Bitcoin Forum
July 02, 2022, 02:12:45 PM *
News: Latest Bitcoin Core release: 23.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1] 2 »
1  Other / Meta / Private Access Tokens instead of Captcha on: June 28, 2022, 07:26:54 AM
Hello

As site is using Cloudflare, are you aware of the new feature implemented by Apple (and soon by Google), to "skip" some captcha by "authentication token" from the device?
Some technical details are available here:
https://developer.apple.com/videos/play/wwdc2022/10077/
and here https://www.fastly.com/blog/private-access-tokens-stepping-into-the-privacy-respecting-captcha-less

It is not a big problem on the forum (captcha is for login only, as far as I know), but still interesting feature.
2  Other / Meta / Session expiration on: June 25, 2022, 06:43:51 PM
Hello

Recently I have started receiving a red message "session expired" when I try to post a new message to the forum. Was there any change or something is wrong with my browser?
I have never had that problems before, but recently I have started using extension "Vytal" which manipulates geolocation data (https://vytal.io/). Could it be related to that?
3  Bitcoin / Bitcoin Technical Support / BTC address generated in ETH-way (keccak) - spendable? on: June 21, 2022, 07:39:43 AM
Hello,

My question is maybe similar to that topic [https://bitcointalk.org/index.php?topic=5403115.0], but I prefer to ask separately.
We know that typical legacy address is made from pubkey -> sha256 -> ripemd160. On the other hand, ETH address is made from pubkey -> keccak -> "ending".

Now, if someone created a bitcoin address based on keccak, is it possible to spend from that address?
We have private key, we have pub key, we know how address was generated based on that data - but I assume there is no way to create a transaction if it was not a op_hash160, right?

Pubkey:
Code:
7742f3eaa9307dfee8e8014dd6dc31c39c9dc9a779a611cbd0d3aa04fa0ddc0f607a1cd271d23b310f307862a78810e4c1639914522a987b878f2f88dfd073f7
keccak256 (pubkey)
Code:
1afd36967111a4912770ff7600c40fe2095423509b9fd9b754323158af2310f3
let's take "00c40fe2095423509b9fd9b754323158af2310f3" as a pubkey hash (like it would be hash160), it gives us address [1153sdWpXn3yaFHnQKJYwdRiwhFwVcisAg].

Coincidence? Someone's mistake? Just a test?
It would be interesting to know if we may create addresses using "custom" hash methods.
4  Bitcoin / Meetups / Brussels Blockchain Week (June 20-25), Brussels, Belgium on: June 18, 2022, 06:18:13 AM
Event website: https://blockchainweek.be/

The upcoming Blockchain Week conference to be held in Brussels. The conference will bring together some of the greatest minds in the blockchain and crypto-currency space to discuss the future of these technologies. Attendees can expect to learn about the latest innovations, hear from industry experts and network with other professionals.

Key speakers
at the Blockchain Week conference in Brussels
Maria Eisner Pelch
Senior Manager Solutions at CONCORDIUM

Sebastien Gouspillou
Co-Founder and CEO at BigBlock Green Services

Pierre Person
MP of Paris

Matthew Nelson
CEO at Arivu Digital Limited

Evelyn Mora
Founder and CEO at Digital Village

Jérôme Tychey
Founder and CEO at Cometh

Florian Ernotte
Co-founder at Cryptomonnaie.be

Alexandre Stachtchenko
Co-founder Blockchain Partner Director Blockchain & Crypto-assets at KPMG France
Co-founder & Board-Member at 'ADAN
5  Economy / Trading Discussion / How crypto giant Binance became a hub for hackers fraudsters & drug traffickers on: June 17, 2022, 10:28:30 AM
Last week's article from Reuters:
https://www.reuters.com/investigates/special-report/fintech-crypto-binance-dirtymoney/

Some obvious statements. some interesting facts. Good to read.
6  Alternate cryptocurrencies / Altcoin Discussion / NFTs seized by police on: June 08, 2022, 12:44:06 PM
Belgian police announced that for the first time in their history they seized NFT as a part of "fortune" (together with gold and silver coins worth €346000 and some crypto) related to money laundering case.

https://www.brusselstimes.com/justice-belgium/234830/nfts-seized-by-police-for-the-first-time-ever-in-belgium

Which means, now crypto and NFTs are treated as a "normal" assets.
7  Economy / Trading Discussion / Stackingsat - anyone? on: May 23, 2022, 08:06:06 AM
Hello

