Bitcoin Forum
April 28, 2024, 05:21:27 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Development & Technical Discussion / == Bitcoin challenge Puzzle : Seed bruteforce attemps on: March 17, 2024, 12:06:27 PM
There has been several attempts to solve this bit range Puzzle https://bitcointalk.org/index.php?topic=5218972.0 through bruteforce of PrivateKey either the Address itself or the PubKeys through Kangaroo and BSGS algos.

This thread is another approach (a very slow one) which goes through the exact same procedure by which these puzzles were generated at the first hand. Creating the Wallet -> Mnemonics -> Seed -> List of Privatekeys -> Masked Privatekeys -> Check for known privatekeys collision.

Code : https://github.com/iceland2k14/btc_words/blob/main/seed_puzzle.py

This is more of an alternative exercise where if successful then all the remaining puzzles of ~ 1000 BTC will be solved all together. I know the probability of success is nearly zero. But still wanted to try to see how fast we can do it and what are the hurdles in this way. Any existing tool with what speed?

There are some assumptions which i think maybe correct/incorrect. Every opinion with logic could help in understanding more.
1. Wallet was new and puzzles 1-256 should corresponds to the Address index 0 to 255 from the wallet. Creator is very careful in making it. So this assumption maybe correct.
2. These Keys are sequentially generated by masking deterministic wallet privatekeys. So if any collision can be found with 10 masked Keys that is most likely the Correct seed.
3. The Puzzles are from year 2015 so the entropy bits could be either 128 or at max 192. Very little chance for 256.
4. Mnemonics used might have been English words, most probabilistic scenario.
5. Keys are generated using the standard BIP44 path with No Hardened Address route.

Assumption 2, 3, 4, 5 are dynamic and can be changed in the code easily. But if assumption 1 is incorrect then it is more difficult.

BTW, Just in case if the collision happens then you would see a result something like this image.
2  Bitcoin / Project Development / ECDSA signature R,S,Z values on: May 17, 2022, 02:12:21 PM
Sometimes i needed the RSZ values of BTC Signatures for testing and understanding and calculation purposes.
A python3 script RSZ is made available in github.


The script parse the data of rawtx to fetch all the inputs in the transaction and reconstructs the unsigned message for each of them to find the Z value. The result is given as R,S,Z,Pubkey for each of the inputs present in the rawtx data

If txid is given, instead of rawtx then blockchain API is used to fetch the details of rawtx and then R,S,Z is calculated

How to Use:
Code:
python getz_input.py [-h] [-txid TXID] [-rawtx RAWTX]

Output Using the txid
Code:
(base) C:\anaconda3\RSZ>python getz_input.py -txid 82e5e1689ee396c8416b94c86aed9f4fe793a0fa2fa729df4a8312a287bc2d5e

Starting Program...
======================================================================
[Input Index #: 0]
     R: 009bf436ce1f12979ff47b4671f16b06a71e74269005c19178384e9d267e50bbe9
     S: 00c7eabd8cf796a78d8a7032f99105cdcb1ae75cd8b518ed4efe14247fb00c9622
     Z: 9f4503ab6cae01b9fc124e40de9f3ec3cb7a794129aa3a5c2dfec3809f04c354
PubKey: 04e3896e6cabfa05a332368443877d826efc7ace23019bd5c2bc7497f3711f009e873b1fcc03222f118a6ff696efa9ec9bb3678447aae159491c75468dcc245a6c
======================================================================
[Input Index #: 1]
     R: 0094b12a2dd0f59b3b4b84e6db0eb4ba4460696a4f3abf5cc6e241bbdb08163b45
     S: 07eaf632f320b5d9d58f1e8d186ccebabea93bad4a6a282a3c472393fe756bfb
     Z: 94bbf25ba5b93ba78ee017eff80c986ee4e87804bee5770fae5b486f05608d95
PubKey: 04e3896e6cabfa05a332368443877d826efc7ace23019bd5c2bc7497f3711f009e873b1fcc03222f118a6ff696efa9ec9bb3678447aae159491c75468dcc245a6c

Output Using the rawtx
Code:
(base) C:\anaconda3\RSZ>python getz_input.py -rawtx 01000000028370ef64eb83519fd14f9d74826059b4ce00eae33b5473629486076c5b3bf215000000008c4930460221009bf436ce1f12979ff47b4671f16b06a71e74269005c19178384e9d267e50bbe9022100c7eabd8cf796a78d8a7032f99105cdcb1ae75cd8b518ed4efe14247fb00c9622014104e3896e6cabfa05a332368443877d826efc7ace23019bd5c2bc7497f3711f009e873b1fcc03222f118a6ff696efa9ec9bb3678447aae159491c75468dcc245a6cffffffffb0385cd9a933545628469aa1b7c151b85cc4a087760a300e855af079eacd25c5000000008b48304502210094b12a2dd0f59b3b4b84e6db0eb4ba4460696a4f3abf5cc6e241bbdb08163b45022007eaf632f320b5d9d58f1e8d186ccebabea93bad4a6a282a3c472393fe756bfb014104e3896e6cabfa05a332368443877d826efc7ace23019bd5c2bc7497f3711f009e873b1fcc03222f118a6ff696efa9ec9bb3678447aae159491c75468dcc245a6cffffffff01404b4c00000000001976a91402d8103ac969fe0b92ba04ca8007e729684031b088ac00000000

Starting Program...
======================================================================
[Input Index #: 0]
     R: 009bf436ce1f12979ff47b4671f16b06a71e74269005c19178384e9d267e50bbe9
     S: 00c7eabd8cf796a78d8a7032f99105cdcb1ae75cd8b518ed4efe14247fb00c9622
     Z: 9f4503ab6cae01b9fc124e40de9f3ec3cb7a794129aa3a5c2dfec3809f04c354
PubKey: 04e3896e6cabfa05a332368443877d826efc7ace23019bd5c2bc7497f3711f009e873b1fcc03222f118a6ff696efa9ec9bb3678447aae159491c75468dcc245a6c
======================================================================
[Input Index #: 1]
     R: 0094b12a2dd0f59b3b4b84e6db0eb4ba4460696a4f3abf5cc6e241bbdb08163b45
     S: 07eaf632f320b5d9d58f1e8d186ccebabea93bad4a6a282a3c472393fe756bfb
     Z: 94bbf25ba5b93ba78ee017eff80c986ee4e87804bee5770fae5b486f05608d95
PubKey: 04e3896e6cabfa05a332368443877d826efc7ace23019bd5c2bc7497f3711f009e873b1fcc03222f118a6ff696efa9ec9bb3678447aae159491c75468dcc245a6c

Limitations (Might Not Work for):
  • Very Old Signatures
  • When Witness Data is present in Signatures
  • ETH or any other AltCoins

Ideally i might try to Update to include more not working cases, but No Promises  Wink
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!