Well I'd started and my F***** RAID just crashed.
So I may as well share it.... if I understand it correctly.......
It seems that it may have a similar weakness to the zip format.. if I'm not mistaken.
public override bool DecryptWithPassphrase(string passphrase){
.....}
If we look down we see:
byte[] checksum = sha256.ComputeHash(utf8.GetBytes(passphrase + "?"));
if (hex[2] != 0x80) {
if ((checksum[0] & 0x7f) != hex[2] || (checksum[1] & 0x7e) != (hex[3] & 0x7e)) {
return false;
}
}
It seems we can recover a partial solution, because if it is NOT a partial solution the above will fail.
By getting the products up-to this stage, popping them over the serial port to an fpga...... and since Bitcoin is DOUBLE sh256
We can get two engines cycling thrugh the Sha256 keys for the range AAAAA-zzzzz ( actually by splitting the space over two devices we can half the searchtime with a brute it becomes 190102016
Each time we get a 'hit' from the above, we pop it back to the computer to drop it into the code that follows the above code in "DecryptWithPassphrase"
so even with a XUPV5 I can get over 500MHS through the key address space
52*52*52*52*52=380204032
0.76 seconds Unless my maths have broken down.
Like I say my development env. crashed so I've nothing to test with.
This part of the code doesn't even run when doing the decryption. It has nothing to do with the problem. The code you need is in Bip38KeyPair.cs. Anyway, doing SHA256 on the entire input range takes about 100 seconds, so that's more or less what you could save (out of decades) by offloading such calculations (if they exist). I just read this: On modern hardware and with default parameters, the cost of cracking the password on a file encrypted by scrypt enc is approximately 100 billion times more than the cost of cracking the same password on a file encrypted by openssl enc; this means that a five-character password using scrypt is stronger than a ten-character password using openssl.https://www.tarsnap.com/scrypt.htmlThere's no way anyone is going to crack this via simple brute force. A dictionary attack is the only plausible option. If the password is a random jumble of lowercase and uppercase characters, I doubt anyone will crack it. Perhaps for the first clue casascius will say if the password is random or meaningful. |
|
|
|
|
Modified your software into a script that tries all combinations...
Then realized it will take 36 years to run.
So a much more efficient calculation method would be needed.
|
|
|
|
With litecoin it takes 24 blocks to get the same security on your transaction as bitcoin does in 6 blocks. There is no way to speed up time.
That's not how it works. 6 confirmations is considered secure because someone with 10% of the hashrate has a tiny chance of catching up from 6 blocks behind. It doesn't matter how much time each block takes because the relevant process is non-temporal. Assuming sustained 10% attacker hashrate, 6 confirmations in Litecoin is as secure as 6 confirmations in Bitcoin. This is clearly explained in Satoshi's paper. But yeah, it's not a significant feature, for other reasons. 10%? How does this work? I thought you need 51% to overwhelm the network with your view of the blockchain. And isnt it so that 6 confirmations give nearly no higher security than 1 or 2 confirmations? I thought so till now. Thats why smpake can exist i thought. You can always attempt to double spend, and your chance to succeed depends on your hashrate and the number of confirmations the receiver waits for. With >50% you always succeed (given enough time) no matter how many confirmations are used. With <50% you can fail. With 10% you have some chance if the merchant waits for 1-2 confirms, but with 6 confirms you'll almost certainly fail. 1-confirm txs are practically safe because there aren't many people with 10% hashrate. But if you receive a 10K BTC transaction you'll want to wait for more confirms, depending on how much hashrate an attacker is likely to have (and again, if he has >50% all bets are off). |
|
|
|
With litecoin it takes 24 blocks to get the same security on your transaction as bitcoin does in 6 blocks. There is no way to speed up time.
That's not how it works. 6 confirmations is considered secure because someone with 10% of the hashrate has a tiny chance of catching up from 6 blocks behind. It doesn't matter how much time each block takes because the relevant process is non-temporal. Assuming sustained 10% attacker hashrate, 6 confirmations in Litecoin is as secure as 6 confirmations in Bitcoin. This is clearly explained in Satoshi's paper. But yeah, it's not a significant feature, for other reasons. |
|
|
|
|
Looks correct. There are a few things to nitpick but they are acceptable for pedagogical purposes.
One thing however I think is simply not true: "The block chain is stored in a Merkle tree data structure" - the transactions within each block are stored in a Merkle tree, the blocks themselves are not.
|
|
|
|
 does not work for me with fox. chrome is ok. I can't reproduce, for me it works on both. Though strangely, it now takes 10-20 seconds to load, earlier it was faster. |
|
|
|
For the purpose of researching the Quantitative Analysis of the Full Bitcoin Transaction Graph paper, Adi Shamir and Dorit Ron have parsed the blockchain data, put it in a query-friendly database and built some tools to analyze it. The particular metrics they have so far chosen to extract from this data, and their interpretation of them, have been the subject of some criticism. However, now that they have this infrastructure for analysis, they would like to leverage it to analyze more useful metrics. They are asking the Bitcoin community - what information do you want to try to extract from the transaction graph? |
|
|
|
|
In Hebrew it is usually simply transliterated as ביטקוין.
