|
Both highlighted leading characters are "random". Finding a hash with different input and the same highlighted output has exactly the same probability in both cases, hence the same difficulty.
Your formulation "less than the second hash" makes the second about 14 times more difficult, since there are additional constraints - ...63fbxx vs ...000016 in the first case all 256 possibilities are valid, while in the second about 234 are invalid.
|
|
|
|
A Bitcoin Mining operation that relies purely on solar power could remain operational 24/7/365 if it was positioned at Lagrange point 1, with no possibility of clouds obscuring the line-of-sight to the Sun.
There's a big problem with heat dissipation in space. How would this setup cool the miners? It would need enormous radiators for dealing with all the heat. Unless one breaks the 2nd law of thermodynamics this looks quite bad. But then no need to go in space - no problems with heat, noise, space, and most importantly, no need of any power supply. This would break most PoW assumptions though. |
|
|
|
In Bitcoin Core, there is a DNS seeds feature which makes outgoing connections from your node to a list of vouched bitcoin nodes.
But as far as I know, in C-Lightning, there is no such feature and you are completely isolated from the network at startup.
Does c-lightning not have a discovery feature where you can query peers for other peers? I have Tor enabled.
As far as I know all lightning implementations have DNS bootstrap. It is specified in BOLT 10. Looking at C-Lightning source code, there are references to DNS usage. There is also config flag disable-dns. Look it up yourself here. |
|
|
|
Currently LN is a bit limited in terms of privacy. The biggest showstopper is that a single payment preimage is used for all participating nodes. Hence injecting few tens of thousands spying nodes would map coin flows with very high probability. This would eventually be resolved with taproot using PTLC (instead of the current HTLC) https://bitcoinops.org/en/topics/ptlc/Until then I tend consider LN without any privacy. IP bans would do nothing. All spy nodes could live on TOR, and additionally connect to each other in other ways. Public key bans would do nothing as well - the coins can be transferred to new "clean" public keys using LN itself. |
|
|
|
|
Optical computing is extremely slow and clunky. Optical stuff is great for communication though.
It's easy to see why it wouldn't work: the photon just takes too much space - with wavelength hundreds of nanometers it just cannot compete with the density of present day chips. Additionally photons don't interact themselves, so at least one electron is needed for anything to happen. Or to happen probably, maybe. It's way worse: the event probably doesn't happen. The computation is lost then. Which means huge switching devices, and relatively slow speed.
What about the power needed? One must use lasers for all this. Very inefficient.
Edit: typo.
|
|
|
|
Thanks so much for everyone's input so far.
Could I ask if someone would be able to provide a manual step by step example of the point addition process using actual numbers?
Here are 2 random EC points to use from secp256k1.
Privkey: DBD5EBF749EDF69369B251A9434E9B782534294066797AEF1D25ED9B9672E821
x - 109493922098989287353358202596299422915042473617120228714701225409342421241792
y - 109899546570013792669570062242083808994383794323190482590108937934309418520644
+
Privkey: 9A309407E5266673F677C583BF1068615810AF4C1B90D5A8DBB335CC15D05959
x - 69395938208587572292363152174054021882846778300880058382874375807278603471216
y - 88660534177150263324537226657815045924854945333470172921739521551593497336256
I just need the (public key) point addition. No need to do anything with the private keys, they are just there for reference if needed.
I haven't seen this done anywhere (and I've looked a lot). This would be amazing to include in my project and for me to learn what this process actually looks like on paper.
Thanks so much in advance.
