 Show Posts
|
|
Pages: [1] 2 3 4 5 6 7 »
|
I meant use Electrum offline on desktop. Create & sign a transaction then sweep the BTC to Ledger Flex new address. Copy siged transaction file to new USB. Then use new laptop, new phone, sim, hotspot & internet connection to broadcast transaction via Electrum.
I dont pay attention to the fine details till its required. I apologise for the confusion.
FWIW, I think you may be over complicating things. How are you going to create the offline transaction? Sounds like that could be a place to introduce irreversible errors. The advice LoyceV has given is sound. However I would do it slightly differently. You have found the private key to create the offline transaction. Instead of creating the transaction yourself, transfer the private key to a text file on a USB stick to place in your online machine. If you like you could turn off your WIFI at the wall to be extra sure. Then you can open Electrum and sweep that key directly into your Electrum wallet, reading from the usb (with wifi back on). Electrum only exposes your private key on your PC for a fraction of a second in order to sign the transaction for you, then broadcast it. The private key is not broadcast. If the key is correct you will have the balance shortly. Let Electrum do the work for you. Of course you must make sure Electrum is downloaded from the official website and the private key is in the right format (WIF) it will start with a 5. Conversion to WIF is all over the internet but on no account do this online with your private key or your coins will be gone. Familiarize yourself with Electrum with an empty wallet before attempting it for real. Good Luck. |
|
|
|
And don't forget, if you find the key therefore the address you will have the same amount in Bitcoin Cash (BCH) which is yours. So transfer that too. At some point, you will have to see whether the address you have has a balance by going online and checking it. here is a site to do that https://www.blockchain.com/explorer/search?search=16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM you will see how it gives 2 addresses to check. As has been said, do all your tests and checks offline and don't publish the key anywhere. If you need a simple offline script to change private keys into the various formats (address, WIF etc) send me a pm and I will send it to you. I may have already put this on the forum on one of my posts. Good Luck. |
|
|
|
tweak your code to look like this
def sign(privkey, nonce, message):
known_bits = 6
kbi = int(2 ** known_bits)
kp = nonce % kbi # k nonce % kbi
z = message
nonceG = nonce * G
rx = nonceG.x()
ry = nonceG.y()
rx = int(rx)
s = (z + rx * privkey) * modinv(nonce, n) % n
return rx, s, z , kp
# Example usage
private = 0x12345678901234567890 # Example private key
public_key_point = private * G
public_key = (int(public_key_point.x()), int(public_key_point.y())) # Get x, y coordinates
print('public_key (x, y):', public_key)
for i in range(1, 5):
nonce = random.randrange(2 ** 256 - 1)
message = random.randrange(2 ** 256 - 1)
r, s, z ,kp = sign(private, nonce, message)
print("k =", nonce)
print("kp =", kp)
print("r =", r)
print("s =", s)
print("z =", z)
print()
I have not used sagemath and the answer was in the original gen_data.py script. |
|
|
|
Unless you have some idea of the password or it is a short password, you have little chance of recovering the coins. The best bet is to examine the CDROM very carefully as has been suggested and check with your mother if possible, what passwords he may have used for other things such as email. There may be a pattern. If there is any paperwork, check that for passwords too. I would not suggest you hand your wallet out as it is not corrupt and could have a simple password that others with powerful equipment may hack in minutes. What is safe, is to make a 'hash string' using this btc2john software. https://github.com/openwall/john/blob/bleeding-jumbo/doc/README.bitcoin It looks daunting but isn't. the result, which will look something like this: $bitcoin$64$02eecf1f942b9c8cf7479a9a5f1055297fed799cac5a79c4635973c83cb6b938$16$15863bcede2eb336$343753$2$00$2$00 can safely be sent out to people. If that can be decrypted correctly, the password used is correct. That string,does not contain the key with the funds, that are in the wallet.. There is no time limit on decryption or practical limit to the amount of guesses. |
|
|
|
I put this up a while back. Have a look at the last post. OFFLINE you will be able to substitute and test your information. You can also modify it to make it more useful to you https://bitcointalk.org/index.php?topic=5331322.0It will be a long process good luck. |
|
|
|
Please, if you're reading this and you have the actual 340 BTC wallet, contact me ( pacossii105@gmail.com), because the three of us can be millionaires. is this the address? 1JqPFnGPhHhy54zJKmC1MPiczzgFjCmzE9 The wallet I have, has the correct public key which resolves to the address and an encrypted private key but I am sure the wallet is fake.. The interesting thing is the real wallet associated with 1JqPFnGPhHhy54zJKmC1MPiczzgFjCmzE9 has not sent any coins so the public key has not been transmitted. How did the faker get the public key? |
|
|
|
For reference, here is the whole thing. It works for me and I will not be changing anything but bugs. There are more elegant and slick ways of doing this, but this is the simplest way I could break it down I Suggest you make your own wallet with a known password to experiment with. import hashlib
