 Show Posts
|
|
Pages: [1]
|
Ok, so, when I first found out about this puzzle and started looking into it earlier this year, I was initially working under the assumption that there would be some clues or patterns that could be found to help unlock the remaining wallets... But, of course, I now know what you all already knew: There are no clues or patterns, at least nothing included intentionally by the person who created and funded these wallets... However, I recently revisited my pattern-finding script, looking instead for any bias(es) in the data that I might be able to find (created by the pseudo-random number generator, or by assumptions built into the wallet generator's code, etc) to at least help shrink the given search spaces as much as possible, and I think I may have (possibly, maybe) found one... The problem is that even if I'm right, I just don't have the computing power to test my theory, nor the funds to buy/rent it, and won't for the foreseeable future... So I'm just going to post it here, in the hopes that, if it is useful at all, then whoever uses this to help them open any of the remaining wallets will be generous enough to kick-back a percentage of the winnings (my BTC address is bc1qmzud9l4aedq6h73efaj3vg3fdqhgv8w4ktq0pt)  Ok, so, my theory goes like this: I initially looked at all of the known pkeys (as decimal numbers, not hex) and calculated their location within the given puzzle's search space as a percentage, like this for Puzzle #11: Hex: 0000000000000000000000000000000000000000000000000000000000000483
Hex as Decimal: 1155
Search Space: 1024 to 2047
Percent: (1155 - 1024) / (2047 - 1024) = 12.8% Now, if that math is wrong, then I'm already screwed and you can give-up now  But after doing that for all the known pkeys, and looking at all the results, I didn't see any pattern, so I gave up and moved on to the next possible pattern I could think of... However, when I went back looking for a bias in the data instead of an outright pattern, I believe I have found that certain percentages (when just looking at the whole number... so 12% for the above example, instead of 12.8%) do (seemingly) occur more often than most... I first grouped them by the tens (so 20 for 20-29, and 30 for 30-39, etc) and here's the results: Tens Count Percents
60 13 62,63,64,64,64,65,66,66,66,67,68,69,69
30 9 31,31,32,33,33,35,36,36,38
40 9 40,43,43,44,45,45,46,46,49
10 7 10,12,13,17,17,19,19
90 7 91,92,92,95,95,96,97
80 6 82,82,82,82,82,87
20 6 22,23,23,27,28,28
50 5 50,51,51,54,57
70 5 70,72,72,75,75
0 4 0,6,8,9 So, looking at it that way, you can see that it seems like the 60-69% range hits way more often than the average... But even searching 10% of any given search space is still a crap-ton of brute-forcing to do, so I kept looking and noticed that certain individual numbers show-up more often than others, so next I grouped more simply by just the whole number: Count Percents
5 82
3 64,66
2 17,19,23,28,31,33,36,43,45,46,51,69,72,75,92,95
1 0,6,8,9,10,12,13,22,27,32,35,38,40,44,49,50,54,57,62,63,65,67,68,70,87,91,96,97 And here it appears as though the 82% range occurs way more often than any other, followed closely by 64% and 66% (which occur 3 times each)... Which could (again, theoretically) let you search only 1-3% of any given search space... But, unfortunately, that's still way too much brute-forcing for me to even attempt, given that there's no way to know which of the remaining pkeys will hit these ranges (and so you'd have to try several before finding a hit...) ...and that's assuming that this is a true bias in the data, and not just a coincidence that would even-out over time, which is the other possible way I can think of that this theory could completely fail: Maybe all the keys that could be found within the eighty-two-point-something percent range of their search space (for example) have already been found, leaving the others that have only hit once or twice so far to "catch up", statistically speaking... Anyway, am I just an idiot, or does this make any sense to y'all...? |
|
|
|
ok, I'm looking at getting a GPU and trying BitCrack now, but before I do I wanted to know what I can expect... according to this post ( https://bitcointalk.org/index.php?topic=4453897.msg56953547#msg56953547) then if I got an RTX 3090 I'd be looking at roughly ~1800Mh/s... so, to search the whole range of Puzzle 67 (for example), how long would that take...? because my math says ~1300 years... is that right? |
|
|
|
We can either try to brute-force the pkeys, and/or we can try to reverse-engineer (also by some amount of brute-force, I guess) and recreate the process by which the pkeys were created... I just can't quite grok what's happening here  Let me explain more... [snip] Thank you for your answers to my posts, they've been helpful  I'm curious how many of these you've solved with this method of seeding the random with specific values; was it only #50? I'd like to review all your posts (and some other users' too) but whenever I go to your profile and click either "Show the last posts of this person" or "Show the last topics started by this person" I don't get any results  ...this silly thread where lately only a bunch of newbies divide some public keys.
