Bitcoin puzzle transaction ~32 BTC prize to who solves it

[zahid888]

Very creative! 

This is your programm tough?

prefixsuffix.exe --address 1PWo3JeB9jrGwfHDNpdGK54CRas7fsVzXU --prefix 4 --suffix 2 --range %range% --grid 512,512

This isn’t my program — it’s originally by @FrozenThroneGuy. I just made a few tweaks here and there… maybe around a thousand extra lines of code

[POD5]

This isn’t my program — it’s originally by @FrozenThroneGuy. I just made a few tweaks here and there… maybe around a thousand extra lines of code

Yes, Dookoo2 is the creator of Cyclone having had his illumination from JLP VanitySearch and he also has the merit of having added GPU version.
There were some other good derivations, but they went fishing... After deleting their whole GITHUB repository, because they feel atacked or offended by someone here at BITCOINTALK...  

[mahmood1356]

Besides the analysis of the private key from the public key, I'd like to ask: is the public key given directly to you? How do you know the winner is transferring and broadcasting the fund? Do you get the public key immediately after the winner broadcast the transation? Does this take time?

Also, once you have the private key, if you manually enter it and then transfer the funds using a higher fee, wouldn't that take a long time? Even if you use a bot, you'll need to construct a long transaction string, right? All of these take time.

Are those who claim theft can be done in seconds really that confident?

I kept silent because it wasn't worth my time but can I ask you something?

Why are you here? What is the purpose?

It takes less than 2 seconds to break the private key of Puzzle 71 (once the initial TX is in the mempool), create the TX, and broadcast it, and to get it accepted by any miner.

Please stop the non-sense, you are polluting the discussion.

Let me say it again: you might not have time to open a new browser tab and check your first TX, before it gets replaced.

I want to ask you a question, and that is, if we set the time to send the transaction, taking into account the volume of the transaction sent, which in this particular case is about 1987 bytes, by monitoring the block being created online, and set the transaction with a network fee of $2000 at a time when there is only enough free space left in the current block for the volume of the transaction we sent, and then send the transaction so that it is confirmed and included in the current block with a high network fee, and then the block is closed and the next block starts to be created, is there still a risk of the transaction being hijacked by robots?

[Frequence]

Besides the analysis of the private key from the public key, I'd like to ask: is the public key given directly to you? How do you know the winner is transferring and broadcasting the fund? Do you get the public key immediately after the winner broadcast the transation? Does this take time?

Also, once you have the private key, if you manually enter it and then transfer the funds using a higher fee, wouldn't that take a long time? Even if you use a bot, you'll need to construct a long transaction string, right? All of these take time.

Are those who claim theft can be done in seconds really that confident?

I kept silent because it wasn't worth my time but can I ask you something?

Why are you here? What is the purpose?

It takes less than 2 seconds to break the private key of Puzzle 71 (once the initial TX is in the mempool), create the TX, and broadcast it, and to get it accepted by any miner.

Please stop the non-sense, you are polluting the discussion.

Let me say it again: you might not have time to open a new browser tab and check your first TX, before it gets replaced.

I want to ask you a question, and that is, if we set the time to send the transaction, taking into account the volume of the transaction sent, which in this particular case is about 1987 bytes, by monitoring the block being created online, and set the transaction with a network fee of $2000 at a time when there is only enough free space left in the current block for the volume of the transaction we sent, and then send the transaction so that it is confirmed and included in the current block with a high network fee, and then the block is closed and the next block starts to be created, is there still a risk of the transaction being hijacked by robots?

The moment you create the transaction and it becomes public, bots will grab it. This is not about fees. A Bitcoin block takes about 10 minutes to confirm, which is enough time to make many changes.

[Menowa*]

Besides the analysis of the private key from the public key, I'd like to ask: is the public key given directly to you? How do you know the winner is transferring and broadcasting the fund? Do you get the public key immediately after the winner broadcast the transation? Does this take time?

Also, once you have the private key, if you manually enter it and then transfer the funds using a higher fee, wouldn't that take a long time? Even if you use a bot, you'll need to construct a long transaction string, right? All of these take time.

Are those who claim theft can be done in seconds really that confident?

I kept silent because it wasn't worth my time but can I ask you something?

Why are you here? What is the purpose?

It takes less than 2 seconds to break the private key of Puzzle 71 (once the initial TX is in the mempool), create the TX, and broadcast it, and to get it accepted by any miner.

Please stop the non-sense, you are polluting the discussion.

Let me say it again: you might not have time to open a new browser tab and check your first TX, before it gets replaced.

I want to ask you a question, and that is, if we set the time to send the transaction, taking into account the volume of the transaction sent, which in this particular case is about 1987 bytes, by monitoring the block being created online, and set the transaction with a network fee of $2000 at a time when there is only enough free space left in the current block for the volume of the transaction we sent, and then send the transaction so that it is confirmed and included in the current block with a high network fee, and then the block is closed and the next block starts to be created, is there still a risk of the transaction being hijacked by robots?

The moment you create the transaction and it becomes public, bots will grab it. This is not about fees. A Bitcoin block takes about 10 minutes to confirm, which is enough time to make many changes.