import binascii
import pyaes
import os
import random
# Wallet software generates a random 32 byte master key. (How this is done is well documented and is not
# explained here). The master key needs to be encrypted to protect your funds. The one below is made up.
# You can substitute your own key below to try the software but DO NOT publish your own key anywhere.
mkey = binascii.unhexlify("5c5692daff165d3d32e5c05a56dde3b2d0ebc05f133f8d0616941e9abe7e0fb0")
# Wallet software will ask you for a password to encrypt the master key.
# You can change the password below for your own, but don't lose the b in front.
pw_txt = "alberto" #Thank you AlbertoBSD for Keyhunt!
password = b'alberto'
# Also needed is some 'randomness' in the form of a salt and an iteration count. These are generated by the wallet.
# Use the # to comment out the salt and iteration count below if testing your own values.
# create a random 8 byte salt and iteration count.
# salt = os.urandom(8)
# iterationcount = random.randint(2500, 50000)
# Now if you run the program several times, you will see you get different wallet keys for the same password.
# The random salt and iterations help prevent duplicate wallet keys for the same password.
# These two values are saved in wallet.dat so that the wallet key can be recreated (not decrypted) if you know the password.
# here you can substitute your own salt and iteration count from a wallet. Remove the # in front
salt = binascii.unhexlify('a49e804e25740714')
iterationcount = 91705
# Hashing with SHA512. This process generates the wallet key and IV. It is one-way. You cannot go back from
# here to recover the password, which is why it is so important you remember it.
# It is also essential that the password is strong because this is where dictionary attacks can take place.
# Remember the salt & iterations are recoverable from the wallet.dat files!
hash512 = password + salt
i = 0
while i < iterationcount:
hash512 = hashlib.sha512(hash512).digest()
i = i + 1
# The wallet key is the first 32 bytes of the hash result.
wallet_key = hash512[0:32]
# The IV (initialization vector) is the next 16 bytes of the hash
iv = hash512[32:48]
# We now have all we need to encrypt the master key
# Encryption with AES-256-CBC
encrypter = pyaes.Encrypter(pyaes.AESModeOfOperationCBC(wallet_key, iv))
ciphertext = encrypter.feed(mkey)
ciphertext += encrypter.feed()
# The cipher text is what you see in the wallet.dat files as Mkey followed by 48 bytes
# There are also Ckey's which hold the private spend keys for each address.
#######################################################################################
# Your master private key is now encrypted!!
#######################################################################################
# Decryption is the reverse process using the same wallet key and IV to process the ciphertext (Mkey)
# Decryption with AES-256-CBC
decrypter = pyaes.Decrypter(pyaes.AESModeOfOperationCBC(wallet_key, iv))
decryptedData = decrypter.feed(ciphertext)
decryptedData += decrypter.feed()
