Bitcoin puzzle transaction ~32 BTC prize to who solves it

[Akito S. M. Hosana]

Not bout LAW .. but about moral ...   And yeah sniper bot is morally wrong. Even tough i setup one 😅, but badly coded haha.....

So bruting puzzle  and sniping might be unlawful but sniping is morally wrong

We have a cop, a philosopher and a preacher here. We just need a psychiatrist to come here and give us a diagnosis.

[nochkin]

We have a cop, a philosopher and a preacher here. We just need a psychiatrist to come here and give us a diagnosis.

You guys are crazy. Signed.
Done.

[Kelvin555]

So yes, if you fund key 42 with no conditions, whoever signs first owns it. In the puzzle, the first signer already exists; a bot that shoves their transaction aside is just pickpocketing at mempool speed.

So untrue.... "Whoever moves the coins safely to his/her wallet owns the coins".
Bots are part of the competition, do you think the owner did not know that this RBF war would happen ?
Whoever has tried this challenge now fully knows why you shouldn't create a weak private key all thanks to bots.

The puzzle creator openly puts the coins in addresses meant to be cracked and even thanks the community for building new cracking tools. That is an implied green light: the only way to claim the prize is to derive the key, and the owner clearly intends that to happen. No computer system is being broken into and the funds are not protected by anything but the puzzle itself, so there is no “unauthorized access” under computer-crime laws. It is a public bounty, not theft.  https://bitcointalk.org/index.php?topic=1306983.msg18765941#msg18765941

Another thing, a bitcointalk forum post doesn't verify ownership of a bitcoin address, when Retiredcoder posted here the first time no one believed him till he signed a message from adresses 125 and 130, when Bram posted here he signed a message from his own address containing moved coins from address 67,  the main reason "signed messages" were added to bitcoin wallet is to verify ownership.

What if we wake up tomorrow and someone signs multiple messages with addresses 140 to 160 saying he/she is the rightful owner of these coins, it was never a challenge, never intended for it to be bruteforced, an unfortunate circumstance happened and he/she went to jail for the last 10years, released recently and found out people are bruteforcing his/her coins, has now made a complaint to the authorities about this....
Would you still believe that bitcointalk forum post
I think peoples' greed and lack of money clouds their judgment here.
If the owner wanted to prove legitimate ownership to these coins, nothing stops him signing a message with addresses 150, 155 and 160, state his intent about the coins and paste in a public forum.

[3dmlib]

If my bot wins one of the puzzles I will return money to puzzle creator
Every puzzle solver should do it. To be completely ethical
What if puzzle creator reports to Ukrainian police that his funds was stolen...

[slyne8]

If my bot wins one of the puzzles I will return money to puzzle creator
Every puzzle solver should do it. To be completely ethical
What if puzzle creator reports to Ukrainian police that his funds was stolen...

why not send all coin in to bitcoin eater?

[3dmlib]

I’m trying to find the private key myself, because I have over $35,000 in government debt, and it keeps growing every day.

This is worst idea you comes with to cover you debt is to try to find 1 of million chance private key.
Now I understand why you have this debt at the first place...

[Akito S. M. Hosana]

What if we wake up tomorrow and someone signs multiple messages with addresses 140 to 160 saying he/she is the rightful owner of these coins, it was never a challenge, never intended for it to be bruteforced, an unfortunate circumstance happened and he/she went to jail for the last 10years, released recently and found out people are bruteforcing his/her coins, has now made a complaint to the authorities about this....
Would you still believe that bitcointalk forum post
I think peoples' greed and lack of money clouds their judgment here.
If the owner wanted to prove legitimate ownership to these coins, nothing stops him signing a message with addresses 150, 155 and 160, state his intent about the coins and paste in a public forum.