Recently someone told me about https://stackinsat.com/ as a good solution for DCA? Is anyone using that? They say they take only 1.5% commission, I do not know what are withdrawal fees but I was told it is much lower that usual fee for withdrawal from exchanges.
I strongly consider using them (SEPA is for free and it is just a matter of weekly/monthly transfer from bank) but I wonder if you heard about it and have any opinion.
8  Bitcoin / Development & Technical Discussion / Brainwallets re-checked on: May 16, 2022, 07:34:55 AM
Hello

Inspired by recent discussions about brainwallets (https://bitcointalk.org/index.php?topic=5396293.0) and (https://bitcointalk.org/index.php?topic=5396801.msg60015668) I decided to repeat the famous excercise of retrieving 18k brainwallets. It was an interesting experience to build a GPU program for that purpose.
I have used list of used addresses for 8th of May (http://alladdresses.loyce.club/all_Bitcoin_addresses_ever_used_sorted.txt.gz) and database of 15462473182 passphrases "all_in_one_p" (https://weakpass.com/all-in-one). I was also considering using extended list of phrases (the one which contains unprintable/special characters) but finally I decided that maybe I will do it later. Because of number of target addresses and memory limitations I had to launch program several times, using each time 30mln addresses for a bloom filter - larger database would make the whole process 3 times longer and I did not expect very different results.
For now, results are only for legacy addresses, today or tomorrow I will launch the same search but for p2sh and bech32 addresses. I am not sure if we may expect any significant number of results.
Results so far: 18995 addresses. I did not check each of them, but from what I observed, many of them were emptied in 2016.
Address 12AKRNHpFhDSBDD9rSn74VAzZSL3774PxQ from phrase "1" is still alive Wink and probably used by bots.
I have uploaded the results there: https://github.com/PawelGorny/BrainwalletsPhrases
If you see strange/suspicious phrase in "legacy_words.txt", try to find it in the file "legacy_results.txt", to see if it was not a address or privkey incorrectly extracted. Unfortunately, for some compresses addresses I have lost the phrase (I had a bug during saving to file, around 20% of compressed addresses has no phrase) - but WIF is there.
9  Bitcoin / Development & Technical Discussion / Empty blocks on: May 15, 2022, 08:23:06 AM
So, things like that happens even today, when mempool is full:

https://mempool.space/block/00000000000000000003ca025b0f616f3c78635f3b8f7f45f791b308661ee0a9

Why like that? What happened? Accident or acting on purpose?
10  Local / Alternatywne kryptowaluty / LUNA, Terra, UST on: May 12, 2022, 03:58:24 PM
Ja się na tym wszystkim nie znam, ale czy ktoś może mi wytłumaczyć z grubsza co się stało z LUNA? Wszystko wyparowało?
Token/altcoin czy co to tam jest przyjął swoją rzeczywistą wartość czyli 0?  Cool
11  Bitcoin / Electrum / ELectrs on WSL 1/2 on: May 05, 2022, 09:46:21 AM
Hello

Is there any known problem with running electrs on WSL 2?
I have Debian WSL 1 and all works, after migration to WSL2 server does not start (cannot connect to daemon or has RPC problem, dunno).
When I migrated back to WSL1, all works.
I do not need WSL2, but I am curious what's going on. Any ideas?
12  Bitcoin / Development & Technical Discussion / Comparing Jacobian/Affine points on: April 28, 2022, 07:31:07 AM
Hello,

Please correct me if I am fundamentally wrong, but recently I was wondering about one thing - is it possible to somehow compare points from two different representations? We know that theoretically Affine point (xa,ya) could come from operations on Jacobian point (xj/zj^2, yj/zj^3). On the other hand, Jacobian (x,z,y) from Affine would be just (xa, ya, 1).

I would like to compare Affine point (AP) with a given Jacobian point (JP) - or at least exclude possibility that JP would be converted into given AP.

