OK, try to answer the following questions so we know what you are trying to do:

• Do you have a native Segwit Address (starting with bc)? If so please give this address
• Has this address been used before to send funds? If so, we can show you how to obtain the public key. If not, it is not possible since we only know a hash of the key, not the key itself.

But most importantly: why? What are you trying to do? Seeing all your posts here you are trying to "calculate" the private key based on a known public key. If that is indeed the case you have been told multiple times that won't happen..

Exactly, I would like to see what @achow101 thinks of that.

Signing messages is a very important part of asymmetric encryption, especially digital signatures. Digital signatures were invented long before Bitcoin came to life. Here are some of the milestones in the history of digital signature technology:

• 1976: Whitfield Diffie and Martin Hellman first described the idea of a digital signature scheme, but they only theorized that such schemes existed
• 1977: Ronald Rivest, Adi Shamir and Len Adleman invented the RSA algorithm, which could be used to produce a kind of primitive digital signature
• 1988: Lotus Notes 1.0, which used the RSA algorithm, became the first widely marketed software package to offer digital signatures
• 1999: The ability to embed digital signatures into documents is added to PDF format
• 2000: The ESIGN Act makes digital signatures legally binding
• 2002: SIGNiX is founded and becomes the most broadly used cloud-based digital signature software
• 2008: The PDF file format becomes an open standard to the International Organization for Standardization (ISO) as ISO 32000. Includes digital signatures as integral part of format.

Without the signing ability to Bitcoin would not be able to do a single transaction so I think calling it useless is far from the truth. In the specific case of signing a text message it is a proven way to come forward as a person in possession of the private key needed for singing without disclosing the key itself. So I would call it pretty clever instead of useless.

A miner is the one who sets the address to where the coinbase (newly generated coins) should be paid out to. If a miner wants this to be the same address for every found block that's within the rules of the Bitcoin protocol. In the beginning there was just bitcoin core as software for mining which used a different address for every mined block, that's why you see a lot of different addresses for coinbase payouts in the first year. If you would look at the current blocks payouts to the same address happen a lot.


Both the linked blocks were found in succession (height 70459 and 70460). So what could have happened the later block was found just a few seconds after the first one. The bitcoin protocol has a target to find a block every 10 minutes on average, that doesn't rule a block can't be found just seconds after a previous one.

You also have to realize the miner is also the one who sets the timestamp for the block, so it is even possible the blocks were found further apart in time but the timestamp was just set "incorrectly".

If you continue your study you will also find that there are two coinbase-transactions with the same transaction-id. That's something that was a real glitch and has been fixed in the protocol so it can't happen again.

Hope this was clear, if not please ask more

Thanks for the info.

Still weird though, I went from 112 activity to 126 activity last Friday (July 3rd) and from Member to Full Member (or at least on my profile). I wasn't able to use my own avatar before that date. According to this https://bitcointalk.org/index.php?topic=178608.msg1861412#msg1861412 topic you need to have at least 120 activity so I'm not sure how I could have become full Member on June 10th when my activity was below 120? Or is the list only based on the number of merits?

I went from member to full member as well in the last week but I don't see my name mentioned. Is there something I'm missing?

The title of this post is how I imagine lots of (new) people visiting this boards think. In this post I would like to list a number of ways these gold diggers think how they might get rich quick. If you are on the hunt yourself please read on to get a feeling what you are up against.

[I found my wallet.dat file again!]
Mostly found in the Bitcoin Technical Support section. Like these:
https://bitcointalk.org/index.php?topic=5256437.0
https://bitcointalk.org/index.php?topic=5254636.0
https://bitcointalk.org/index.php?topic=5246039.0
https://bitcointalk.org/index.php?topic=5249142.0
https://bitcointalk.org/index.php?topic=5248295.0

In general they are posted by new accounts claiming to have found an old computer/usb/backup or whatever containing a wallet.dat which is password protected but they forgot the password. All that's left between them and all the juicy BTC is a password that needs to be brute forced.

In reality chances are extremely big they got tricked/scammed in buying a tampered wallet.dat file which will never be unlocked.

Please realize the difference between: my password should either start by "mary" or "Mary" because that was my girlfriend back then and followed by 4 or 5 digits versus I have no idea what the password is and what the length it could be.

Advice: If you did buy a wallet.dat and ask for help in this forum include that fact, don't make up stories that won't hold if you get questions asked. Also: be prepared you got scammed.