A cryptographically signed message from a Bitcoin address is the strongest possible proof . Courts and investigators increasingly recognize such signatures as valid evidence (similar to a digital notarization). A forum post alone carries no weight without cryptographic verification.  If the coins are genuinely "lost," courts may view brute-forcing as akin to finding abandoned property. However, if an owner emerges with proof, the brute-forcer could face liability for theft or unjust enrichment. If someone falsely claims ownership without cryptographic proof, they could face civil fraud claims or criminal charges (e.g., filing a false police report).
Courts treat BTC like money or assets, not "abandoned treasure." The risks far outweigh the fantasy rewards.

Why don’t we have these discussions about legality in any of these puzzle topics? I thought this was a Bitcoin forum. Sticky posts explaining that brute-forcing could be considered theft under certain conditions would help. This is the first time I’ve heard this explained here. 

[kTimesG]

Not sure what's the fuss about.

From an evidence perspective: no one can claim their TX got replaced, nor that they were the ones who solved the puzzle. Because the replacer just as well may claim he was the first one to do it, and there is no way to prove the contrary (mempool history is not valid evidence). Both parties (claimer and replacer) did the same thing: they cracked a key, just using different methods.

So I have zero issues about the morality or ethical side of this, simply because the reason of concern does not exist (no one gets robbed; again: they didn't own the key anyway, they CRACKED it).

To be clear: it's not about not getting caught. It's about having a very strong defense in the face of any reasonable court. Thieves calling thieves? See what your lawyer would say about that.

"Whoever signs first is the owner" - this is so freaking wrong. So this means that all the Satoshi mined addresses are freebies, right? They don't belong to anyone? No, they belong to Satoshi, he did the effort to mine them. Exactly the same thing in this puzzle: the coins belong to the creator.

He doesn't care WHO or HOW cracks the keys, as the puzzle objective is really simple: move the funds, NOT "prove you brute-forced the key". That is already implied.

That's why my only advice is to not try to solve the weak puzzles at all, unless you're 100% certain WTF you're getting into, in all aspects.

[nomachine]

Why don’t we have these discussions about legality in any of these puzzle topics? I thought this was a Bitcoin forum. Sticky posts explaining that brute-forcing could be considered theft under certain conditions would help. This is the first time I’ve heard this explained here. 

There’s tons of threads floating around that cover this stuff. It’s like walking into a gym and someone explaining ‘Hey, don’t drop the weights on your feet’. It’s just one of those unspoken rules. But yeah, maybe it wouldn’t hurt to have a quick reminder up top for the new folks. 

[pbies]

...

"Whoever signs first is the owner" - this is so freaking wrong. So this means that all the Satoshi mined addresses are freebies, right? They don't belong to anyone? No, they belong to Satoshi, he did the effort to mine them. Exactly the same thing in this puzzle: the coins belong to the creator.

...

If someone would share the sha256 of private key which was in bytes or hex, then make the tx and the tx was replaced - he could prove that he had pvk.

One is that sha of pvk shouldn't be well known, this is reason why you need it to be unknown totally.

Second if he would share the sha before making the tx - he is the owner of laying funds.

You can't attack both.

[Akito S. M. Hosana]

Not sure what's the fuss about.

So you’re dead certain that you or no one else is gonna get nicked for this? Bruteforcing a private key’s just some basic shit, is it? I’m proper baffled, mate. Especially knowing the feds are all over us.

[kTimesG]

Not sure what's the fuss about.

So you’re dead certain that you or no one else is gonna get nicked for this? Bruteforcing a private key’s just some basic shit, is it? I’m proper baffled, mate. Especially knowing the feds are all over us.

Of course I'm not, the creator may rightfully claim the funds.

Other individuals: not so much. While in the mempool, the order of TXs cannot be established, that is all I am saying. For example, a node can simply set a replacement's TX "first seen" tag to BEFORE the original transaction, making it thus the "initial transaction".

[Benjade]

“Unauthorized access” only occurs when you defeat a safeguard without the owner’s permission.
The puzzle creator has already said “first to crack the key keeps the coins,” which is explicit consent, exactly like a bug-bounty program inviting you to hack their test server. Contract law treats that as a unilateral offer: perform the task, keep the reward. Once consent is public, brute-forcing the key is neither theft nor computer misuse, because the owner has waived exclusivity and the only “system” you touch is the open blockchain.