In other words: https://github.com/bitcoin-core/secp256k1/blob/master/src/secp256k1.c
We have JP (secp256k1_gej) and to receive "well-known" public key (through secp256k1_ge), we must launch launch:
Code:
secp256k1_ec_pubkey_create_helper + secp256k1_pubkey_save
which basically is (forget variables names, operations are important):
Code:
secp256k1_fe_sqr(&zi2, zi);
secp256k1_fe_mul(&zi3, &zi2, zi);
secp256k1_fe_mul(&r->x, &a->x, &zi2);
secp256k1_fe_mul(&r->y, &a->y, &zi3);

secp256k1_fe_normalize_var(&ge->x);
secp256k1_fe_normalize_var(&ge->y);
secp256k1_fe_get_b32(pubkey->data, &ge->x);
secp256k1_fe_get_b32(pubkey->data + 32, &ge->y);

Now, the question is:
Is there any step where I may stay (or operations I may skip) in that path (Jp->AP pubkey), if for a given generated Jacobian Point (secp256k1_gej) I want to exclude/ (or confirm) possibility that JP will == known public key? If I convert my pubkey into secp256k1_ge, which is basically (x, y, 1), may I compare it with unprocessed secp256k1_gej ?

13  Local / Polski / krypto-krypto bez podatku także przed 2018 on: April 20, 2022, 07:49:03 AM
Wiemy już że jest konieczność podatkowa przy przejściu z krypto do fiat, a z krypto do krypto nie. Gwoli formalności zostało dziś zatwierdzone że dzieje się tak też dla zdarzeń przed 2018 rokiem, gdy nie było to jeszcze ściśle zdefiniowane.

https://www.bankier.pl/wiadomosc/Kryptowaluty-a-podatek-Jest-korzystny-wyrok-NSA-dla-inwestorow-8321252.html

14  Other / Meta / Notification triggered by ignored user on: March 26, 2022, 11:54:24 AM
Is there a way to disable notifications about the new post, if it comes from ignored user?
On the topic page, the content is hidden, but for the each new post I receive an email (with post content inside).
15  Local / Polski / Zaginął Sylwester Suszek (ex-BitBay) on: March 26, 2022, 07:50:23 AM
Policja informuje że od 10 marca nie ma kontaktu z Sylwestrem Suszkiem. Po "spotkaniu biznesowym" w Czeladzi wsiadł do nieznanego samochodu i odjechał w siną dal.

https://tvn24.pl/katowice/zaginal-sylwester-suszek-polski-krol-bitcoinow-5649517

Ktokolwiek widział, ktokolwiek wie.
16  Economy / Economics / Larry Fink (BlackRock) predicts end of globalisation and crypto-boom on: March 25, 2022, 07:21:25 AM
As Financial Times wrote, Fink in his annual letter to shareholders of BlackRock tries to predict future. As war changes a lot, he wrote some of his thoughts and what is especially interesting for us, he sees cryptocurrencies as a one of "winners" of the current situation.
Quote
A global digital payment system, thoughtfully designed, can enhance the settlement of international transactions while reducing the risk of money laundering and corruption.

I have no idea how good his predictions were in the past, but at the end he is on the place he is... So I guess he does not make many mistakes in his conclusions.

Full article here: https://www.ft.com/content/0c9e3b72-8d8d-4129-afb5-655571a01025

17  Other / Meta / Problem with plugin uBlock Origin on: March 18, 2022, 09:46:05 AM
Hello

Using Opera I have started (yesterday?) having strange error/behavior - some parts of webpage has been "missing". I was able to find the cause going to private mode (without plugins). It appeared that plugin "uBlock Origin" is protecting so much that hides content which should not be hidden.
The result:
normal (with plugin):

without plugin:


Anyone had a similar issue before?
18  Bitcoin / Development & Technical Discussion / A few words about minikeys on: March 16, 2022, 01:06:51 PM
I must admit that until recently I was not aware of existence of mini-private-key format... I have found information about it accidentally and I decided to play a little with it.
So, just to recall some information:
The size of 'physical' items forced creators to find a way how to encode information about Bitcoin private key on a small area. Typical WIF, which has more than 50 characters would be too long. So, the new format has been created. Initially minikeys had 22 characters, later 30 characters. What is similar to WIF is that minikeys are build based on Base58 characters - that format excludes characters which looks similar to other, what could be problematic for user. That way, for example, characters like 'l' (lowercase L) or 0 (zero) and O (uppercase o) are excluded. Later, creators decided to exclude "1", so in fact the new format "base57" is used. And just a detail - minikeys starts with a letter "S".
The main difference between WIF and minikeys is that WIF encodes the exact private key, while minikey is in fact more like "brainwallet" phrase - the ways to restore private key is completely different. In case of WIF all we need is "base58 decoding" to retrieve information about private key (and additionally information if we had correct WIF, so decoded private key is really the one we look for). In case if minikey we must calculate hash of a key, just like we do with brainwallets.
What is also interesting, is that minikeys also has some kind of verification if input (the text found on physical item) is correct. Verification is based on fact, that not each combination of characters could be treated as a valid minikey - only when "extended" minikey produces hash which starts with "00" in hex.
All hashes on minikeys are sha256.
Let's take an example (we will work on short keys, 22 characters):
ScatCATcatCATcatCATcat
We must verify if key is correct, to get this information we calculate hash of key "extended" by appending character "?" (question mark).
Code:
sha256(ScatCATcatCATcatCATcat?) = 2dbe5cf8ac83725536cbb3d74a89dec34dd5c57af867431745449119f49788ec
Because hash starts with "2d", "ScatCATcatCATcatCATcat" cannot be used as a valid minikey;