This is me NGL  |
|
|
|
I managed to prove experimentally on 5 different computers that everything is in seed. You can speed up solving the puzzle by a million years if you know the correct seed. And the best thing is that you can always achieve the same result in the same time. Proof is in the pudding. PC-1 - [Kangaroo]: Wed Oct 11 11:51:00 2023
- [Puzzle]: 50
- [Lower range limit]: 562949953421312
- [Upper range limit]: 1125899906842623
- [Xcoordinate]: f46f41027bbf44fafd6b059091b900dad41e6845b2241dc3254c7cdd3c5a16c6
- [Ycoordinate]: eb3dfcc04c320b55c529291478550be6072977c0c86603fb2e4f5283631064fb
- [Using 4 CPU cores for parallel search]:
- [Core]: 03, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
- [Core]: 01, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
- [Core]: 04, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
- [Core]: 02, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
- PUZZLE SOLVED: Wed Oct 11 11:51:18 2023, total time: 18.38 sec, Core: 04
- WIF: -0000000000000000000000000000000000000000000000000022bd43c2e9354
--snip-- @nomachine after successfully proving to myself (I'm a bit behind the curve here) that anything I thought was a pattern/clue to solving this puzzle was just part of the maths inherent in the system, I'm now of the mind that this is correct... We can either try to brute-force the pkeys, and/or we can try to reverse-engineer (also by some amount of brute-force, I guess) and recreate the process by which the pkeys were created... Which is likely possible given that A) you appear to have done it at least once already for puzzle 50 above, and B) the person who claims to have created this said themselves that "It is just consecutive keys from a deterministic wallet"... That is, assuming the the words "consecutive" and "deterministic" apply accurately and weren't just used colloquially... Anyway, I've looked through the code you posted (which I've snipped-out for brevity)... Is that python? I'm afraid IDK python... Which version are you using? 2.3 or newer, I assume? And can you explain more about what exactly is happening here: #Random seed Config
#constant_prefix = b'' #back to no constant
#constant_prefix = b'\xbc\x9b\x8cd\xfc\xa1?\xcf' #Puzzle 50 seed - 10-18s
constant_prefix = b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
prefix_length = len(constant_prefix)
length = 8
ending_length = length - prefix_length
with open("/dev/urandom", "rb") as urandom_file:
ending_bytes = urandom_file.read(ending_length)
random_bytes = constant_prefix + ending_bytes
print(f"[+] [Core]: {core_number+1:02}, [Random seed]: {random_bytes}")
random.seed(random_bytes) ...it looks like you start with whatever this is, a hard-coded byte string or something? b'\xbc\x9b\x8cd\xfc\xa1?\xcf' ...and then you go on to read more, random bytes from some file on disk? As a Windows/C# guy, I just can't quite grok what's happening here Any help would be much appreciated |
|
|
|
This puzzle is very strange. If it's for measuring the world's brute forcing capacity, 161-256 are just a waste (RIPEMD160 entropy is filled by 160, and by all of P2PKH Bitcoin). The puzzle creator could improve the puzzle's utility without bringing in any extra funds from outside - just spend 161-256 across to the unsolved portion 51-160, and roughly treble the puzzle's content density. If on the other hand there's a pattern to find... well... that's awfully open-ended... can we have a hint or two? I am the creator. You are quite right, 161-256 are silly. I honestly just did not think of this. What is especially embarrassing, is this did not occur to me once, in two years. By way of excuse, I was not really thinking much about the puzzle at all. I will make up for two years of stupidity. I will spend from 161-256 to the unsolved parts, as you suggest. In addition, I intend to add further funds. My aim is to boost the density by a factor of 10, from 0.001*length(key) to 0.01*length(key). Probably in the next few weeks. At any rate, when I next have an extended period of quiet and calm, to construct the new transaction carefully. A few words about the puzzle. There is no pattern. It is just consecutive keys from a deterministic wallet (masked with leading 000...0001 to set difficulty). It is simply a