Here:
Computer Fraud and Abuse Act — 18 U.S.C. § 1030(a): every CFAA offense hinges on accessing a computer “without authorization” or “exceeding authorized access.” If the owner invites you to try, that element is missing. https://www.law.cornell.edu/uscode/text/18/1030

And there:
DOJ charging policy for the CFAA (19 May 2022): prosecutors are told not to bring charges for “good-faith security research” when the owner has authorized the activity. https://www.justice.gov/archives/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act

The puzzle creator’s public statement might imply consent, but unless it’s a legally binding contract (with clear terms, jurisdiction, and revocation mechanisms), authorities could still argue the method of access (e.g., brute-forcing) violates computer crime statutes. Courts often interpret “authorization” narrowly, e.g., Van Buren v. United States (2021) highlighted ambiguities in what exceeds "authorized access."

While the DOJ’s 2022 policy discourages charges for "good-faith security research," brute-forcing a private key lacks the same recognized public benefit as vulnerability disclosure. The policy also explicitly excludes "malicious" acts, and prosecutors might view unsanctioned access to funds (even via puzzles) as financially motivated rather than research.

Even if CFAA liability is avoided, criminal theft laws (e.g., state statutes) could apply. Most jurisdictions require explicit, lawful transfer of property. Cracking a key isn’t a traditional legal mechanism. The creator’s intent might not override statutory definitions of theft or fraud.

Unlike a test server in a bug bounty, the blockchain is a public ledger; the "system" accessed is the network itself. If the wallet’s security relies on cryptographic safeguards, bypassing them could be argued as circumventing a "technological barrier" under laws like the DMCA §1201 (though this is untested for puzzles).

Think about it for 2 seconds, these are addresses whose private keys are very limited in their range and created specifically to make them easier to find. What don't you understand about the law? It's written in black and white.

I have thought about it. And as someone who works in cybercrime investigations, I can tell you the law isn’t as binary as "the creator said it’s okay, so it’s legal." The law is written in black and white, but the words say "authorization," not "vibes." Unless the creator formalized this as a binding offer (a smart contract with explicit terms), you’re relying on not getting caught, not legal immunity.

Brute-forcing a key isn’t a recognized legal mechanism.

The creator’s intent might be clear to you, but courts need evidence of a valid contract or gift. If the private key is hidden within a puzzle or image (steganography, riddles, or cryptographic clues) and publicly posted (like GSMG.IO puzzle) by the owner, that’s fundamentally different from brute-forcing under the law.
Puzzle-solving = The owner deliberately encodes the key and invites solvers to extract it. This is closer to a unilateral contract ("Solve this, claim the prize").

If a company posts a puzzle on its website, that’s strong evidence of consent. Courts recognize "invited access". Brute-forcing lacks this clarity. Even weak keys don’t prove the owner authorized all methods of access.

Again you’re mixing up a legal debate with the plain technical meaning of “brute-force.” In crypto, a brute-force attack is simply trying every possible key until one works, full stop. People have been invited to do exactly that for decades. RSA-129’s 129-digit ciphertext was cracked in 1994 by hundreds of volunteers who exhaustively searched the key space; the judges didn’t ask for a “binding offer,” they sent a congratulatory letter when the key fell after eight months of grinding CPUs. https://seclists.org/interesting-people/1994/May/42

A few years later, distributed.net tore through the RC5-56 challenge in 250 days, publicly billing the effort as “brute-forcing the entire keyspace” and collecting RSA’s prize with no courtroom drama attached. https://en.wikipedia.org/wiki/Distributed.net

Exactly the same thing happens with the Bitcoin puzzle series: the author publishes addresses whose private keys are missing n bits and dares anyone to brute-force the rest. Puzzle #66, holding 6.6 BTC, was solved nine months ago when someone enumerated the remaining 66 bits, textbook brute-force and nobody questioned the solver’s right to sweep the coins. https://www.linkedin.com/posts/thomas-wiesner_bitcoin-crypto-puzzle-activity-7241496381549404160-XQXG

So yes, courts decide authorization, but in these cases the authorization is the public challenge itself. Calling that process anything other than “brute-forcing” doesn’t make you sound legal-savvy, it just shows you’ve skipped the last thirty years of cryptography history.

