to talk about method called JUMP. Please let me describe the method and then I will ask a question.
In the example in my project I use WIF L5EZftvrYaSud_____zTqLcHLNDoVn7H5HSfM9BAN6tMJX8oTWz6 (taken from a very helpful site learnmeabitcoin.com).
So, let's take the WIF and replace missing characters by '1', we will get:
L5EZftvrYaSud11111zTqLcHLNDoVn7H5HSfM9BAN6tMJX8oTWz6 and try to decode it. We will get a hex string, starting with '80' + priv key + compression flag + checksum. Lets call it hexInit
As we see, compression flag is incorrect - so something is wrong... Go on.
I focus on fact that for any correct WIF generated from the initial one, after decoding there must be a flag '01' and given checksum. Now, let's jump to the first missing character on the right. We may say, that when we iterate Base58 characters in fact we increase our hex number (08+priv+01+checksum) by 58^34. But I realized that adding 58^34 to hexInit will change the last bytes - checksum and compression. I asked myself - is there a combination which will set '01' + expected checksum again (I mean not only in the real WIF which we look for?).
So I add 58^34 several times and yes! WIF: L5EZftvrYaSud1111uzTqLcHLNDoVn7H5HSfM9BAN6tMJX8oTWz6 produces desired ending.
(in fact I check existence of flag '01' and not the full checksum, but last 7 characters - I found that the 8th character from right could be different)
We have our WIF which we may use as a starter for calculations.
The other question is - is there a fixed length of jump? And question is again yes - for this case length is 64.
Which means that we may now forget about working on WIF and instead start working on 'numbers'.
Let's take number starter = 80ef235aacf90d9f4a9df7ba29006cad4ec1c6610833d3a8587b4d7c662e5ce97a0166557e53 and increase it, but not by 58^34 (like it would be in brute force method - just a next Base58 character) but by 64*(58^34) - we have our jump 240921c8be82fd68a2a77fba0089f71029354609c90000000000 - as we see last 10 characters are 0, so it will not change the end of 'decoded' hex string.
This way we save some time, because we do much less number of additions.
[By the way, I also checked what are then possible characters on 34th, 33rd, 32nd... position), and we may find that we have 29*29*29... correct combinations, which is much more optimistic that 58*58*...]

Now, my question is:
Replacing missing letters by 111 -> zzzz, +- with correction for a 'valid' starter/finish, we may find a target range [starter, finish]. And we know that we may use jump as a number to add, which makes our range not 'continuous' but sparse (we may think about it like about islands). Is there any method 'smarter' than brute-force iteration? We may make an assumption that we look for pubkey, not address if it helps.

Of course we may change our variables, remove unneeded characters and pass is to BitCrack (
it would have keyspace start=ef235aacf90d9f4a9df7ba29006cad4ec1c6610833d3a8587b4d7c662e5ce97a and stride=240921c8be82fd68a2a77fba0089f71029354609c9) and then search for address. But is there any better way?


start:
ef235aacf90d9f4a9df7ba29006cad4ec1c6610833d3a8587b4d7c662e5ce97a
end:
ef235aacf90d9f4ab3fedd0341bb04f1bd6de2b22006062c40d74b022f965fee
jump:
240921C8BE82FD68A2A77FBA0089F71029354609C9
(diff: 160722da414e57a2fba781a9ec325dd3c589ce9c01397674) - full range
diff/jump = 9c7cd4 - number of strides to do
result:
ef235aacf90d9f4aadd8c92e4b2562e1d9eb97f0df9ba3b508258739cb013db2
pubkey:
02b4632d08485ff1df2db55b9dafd23347d1c47a457072a1e87be26896549a8737

Tak, w trezorze można wybrać jedną z proponowanych opłat lub podać własną (mowa oczywiście o portfelu trezora, a nie sytuacji gdy trezor jest tylko 'dawcą' danych dla exodusa).
Przykład ekranu tutaj: https://blog.trezor.io/explore-the-new-send-dialogue-in-trezor-wallet-feae1253443a

A co do programowych to wydaje mi się że są ze dwa-trzy porządne i uznane portfele a pozostałe to jakieś wynalazki - na pani miejscu jeśli już to brałbym Electrum a nie bawił się w szukanie produktów od firm-krzaków.

yes...

Nie rozumiem tego zdania...

Na marginesie, rozważała pani portfel sprzętowy? Np. Trezor działa z Exodusem: https://www.exodus.io/trezor/

hashcat https://hashcat.net/hashcat/
btcrecover https://github.com/gurnec/btcrecover
jtr https://www.openwall.com/john/

What else we may say.... good luck.

If wallets are yours (I mean - not bought from some Russian sellers here on forum) you may try to contact Dave from https://www.walletrecoveryservices.com/ - the most trustful company. But do not waste his (and yours) time if wallets comes from the market and already one hundred people have them.

Podobno w weekendy stawki mniejsze:
https://bitcointalk.org/index.php?topic=2848987.0

Warto zmienić adres na segwit:
https://bitcointalk.org/index.php?topic=5256856.0

https://support.exodus.io/article/1033-how-do-i-find-my-bitcoin-legacy-and-segwit-address

Precisely it will be:
<8000000000000000/7cce5efdaccf6808, ffffffffffffffff/7cce5efdaccf6808>

;-)

For those who do not believe the keys are random: what would be the next value?

If address is old, should be forked and has some altcoins. Ninja says there is nothing: http://www.findmycoins.ninja/

Not really. You may specify your own 'distance' between key.
For example:
will do 1000000 keys long 'jump' between tries.

Uhh what a faux pas at the beginning! I forgot to make the repository public  
Now it should work.