|
Can't you import your wallet to electrum? Then you wouldn't have to wait for bitcoin core to sync.
And if you know your addresses, then you can check their balance in a block explorer, for example in blockchain.info
|
|
|
|
To brute-force pre-image resistance of hash functions such as SHA256, a quantum computer would still need to perform a number of operations proportional to the square root of the number of operations performed by a normal computer. Therefore, simply doubling the number of bits (e.g., switching from SHA256 to SHA512) would provide quantum-resistant security equivalent to existing security against normal computers. (Note that sqrt(2^512) = 2^256.)
No need to move to SHA512, because bitcoin security is currently 128 bits for solving the ECDSA problem. After efficient quantum computers finally become available (if ever) the SHA256 will still be as secure as ECDSA is now, which is 128 bits. And I assume quantum computers will be much slower in trying out 2^128 different possibilities than 1000:s of current computers counting in parallel are. The vast majority of Bitcoin UTXOs include only a hash of a ECDSA public key, not the ECDSA key itself. Therefore, if the public key has not already been revealed, an attacker would need to (1) sniff a transaction as it is entered into the mempool, (2) crack the private key, (3) create a new transaction using the private key, and (4) get this new transaction committed to a block before the legitimate owner's transaction. To guard against this attack, Bitcoin would need to add support for quantum-resistant asymmetric cryptography. Unfortunately, this field is still immature, and existing quantum-resistant asymmetric cryptographic schemes (see, e.g., https://en.wikipedia.org/wiki/Post-quantum_cryptography) are much less practical than ECDSA. But it is likely that they will develop to be the point of being practical before quantum computing poses a severe risk to Bitcoin. In fact, it is not even known for sure that quantum computing will ever economically scale to the point where it can attack 256-bit ECDSA. Yep. It depends on how long it would take for a quantum computer to solve ECDSA. If it takes more than 30min, then it will still be too slow for this approach. (at least if the transaction was made with sufficient transaction fee) Would be interesting to know how secure P2SH is against quantum computers. Because it does not necessarily use ECDSA. |
|
|
|
What do you exactly mean by "How is easy enough"? If it was that easy, some bright mind would've already figured out a way to protect bitcoin from quantum computing right?
We must also take into account that quantum computing isn't a thing yet. So perhaps as we learn more about quantum computing we can also figure out ways to protect bitcoin from potential treats. Maybe that is what you mean by figuring things out last minute?
There are coins that claim to be quantum resistant right now. I've no idea whether that's bollocks or not but let's assume it's possible. The issue is implementing it. No one will want to hard fork even if the cure exists. By the time a hard fork is needed it'll be far too late. If used properly bitcoin is already quantum resistant. Quantum computers can NOT break SHA256 hash algorithm, which is used in bitcoin. What quantum computer can do, is that it can get private key from the public key, which is a problem only if you reuse your address. And it is a problem with all the old addresses, that has been reused. The owners of those addresses would have to move their coins to a new address to be safe. |
|
|
|
i actually want to know the maximum number of possible private keys for 1 public address
There are 2^96 private keys that will work for each address, but you only know the one you have. Finding another one is very difficult, practically impossible with computers in existence today. But if you are extremely lucky.... |
|
|
|
Waste of time, what is the point? It would take you longer or about the same amount of time to steal coins this way than it would to mine Bitcoins using the same equipment. People have tried this time and time again and the results are the same, they give up because it is a fruitless pursuit. There is always someone that thinks they know better than the system and they fail in the end, so please try again.
what makes you think, my method is same as others., remember everyone is unique  So you admit you are trying to steal bitcoins? Good luck with that. I don't know, why you need to be able to parse the blockchain yourself though. Why not explore ready made lists of bitcoin addresses. https://bitinfocharts.com/top-100-richest-bitcoin-addresses.html But yeah. many have tried and noticed bitcoin is more secure than they thought. Would be interesting to know what is your angle of attack  When reading your post I assumed you are just interested in the blockchain and exploring it out of interest. Because I have been doing the same. there are some quite interesting addresses. Examples here: http://www.theopenledger.com/9-most-famous-bitcoin-addresses/ |
|
|
|
MultiSig typically uses P2SH. In that case it is not necessary to find a private key at all. All you need to do is find a script that resolves successfully and that hashes to the value in the transaction output.
