In this image I put a private key that is missing 13 characters. If you can guess the password, you can have access to decrypting the characters needed to unlock the private key.
IDK what you're making but it's so wrong in so many levels. First, it's missing 14 characters ( not 13)  Next, looks like the private key is in compressed WIF format which should be in base58 encoding, means that there shouldn't be any zero, capital "o", lower-case "L" and capital "i" in the list; but there's an "O" and a "0" in the table. Lastly, why all caps? Is your 1C2SvZUDaSr6zzTTZr7vNeCo5jbz1bwiGe address' WIF private key all-caps? |
|
|
|
|
At least sort them by "file size" and start with rar/zip files that are less than 2MB; leave out the rest for later search.
It could be as low as <100kB if you still haven't generated a lot of keys.
Or as high as 2MB it received a lot of transactions.
|
|
|
|
Right, the post in your link said: -snip-
Cgminer can, but it is only designed to support ASIC mining hardware.
-snip- Means it can ( but the post was from 2015)  The 1st part means that the node cannot do the mining anymore since usually, full nodes have a built-in feature for solo mining. But since Bitcoin became non-CPU/GPU friendly, they've taken out the feature. @ inachu Care to tell us your goal and available hardware(s)? I'm sure it's not for profit unless you have a Big ASIC farm. |
|
|
|
|
People often call that scenario as "transaction dropped from the mempool";
AFAIK, there's no common term for that; call it "dropped transaction"?
Since technically, the unspent outputs was never moved, so we can't call it "returned transaction".
And Yes, that's not "double spending".
Double spending is when a user broadcast two or more transaction that spent the same UTXO(s) [in an attempt to cancel the other(s)].
|
|
|
|
A very important information for reporters: Do not just paste the direct link to virustotal's url scanner as it will scan the host/server of that url instead of the file to be downloaded.And apparently; when you paste mega.nz, it will always result with " CLEAN MX: Phishing" and " URLhaus: Malicious" regardless of the link. Like for example (just MEGA's home URL): https://www.virustotal.com/gui/url/71216ea7e98991af2c7f6226d581d2ba513e14cc585f8e8d0f6cf04bf112f755/detectionSame results, " CLEAN MX: Phishing" and " URLhaus: Malicious" Another (safely reproduce-able) Example: Try it with Electrum windows executable(s): https://electrum.org/#download <- It's safe but with false positives. Copy the direct download link ( https://download.electrum.org/3.3.8/electrum-3.3.8-setup.exe) and paste it to virustotal, the result will be clean: VT URL Results. Virustotal didn't download the file in the link, it doesn't work that way. But if you downloaded the file and uploaded to virustotal, there will be positives: VT uploaded result ( v3.3.6) <- Again, false positives
|
|
|
|
Since you've specified " localhost:8332" you must have a local Bitcoin node ( Bitcoin Core) in your PC? This wasn't mentioned but it also needs to be fully synced to work; then do this: SOLO MINING
-snip-
To enable solo mining, one must be running a local
bitcoind/bitcoin-qt or have one they have rpc access to. To do this, edit your
bitcoind configuration file (bitcoin.conf) with the following extra lines,
using your choice of username and password:
rpcuser=username
rpcpassword=password
Restart bitcoind
Based from that quote, the " username" and " password" are your " rpcuser" and " rpcpassword" ( after the =). I haven't tried solo mining since it's not recommended, so you have to figure out the rest. |
|
|
|
So, what is the practice way to find this collision? Is there any better way rather than straight brute force and luck?
For its usage with Bitcoin to generate an address, I'd say, it's pure luck since you can't pre-define the SHA256 hash of the public key. |
|
|
|
I just had in mind the probable place of collision if such collision is found. Let's say Key1 and Key2 are 2 keys leading to the same Address. So, it is more likely that public keys PubKey1 and PubKey2 are different. Then it is also more likely that SHA256 of PubKey1 and SHA256 of PubKey2 will be different. But the collision is in RIPEMD160 function transforming different SHA256(PubKey1) and SHA256(PubKey2) to the same hash, and then to the sme Address.