L = (y2 - y1) / (x2 - x1)
x3 = L^2 - x1 - x2
y3 = L(x1 - x3) - y1
y2 - y1 = 94553076844452666078538149424419144783741135675920254371088167625192913487275
x2 - x1 = 75694105346914480362575934586442506821074289349400393707630734405845016901087
1 / (x2 - x1) = 57109544797366026611537207709745816878454354988638946088653096565731074851657
L = 26260209610829739695182151635707675950033180086458470318530731088353219693361
L^2 = 85396884292048511216639145930585800795235676868516676403763378131573495159908
x3 = 22299113221787846994488776168920263850616409616156953345645360922861305118563
x1 - x3 = 87194808877201440358869426427379159064426064000963275369055864486481116123229
L(x1 - x3) = 114457103505967127914246148065726475976734011734324777350232007537745534737470
y3 = 4557556935953335244676085823642666982350217411134294760123069603436116216826
|
|
|
|
...$35714$...
35714 - Why is this number 5 characters? What is the function of this number? If this is a date, then show me the converter program?
You could find out yourself by looking at the source code of the first bitcoin2john.py: https://github.com/openwall/john/blob/89bf80fbd6df52ae7d04d94b3c3a826000b30549/run/bitcoin2john.pylen(cry_master): 64
cry_master : 71fe0d4dc27b24dcd1ea6639d644e8daeff04c38e30d05f0a74b17d28f25667e
len(cry_salt): 16
cry_salt : df6cabc03425d39a
cry_rounds : 35714
len(ckey): 96
ckey : 8c4ef4ce5ba442673a21d89afdc1810c653e0615c1e2537d7f61a0e03ecc152c47771b863d3b399894ba9086f1e7f261
len(public_key): 130
public_key : 04ffaa7a530a04504856eff814839320835cdec5dc446ee4811fc3db490a1a986013e6dff24d5f0c908e5dac7f0be8c7fd523de8e91eae27fba3e851dd0272daab
There are no hashes in the above numbers. Some test vectors, including some with 5-digit number of rounds, as well as what happens with all these values, can be found here: https://github.com/openwall/john/blob/bleeding-jumbo/src/bitcoin_fmt_plug.cThe exact decryption can be seen here. How the number of rounds is set can be seen here. |
|
|
|
To answer to this question, there is no need to mathematical calculations at all. The answer is the same for any public key.
Any public key can be generated by 2^96 private keys on average. Therefore, any known public key can be generated by numerous odd private keys and numerous even private keys.
You are gravely mistaken. One private key corresponds to exactly one public key, and vice versa. Each P2PKH and P2WPKH address could correspond to about 2 97 or 2 96 keys. Finding out if private key is even or odd is equivalent to solving ECDLP, which currently takes about 2 128 curve operations. |
|
|
|
There are (N-1)/2 x coordinates. The point at infinity - corresponding to private key 0 - has no representation in affine coordinates, and ususally is designated as (0,0). In secp256k1 x=0 is not on the curve. One could check if point is on the curve by checking the equation y 2 = x 3 + 7 (mod P). When having only x coordinate, check if x 3 + 7 is quadratic residue (mod P). The easiest way is to check if (x 3 + 7) (P-1)/2 = 1 (mod P). Each P2PKH is spendable in about 2 97 ways - this is the number of private keys giving the address - both with compressed and uncompressed public keys. Standard P2WPK ~2 96 - only compressed public keys are relayed. P2SH and P2WSH can be spent with every key, in multiple ways. Valid P2TR is spendable in even more ways. Given only the address one cannot know if it's spendable by someone. Edit: missing link |
|
|
|
Of course, Quantum computer is not expected to unfold completely in few years, despite IBM claims to build a quantum computer with 1000 qubits 2023. A quantum computer requires more Qubits ranging from 1000 to 100,000 to correct errors effectively. But, the problem is how will a large amount of qubits be controlled while it corrects errors. Because a QC with 300 qubits has more state than all the atoms in the universe. The number 15 was factored with 7 qbits, and 21 with more advanced algorithm and 6 qbits. Well, now 127 qbits cannot bring an improvement, 20 times more qbits and nada. So 1000 wouldn't either. More qbits - same result. However, every computer face numerical errors and quantum computer is not an exception. But, when qubits are entangled they can form a fresh qubits which can be used to correct errors regarding the brittle nature of qubits, it can be destroyed just from the heat of the environment it is placed. So, one thing that makes QC a threat like i said is that it's under construction and one day it will be established like any other technology.