# The master key is now decrypted for all the world to see.
# Before we can spend any funds we need to decrypt the Ckeys which hold the private spend keys to the addresses.
# As you can see with no Ckey's, wallet recovery services cannot access your funds. It is safe to send Mkey ciphertext
# iteration count and salt but not the wallet itself as this has ALL the keys.
# ======================================================================================================================
# Now to decrypt a Ckey which holds the private spend key to an address. Here's one I made earlier.
# public address: 18sGovZjm83NhxXQb1bsxogCqXiYE5nXn7
ckey = binascii.unhexlify("316787cf83a3c9caeca2a2b20f0879edc2a8c60ed127453c00330d1ac009402d78eff292b03e588a3b858410ea2628ed")
public_key = binascii.unhexlify("027a098dbada15a831c66491cb20dee174d4971fdd9766a3b6c3dc64562cbb6524")
# Hash the public key twice
hash1 = hashlib.sha256(public_key).digest()
hash2 = hashlib.sha256(hash1).digest()
# The IV to the private key is the first 16 bytes of the hash result.
pk_iv = hash2[0:16]
# Decrypt the ciphertext Ckey with the master key and IV
decrypter = pyaes.Decrypter(pyaes.AESModeOfOperationCBC(decryptedData, pk_iv))
decryptedckey = decrypter.feed(ckey)
# The plain text 32 byte raw key is now visible to the world!
# You can put the key into one of the online services and see the result is the compressed public address above.
# Display results
def printData(text, data):
print(text + "(hex) :" + data.hex())
print("Password ", pw_txt)
printData("SHA512 ", hash512)
printData("Wallet Key ", wallet_key)
printData("16 bytes IV ", iv)
printData("Encrypting ", mkey)
printData("Ciphertext ", ciphertext)
# Decrypted data
printData("Master key ", decryptedData)
# Ckey output
printData("\nCkey :", ckey)
printData("Public Double hash :", hash2)
printData("PK IV :", pk_iv)
printData("Private Key :", decryptedckey)
printData("to public Key :", public_key)
# If you have found this useful please consider a small BTC tip to bc1qg82720gvdyvnc3jycnun348fhs3qam44nsmeqm
|
|
|
|
|
@RetiredCoder
Thank you for making the 'old card' version.
Compiled first go, no errors, works on my old GTX1060 @ 188MKeys/sec
|
|
|
|
|
I am trying to get the code to run on my humble GEFORCE 1060
I have made etar's modifications and get this.
CUDA devices: 1, CUDA driver/runtime: 12.2/12.0
GPU 0: NVIDIA GeForce GTX 1060 6GB, 5.93 GB, 10 CUs, cap 6.1, PCI 83, L2 size: 1536 KB
Total GPUs for work: 1
BENCHMARK MODE
Solving point: Range 78 bits, DP 16, start...
SOTA method, estimated ops: 2^39.202, RAM for DPs: 0.547 GB. DP and GPU overheads not included!
Estimated DPs per kangaroo: 157.013.
GPU 0, cuSetGpuParams failed: invalid argument!
GPU 0 Prepare failed
GPUs started...
BENCH: Speed: 125829 MKeys/s, Err: 0, DPs: 0K/9646K, Time: 0d:00h:00m, Est: 0d:00h:00m
How can I fix the GPU 0, cuSetGpuParams failed: invalid argument! error?
Thank you.
|
|
|
|
Try this. DO NOT USE YOUR WORDS ONLINE. Download the web page and use it offline. See offline usage at the bottom of the file. https://iancoleman.io/bip39/Try all the derivation paths and enter the addresses (Only) in a blockchain explorer online Given the age of your wallet it will start with a 1 e.g 1LqfqqrPp6pASY5kNbVseawXiEnZP8QfC9 If you find one with a balance, its yours. Good luck |
|
|
|
|
Have you tried
8 years ago 06/05/2016 - 08:55:22. The date and time of the transaction?