That is really disappointing. I thought that multiSig is much safer than normal addresses. But it seems it is just the same level of security.  P2PK Pays to public key, but the coins go to a normal hashed bitcoin address.
No. The coins NEVER "go to a normal hashed bitcoin address". Regardless of whether you are using P2PK, P2PKH, or P2SH, there are no "coins", and there are no "addresses". Those are concepts that we humans use to make it easier to talk about the transfer of control over value. In the actual transaction and blockchain there are only inputs (with input scripts) and outputs (with output scripts). Outputs are assigned a value, and inputs reference outputs that haven't been referenced by any other inputs yet. - A P2PK script requires you to provide a signature that can be validated with a specific public key. That's why it is called "pay to public key". Since the output script specifies the public key, and there is only 1 private key for each public key, only that specific private key will work.
- A P2PKH script requires you to provide a public key that results in a specific hash, and then provide a signature that can be validated with the public key you provided. That's why it is called "pay to public key hash". Since there are 2256 possible public keys, and only 2160 possible hash values, each hash value has on average 2256 / 2160 = 296 private keys that will work. Only one of those private keys will be known.
- A P2SH script requires you to provide a script that hashes to a specific value and which resolves successfully. That's why it is called "pay to script hash". Since there are 2160 possible hash values, and 280000 potential scripts(1), each hash value has on average 280000 / 2160 = 2500 possible scripts that will work. Depending on the structure of the script, only a few of those potential scripts will ever be known.
Thank you for having the patience to explain it. I have studied bitcoin quite a lot, but never really read about how the input/output scripts validate the spent coins. Now I understand better, and also realize, that I should read more about the topic. Really interesting, that spending P2PK inputs only accept the pubkey given previously. |
|
|
|
|
It is a good idea.
As long as the address does still work normally, if you do send coins to it.
Getting a message warning you that the address you are about to pay may not be in use any longer is a good safety check.
How much space does it take in blockchain? Or is it only there if it is used?
|
|
|
|
There is a lot bigger security risk to reuse your address then for someone to find a key with the same address, since quantum computers should be able to find a private key for any public key very quickly while they are not good at trying out hashes. There is no quantum computers that are close to being big enough for this job yet, and making bigger quantum chips gets exponentially harder so it might be impossible, but it is still more likely then to find a collision.
So don't reuse addresses, since it is insecure anyway and then you won't have this issue either, since this issue is negligible compared to the quantum one, that is also extremely small on it's own.
I do not think reusing addresses is a big risk. The elliptic curve crypto that bitcoin uses is still considered safe. And as it is a public key crypto, the public key can be safely published. The 3rd, 5th and 6th richest Bitcoin addresses are nice and brave enough to risk all their coins by reusing their addresses and publishing their public keys. | 16rCmCmbuWDhPjWTrpQGaU3EPdZF7MTdUk | 91,203 BTC ($400,535,695 USD) | | 18rnfoQgGo1HqvVQaAN4QnxjYE7Sez9eca | 70,000 BTC ($307,418,600 USD) | | 1HQ3Go3ggs8pFnXuHVHRytPCq5fGG8Hbhx | 69,370 BTC ($304,652,297 USD) |
There is $1000.000.000 betting that ECDSA will not be broken anytime soon. Whenever ECDSA will be broken some of these addresses will probably be emptied. Interesting to see when it will happen. Anyway. If you have less than 1000 BTC in your address I think you do not need to worry. You would not be an interesting target... |
|
|
|
The blockchain doesn't check anything. The blockchain is just data that has been stored.
Full Nodes check transactions and blocks. Full Nodes do not check to see what keys have been used in the past.
No. The payment scripts only require a valid signature. As long as the signature is valid and the public key hashes to the correct value, it doesn't matter which public key is used.
