I may be wrong about this but the way I see it, like everything else such as block size this is purely about what is less bad.

On one hand we have a network of nodes that all run one implementation that if that has a vulnerability which is exploited the whole network will be crippled and the damage will be big.
On the other hand we have new different implementation(s) that might have vulnerabilities and might introduce attack surfaces that will not cripple the network and we have ways to fight these attacks to some extent. So any damage done won't be near as big.

What is the damage of this sybil attack? Some exchange and the traders losing money? That is not new.
What is the damage of a vulnerability like this being exploited? We would be forced to do a "roll back" and lose immutability of bitcoin.

But you just described Sybil Attack which can happen with or without multiple implementations of bitcoin. It doesn't even need a vulnerability or hashrate to happen.

I do say we need more implementations of bitcoin from scratch. It won't be a perfect solution and it will take time for the software to reach maturity of bitcoin core but the benefits of it are more.

YUP. That was it. Thanks.
I missed the fact that 47 (or the right one 48) is the size of the first stack I mistook it for a DER-length.

If I am not mistaken 48 should be a Compact size integer?

That is not "extra", that is sigHashType (01 for signall).
An example tx from last block:
https://blockexplorer.com/api/rawtx/85478be31ee805af627562a4b30b44a3321acdf593fb72c99660065a0c7bf301

I have been working on EC calculations, ECDsa signatures and DER-encoding, considering the randomness of the results and the fact that I am not using any kind of external libraries for any of the steps, I don't know how correct my resulting signatures are!

Lets take the transaction in this example with the following private key:

How can I verify whether the following transaction has a valid signature (ignore the fact that the transaction it is spending does not exist):

I will try with TestNet coins later, but for now I would like to know which part I messed up (if any) for today.

If you want a vanity address then use the project here:
Source: https://github.com/samr7/vanitygen
ANN: https://bitcointalk.org/index.php?topic=25804.0
It is fast and tested.

If you want to create your own code then I'm afraid you have to write it from scratch if you want it to be fast. NBitcoin has a lot of bottlenecks that is slowing the process down. That library was not meant to be used for speed.

I can't understand parts of your code. For instance what is currentAddress in part 1, is it public key? And why perform double sha256 on it?
Also try Buffer.BlockCopy it is slightly faster.

In your part 2 the base58 encoding is entirely unnecessary since BitcoinSecret constructor will decode it again! https://github.com/MetacoSA/NBitcoin/blob/master/NBitcoin/Base58Data.cs#L63
Create a new instance of Key and pass that in the ctor instead:
https://github.com/MetacoSA/NBitcoin/blob/d21f31311180041a15524588b443767cf95951ec/NBitcoin/Key.cs#L48-L62

Your part 3 has multiple cases where it slows down. The ECC which is unavoidable to convert private to public key (although some methods of scalar multiplications are way faster than others, I believe NBitcoin uses bouncy castle for that which will most probably use a fixed time method. This can be improved if you care to rewrite ECC but I wouldn't recommend it), then another base58 decode and check of the input which can be avoided if you code it from scratch yourself and another base58 encode which may be avoided but I am not sure, have to really check how vanity address creation works under the hood.

P.S. All the Base58 encode/decode functions are slow because they are all using BigInteger which will slow things down drastically (specifically 6 times slower based on my tests)

In case you are wondering where are these numbers coming from, you should know that these aren't magic numbers or constants anywhere. These are simply the size of the "data" that represent an address! The first thing you should ask is "what is an address?" This will also clarify things for the question above regarding Bech32 and @theymos answer regarding 2¹⁶⁰ and 2²⁵⁶ number of addresses.

An address such as 1BgGZ9tcN4rm9KBzDn7KprQz87SZ26SAMH or bc1qw508d6qejxtdg4y5r3zarvary0c5xw7kv8f3t4 is simply the "human readable" encoding of some data. Now that data simply has a fixed size. In case of P2PKH and P2WPH address examples above this data is RIPEMD160(SHA256(publickey)). Basically you are encoding (to be human readable) the result of RIPEMD160 cryptographic hash function. The encoding can be anything, in bitcoin we use Base58 encoding for first address example and use bech32 for the second.
This hash function as its name suggests is 160 bits in size. So the number of possible results it can have is 2¹⁶⁰.
Math:

What about 2²⁵⁶ then?
That "data" is not always the same. We have different types of addresses. For instance it can be a scriptHash, in which case it is the result of a SHA256 cryptographic hash function which is obviously 256 bits of data hence the 2²⁵⁶ possible addresses.

Try this one then: https://github.com/Coding-Enthusiast/StellarCracker-NetCore
The released (compiled) version: https://github.com/Coding-Enthusiast/StellarCracker-NetCore/releases
It is using .Net core so it would be cross platform. You need to install .NetCore on your Linux though. Here is a guide by Microsoft: https://www.microsoft.com/net/download/linux-package-manager/ubuntu16-04/runtime-2.1.2
In the last line just install dotnet-runtime-2.1/, it is about 20 MB, tested on Ubuntu 14 myself.
Run it with:

For preview and stats purposes:
mode1:

mode2:
https://i.imgur.com/9FKMlfy.jpg

I was working on ECC today, specifically to get Y from X and X from Y so my brain is fried right now. I have no idea how you are getting the list!
Here is the repository: https://github.com/Coding-Enthusiast/Stellar-Key-Brute-Force
You just have to put the keys (1 per line) in a .txt file named keys in your C:\ drive and run the app. It will loop through the keys and take the valid key(s) and puts them in a new file called validkeys.txt in same directory.
Do you need a compiled .exe version or do you have Visual Studio?