Indeed, for legacy addresses. If the RIPEMD160 hash of the SHA256 hash of the private key was the same, the final address will be the same. Since after hashing the Pub key using SHA256, the result will be hashed using RIPEMD160 and the next few steps will only be based from the second hash's result. But that will only happen if there will be a RIPEMD160 collision. And as you know it, its collision resistance is pretty " strong" at 2 80. |
|
|
|
So let me rephrase: if my 24-words are known, would 6 random words as a passphrase on top of my 24-words protect me against a bruteforce attack? I dont need exchange level security because im not rich, but just wondering  Yes, the BIP39 passphrase protects the entire wallet by changing the derived master private key depending on your passphrase; but each private key ( if you've exported), aren't safe when stored in an unsecured storage. I got a feeling that you're mixing up the terms: private key, keys and seed. I understand your point that my idea was more safe before I told anyone. That's why I created a new account for this question.
-snip-
But the second half of DannyHamilton's post remains valid because anyone can access the paired address' funds if its private key was leaked. But then again, there's no known hardware that can bruteforce private keys without any " hint".
What do you mean by " bruteforce attack", [1] getting the seed using the private key(s) or [2] bruteforcing the BIP39 mnemonic phrase or private key? 1: IDK if that " gossip" is even possible. But if ever, the passphrase wont help as it's not the " BIP39 seed" ( mnemonic phrase) that will be bruteforced, it's the " seed" ( where your private keys were derived). 2: Almost impossible. |
|
|
|
-snip-Already got a reply from Mprep, it wasn't him who deleted the topic, so i went further and wrote to the big boss, i hope he gets some time to help me Big boss who, admin theymos? You can also ask the other Global Moderators aside from mprep: hilariousandco and Mr. Big. They can moderate the whole forum as well. |
|
|
|
When I was a victim it was advised to me to change the hard-disk and when asked they said changing OS is not the permanent fix. Can you explain which one is the right.
Probably because of those " low-level viruses" that can infect at binary level. High-level format, aka: " format disk" or " delete partition" doesn't actually delete most of the files' traces, that's why it's possible to recover them using deleted file recovering tools. Low-level format ( zero-fill) should work in those cases, but that involves professional software tools. |
|
|
|
Bkav
W64.HfsAutoB.
Endgame
malicious (high confidence)
Invincea
heuristic
Malwarebytes
RiskWare.BitCoinMiner
Microsoft
PUA:Win64/CoinMiner
Rising
PUF.CoinMiner!8.4639 (TFE:5:HVCYVtd0IyI)
Hahah. Those detected " Coinminer" are the usual false-positives you can get by scanning any/all Mining app using a virustotal. Most known AVs won't even tag it as positive ( check the name of the AV's with positives in your image). If you're accustomed to mining, you will know if there's really a red flag ( through actual usage/different scan results) But doktor83's miner wasn't one of those. It's the indirect descendant of this old thread: SRBMiner Cryptonight AMD GPU Miner V1.9.3 - native algo switchingFor the second image: That's mega.nz ( url) that you've scanned. |
|
|
|
I know that there's been a few cryptocurrencies around (like Phoneum and Electroneum) which allow you to "mine" coins on your phone or tablet. This is great for the average person, as it allows them to secure the network (while getting paid in return) without much effort.
-snip-
FYI, Electroneum mobile miner doesn't even mine at all, it's just a micro-airdrop for their fanboys. Phoneum however implements " cloud-based mining" exclusively for mobile  that I have no idea how it works. Currently, there's no " real" mobile mining ( POW). At least for POS, the only drawback for mobile is the storage capacity. That's doable ( other than SPV) if there's such a " pruned node" (<- from Bitcoin) version of POS Altcoins. |
|
|
|
Hey xhomerx10: which tool is that one?