[Let's generate a private key already in use]
Mostly found in Bitcoin Discussion section or Development & Technical Discussion. Like these:

https://bitcointalk.org/index.php?topic=5254171.0
https://bitcointalk.org/index.php?topic=5253012.0

There are a lot of addresses out there with fat balances and the only thing standing between you and all those bitcoins is one simple Private Key.
So, lot's of questions get asked if it is possible to generate a private key already in use. And you know what, in theory it's possible. And that's where the gold diggers stop their reading and start firing up their questions.
It all boils down to this: could you win every single lottery world wide for 50000000000 times in succession? In theory you could, but you know that's not going to happen.

I've even seen suggestions where forum members used Vanity Address generators to look for a full bitcoin address, hoping they got lucky  

Advice: Try to get a feeling how many different private keys / addresses are possible and then ask yourself if you still want to go hunting for a duplicate.

[Public key is known, so Private Key is up for grabs]
Popular in Development & Technical Discussion currently mostly because of this thread:

https://bitcointalk.org/index.php?topic=5244940.0

Don't get me wrong: there is nothing wrong with the linked EDCLP solver thread. It's just the way gold diggers translate this very
specific use case to: "Ah, so when a Public Key is known the Private Key can be calculated with enough computing power".

Just to be clear: Under very specific and intentional created circumstances a private key can be calculated based on the public key. The algorithm to do so will only work when it is known what the search space for the private key is. In other words: you know up front there are a limited possibilities what the private key can be. And that circumstance will only be met when it was done intentionally, for instance for a brute forcing puzzle.

Advice: Don't waste your time running your GPU or multiple GPUs to find a private key when there is not guarantee it is limited in possible values. No matter if you know the public key or not.

[Some software messed up, so the Bitcoin protocol must be broken]
A bit more exotic, Development & Technical Discussion is a good candidate section. A recent example:

https://bitcointalk.org/index.php?topic=5258113.0

Just because some software/wallet/script contains a bug doesn't mean the bitcoin protocol itself is bugged. So for instance if a wallet messes up by creating an anyone-can-spend transaction that doesn't mean you all transactions in the blockchain are magically up for grabs.

Advice: Try to comprehend a bug entirely before jumping to the conclusion you can use it to get rich.

[Puzzle transaction will make me rich]
Popular in Development & Technical Discussion currently mostly because of this thread:

https://bitcointalk.org/index.php?topic=5244940.0

Who doesn't like a good puzzle? I sure do! And the linked thread still has a lot of BTC available for those who can solve some of the harder puzles.
The only problems is: all simple/medium puzzles have been solved already. So the really hard ones are left. You probably will need a lot of computing/GPU power and cheap energy or the cost will be higher than the reward.

Just to give you an impression: the last puzzle from the linked topic was solved using 256 Nvidia V100 GPUs, the hardware alone costs around $250,000. The reward for solving/brute forcing was 1 BTC.

Advice: puzzles are fun! So with lots of people playing meaning it will be extremely hard to win/solve anything left.

[Brainwallets: come up with new ones]
Topics are usually either in Development & Technical Discussion or Bitcoin Discussion section.

Brainwallets-hacking got big when Brainflayer was released. I made an entire site myself two years back with all brainwallets I found myself. Check out this thread:

https://bitcointalk.org/index.php?topic=4768828.0

A lot of brainwallets have been found and emptied in the past years. Billions of brainwallet-candidates are in the lookup tables of bots ready to scoop up any transaction made to a brainwallet address.

Advice: Brain wallets are fun to study. But don't expect to find an undiscovered one especially with any balance left.

[Conclusion]
There is no get-rich-quick way using bitcoin in a way that hasn't been thought of before. And even if you come up with a way do you really want to STEAL bitcoins that aren't yours? How would you feel if you wake up one morning to see your own bitcoins to be stolen? I'm not here to tell you what you should do or should not do, the choice is ultimately yours alone!

That being said, some fun puzzles, brainwallets, challenges are an excellent way to dive deeper into the inner workings of bitcoin. So you will learn a lot when you do so, just don't expect to get out filthy rich

I'm doing the exact same thing as you describe for my custom parser. This is in python:

This works like a charm so I guess you are doing something wrong. Hard to tell what since you didn't share any code.

@pooya87: Thanks, I had the exact same thought before so I pasted the values in an online SHA-1 generator but I guess it was treated as text instead of hex so I got two different values. Even tried it backward (Little Endian to Big Endian) but again no collision.

Sometimes it's just too simple Thanks for helping me realize I'm not crazy after all..