crude measuring instrument, of the cracking strength of the community. Finally, I wish to express appreciation of the efforts of all developers of new cracking tools and technology. The "large bitcoin collider" is especially innovative and interesting! Ok, so, I'm really hoping someone can help me out here... I just learned about this puzzle a few weeks ago, and have since been writing scripts to try and find as much of the "pattern" used to generate these keys as possible, because I was convinced (mainly by this post at first) that there must've been a pattern, given the seemingly perfect incremental nature of the Log2 of each known private key (if you look at the whole number part, ignoring the decimal place)... And also, I think I was influenced by the fact that this is called a puzzle, and a puzzle is supposed to have, you know, clues and things that help you solve it, or at least a logic to it that is "figure-out-able"... But I digress... Fast forward to yesterday, when I stumbled across the above post... If we assume this person is telling the truth, that they are "the creator" of this puzzle [1], and that "there is no pattern", and that they simply used "a deterministic wallet" to generate "consecutive keys"... Well, then, I'm stumped... I mean, first of all, what kind of wallet software can you use to "randomly" generate 256 keys that are all perfectly spaced apart, with Log2 values that just happen to be exactly incremental by one each...? Unless it's a total coincidence that, so far, all the solved keys just happen to have incremental Log2 values, and we'll eventually solve a key that doesn't...? (one which is either a duplicate of the previous one, or skips one whole number entirely, etc) And then there's the fact that all of the hex values (as strings, minus the leading zeros) all appear to be grouped into groups of 4 by character length...? (e.g. the first 4 hexes are all 1 character long, the next 4 are all 2 characters long, etc...) I mean, am I wrong that it doesn't seem to me like math with no pattern whatsoever would just happen to work-out that way? Are these "patterns" that I think I'm seeing really more coincidental (and not purposeful) as I imagine them to be? Or is this actually all an artifact of the cryptographic process and the math that powers Bitcoin...? That for Bitcoin to work properly, there is, in fact, some amount of pattern in the chaos? I'm much more likely to believe that these keys were actually generated by a script (or some process of some sort) written/designed by the person who created this, and that even if they didn't intend for there to be a pattern, there is one [2], and so maybe there's more to it that can still be discovered, to help lower the search space of each key even more that we already have... But maybe I only think that because I want there to be a way to solve a puzzle that doesn't actually contain any clues, or have any internal logic, and must simply be brute-forced, a feat that even the LBC has struggled to make very much progress towards... So, help me out here, what do you think? Are these "patterns" that seem to be "clues" really either just coincidence, or artifacts of the formula and algorithms powering the system...? Or are they real patterns injected by the human who created this puzzle (intentionally or not), and could there be something else in the data that we just haven't noticed yet? And maybe more importantly, what does a process for generating a puzzle like this even look like? Can you really ask a wallet software for 256 random but evenly spaced private keys, or would you have to script some amount of the process? I feel like if I can reverse engineer the creation process from the currently known data/results, it could help me figure-out if there's more to the pattern, or no pattern at all... [1] A claim seemingly verified by the fact that the funds did actually move from the higher wallets to the lower unsolved wallets a few months later... Though of course that doesn't prove that they're the person who actually moved them, but then why would the real creator give this person credibility by doing for them what they promised us they'd do...? [2] If only because people are known to be inherently bad at creating real randomness, and often inject patterns into things they make... |
