amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
September 28, 2015, 09:09:17 AM |
|
But there will be competitors who just wait for the right timing... Yes. There are many ways to get money from your purse. Bitcoin is not the first... And unfortunately not the last
|
|
|
|
RealMalatesta
Legendary
Offline
Activity: 2338
Merit: 1124
|
|
September 28, 2015, 09:14:03 AM |
|
Yes. There are many ways to get money from your purse.
For just one second, you gave me some hope. But then, I opened my purse and there still was no money in it someone could get
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
September 28, 2015, 09:20:02 AM |
|
For just one second, you gave me some hope. But then, I opened my purse and there still was no money in it someone could get Do you have any amount in any crypto? How and when you got it? Did you buy it paying fiat money? Sorry, man. I am too late. Someone already got your money and sold you just digits and hope.
|
|
|
|
RealMalatesta
Legendary
Offline
Activity: 2338
Merit: 1124
|
|
September 28, 2015, 09:42:24 AM |
|
Sorry, man. I am too late. Someone already got your money and sold you just digits and hope.
You mean... you really mean we all are part of one big digital church?
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
September 28, 2015, 10:07:00 AM |
|
You mean... you really mean we all are part of one big digital church? 1) Those are your words, not mine 2) If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.
|
|
|
|
RealMalatesta
Legendary
Offline
Activity: 2338
Merit: 1124
|
|
September 28, 2015, 11:43:55 AM |
|
You mean... you really mean we all are part of one big digital church? 1) Those are your words, not mine 2) If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck. Well, I think Uncle Scrooge is a duck, too....
|
|
|
|
basil00
Member
Offline
Activity: 60
Merit: 10
|
|
September 28, 2015, 01:31:43 PM Last edit: September 28, 2015, 01:52:25 PM by basil00 |
|
It is not possible to stole btc without a knowledge of private key.
My precious coins were protected by the script: OP_1, <pubKey> OP_DUP, OP_2DUP, OP_3DUP, OP_3DUP, OP_3DUP, OP_2DUP, OP_15, OP_CHECKMULTISIG, OP_NOT
To spend you need to find a signature that does not match the pubKey. To be extra sure the script checks 15 times OK, it is really really easy to find such a signature. A 9 byte signature will do: 300602015202015301The aim is to attack the 1.28GB bytes-hashed limit for XT. This is reasonably easy using these kinds of scripts and tx sizes of a few KBs. How can you prove that you did not send the funds to my address to blacken my name? OK, consider it compensation for the coinwallet spam.
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
September 28, 2015, 01:40:08 PM |
|
The aim is to attack the 1.28GB bytes hashed limit for XT. This is reasonably easy using these kinds of scripts and tx sizes of a few KBs. Do you want to switch stealing-bot off just for testing? You see - I play this game with my cards open to everyone
|
|
|
|
basil00
Member
Offline
Activity: 60
Merit: 10
|
|
September 28, 2015, 01:43:09 PM |
|
Nobody will pay for it. Because this is bitcoin.
Funny how some who deeply understand the protocol are not "true believers". I am also not a "true believer". I find it interesting, e.g. thinking of ways to attack it
|
|
|
|
basil00
Member
Offline
Activity: 60
Merit: 10
|
|
September 28, 2015, 01:48:10 PM |
|
Do you want to switch stealing-bot off just for testing?
Part of the test was to see if it would be stolen. The answer was "yes". That's OK, there was only 410bits ($0.10) in total. Next test will protect each input with at least one real sig, so cannot be stolen. It is not quite as efficient though. BTW, do you know if the 60byte sigs (using the special K value) are inherently unsafe, or are only unsafe if used more than once per key (e.g. repeated R-value attack)?
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
September 28, 2015, 01:51:57 PM |
|
Funny how some who deeply understand the protocol are not "true believers". I am also not a "true believer". I find it interesting, e.g. thinking of ways to attack it I told a lot of times that bitcoin network consumes ~$1mln daily only for electricity to process 100k transactions. So the cost for processing and securing one transaction is several dollars! This kind of processing system can not survive in long term. Because it is inefficient and can not be scaled.
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
September 28, 2015, 02:01:46 PM |
|
BTW, do you know if the 60byte sigs (using the special K value) are inherently unsafe, or are only unsafe if used more than once per key (e.g. repeated R-value attack)? unsafe. If I know <R,S> (parts of signature) Z (digest) and K (random) I can get your private key. k = ( digest + r . privkey ) / s k . s = digest + r . privkey k . s - digest = r . privkey (k . s - digest) / r = privkey const MyKey32 MyKey32::getPrivateKey ( const MyKey32& r, const MyKey32& s, const MyKey32& k, const MyKey32& z, const MyKey20& addr ) { static MyKey20 addr1; static MyKey20 addr2; MyKey32 priv = mul ( sub ( mul ( s, k ), z ), inv ( r ) ); priv.getKeys ( addr1, addr2 ); if ( addr1 == addr || addr2 == addr ) return priv; priv = mul ( sub ( mul ( s, sub ( order, k ) ), z ), inv ( r ) ); priv.getKeys ( addr1, addr2 ); if ( addr1 == addr || addr2 == addr ) return priv; xassert ( false ); }
|
|
|
|
basil00
Member
Offline
Activity: 60
Merit: 10
|
|
September 28, 2015, 02:06:08 PM |
|
I think I get it -- it's because K is known.
|
|
|
|
Nancarrow
|
|
October 02, 2015, 12:28:16 PM |
|
I wish more people understood this concept. This type of testing is exactly what bitcoin needs to become stronger. You have to think of different ways to attack bitcoin in order to develop better ways to defend it. What is the purpose to spend time to "defend a broken thing"? Nobody will pay for it. Because this is bitcoin. Nobody will fight to increase the value in your pocket. You are in ponzi scheme. Right now you do not understand it. So it now appears that my implicit defence of amaclin's character may have been premature. No matter. Amaclin is still exposing shaky parts of the protocol, and doing so (so far) in an honest and transparent fashion, so regardless of the motivation, thanks!
|
If I've said anything amusing and/or informative and you're feeling generous: 1GNJq39NYtf7cn2QFZZuP5vmC1mTs63rEW
|
|
|
Zombier0
|
|
October 08, 2015, 08:14:46 PM |
|
The day bitcoin starts blacklisting will be the end of it
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
October 08, 2015, 08:24:39 PM |
|
The day bitcoin starts blacklisting will be the end of it Not so sure. The main thesis is "Nobody cares". What would you do if most of major pools blacklist an address and publish a note that address belongs to a killer? You will do nothing. You even will not ask a proof for this statement.
|
|
|
|
tommorisonwebdesign
|
|
October 08, 2015, 10:07:52 PM |
|
If I were the OP if I wanted to steal somebody's Bitcoins I would look into learning more about programming and networking. Then, you could write a script to steal somebody's private keys. Otherwise There may not be a lot of exploits in the network. People try and get nowhere.
|
Signatures? How about learning a skill... I don't care either way. Everybody has to make a living somehow.
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
October 09, 2015, 04:04:26 AM |
|
If I were the OP if I wanted to steal somebody's Bitcoins I would look into learning more about programming and networking.
Why can not you do it whether you are not the OP?
|
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
October 09, 2015, 12:00:38 PM |
|
Nobody cares. Nobody even know that one pool today does not process transactions to/from some set of addresses.
|
|
|
|
|