Like all of his posts he is trying to find a way to get rich quick, lacks any skills and trying to let others do the work for him.


Ok, here is a public key, 130 bytes uncompressed:

Please prove us all wrong by "finding"  the private key for this  public key. Until then I would trust the answer of pooya87..

Sorry for the late response, I was on a trip for a few days.

Can you point me to where the actual values I was asking for are in that topic? I read all the replies and the linked articles from there but I could'nt find what I was looking for (or maybe I missed it).

So to be clear: I'm looking for the following

Input 1 - > SHA 1 -> Hash #1
Input 2 - > SHA 1 -> Hash #2

Where Hash #1 == Hash #2 (otherwise it wouldn't be a collision).  In that case, what are the values for Input 1 and Input 2?

Hi all,

I like a good puzzle now and then and I stumbled upon this script rewarding anyone who could find a SHA-1 collision:
In simpler terms: Provide two values which give the same result when hashed with the SHA-1 algorithm.

On February 23, 2017 all the unspent outputs which match the decodescript were claimed:
So obviously a collision was found. Fun-fact: when you dive into the SHA-1 collision history you find that a collision was found on that exact date for the first time. So someone was quick on applying it to this challenge. By the way: Google said it took about 6500 years of CPU-capacity or about 110 year of single GPU capacity to find the collision.

The SigScript has the following value:

I tried to look at the two values which hash to the same SHA-1 result but was unable to find a match. So my question is: which values are in there which I should compare to successfully find a collision?

That would have made sense if the linked blocks 2,3,4 where actually for 1,2,3. In that case he just would have started counting from 1 instead of 0. But that is not the case. Just check the links yourself where block 1 (so not the genesis block) is skipped:

Why did you come to this conclusion? Do you mean the coins from the coinbase transaction (hash 0e3e2357e806b6cdb1f70b54c3a3a17b6714ee1f0e68bebb44a74b1efd512098) of block 1? Beacuse these coins are prefectly spendable as long as you have the private key. Just as the extra .34597579 deposited to the address (12c6DSiU4Rq3P4ZxziKxzrL5LmMBrzjrJX).

The only coins proven not to be spendable are the 50 BTC rewarded for the Genesis block (block 0) with a hash of 4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b. This is because although the transaction is in the blockchain, it was not added to the UTXO database. It is unclear if this was a bug or if this was intended. Hower all the 13+ BTC which have been deposited to the public key/address associated to the genesis block can be spent if you have the private key.

I'm more into tech than math so once again thanks for these numbers! Pointing things out like this gives a measurement to "yeah, it's possible but not likely".

No they are not, transactions are stored on the blockchain. All transactions curretly unspent for which you can produce a valid unlocking script are yours to spend. A wallet keeps a collection of keys you need to unlock those unspent transcations, so no bitcoins themself are stored in a wallet.

You are almost describing a wallet like it is a bank account, where one acccount holder has one account number. This is not the case in bitcoin. See my previous comment about a wallet. One wallet is usually made up by a lot of "addresses". Addresses are not "encrypted", they are an encoded version of the public key (To not further complicate things I'm not talking about addresses which are the representation of the hash of an unlocking script.)

What??? Do you have any idea how many transactions there are in a block in general? This would also mean I could sent you 1 satoshi in a transaction and 1 btc would be genrated out of thin air for the miner :S Anyway, mining is done on a block basis, miners get the block award (currently 6.25 btc) plus all the transaction fees.

There is a lot more of wrong information in your post. It doesn't matter that you don't know these things at the moment but you made it look like you were answering the question of your topic in a way that contains a lot of bogus.

So you say you have the private key but you mean you have the encrypted Private Key using BIP38? Because if you have the private key than you've got all you need. Just to check does your private key start with a 6?

Ok, so you are trying to steal the funds (50 BTC) from the coinbase-transaction of block 1? And that didn't work out (gosh!) and now you want us to help you with your stealing plans? (Hint: good luck with that!)

Thanks for these numbers. I see a lot of "get rich fast" posts/questions from new members to this forum lately in which they think it is possible to find private keys to well funded addresses by bruteforcing. I think most of these questions arise when people just don't have a grasp about the near infinite candidates. So I'm probably gonna use your number example as reply in the future to point out there's a difference between "theoretical possible" and "practictal feasible".

Bitcoin.org was never registered by Satoshi, it was registered by Sirius (Martti Malmi). They knew eachother from the cryptography mailing list. The domain was registered before the whitepaper was even published.

The domain was registered using https://www.anonymousspeech.com