btcaddr.me - Bitcoin Address Identicon

[mskwik]

Hm, I always check the beginning and end of each address. Do I still need this?

That depends on how many characters you memorise. If it's about 10, you should be fine, otherwise creating a collision would take just a few bitcoins worth of hashing. You can read more about it in my master thesis around page 66 - https://bitcointalk.org/index.php?topic=88149 .

It is however better than checking an equivalent number of characters just at the beginning since it includes the checksum part of the address.  It could be just as good as checking the identicon depending on how many bits you would need to get a similar-looking identicon.  Both the address checksum and the identicon are based on parts of a hash of the address, it's not clear without examining the identicon source further how many bits you would need to generate another that looks "close enough".

[mskwik]

So I did download the source and take a look at it.  Seems to me you would need to match about 32 bits to look fairly similar (like so someone may not notice if it had changed between site visits) up to about 48 bits to look fairly similar even comparing them side by side.  Mathematically this puts it roughly similar to checking 7 digits at the end of the address.

As a short example here's 12 bits matched which only takes a couple minutes (plus I skimped a little on the prefix):

1BoatSLRHtKNngkdXEeobR76b53LETtpyT


1BoaDLmiNMdQJKe34nbbvJDCqAmpD1adMN


I do like the idea, the human brain does seem to be wired to remember (and recognize if they change) colors and shapes better than random characters, just trying to quantify the results somewhat.

[mskwik]

Replying to myself again , but just for fun if we disregard prefix we can fairly easily match 32 bits:

1KbhFQVEUk8wMVtiuBURZAQ1PXnsDUqcag


1EEwcrjaJkWLLZDuZA2Rhob3aVM8NwY5tR



or 40 bits:

1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R


1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj


Not going to try for 48 bits on the CPU, but with OpenCL code on a GPU it shouldn't be bad either.

[nelse87]

Thank you for your comments, everyone! I would like to emphasize that the project is just a proposition made during one Saturday after ThePiachu master thesis inspired me. It wasn't well tested for colisions though. However, I'm happy that this thread is growing and ideas for upgrades appear.

mskwik, thank you for your tests. I didn't think your way: that when the project become popular people may rely mostly on identicon rather that prefix thus they may stop checking it. Now, identicon is made from string made from double sha1 on address. I'm not sure what can be done to make collisions rarer. Maybe you would like to push to github your code?

I realize this has no practical purpose, but can you make the identicon into something cute?

More broadly, if you could do QR codes that are shaped like bunny rabbits and pandas, then the whole QR scheme might become more interesting to 50% of the population.

That would be quite an interesting idea, although it would probably be way harder to implement than random geometric shapes...

Interesting idea. I came across: http://robohash.org/ - cunicula you thought about something like this?

[nelse87]

1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj
http://robohash.org/1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj.png

1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R
http://robohash.org/1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R.png

[mskwik]

1MB2HBuzi4LQ9XZwtQ3GzRGombGx72LUPZ


1F9UeZCMcSfdYpVwSFfbaWQxK4p7FER79k


 


Not really familiar with github but here is the script I was using:

Code:

#!/usr/bin/perl

use Digest::SHA;$|=1;
open(VG, "./vanitygen -q -k 1 |");
while(<VG>){print $_;chomp($_);
  $msg=$_;if(/Address: (.*)/ig){$addr=$1;
    $hash=Digest::SHA::sha1_hex(Digest::SHA::sha1_hex($addr));
    $id=substr($hash,0,2);
    $id.=hex(substr($hash,2,1))%8;
    $id.=hex(substr($hash,3,1))%4;
    $id.=hex(substr($hash,4,1))%4;
    $id.=hex(substr($hash,5,1))%2;
    $id.=int(hex(substr($hash,6,1))/4);
    $id.=int(hex(substr($hash,8,1))/4);
    $id.=int(hex(substr($hash,10,1))/4);
    $id.=int(hex(substr($hash,12,1))/4);
    $id.=int(hex(substr($hash,14,1))/4);
    $id.=int(hex(substr($hash,16,1))/4);
    $id.=hex(substr($hash,18,1));
    print "Identicon: $id              \n";
    if($seen{$id} ne ''){
      print "Match found\n".$seen{$id}."\n$1\n";exit;
    }$seen{$id}=$1;
  }
}

That's picking 32 bits out of the hash for the identicon string, to add more bits and get more accurate I would add more bits on the end of the colors that are using just 2 bits per channel there.  Notice that it just checks for a match against any icon it has found so far, to match a particular one you would find an identicon string for it from the same bits and just search for that, to search an address prefix as well you can change the vanitygen argument.  I also was running on a machine with 8GB RAM, run at your own risk with more bits or less RAM when saving every result like this.