There is also a translation of sorts, transliterated as "Matbit", and written מטביט or מטבית.
|
|
|
|
Given a transaction, what methods exist to detect which of the outputs is most likely to be the change? How do different clients choose the order of the outputs? Assuming no order information can be used, what kind of other heuristics can be used? We can assume that no custom anonymization techniques are used. Among other things it means that there will be at most 1 change output. Looking at some transactions I've made, it looks like Bitcoin-qt always puts the change first, and blockchain.info MyWallet always puts the change last. Do they consistently do so? What about other clients? Some suggested heuristics: 1. In sendmany, if the outputs have simple integer ratios between them, the transaction is likely to be some proportional distribution, and the one output which isn't an integer multiple of the GCD is the change. Example: In this transaction, all outputs are a multiple of 0.01648442, except for the change. 2. Change outputs are likely to have more decimal places (or be otherwise more complicated). Example: In this transaction, 114 is the real transfer, while 7.527 is the difference which has 3 decimal places since that's what the input had. 3. (Assuming no anonymity-targeted coin selection): The change must be lower in value than all inputs (otherwise that input would not have been selected). This is especially useful for transactions where multiple coins are combined. 4. Transactions involving addresses known to belong to some service can have their own rules to be deduced on a per-service basis. Any other suggestions? |
|
|
|
|
Just in case you're unaware - the first ever Bitcoin block is block 0, and the first block with a reward of 25 BTC is 210000.
|
|
|
|
Some people are interested in microtransactions, and we have to say that Bitcoin doesn't really support microtransactions due to blockchain bloat problem. (You can certainly send tiny amounts, but txn fees will eat you alive.)
When people mention microtransactions (or instant confirmation) I tend to refer them to my Trustless, instant, off-the-chain Bitcoin payments suggestion, which I believe is a foundation for solving both problems. Given this I have no qualms saying Bitcoin supports microtransactions. Also, Meni's proposal of pruning away outputs which are still alive would be a major problem for colored coins/smart property ("oh, you cannot sell you car anymore, it was pruned away, miners won't approve this transfer now"). So I want to find some alternative to it Hm, I never thought of this. I guess this is solvable in a color-friendly alt; it would have a mechanism to associate a colored output with an uncolored output that will pay upkeep on its behalf. |
|
|
|
I have also added an sha256 hashed version of the lists given to me by GLBSE. The list has been obfuscated so that you can easily find your record but not know others records.
I'm not sure this is a great idea. With such a list. If you know someone's email address you can know his number of bonds. What's worse, even without knowing someone's email address, you can sometimes find his email address and the number of bonds. Emails don't have that much entropy and SHA256 is fast. With a GPU working the case you should be able to deanonymize many of the claimants. Bitcoin addresses also have very little entropy once they're in the blockchain. Once those addresses are paid by anyone, you can run over all 7M addresses and match them to the hashes. The Bitcoin address - shares association is likely to become public knowledge anyway. The Email - Bitcoin, however, shouldn't be, and the way this list is written it makes it easy to find in many cases. |
|
|
|
Meni, you're definitely wrong. There is a constant trade back price for a Single ($599) and a MiniRig ($15295) - until March 31th.
Yes. As I said BFL has chosen to trade in these devices at their original ticket price. This has nothing to do with what those devices would trade for in the secondary market if it weren't for these upgrade plans, which is what I was talking about in the last few posts. Nor does it have anything to do with the output generated from them until the upgrade. I've already addressed all the moving parts here and have suggested a "fair for everyone" solution (keep it separate until the upgrade, upgrade each at the trade-in value). |
|
|
|
@Meni even with pre-processed texts there are problems, like layout issues. p.ex. when the same text shifts by one word so every line looks different. adding new line breaks to list of tolerated exceptions would do the trick but not with my tool.
etc.
I imagine that new paragraphs would have two line breaks. So what about replacing double line breaks with a temporary character, removing all line breaks, and replacing the temporary character with a line break? Then every paragraph would be in a single line. Would it help to obtain the original TeX? |
|
|
|
I know and mentioned it in the OP. The problem is that as far as I know it doesn't do anything salient when the halving arrives. |
|
|
|
Could you use the images in the 'Lets count to 21 million with images' thread as the count down?
I don't consider this a desirable feature. |
|
|
|
Thank you so much.
Meni, you made my day. The first share payout since the Mess started. What a relive.
Thank you.
You're welcome. I guess I made some kind of record then Sadly the problems are far from over as most bondholders still haven't been paid. I hope Nefario can provide more data soon. |
|
|
|
Coupon payment for blocks 201935 to 209327 was sent to bondholders in Nefario's first list. 0.0164844138 BTC per bond were paid to 6943 claimed bonds, for a total of 114.45128549 BTC. Transaction is f69173bf19362f7aff12081e41f119fd30b4e43bb39f837c1274e67bedf4915d. The change address is 1JPFCUtH2gcADar9xi3A9vStTr9Ba5XKvy. (Note: One payment address was changed at the signed request of its owner.) Now we wait. |
|
|
|
@Meni I had it 'outsourced' this time after I failed few weeks ago. This is a summary I translated into English from the report I received. I did not specify that it should be in English nor that I want to have it formatted in any special way. You're interested in what, seeing paragraphs next to each other from v1.0 and 1.1 so you can see the changes for yourself? Now that I know what changed this could be easy.
Yes, skipping large blocks of text that remained the same. Something like molecular's diff. PS myself I know what changed, but other people may be interested in clearly seeing the improvements. |
|
|
|
|
Show Posts