So, if you work in cybercrime investigation, I'm the queen of England.

[kTimesG]

Mempool bot competition #2:

Address: 12B2uyEpoRsLDmJDLHJK5n4LeG946XtqM2
Puzzle 75 address space.
30 usd price.
Public key will be exposed tomorrow 27 June 2025 between 13.00 and 14.00 UTC.
Every participant BTC address which will be visible at least once in mempool RBF timeline will get 10 usd in BTC.

Thanks.

Seems I got it first.

[Benjade]

Not sure what's the fuss about.

So you’re dead certain that you or no one else is gonna get nicked for this? Bruteforcing a private key’s just some basic shit, is it? I’m proper baffled, mate. Especially knowing the feds are all over us.

Of course I'm not, the creator may rightfully claim the funds.

Other individuals: not so much. While in the mempool, the order of TXs cannot be established, that is all I am saying. For example, a node can simply set a replacement's TX "first seen" tag to BEFORE the original transaction, making it thus the "initial transaction".

That’s not how the mempool works. “First-seen” timestamps are local-only; they never leave the node, so you can’t fake one to make a replacement look like the original. A transaction can bump another only by spending the same inputs and paying a higher fee, that’s BIP-125, full stop. Why is everyone in this thread repeating myths instead of checking the actual spec?

[onepuzzle]

I won and you lose @kTimesG. Don’t cry 😛. But somehow the rich just get richer—like at work, mmm.

As a reward, I’ll buy myself a piece of gum.

[kTimesG]

That’s not how the mempool works. “First-seen” timestamps are local-only;

Nobody cares how the mempool works because it's not part of the blockchain consensus, it is not a global entity, and first seen timestamps have zero relevance. More over, they depend on the system clock, which may be off, on the network latency (a node may have been offline) and so on,

Not sure what the hell you're trying to say, honestly. I already explained why it is implausible to convince anyone that some TX was broadcasted before some other TX, because the fee-rate is not an indicator of chronology, but of mining priority.

I won and you lose @kTimesG. Don’t cry 😛. But somehow the rich just get richer—like at work, mmm.

As a reward, I’ll buy myself a piece of gum.

Not sure what you mean there. My address was the first one. I didn't bother with continuing raising fees unless there was some other newer TX. My latest replacement lasted 6 minutes.

So what did you win?

[3dmlib]

17tEfExZjJAUaaxFLT4FBzZ1Z3irB3BXB3
1Ph5YCaoXC3QHgHpMQph7oCQt2LJXdtQGA
1H4VB6pf82DxGb7w5Cgb6JZEB8MbtVcZUK
1HQuc7wK2LwQAwSXbiHqfbAHcLZfkrEPNP
12xRP9c7eeVvSiSJoCCtyQKoxoihYycrGx
1M6srxu5dVNA71K7EXbxMsyuK6hKbWNVnT

Does I forgot someone?

[kTimesG]

17tEfExZjJAUaaxFLT4FBzZ1Z3irB3BXB3
1Ph5YCaoXC3QHgHpMQph7oCQt2LJXdtQGA
1H4VB6pf82DxGb7w5Cgb6JZEB8MbtVcZUK
1HQuc7wK2LwQAwSXbiHqfbAHcLZfkrEPNP
12xRP9c7eeVvSiSJoCCtyQKoxoihYycrGx
1M6srxu5dVNA71K7EXbxMsyuK6hKbWNVnT

Does I forgot someone?

Yes. But it's not your fault, so those are fine for me.

I had 12 successfull push replacements in total, but many of them went to nodes that weren't up to date with the latest TXs, so they were eventually refused by mempool.space.

[3dmlib]

I think won who's txs was more time in the queue. He have best chance be mined on block mined. So, I won