For solving ECDLP the system must represent 2 256 states. Not only heat, a single neutrino could destroy the state. The major problem is that people want it to be birthed soon which is impossible and the big tech companies provide such promises to investors so that they can invest more funds into the project hoping for a quick ROI. In the past, people believed that Artificial intelligence will be ready in 1960 as published by nytimes in 1958 but, it was a false promise, despite all hope lost on AI, it came to conclusion few years ago. The so-called "AI" from recent years has little to do with intelligence. It is more a form of Artificial Idiocy. The main problem is that meaning seems not transferred physically, at least I haven't heard of a device to detect it. One word can mean a lot, no words can mean a lot, and this is without any physical difference in context. As if there's an additional space of meaning, and one tunes to different parts of it. It is very useful though, because most people don't mean anything. So no intelligence is needed, advanced idiocy works well. In conclusion don't underestimate the power of what is known and being worked on. Another thing is, tech companies are getting prepared for QC by building post quantum cryptography. Therefore, if QC is a technology that has failed entirely people won't bother building a post quantum cryptography. READ SOURCEIt would be great if I'm mistaken, but I doubt. All points towards failure. |
|
|
|
The threat of cryptanalysis attack by quantum computers which can break into public keys and expose the cryptocurrency encrypted technology and put people's funds in danger has been on the rise since the development of quantum computers. The biggest number factored by Shor's algorithm is 21 in 2012, an incredible rise of a single bit since the previous record - factoring the number 15 in 2001. Where is the threat? I try hard to see any rising threat, and fail miserably. For now QC is an utter failure. And there are indications that it will stay so. |
|
|
|
Quantum computers are vastly inferior and super expensive to use devices. Selling QC as a "superior to classic computers" is a scam. There is only one quantum superiority - generating noise. The biggest number factored by QC so far has only 19 bits. It's almost like one can find the factors faster by hand. Something more, it was done by "adiabatic quantum computer", which is useless for ECDLP. There is a fishy result of factoring 41 bit number, but it consists of mostly zeroes, and in fact is equivalent to factoring a 9 bit number. Companies are making devices with more and more magical qbits, but the reality strikes back: The largest number reliably factored by Shor's algorithm is 21 which was factored in 2012.
Yes, this is 5 bits. No improvement for 9 years. No better result from 53 qbit, or 127 qbit quantum computers. This is what will happen one day: someone will discover an ECDLP algorithm and keep it to himself, nobody will know. In the event of NSA or the likes finding out such algorithm, they would claim it's done by using quantum computer, in order to lead astray everybody and keep the advantage. |
|
|
|
|
Storing 264 (or 269) bits is possible with todays technology. To get 269 bits in a cubic meter, we need 100x100x100 nm cell size. IIRC a SRAM cell fits 100nm. Making a new Si layer is used today - CVD grows layers 10-20 nm per minute.
There are some concerns though. The power consumption might be too big, even for SRAM. And the biggest concern is bit rot. Such amount of memory will start degrading instantly (cosmic rays, etc.), so one needs to use lots of power for repairing it. Orders of magnitude more than just storing.
Since the stored information is easy to regenerate, it could be better to checksum, and regenerate it on access in case of error.
Some search gave me failure rate of around 10-13 = 2-43. So even storing it all would need workarounds in order to be error-free.
It is quite pointless to do all this. Moreover, it might be more cost efficient to do a brute force search every time a new address appears.
|
|
|
|
|
Looks like you are trying to spend non-existent UTXO. Address tb1qkvf2k3yd5mc46gf7znwnpx7vty2pfmt9ezrg6m never received coins.
