Vanity Address Generation

[Luceo]

I'm willing to generate vanity addresses for people using my GPU. I can do up to 7 characters, case sensitive generation. An example would be in my signature, Calumon being the Digimon which appears in my avatar. I used the particular case in the signature because I couldn't use calumon or Calumon (no lowercase 'l') or CALUMON (no uppercase O or 0).

I have performed this service for Adamas on this forum.

This address generation service works by hashing out a lot of addresses with private keys randomly until the desired string is found. The addresses take the form 1DesiredVanityStringBunchOfOtherStuff.

Rules for Addresses (this is to prevent visual ambiguity):
- No uppercase 'I'
- No lowercase 'l'
- No 0 or uppercase 'O'

Security:
- There is an inherent trust issue with allowing vanity addresses to be generated by other users, which is that there is no way (that I know of -- let me know if there is a way) for me not to gain access to the private key generated for your address, which would theoretically allow me access to any BTC stored at that address.
- I will close the terminal window the private key is generated in, wipe it from my clipboard and delete all record of it (because I wouldn't want my computer to get compromised and cost you any BTC). You will have to trust that I have done this, because it's incredibly difficult to prove one way or the other, short of live-streaming the generation process (which would, of course, make the generation much slower).
- However, it is recommended, because of these trust issues, that large sums of BTC are not stored in vanity addresses. They are best used as donation addresses in signatures (like mine) which usually receive sub-1 BTC microtransactions.

Method:
- I will be using oclvanitygen on a mildly overclocked nvidia 5-series GPU. This takes approximately 5 hours to generate a 7-character vanity address (such as 1CaLuMoN... or 1Adamas1...) and significantly less time for a shorter one.
- I can send the output by private message, by e-mail or (preferably) by IRC query (freenode). I suggest that you delete the message as soon as you have imported the key so that nobody can compromise it and gain access to your Bitcoins.

Prices:
- 1 BTC for 7 character vanity addresses
- 0.25 BTC for shorter vanity addresses
- 0.5 BTC to ssh into your server and import the private key, to avoid having to send the key at all (you must have ssh working and bitcoind installed and running)

[Luceo]

I'm using oclvanitygen, which is made by the same author as vanitygen but (as the name suggests) runs on OpenCL.

The -f option just allows you to insert a bunch of patterns to create multiple addresses, as far as I know (I've only ever used oclvanitygen for one address at a time).

The -e option allows you to encrypt with a password, but you'd still have to trust that I'm not saving the password so I'm not sure how it would remove the trust issue. It may, however, be a better way of sending the priv keys. I could privatepaste the file and e-mail the password so that any would-be hacker would have to compromise your forum account and e-mail account to steal the key.

Help output:
(2:506)$ ./oclvanitygen
oclVanitygen 0.17 (OpenSSL 1.0.1c 10 May 2012)
Usage: ./oclvanitygen [-vqrikNTS] [-d <device>] [-f <filename>|-] [<pattern>...]
Generates a bitcoin receiving address matching <pattern>, and outputs the
address and associated private key.  The private key may be stored in a safe
location or imported into a bitcoin client to spend any balance received on
the address.
By default, <pattern> is interpreted as an exact prefix.

Options:
-v            Verbose output
-q            Quiet output
-r            Use regular expression match instead of prefix
              (Feasibility of expression is not checked)
-i            Case-insensitive prefix search
-k            Keep pattern and continue search after finding a match
-N            Generate namecoin address
-T            Generate bitcoin testnet address
-X <version>  Generate address with the given version
-e            Encrypt private keys, prompt for password
-E <password> Encrypt private keys with <password> (UNSAFE)
-p <platform> Select OpenCL platform
-d <device>   Select OpenCL device
-S            Safe mode, disable OpenCL loop unrolling optimizations
-w <worksize> Set work items per thread in a work unit
-t <threads>  Set target thread count per multiprocessor
-g <x>x<y>    Set grid size
-b <invsize>  Set modular inverse ops per thread
-V            Enable kernel/OpenCL/hardware verification (SLOW)
-f <file>     File containing list of patterns, one per line
              (Use "-" as the file name for stdin)
-o <file>     Write pattern matches to <file>
-s <file>     Seed random number generator from <file>

[area]

There's a discussion about how to outsource address generation without trust required at https://bitcointalk.org/index.php?topic=56839.0 which you may like to read.

[Luceo]

I am talking about pipes, idk what OS your using but you want to pipe in the pattern (aka "-f -") so you don't know, then the output can be sent to a file which ANOTHER program would encrypt and using /dev/random you can get a seed to create a random string to make the password, but how do we know your legit, you are just a JR memeber and, scams are on the raise so it be in your best interest to look into protecting the user and yourself.

You don't know I'm legit, that's my major concern because I obviously haven't proved myself. I only have three successful trades and to all intents and purposes they are microtransactions.

If I'm understanding you right, basically you're talking about a script to run something like:

1. Decrypt your input pattern file with a key
2. Pass your decrypted input pattern to oclvanitygen and output to a file (./oclvanitygen -f yourfile -o newfile)
3. Encrypt 'newfile' with a password I don't know, and e-mail you newfile and the password
4. Delete newfile and yourfile from my local file system

What I'm saying is, even if I do that, the customer has to believe that I am doing that. There's no way I can prove that I'm not just taking the output, manually encrypting it and sending them the encrypted file. This does create a better security mechanism which makes it probably worth trying (I might try to script this on perl over CGI so that the user can order vanity addresses online), but doesn't remove the trust issue.

There's a discussion about how to outsource address generation without trust required at https://bitcointalk.org/index.php?topic=56839.0 which you may like to read.

I'll take a look, might give me some ideas but I'm not an OpenCL programmer so if it requires the development of new programs, the most I'll be able to do is offer a bounty on it.

[Luceo]

You have to pipe input from somewhere and to somewhere, it can't come out of thin air or be piped into thin air.

Somewhere can be a file, an input or a variable from a remote method call, but in any of these cases the customer is going to have to give me (or my script) the data and trust me to give them the output.

Ergo, they are going to have to believe that the script does what I say it does.

Can you give me a detailed example of how this can be handled with no trust requirement?