🧠 Looking for Real Signature Dataset with < 4-bit Biased Nonces (Educational Pu

[sdfasdf]

🧠 Looking for Real Signature Dataset with < 4-bit Biased Nonces (Educational Purposes)

Hello Bitcointalk community! 🙋‍♂️

I'm currently learning how nonce bias can leak ECDSA private keys. I'm especially interested in real-world datasets where the nonces used in Bitcoin or similar systems were biased by less than 4 bits — for example, 1-bit, 2-bit, or 3-bit biases.

I'm looking for:

Real signatures where the nonce k is biased

Known private key (d) for testing recovery

Bias type clearly labeled (MSB OR LSB)

Dataset in a simple JSON format (see below)

If anyone has experimented with or generated such datasets, especially where 1-bit bias led to successful private key recovery, I would love to learn from them. I’m not asking for any private or wallet keys, just clean test vectors for education.

https://github.com/bitlogik/lattice-attack

How low-bit biases (e.g., 1–3 bits) can leak d

How many signatures are really needed per bias level

What attack methods (HNP, lattice, ML) are used in practice

How to reproduce or validate the bias-to-d-leak pipeline

Thanks in advance to anyone willing to share or discuss!
I'm purely doing this for research and learning, and I'm happy to share my findings and scripts if there's interest.

Also, if you've worked on private key recovery from biased nonces, I’d love to know:

✅ How many biased signatures did you need to recover d for:

1-bit bias?

2-bit bias?

3-bit bias?

🧠 What attack method did you use?

Hidden Number Problem (HNP)?

Lattice (LLL, BKZ)?

Custom optimization?

⚙️ What hardware was used?

CPU (how many cores / threads)?

GPU (which model)?

RAM needed?

⏱️ How long did full recovery take?

From dataset input → full private key output

Any optimization tricks that helped?


Sample (Example Answer I'm Hoping to See):

Edit:
Bit bias: 2-bit (msb or lsb)
Signatures used: 80
Method: Lattice + BKZ-25 reduction
Hardware: Ryzen 7950X + 64GB RAM
Time: ~6 minutes (including preprocessing)
Success: Full d recovered



If anyone has written GPU code or CPU thread-enabled code,

BKZ reduction : block size = ?  # your recommend size

[sdfasdf]

🧠 Looking for Real Signature Dataset with < 4-bit Biased Nonces (Educational Purposes)

Hello Bitcointalk community! 🙋‍♂️

I'm currently learning how nonce bias can leak ECDSA private keys. I'm especially interested in real-world datasets where the nonces used in Bitcoin or similar systems were biased by less than 4 bits — for example, 1-bit, 2-bit, or 3-bit biases.

I'm looking for:

Real signatures where the nonce k is biased

Known private key (d) for testing recovery

Bias type clearly labeled (MSB OR LSB)

Dataset in a simple JSON format (see below)

If anyone has experimented with or generated such datasets, especially where 1-bit bias led to successful private key recovery, I would love to learn from them. I’m not asking for any private or wallet keys, just clean test vectors for education.

https://github.com/bitlogik/lattice-attack

How low-bit biases (e.g., 1–3 bits) can leak d

How many signatures are really needed per bias level

What attack methods (HNP, lattice, ML) are used in practice

How to reproduce or validate the bias-to-d-leak pipeline

Thanks in advance to anyone willing to share or discuss!
I'm purely doing this for research and learning, and I'm happy to share my findings and scripts if there's interest.

Also, if you've worked on private key recovery from biased nonces, I’d love to know:

✅ How many biased signatures did you need to recover d for:

1-bit bias?

2-bit bias?

3-bit bias?

🧠 What attack method did you use?

Hidden Number Problem (HNP)?

Lattice (LLL, BKZ)?

Custom optimization?

⚙️ What hardware was used?

CPU (how many cores / threads)?

GPU (which model)?

RAM needed?

⏱️ How long did full recovery take?

From dataset input → full private key output

Any optimization tricks that helped?


Sample (Example Answer I'm Hoping to See):

Edit:
Bit bias: 2-bit (msb or lsb)
Signatures used: 80
Method: Lattice + BKZ-25 reduction
Hardware: Ryzen 7950X + 64GB RAM
Time: ~6 minutes (including preprocessing)
Success: Full d recovered



If anyone has written GPU code or CPU thread-enabled code,

BKZ reduction : block size = ?  # your recommend size

i need 1-bit, data.json if successful recover d some one provide dm  
Where can find 1-bit data.json available publicly the data was needed to solve d.