Edit:
My bad, the input is tb1qydzefuvmycm2sx5ngjy6ayjnudu3r2ezu62gnx. For some reason, blockstream.info/testnet just shows mainnet, and of course, didn't find it.
This transaction has zero fee, that's the problem. Nodes refuse to relay it.
|
|
|
|
Blockchain starts at the genesis block, I don't think you can mine blocks further below that. To mine -1 block or earlier, you need SHA-256 collision. Besides that, there's 36.8% chance that there cannot be block with hash zero. If only single SHA was used, then no problem. But double SHA means 256-bit to 256-bit random mapping at the second SHA, and about 1/e of the possible outputs are unreachable. |
|
|
|
1- can you suggest to me some libraries and source code in c which are designed for an embedded system?
2- do you know any topic related to this idea or GitHub ?
You could take a look at Trezor source code: https://github.com/trezor/trezor-firmware |
|
|
|
For the intent the radio mustn't have good reception, the more interference the better, as long as it isn't just white noise, I don't actually want to be listening to whatever is said over radio waves.
You sound confused. More noise is more entropy. Less noise is less. You want as much noise as possible. You are trying to use " radio noise", but for somehow want less noise? White noise is used as the basis of some random number generators. For example, Random.org uses a system of atmospheric antennae to generate random digit patterns from white noise.
|
|
|
|
bitcoin-cli resides in the same directory as bitcoind and bitcoin-qt You communicate with port 8332 through HTTP POST, using JSON. The communication is in plaintext. Example for getbestblockhash: POST / HTTP/1.1
Host: 127.0.0.1
Connection: close
Content-Type: application/json
Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Content-Length: 49
{"method":"getbestblockhash","params":[],"id":1}
Where "xxx...x" is base64 encoded username:password or the base64 of the content of the .cookie file (__cookie__:...). For example foo:12345 would result in Zm9vOjEyMzQ1. Please note, that all newlines above are "\r\n", except after the very last line, which is only "\n". You'd get a result: HTTP/1.1 200 OK
Content-Type: application/json
Date: Thu, 14 Oct 2021 19:28:01 GMT
Content-Length: 98
Connection: close
{"result":"000000000000000000064613309ca3e8232397b467af98790b3cc3ac23479f80","error":null,"id":1}
|
|
|
|
For a BTC related project I need to create some addresses on automatic mode; the machine is offline, the machine prints both WiF Key and matching Address, there's minimal interaction for this, so it won't be able to pick much from its own memory in order to generate a good Random seed.
...
Do you think this solution would provide a good enough Random generator? If not, what/how do you think this can be improved?
Good enough? No. You need additional entropy sources. Use the Hardware RNG included in ESP32. Add a microphone. Add a camera. Add some buttons to be pressed. Feed all the data together with timestamps into Fortuna CSPRNG. Also a second seems too short - feed it for a minute. If this is too much just using the Hardware RNG might be better than radio module. Will you be around the device every time it's used? Are you sure the printer always prints what is given? Does the printer remember the last page(s) it printed? Is there an "echo" from previous printed pages on the current one? ESP32 has wifi. Maybe it has a backdoor. Can you make sure no radio wave reaches the module? |
|
|
|
Thanks so much, but I wanted to know if, during the calculation, it had to go past "0" to calculate the result like in the image I attached in my first post.
I think I was using the wrong language by saying outside of the field or curve.
I know that the addition always results in a valid point, but did it have to go "around the clock" to get there?
I am trying to show the results in my school project so the Python script (or something) would be fantastic to show it in action.
Thanks again.
Two different numbers in a modular field are both bigger and smaller than each other - there are infinite bunch of numbers corresponding to each one, positive, negative, imaginary. So comparing them makes no sense. Any operation passes through zero any number of times in both directions. Furthermore, the real x and y from the equation y2 = x3 + 7 are never both integer (or rational). They have integer representation when taken modulo p, but that's all. |
|
|
|
|
Show Posts