That was UTC. You may be in a different timezone..
|
|
|
|
Here are your options. def extended_gcd(aa, bb):
lastremainder, remainder = abs(aa), abs(bb)
x, lastx, y, lasty = 0, 1, 1, 0
while remainder:
lastremainder, (quotient, remainder) = remainder, divmod(lastremainder, remainder)
x, lastx = lastx - quotient*x, x
y, lasty = lasty - quotient*y, y
return lastremainder, lastx * (-1 if aa < 0 else 1), lasty * (-1 if bb < 0 else 1)
def modinv(a, m):
g, x, y = extended_gcd(a, m)
if g != 1:
raise ValueError
return x % m
N = 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
# Control
# R = 0x00d47ce4c025c35ec440bc81d99834a624875161a26bf56ef7fdc0f5d52f843ad1
# S = 0x0044e1ff2dfd8102cf7a47c21d5c9fd5701610d04953c6836596b4fe9dd2f53e3e
# Z = 0x00c0e2d0a89a348de88fda08211c70d1d7e52ccef2eb9459911bf977d587784c6e
# X = 0x00c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96
# K = 0x007a1a7e52797fc8caaa435d2a4dace39158504bf204fbe19f14dbb427faee50ae
R = 0x007e6a9ba2cb33641246c5eb873d4ac35c6c9b0e24414789197e7ab7a1755c03e3
S = 0x00f5e5d215c56968f04f950044f89e056d8f7d637af698671d003e5be5f36c80c8
Z = 0x00a9327aba1cbc6180ef2ccd7263f9cccee589c6470c9bd0be27775e4339917daa
X = 0x00b468ebc8d97677f6fa98a2c5c1b55d5249632b655f1a9ac46736f4cfa7b7c12f
K = 0x0023f930da5ee9fd50a92fbb690803f799819647c800d173ffae062699fe59ae22
# proving R = (((S * K) - Z) / X) % N
print('R ' + hex((((S * K) - Z) * modinv(X, N)) % N))
# proving S = ((Z + (X * R)) / K) % N
print('S ' + hex(((Z + (X * R)) * modinv(K, N)) % N))
# proving Z = ((S * K) - (X * R)) % N
print('Z ' + hex(((S * K) - (X * R)) % N) + '\n')
# proving X = (((S * K) - Z) / R) % N
print('X ' + hex((((S * K) - Z) * modinv(R, N)) % N))
# proving K = ((Z + (X * R)) / S) % N
print('K ' + hex(((Z + (X * R)) * modinv(S, N)) % N) + '\n')
I am sure more mathematically minded people can offer alternate arrangements. |
|
|
|
Thank you.  That was the issue which is now resolved. It compiled and ran first time. |
|
|
|
I am trying to compile this code https://github.com/iceland2k14/KeyHunt-Cudabut it will only compile without cuda support the error message is ./KeyHunt -l GPU code not compiled, use -DWITHGPU when compiling. However I can see it happening. A lot of output ending with g++ -DWITHGPU -m64 -mssse3 -Wno-write-strings -O2 -I. -I/usr/local/cuda/include -o obj/GmpUtil.o -c GmpUtil.cpp g++ -DWITHGPU -m64 -mssse3 -Wno-write-strings -O2 -I. -I/usr/local/cuda/include -o obj/CmdParse.o -c CmdParse.cpp Making KeyHunt... It works in cpu mode. VanitySearch and kangaroo from JLP both compile with gpu support. Any ideas please?? |
|
|
|
Pubkey = 02ceb6cbbcdbdf5ef7150682150f4ce2c6f4807b349827dcdbdd1f2efa885a2630 puzzle #120 --- k1 = 0x00000000000000000000000000000000025d46d0bccbc08eafa03912b3f2c206 r1 = 0x890895144c4a40cd18126d1ce6534e03ab909c8c3692f1cc108fec8e2e4dea97 s1 = 0x51bc4ff0a414d66113e354a7070f47eba8ab76035e776ed2123c7d5ee991b800 z1 = 0xf11d940943f16b4117aea030d0b0cf7f6781e99f2babe05daa574a10b072bc44 k2 = 0x00000000000000000000000000000000029c9ececdceab18cfba91146e5ded7e r2 = 0x2e772d6ea8cd5dc0b4f06a5f4e5ea057cb65b27a820acb0df711e2855052193f s2 = 0x83e65d972d090e8d975e5ed99f55c9bbc20fcf692344cf847f3639f4ff026d63 z2 = 0x625ed03aa7e42bb1f65e5546861807a0a52fc52cb20a6b4bdc32b2028e70904b k3 = 0x000000000000000000000000000000000141bf2eb7b3d7b7b5bbf78d4f28bcda r3 = 0xb32f2f28d07cd0a9cc139905e1875379b9349fd21ccb838e380215afa5f26eac s3 = 0x15d30ec6841a4e59bbb87bfc11ebf7cab78b5eb2e5ce742ebe7d07a060ebfc5b z3 = 0x3677c07287e8742faf74b964476405f1f153466b26234b3461b268ee00676ce8 121 bit : 3 r,s,z use LLL_nonce_leakage.py , you can found private key about 1~2 second What are the modifications to the LLL_nonce_leakage.py necessary to do this? My output was Fixed Nonce bits = 120 Minimum Signature Required = 3