Thanks,
Fillippone
That looks like blockchain(dot)com's transaction tree visualization. Just search for any transaction, click " view tree chart" next to " visualize:" and click the circles to expand/extend the branches. |
|
|
|
You mean the fiat equivalent in the setting? A: It doesn't matter, that's just a selection of USD-to-BTC exchange rate. does the source matter at all if i have my fiat currency usd because all of this is very confusing bbecause im trying to findout if it matter what source it is i pick on electrum to recive from cex.io
The fiat selection is also just for " exchange rate" basis, it doesn't matter as electrum is only designed for Bitcoins. Note: Make sure to buy more than the requested amount by the seller, because some of the amount will be deducted as fee. And make sure that you're using the real electrum ( electrum.org) since there's too much fakes in the net lately. |
|
|
|
Here are some privatekeys Leading to same addresses [Compressed and Uncompressed]
KxqjPLtQqydD8d6eUrpJ7Q1266k8Mw8f5eoyEztY3Kc6jtMsgkXp
-snip-
5JBb5A38fjjeBnngkvRmCsXN6EY4w8jWvckik3hDvYQMnakxLRd
Leads to
1C4LeCvgTFJJjxiuPMGgW26PAqmfEBfSL5 [Compressed]
1DU46StbrH652jBv7dE8DWMg4rTRy2rU5W [Uncompressed]
Those " two" WIF private keys aren't different, those are basically the same private key: 305E293B010D29BF3C888B617763A438FEE9054C8CAB66EB12AD078F819D9F7FThere's no collision there. BTW, if you just base it from their WIF format, both private keys derived different addresses |
|
|
|
1. You could export all the private keys of addresses that have already been generated by the wallet. Wallet menu > private key >export will do that. But as you use your wallet it'll derive new addresses from the seed so your backup will quickly go stale.[1] Could you tell me what that means? I do not understand what kind of private keys exist. [2] A wallet has its private key (just one) and [3] each address in it has its own private key as well, right? It's so confusing  Not in particular order... just because. [2] No, that's the master private key derived from the SEED, it starts with xprv/yprv/zprv where all your addresses' prv keys were derived. [3] Each addresses have their own private keys that starts with 5, K or L. [1] If you just backup the existing prv keys, kept on using the wallet until it generated new addresses; then, deleted the wallet file and didn't backup the seed, you won't be able to spend from the new addresses since you didn't have their private key pairs. |
|
|
|
I have all keys to all three wallets. I created all wallets with vanitygen so I did not use any specific software. I could use either core or electrum or sign a transaction offline and broadcast it from a USB pendrive.
1BTC is at stake so, go for " offline keys - online addresses" electrum setup. - Download electrum install it in your offline and online machine.
- In your offline machine, create an imported wallet "import addresses or prv keys" and paste W1 and W2's prv keys.
- In your online machine, create a watch-only imported wallet using the same option but paste W1 & W2's addresses instead.
- Create a raw transaction using your online machine sending 1BTC to W3, click "preview" and check if W2's balance isn't enough for the fee & destination addr, etc; then "export" and save.
- Transfer the file to your offline machine then import it using "Tools->load transaction->from file".
- Sign it and copy the raw tx or export to USB pendrive, then broadcast using your online machine.
|
|
|
|
No, I don't have seed. I created it in 2017 and it is my very first bitcoin wallet. I just reset 2FA of that account minutes ago, but the recovery page has only one option, which requires seed. Are there other way to recover my account without seed?
Without the seed, the only way to recover it is to find your wallet.aes.json to bruteforce the passphrase; but if it's 2017, I doubt that they've sent it to your email. Resetting/Disabling 2FA wont help if you can't access your account via WalletID+passphrase. They can't help you with your lost passphrase either: |
|
|
|
|
Show Posts