P.S. Checking 1000 keys only takes 0.019 seconds.

You can not brute force a private key like this. The possibilities are limitless. You need to at least know where the wrong character is and limit the search to a couple of million keys at most. Otherwise if you try to put 32 characters in each place and check all the possibilities then you have to check 32^55 keys!

I'll try to make a quick tool to do the check on a given list it in a little while.

Well, 2*5 and 2+5 are also both mathematical operations but you call the first one multiplication and the second one addition and you can't call both of them addition!

Based on a quick research: An stellar private key is a base32 encoding of the (version byte + private key + checksum) and checksum is the CRC16-XModem hash of (version byte + private key) and is 2 bytes. Version byte is 144 for private keys and I believe it uses the default rfc4648 charset but I may be wrong (ABCDEFGHIJKLMNOPQRSTUVWXYZ234567).

NO! Private key is NOT hashed to create public key.

The way you get a public key is by using a elliptic curve cryptography techniques. And that is basically a set of operations on points on this plane curve over a finite field. This operation only works in one way and not in reverse. In other words you can easily find the public key from private key but if you try to find the private key from your public key it would be impossible. It requires solving Elliptic Curve Discrete Logarithm Problem which was introduced in 1985 and so far the mathematicians have not been able to find any solution for it.

Have fun reading: https://blog.cloudflare.com/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

There are different versions of mini private key, it can be 22, 26 or 30 characters long. By the way the character <1> is invalid.

Nodes not accepting 0 fee transactions doesn't make bitcoin centralized. If you don't like this then start from yourself by accepting and relaying 0 fee transactions. Change your minrelaytxfee to 0 and then you can share your node IP address so that others who want this connect to you instead of other nodes. There are other nodes that would relay 0 fee transactions.
By the way are you sure Doge or LTC have free transactions? Last time I checked they had empty blocks but nobody relayed 0 fee transactions.

There is no OP_Locktime as far as I know. There is OP_Hold and that is irrelevant here. He is talking about locktime, as in the last 4 bytes of every transaction. When you set it to a specific number (it can be datetime or block height) your transaction can not be mined unless that time is reached.
And by the way your transaction will be rejected by the whole network if it is supposed to be mined in the future.

These are just bytes, think of it as another language between two computers talking to each other. This is what your bitcoin core node is doing in the background. It is sending and receiving thee messages to "communicate".
f9beb4d9 says start here.
76657273696f6e0000000000 says the type of message I am sending you is "version"
766572616b00000000000000 says the type of message I am sending you is "verak"
The rest is other information such as IP addresses, ports, latest block height you have,...
That's the "greeting" part.
747800000000000000000000 says the type of message I am sending you is a "tx"
The rest is the transaction itself.
https://bitcoin.org/en/developer-reference#p2p-network

It is so easy to broadcast your transaction, you don't even need a client
Just connect to a seed node IP and ask for a list of node IP addresses.
Take one of the addresses and open a socket over port 8333 and use that IP to connect to and say "hi" like this (you may want to change the IP in it but it doesn't matter because it is flexible):
Then wait to hear "hi" and a "handshake" back. Then "shake" the hand like this:

Now that the greeting is over you can start talking with that node. In your case you just wanna tell them about your transaction, so just do that:

Rejected? Try another IP.

This, although being correct steps, was posted just for fun. I may have made mistakes since I didn't use a code, I just made them by hand. If you are interested I can explain with more details.

If using it for missing 1 char, it doesn't matter but FWIW there seems to be a couple of bottlenecks in this function that will slow things down drastically.

First is the fact that each time an invalid key is passed to this function it raises an exception. I have 0 experience in Python but in C♯ throwing exceptions is "expensive" apparently it is not so different in python either[1]. This can be changed to simply returning false if the key is invalid. This will probably make things faster at least 10 times (not benchmarked)

Second thing I could notice is that it is converting the input back to a bignum (or what we call BigInteger) and then converts it back to a byte array and starts performing hashes (for checksum) on it. This step is slow and unnecessary. Converting the base58 input directly to base256 (byte array) made it 6 times faster (I did benchmark this!)

[1] https://stackoverflow.com/questions/2522005/cost-of-exception-handlers-in-python

I get what you are talking about but base-16 is just another representation of an array of "numbers", it doesn't really make a difference if I write 14 12 15 with spaces or 0e 14 0f with or without spaces, they are both representing the same set of numbers in base-256. The only possible way to clarify things is if I start typing them in binary like this but that's just impossible to read:


Additionally hex or base-16 is a very easy and convenient way to transfer arrays of "numbers". For instance you can not input each of those "numbers" (14, 20, 15...) one by one in an array when coding, it would take a long time and it is easy to make a mistake. But you can very easily give your code the hexadecimal string representation of it and decode it into the array of "numbers" then treat those "numbers" however you like.

I am going to add both numbers and binary, maybe that helps visualizing it better.

Well, "version byte" is the name of the "0" we are appending to it, I can't just change that name:
https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#witness-program
https://github.com/bitcoin/bips/blob/master/bip-0142.mediawiki#rationale