SkK5VPtmTm3mQKYaJQFRZP
Code:
sha256(SkK5VPtmTm3mQKYaJQFRZP?) = 00442b142a40eefcd894b0bb6f19c58284f2e7248cee7e4910cd37afbfc7879a
Now we see that SkK5VPtmTm3mQKYaJQFRZP is a "correct" minikey. Then we may calculate hash to retrieve the real private key:
Code:
sha256(SkK5VPtmTm3mQKYaJQFRZP) = f30c1ddd12ea91bd35d5d1b83eac611717d99da826f207c3c3d4839e271648cb

That key gives uncompressed public key
04bf2d4231ca9ec2a49664f5b821bd44ad6cb38c6393936f1e3a6a8f4e0ee81686666e952387a4d d63a2ac7fb8c63737a9c4be142a186c1496d7013569c028143c
which produces hash160 fc258e14e4d1705f4c5a1f77e9a693531de82553
which could be converted into address 1PzEGi7a6UEGCAXtGjZj8kBX2VEHcLMrqd.

Now, let's ask how safe it is. I will focus on famous Cascascius coins - the list of coins (produced and already 'opened') is available online: https://casascius.uberbills.com/ and https://casasciustracker.com/
From serie 1, which was based on short keys (22 characters) and full base58, there are slightly less than 5000 coins still unopened.
I was aware of only one tool to brute-force minikeys and try to attack them knowing public addresses of coins - it was Keyhunt by @albert0bsd (https://bitcointalk.org/index.php?topic=5322040.0)
Just for fun and programming exercise I decided to prepare a small tool for "attacking" Cascascius, but using GPU. Working, but probably not extremely optimized program is available here: https://github.com/PawelGorny/MinikeyCuda
Program may work in two modes - random or sequential.
Sequential processing is very similar to typical WIF solving, where we change character by character and test the result. Initially we test if minikey is eglible for processing (if hash of key+? produces 00), then we hash again to generate the private key. Then we verify if private key produces address we look for. Statistically every 1/256 minikey is "correct" and produced private should be tested.
On my dev card rtx3060 I have performance of about 8mln keys/s, which gives around 30k/s 'valid' keys,
Random mode works quite differently - using GPU we produce bunch of 'valid' keys and then we check all of them. That way we may check much more keys, but we are not able to verify if we do not have duplicates. The corresponding performance is about 600-750k/s.
But what is the possibility of successful attack? Let's calculate:
For short keys, we have 58^21 possibilities = 1,076435e+37. As statistically 1/256 keys are valid, we must test 4,204824e+34 keys.
If we are able to test 500k/s and we are sure we will not have duplicated work, we need:
1 401 608 248 902 228 061 589 725 886 minutes, which gives 2 666 682 360 925 091 441 380 years (if I am not mistaken) to test all the keys.
Calculations for longer keys (30 characters) are left to the reader.
In other words - if you are in the possession of one of coins, I think you may sleep safe.

But if (I have no idea if situation like that may occur) you have lost part of your key, 6-7 characters, maybe more - it would be possible to recover it.
19  Bitcoin / Hardware wallets / Trezor - seed extraction on: March 05, 2022, 08:06:37 AM
Hello

Is there any "legal" way to retrieve (again) the seed, after Initial Backup process has finished?
I am aware of some "hacking" ways, brute-forcing PIN etc., is there any way how to do it with Suite? Or any other kung-fu way, even with firmware modification, but purely programmatically?
The official FAQ says "NO" (they advice to migrate to new seed & transfer coins), but maybe someone knows the way...
20  Other / Off-topic / Zwift on: February 23, 2022, 08:42:58 AM
Hello, any ZWIFTers here?
Pages: [1] 2 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!