|
|
|
Hi Legends_Never_Die -- Thx for the reply! You are trying to generate a master private key > ExtKey. Ah, I see. I'm afraid I've never heard of a "master private key" before... Do you know how would I generate a... well, now I don't know what to call it... but a "regular" private key from a hex? I just need to give NBitcoin that hex and then get the expected address from it, and I was using this StackOverflow as an example, which is using `ExtPubKey` to generate a public key from some kind of hash, so I "extrapolated" (aka assumed) that `ExtKey` would be the private key version of that... But I guess that was wrong Although one of the overrides for `new ExtKey()` does take a `hex` param, so I really thought I was on the right track... And I checked out that link to csharp.hotexamples.com you posted (thank you for that) but I can't seem to navigate that site very well to get to any other pages that might be helpful (I tried the search, but almost everything I tried gave me a 404)... I do see this on that page: var walletKey = new NBitcoin.Key(); ...and I'm guessing that could be mean I just need to use a `Key()` instead of a `ExtKey()`...? but `Key()` doesn't seem to take a hex value at all... and `Key.Parse()` takes a WIF, but I'm not sure how to generate a WIF from a private key hex either, so, yeah, I'm still stumped... why are you trying to build from scratch when there are ready to use open source tools, with great performance? If you mean use an existing puzzle solver, well A) to learn all this stuff, but also B) I really don't know where to find existing ones...? And the code I've seen posted here all looks like C or C++ that I'm not very familiar with, so I wouldn't know how to modify any of it to do what I want... Thanks again for the response, and let me know if you can help me get from a private key (in either decimal or hexadecimal form) to the funded address using C# ... doesn't even have to be with NBitcoin, that just seems to be the most popular Bitcoin lib for .NET
Did it! Thanks to this SO post I finally found: https://stackoverflow.com/questions/74753526/get-private-key-from-a-biginteger-in-nbitcoinSo I can use the decimal version of that hex, 2683, and do this: var bytes = new BigInteger(2683).ToByteArray();
Array.Resize<byte>(ref bytes, 32);
Array.Reverse(bytes);
new Key(bytes)
.GetAddress(ScriptPubKeyType.Legacy, Network.Main)
.ToString(); ...which returns the expected (previously funded) address of "1DBaumZxUkM4qMQRt2LVWyFJq5kDtSZQot", and the added bonus is that I don't have to convert the BigInteger numbers I already had into HEX strings after all [moderator's note: consecutive posts merged] |
|
|
|
Hi -- Is anyone here familiar with NBitcoin for .NET? I basically only know C# so I'm hoping someone can help me with this one step I'm stuck on... I'm testing with puzzle #12 just to see if I can generate the right address from the now-known private key... Private key and funded address are listed as: 0000000000000000000000000000000000000000000000000000000000000a7b
1DBaumZxUkM4qMQRt2LVWyFJq5kDtSZQot However, the following code keeps giving me a different address: var hex = "0000000000000000000000000000000000000000000000000000000000000a7b";
var privateKey = new ExtKey(hex);
// these all give me: "1JThwYZMjCqbpi3QPNAToGdbSLWoUdhdJi"
privateKey.GetPublicKey()
.GetAddress(ScriptPubKeyType.Legacy, Network.Main)
.ToString();
privateKey.PrivateKey
.GetAddress(ScriptPubKeyType.Legacy, Network.Main)
.ToString();
privateKey.PrivateKey
.PubKey
.GetAddress(ScriptPubKeyType.Legacy, Network.Main)
.ToString();
privateKey.PrivateKey
.GetScriptPubKey(ScriptPubKeyType.Legacy)
.GetDestinationAddress(Network.Main)
.ToString();
privateKey.PrivateKey
.GetWif(Network.Main)
.GetAddress(ScriptPubKeyType.Legacy)
.ToString(); Thanks in advance... I was making really solid progress all morning, then hit this inability to generate an address I can reliably use to match against the known-funded addresses of the remaining puzzles, and without that I'm basically dead in the water... I can guess all the private key hashes I want, within the range I want (for puzzle #66 currently), but who cares if I can't verify whether I hit the right one?! |
|
|
|
|
