 Show Posts
|
|
Pages: « 1 2 [3] 4 »
|
|
@ymgve2
To generate fake r,s,z you can use public point and calculate 2 random and add it.
For example G is ecdsa SECP256k1 generator, PublicKey is ecdsa point, N is order
u = randint(1, N)
v = randint(1, N)
r = (u*G+v*PublicKey).x.num % N;
s = r * pow(v, N-2, N) % N
z = u * s % N
Now you have valid r,s,z pair for that public key.
@fxsniper
lattice attacks script leak 6 bit when use gen_data.py but you can use 4 bit too its minimum and 100 r,s,z,leak data need else this attack will not work.
Still there is no way to leak or know 4 bit even for generated or original signed R.
|
|
|
|
|
@COBRAS
What for ?
19sq9qWjsGH3DRrS5uPe9VE1sUAPf8hBFG uncompressed
16LVmLB8w9UpPFJHwehBdNdjCVeYhRWQ5V compressed
both are empty what you paying or asking private key for ?
download bsgscuda and you can do this in less then 5min your self on any morden GPU.
|
|
|
|
|
@garlonicon
above example is leak known bit atlast 4 bit need, with min 90 sign else attack will not work.
so each r,s with 0 to 15 (4 bit) need to be test.
each result with 90 sign look like lot of processing power need for this.
if possible to design Matrix to test each 4 bit with each pair of r,s then may be this attack is possible.
but i don't think this possible. is it ?
|
|
|
|
@abadon666999 3 bytes if 5 digits missing its too easy for anyone to bf by CPU and python. not take more then few minutes or even less. If you are not good at python or coding you should use next codes. #!python3
# ////for bitalktalk.org \\\\
from bit import Key
from bit.format import bytes_to_wif
fixedata = '18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206'
addresstomatch = ''
def compresedbf():
for x in range(0,16777216):
Keyfound = Key.from_hex(fixedata+hex(x)[2:].zfill(6))
if (Keyfound.address==addresstomatch):
with open("win.txt","a") as rf:
rf.write(fixedata+hex(x)[2:].zfill(6) + '\n');
rf.close();
exit("Found private key wrote in win.txt")
def uncompresedbf():
for x in range(0,16777216):
Keyfound = Key(bytes_to_wif(bytes.fromhex(fixedata+hex(x)[2:].zfill(6)),compressed=False))
if (Keyfound.address==addresstomatch):
with open("win.txt","a") as rf:
rf.write(fixedata+hex(x)[2:].zfill(6) + '\n');
rf.close();
exit("Found private key wrote in win.txt")
update your data with address and check it. this single thread its possible to make multiple thread too. but for 3 bytes no need. for compressed run compresedbf() for uncompressed run uncompresedbf() |
|
|
|
Hi This will be easy way to understand how its made. Private key 0000000000000000000000000000000000000000000000000000000000000001
WIF UNCOMPRESS
5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf
800000000000000000000000000000000000000000000000000000000000000001A85AA87E
double_sha2("80"+"0000000000000000000000000000000000000000000000000000000000000001")
first 4 bytes is checksum A85AA87E
WIF COMPRESS
KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU73sVHnoWn
800000000000000000000000000000000000000000000000000000000000000001014671FC3F
double_sha2("80"+"0000000000000000000000000000000000000000000000000000000000000001"+"01")
first 4 bytes is checksum 4671FC3F Checksum provide confirmation when import that we loading correct private key compressed or uncompressed. |
|
|
|
Very simple with python example code. #!python3
from bit import Key
from bit.format import bytes_to_wif
#for compressed private key address.
compressedkey = Key.from_hex("hex key data") # or from int compressedkey = Key.from_int(intdata)
compressedkey.create_transaction([], leftover='addressofyourchoicetorecieveall')
#for uncompressed private key address.
uncompressedkey = Key(bytes_to_wif(bytes.fromhex("hexdata"),compressed=False)) # or from int uncompressedkey = Key(bytes_to_wif(Key.from_int(intdata),compressed=False))
uncompressedkey.create_transaction([], leftover='addressofyourchoicetorecieveall')
More details at https://ofek.dev/bit/ |
|
|
|
|
Hello
api blockchain.info/q/pubkeyaddr/18yGdLieoWDBrkfFcU6mSJJzNMMfRztDUg
Also you can extract public x,y from R,S,Z if its made output transaction.
Math is "Y = (R*s-G*m)/r"
|
|
|
|
|
it's just me or anyone else also see his opensea post for 999ETH show confirmation of 1840 birth year
but it's don't confirm 5AB7 still so 5AB7 is not data but clue related to NO.50 ?
if this puzzle is scam i wasted lots of time.
|
|
|
|
|
Possible hints till now.
born year 1810 or 1840
For first ? in bitcoin alpha line 5AB7
V I S I O N "V" stand for verify
VISION 313 bitcoin white paper words how many time its in it.
as per hint V is verify which is repeated 7 time i made guess my example is
"verify input signature incentive owned node"
7 3 3 7 2 7
opensea NO.1 and NO.159 without it, there is no chance to solve this puzzle
anyone have idea to share ?
ps: i like this idea, why spoil game by getting all hints ? each week 1 hint sound exciting.
|
|
|
|
|
@Sansa_Stark
If you have 2 different S for same private key or public key then its possible to break X,K
If you have 2 same R of different private key or public key and have 1 of private key still you can break X,K each others.
Chance of having same R is less then 0.00000001% all possible issue related to same R are eliminated many year go.
|
|
|
|
|
@walletrecovery
Hello
my my mistake your talking about bitcoin wallet.dat which is database.
db file always store name + size in hex for data + data
“ in hex is 0x22 so 34 char next to read ‘\0’ terminated.
|
|
|
|
|
@walletrecovery
May be its in unicode ? if name in unicode some utf-8 viewer may change it to english chars.
what are the hex bytes before and after ?
|
|
|
|
|
@Dylan41
Can you add some more info what about NO.1,NO.159 they will be public here even if any one buy or not buy on opensea ?
|
|
|
|
|
For centos there is kernelcare package free & paid both available suitable for apply patch without reboot.
|
|
|
|
|
@JBRai
wif missing is less then 6 at any place that can be recovered in 60min more or less. but if you missing checksum in wif it may take while but still possible.
i have made tool for cuda to practically test all possible pair with there checksum. but there are many false positive too.
my tool approach is different what PawGo coded. i use base58 decode and checksum match effort to validate it.
Do you have gpu ? i can send you app for testing.
|
|
|
|
@garlonicon It's possible with current gpu to make bruteforce 2 random int to match Z which we need for known public key? i made some test with cpu and python running from 48hrs not found any yet. but what you think about GPU if they can do this kind of job or even possible ? sample code. u = randint(1, N)
v = randint(1, N)
r = (u*G+v*PublicKey).x.num % N
s = r * pow(v, N-2, N) % N
z = u * s % N
matching z with list of my known precalculated z for my choice of output.
|
|
|
|
@xlameee you can use hashcat first use bitcoin2john.py to convert your wallet to hash. second at end of line add ?x depending your requirement. ? | Charset
===+=========
l | abcdefghijklmnopqrstuvwxyz
u | ABCDEFGHIJKLMNOPQRSTUVWXYZ
d | 0123456789
h | 0123456789abcdef
H | 0123456789ABCDEF
s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
a | ?l?u?d?s
b | 0x00 - 0xff for example your password is "156Apassword911" |
|
|
|
|