###############################################################################
Pubkey: 02ceb6cbbcdbdf5ef7150682150f4ce2c6f4807b349827dcdbdd1f2efa885a2630
###############################################################################
Original Matrix
[[115792089237316195423570985008687907852837564279074904382605163141518161494337, 0, 0, 0], [0, 115792089237316195423570985008687907852837564279074904382605163141518161494337, 0, 0], [2467487001254455993260094658069538855875427230575473380664872814242199500527890086092853464270371686385869184249816116248601700397690358585592398162412910, -751681887687496519376062645086290988269867503556637724056603560423474193255164232026755956106024417782854651835316585599337402346461143524154025671989707, 7.52316384526264e-37, 0], [6032443261600613981788543854259123836926830336971803094527945402644254025612712542413636299653573823792930177014767562523084773905042649848397762714980344, 514759699049319332434416455458880129761050389688502952714638126953158121130186708055060830078576096772207625800998356728332240331389528116349768135785841, 0, 87112285931760246646623899502532662132736]]
k= 0x25d46d0bccbc08eafa03912b3f2c206
Generated private key = 0x565ae23651bb5c3141870c7ed367bd270c644ba7227c9975096d16f18ce2f1cd
k= 0x25d46d0bccbc08eafa03912b3f2c206
Generated private key = 0x565ae23651bb5c3141870c7ed367bd270c644ba7227c9975096d16f18ce2f1cd
k= 0x29c9ececdceab18cfba91146e5ded7e
Generated private key = 0x8652756d2bbbf9c014964e0ab7b150fe0b629646426f1172ec2fa2f005ce454d
k= 0x141bf2eb7b3d7b7b5bbf78d4f28bcda
Generated private key = 0x63577c3c016a76d9f81df9606b745bc30be3831923e30ca771f7b25694f9c679
So keys are being generated but not the right one! what am I doing wrong please? Perhaps you could upload your output for comparison/debugging. Thank you |
|
|
|
I wrote the both scripts: create_database_arulbero.py
search_key_arulbero.pyparameters: private key interval: from 1 to 2^32keys stored: 2^32 / 2^7 = 2^25 (1 each 128) bits for each key = 64 size of database: 257 MBtime to create the database: 3 min 55 stime to find the private key of a single random public key in the db: 0.1 - 0.3 s
create_database_arulbero.py#!/usr/bin/env python3
# 2023/Dec/03, create_database_arulbero.py
import secp256k1 as ice
import sys
#############################################################################
# Set the number of public keys to generate
#############################################################################
start_key = 1
num_public_keys = 2**32 #(about 4 billions of keys)
bits_to_store = 64
bytes_to_store = bits_to_store//8
rate_of_key_to_generate = 2**20
rate_of_key_to_store = rate_of_key_to_generate
interval_to_generate = range(start_key, start_key + num_public_keys, rate_of_key_to_store)
interval_to_store = range(start_key,start_key + num_public_keys,rate_of_key_to_store)
binary_mode = 1
#############################################################################
if (binary_mode == 1):
f = open("public_keys_database.bin", "wb") #binary mode
########################################generation#############################################
public_keys=[]
public_keys_complete=list(map(ice.scalar_multiplication,interval_to_generate)) #generates the public keys complete
public_keys=list(map(lambda w: int(w[33-bytes_to_store:33].hex(),16),public_keys_complete)) #extract only the last bytes_to_store