[cunicula]

Interesting idea. I came across: http://robohash.org/ - cunicula you thought about something like this?

The robohash robot is great. Optionally print out an image of the robot next to the identicon?

Users could check that the identicon maps to the robot and robots are easier to remember than patterns.

The robots would be good branding for bitcoin. It looks like robohash is open source.

[Atheros]

The robohash robot is great. Optionally print out an image of the robot next to the identicon?

Users could check that the identicon maps to the robot and robots are easier to remember than patterns.

The robots would be good branding for bitcoin. It looks like robohash is open source.

Well it does seem that mskwik did just prove robohash to be useless for our purposes.

[FreeMoney]

The robohash robot is great. Optionally print out an image of the robot next to the identicon?

Users could check that the identicon maps to the robot and robots are easier to remember than patterns.

The robots would be good branding for bitcoin. It looks like robohash is open source.

Well it does seem that mskwik did just prove robohash to be useless for our purposes.

Not completely, it would be extra hard to find a robot collision AND collide the first few chars.

[mskwik]

Doing the math on the robohash it looks like it uses 22-24 bits depending on the settings to get an exact match, so roughly equivalent to matching 4 characters of the address.  It could add some extra security combined with something else but by itself yes it is fairly trivial to match.

[Bitcoin Oz]

Its like https for bitcoin adresses 

[Bitcoin Oz]

1AgwF965rwYpK6J8N3CbCxfRAdu7nSHt9v



1P7WdPJrZEXTmbjD5bzqNwNtNDuoTqDGu



1Fq6TL3wT4v4tbgW7CaGTyS42hsjmCHPdB





rageface.me   lol

[cunicula]

rageface.me   lol

Not cute at all. 

[Spekulatius]

If its based on SHA1, does that mean it can be cracked (I have no idea, but I know the current standard is SHA3)

[Red Emerald]

This is a cool idea.  I had been reading the first and last few characters to make sure the address was right. This is even easier.

[crazy_rabbit]

Any Update on this?

[crazy_rabbit]

In particular, could this be used to show users a their passwords before they type their passwords in? To confirm they are on a genuine site?

For example, a site saves passwords in a hashed and salted format. When they go to login, they type in their username, uponwhich the site shows an identicon of their password hash. If that identicon matches what they originally saw when they signed up, they know they are on the legitimate website.

Would that work?

[rini17]

What if the firstbits are superposed on the picture (normally shown 6 letters or so in the bottom of identicon, without leading 1) to make the match harder? So both reading and abstract pattern recognition is engaged at once.

Replying to myself again , but just for fun if we disregard prefix we can fairly easily match 32 bits:

1KbhFQVEUk8wMVtiuBURZAQ1PXnsDUqcag


1EEwcrjaJkWLLZDuZA2Rhob3aVM8NwY5tR



or 40 bits:

1NcE7wksPMcydG7bfsGsGdjf2ckzXSfw1R


1H26EaqCrbdHZk2SvqvZDfPHqYGbYqQsJj


Not going to try for 48 bits on the CPU, but with OpenCL code on a GPU it shouldn't be bad either.

[phelix]

In particular, could this be used to show users a their passwords before they type their passwords in? To confirm they are on a genuine site?

For example, a site saves passwords in a hashed and salted format. When they go to login, they type in their username, uponwhich the site shows an identicon of their password hash. If that identicon matches what they originally saw when they signed up, they know they are on the legitimate website.

Would that work?

Interesting idea. I would add another hash round before creating the identicon for safety. That would be a cool feature.

[DanielBTC]

I like this "bitaddress mandala"