That is interesting. It would be easy to get more security by doing the extra check. If I understand correctly that also means that multiSig addresses are not as safe than advertised. If you have a 4/5 multiSig address, the attacker could treat it as a normal segWit address and ignore your 4 required keys. He would "only" need to find one private key, that would hash to the same address as your multiSig address. And then he can spend your coins. (Yep, I know it is still almost impossible, but a lot easier than finding your 4 keys) If you want to make sure that a specific private key is needed, then you cant use P2PKH addresses. You can use a P2PK address instead, but I'm not aware of any wallets that have a user interface that is designed for that. You'll probably need to write your own software to do that.
Do you mean P2SH ? P2PK Pays to public key, but the coins go to a normal hashed bitcoin address. |
|
|
|
|
If a thread is deleted, the posts you have made to that thread are also lost and your post count goes down.
Maybe that is the reason.
|
|
|
|
|
For each bitcoin address, there exists about 2^96=79228162514264337593543950336 private keys, that generate the same address.
And any of those private keys can be used to send coins from that address.
My question is: If one key has already been used to send from an address, can the other private keys still be used to send from the same address?
Or does the blockchain check what private key has already been used, and accept only the payments signed with that private key?
Accepting only the key that has already been used, would increase security. Since it is much more difficult to find 1 key than any of 2^96 keys.
(both cases are of course extremely unlikely, but the second case is still 2^96 times more likely)
If only one private key is valid, then an address, that has a send action is safer than an address that does not have a send action. And reusing an address is the safest choice. (at-least before quantum computers)
How is it? The wiki is not clear about this.
|
|
|
|
Thanks. Good to know. Learned something new about blockchain.info. Hope it is useful to someone else too  I lock this thread, because I think everything has been said already. |
|
|
|
So, if nobody wants to accept Bitcoins in exchange for dollars, goods or services, what can you do with them?
Maybe you could ask that question from people of Venezuela, Zimbabwe, or Germany (in year 1921) Countries, where value of money was almost completely lost in recent history. |
|
|
|
It isn’t. It is just set on your browser to show the dollar value. Click the dollar value to switch it back.
Hmmm. Can't change it back. Are you saying, that you do not see dollars in blockchain.info ? I only see dollars in every address now. I thought it must be a funny bug in blockchain.info Edit: Ok. now got bitcoins back. I restarted the browser, and erased recent history. This thread can be moved to bitcoin discussion or completely removed. |
|
|
|
There are quantum resistant cryptographic algorithms. Blockchain protocols will be upgraded when necessary.
How can you know when is the time to "upgrade" protocols? If such a quantum machine will ever be build, it will be a BIG secret for many many years, if not decades. The greatest advantage of owning a machine capable of breaking crypto comes from no-one else knowing about it. So that everyone is using crypto, that they can break. If it was public, it would soon be of no use. Just look what happened with Enigma. After the war England even recommended some countries to use it, because it was unbreakable...  |
|
|
|
Did you lose BTC somehow? forgot passord, computer crash ...
I have lost bitcoin because my old laptop display burned. Since it was a very old version , the hardisk was working only on the same model. It is good that I kept my bitcoins in an online wallet and only a small amount in my offline wallet. If you keep your bitcoins in offline wallets you should save on an external hardisk all the important informations because you never know what is going to happen If the hd still works, you should be able to easily recover your coins. Many places, one example is Aliexpress.com sell hd to USB converters for about 10$. I once bought one, where you can connect 3 different types of hd:s (only one at a time of course) IDE, Sata and laptop-IDE. If your laptop was old, the hd is probably laptop-IDE. Some manufacturers screw their own converter to the end of the hd, but it is easy to remove, and under that should be the laptop-IDE connector. |
|
|
|
Wow, that is quite interesting 60 addresses with early 50 BTC block reward in them and someone had the keys, or found/rescued his old keys. Do you have a link to that thread? I remember reading, that if someone would ever spend a single one of the early 50 BTC block rewards, which are assumed to belong to Satoshi himself. Then the value of Bitcoin would collapse, because that could mean that someone controls keys to all the 1000000 coins in those addresses and they could come and crash the market. But yeah. Holding coins for a long time is easy, if you have lots of coins. You can cash a million dollars every now and then, and you still would not need to touch most of your old addresses... |
|
|
|
Have you tried www.youtube.com It is legal, and youtube also does have some films. |
|
|
|
|
Show Posts