########################################writing the db##########################################
for i in range(0,len(interval_to_store)):
f.write(public_keys[i].to_bytes(bytes_to_store,sys.byteorder)) #writes each key
f.close()
else:
f = open("public_keys_database.txt", "w")
#generation
public_keys=[]
for i in interval_to_generate:
P4 = ice.scalar_multiplication(i)
public_keys.append(P4[33-bytes_to_store:33].hex())
#writing the db
for i in range(0,len(interval_to_store)):
f.write(public_keys[i])
f.close()
# 2023/Dec/03, arulbero_search_key.py
import secp256k1 as ice
import random
import sys
#############################################################################
# Set the number of public keys to generate
#############################################################################
start_key = 1
num_public_keys = 2**32
bits_to_store = 64
bytes_to_store = bits_to_store//8
rate_of_key_to_generate = 2**20
rate_of_key_to_store = rate_of_key_to_generate
split_database = 256 #read only a fraction of the database to speedup the finding of the string
interval_to_generate = range(start_key,start_key + num_public_keys, rate_of_key_to_store)
interval_to_store = range(start_key,start_key + num_public_keys,rate_of_key_to_store)
binary_mode = 1
#########################################################################################
#pk = 0x3243 = 12867
#P = ice.scalar_multiplication(12867)
#P="0x6800b#b8a9dffe1709ceac95d7d06646188c2cb656c09cd2e717ec67487ce1be3"
#############generates random private key and public key#################################
pk= random.randint(start_key, start_key + num_public_keys)
#pk=start_key + num_public_keys-1
P = ice.scalar_multiplication(pk)
print()
print("This is the public key: " + P[1:33].hex())
print("I need to find this private key: "+str(pk))
###################subtraction of : P - 1G, P - 2G, ..., P - rate_of_key*G################
substract_pub = ice.scalar_multiplication(1)
complete_pub= ice.point_loop_subtraction(rate_of_key_to_generate, P, substract_pub)
partial_pub=[] #need only the last bytes_to_store
P2=int(P[33-bytes_to_store:33].hex(),16).to_bytes(bytes_to_store,sys.byteorder)
partial_pub.append(P2)
for i in range(1,rate_of_key_to_store+1):
partial_pub.append(int(complete_pub[(i-1)*65+33-bytes_to_store:(i-1)*65+33].hex(),16).to_bytes(bytes_to_store,sys.byteorder))
################search in database##########################################################
num_bytes = num_public_keys*bytes_to_store//rate_of_key_to_store
size = num_bytes//split_database
s_partial_pub = set(partial_pub)
with open("public_keys_database.bin", 'r+b') as f:
#s=f.read()
for k in range(0, num_bytes, num_bytes//split_database):
f.seek(0,1)
partial_db = f.read(num_bytes//split_database)
l_partial_db = [partial_db[i:i + bytes_to_store] for i in range(0, size, bytes_to_store)]
s_partial_db = set(l_partial_db)
a = list(s_partial_db & s_partial_pub)
if (len(a)>0):
n = partial_db.find(a[0])
if n > -1:
print()
print("Private key found!!!")
private_key = (n+k)//bytes_to_store*rate_of_key_to_generate + partial_pub.index(a[0])+1
if(pk == private_key):
print("It is correct!!!")
else:
print("Collision!")
print(private_key)
P3 = ice.scalar_multiplication(private_key)
pub_key=P3[1:33].hex()
print((pub_key)[:])
f.close()
sys.exit(0)
print("string not found")
This code works very well as does the code on the OP's Github page. |
|
|
|
|
what is the highest scalar (private key) you have found with this method?
What were your settings?.
Thanks
|
|
|
|
|