The problem with broadcasting the transaction to mempool is that we dont know when it will be confirmed. Its not about fees, its about the low entropy and time. In average a block should take 10 minutes to confirm, but I've seen a block be confirmed after more than one hour and a block be confirmed after seconds. We dont know when the block will be mined and we cant rely on lucky, hoping that its gonna take seconds to tranfers the funds safely. During that time Bots gonna take the prize easily through public key.

The safest way is to use Mara, they wont broadcast the transaction until she get one block mined, the moment that happens, the funds is moved at the same time with no risks.

And dont be a dumbass believing that Mara can crack the puzzle and steal the funds just from a hex transaction.

The hex transaction has purpose only for broadcasting wich means whatever miner who has it can broadcast at any time they want. But to change and steal the funds, Mara would need the private key to change and sign a transaction with their adress instead of yours.

[FrozenThroneGuy]

This isn’t my program — it’s originally by @FrozenThroneGuy. I just made a few tweaks here and there… maybe around a thousand extra lines of code

Yes, Dookoo2 is the creator of Cyclone having had his illumination from JLP VanitySearch and he also has the merit of having added GPU version.
There were some other good derivations, but they went fishing... After deleting their whole GITHUB repository, because they feel atacked or offended by someone here at BITCOINTALK...  

You right:) But I rebuilt my own pool for a better security, I will start it on Monday:)
What i have done already:
1. TLS between client and server either OPENSSL lib
2. TLS pinning for preventing private key stealing (SPKI).
3. HMAC-SHA256 verification for each client message + timestamp + nonce.
4. Each client has their own key for srv connect.
5. Fail2ban for preventing trash request.
6. Rate limit for key request.

Try to use spoofing after upgrades:)

[blackd111]

Everybody is speaking about MARA, but is really safe?
You go on first page and say enter your transaction hex without any identification.
Even with this issue of unknowing what is happening when you submit, if everything is true about stealing, why they do not steal from everyone? There are milions of transactions every day.
If this was the case, nobody was using bitcoin anymore...

[POD5]

Try to use spoofing after upgrades:)

If I'd only knew how, I would use spooping just to know the ranges that were already scanned and also to get the source code of your server and client...
But I guess spoofing is much more than ping and wget.

[FrozenThroneGuy]

Try to use spoofing after upgrades:)

If I'd only knew how, I would use spooping just to know the ranges that were already scanned and also to get the source code of your server and client...
But I guess spoofing is much more than ping and wget.

Of course, but right now it is totally impossible to do something with spoofing.
It has client verification, server verification,  each message from client checking by checksum, TLS encryption, SPKI and so one and so one and so one.
Full “zero trust” and all letters from STRIDE:)

[POD5]

if everything is true about stealing, why they do not steal from everyone? There are milions of transactions every day.
If this was the case, nobody was using bitcoin anymore...

We are speaking about small ranges to who range 1 to 75 belong (as an example). From the point you know the pubkey of one of those puzzles, triggered by the normal send transaction,
you still have some seconds or perhaps minutes to highjack it and get the coins into your own wallet. In this process there are used bots running 24 hours a day, so that if such transaction
is detected they will start a programm to find the private key from the public key of that low range puzzle. Nowadays there are very fast applications powered by GPUs, not knowing if they use BSGS, Kangaroo or other methodes. Please note, that this is only possible with small ranges, otherwise yes, this would endanger the whole BTC universe.  

[Frequence]

Besides the analysis of the private key from the public key, I'd like to ask: is the public key given directly to you? How do you know the winner is transferring and broadcasting the fund? Do you get the public key immediately after the winner broadcast the transation? Does this take time?

Also, once you have the private key, if you manually enter it and then transfer the funds using a higher fee, wouldn't that take a long time? Even if you use a bot, you'll need to construct a long transaction string, right? All of these take time.

Are those who claim theft can be done in seconds really that confident?

I kept silent because it wasn't worth my time but can I ask you something?

Why are you here? What is the purpose?

It takes less than 2 seconds to break the private key of Puzzle 71 (once the initial TX is in the mempool), create the TX, and broadcast it, and to get it accepted by any miner.

Please stop the non-sense, you are polluting the discussion.

Let me say it again: you might not have time to open a new browser tab and check your first TX, before it gets replaced.

I want to ask you a question, and that is, if we set the time to send the transaction, taking into account the volume of the transaction sent, which in this particular case is about 1987 bytes, by monitoring the block being created online, and set the transaction with a network fee of $2000 at a time when there is only enough free space left in the current block for the volume of the transaction we sent, and then send the transaction so that it is confirmed and included in the current block with a high network fee, and then the block is closed and the next block starts to be created, is there still a risk of the transaction being hijacked by robots?

The moment you create the transaction and it becomes public, bots will grab it. This is not about fees. A Bitcoin block takes about 10 minutes to confirm, which is enough time to make many changes.

The problem with broadcasting the transaction to mempool is that we dont know when it will be confirmed. Its not about fees, its about the low entropy and time. In average a block should take 10 minutes to confirm, but I've seen a block be confirmed after more than one hour and a block be confirmed after seconds. We dont know when the block will be mined and we cant rely on lucky, hoping that its gonna take seconds to tranfers the funds safely. During that time Bots gonna take the prize easily through public key.

The safest way is to use Mara, they wont broadcast the transaction until she get one block mined, the moment that happens, the funds is moved at the same time with no risks.

And dont be a dumbass believing that Mara can crack the puzzle and steal the funds just from a hex transaction.

The hex transaction has purpose only for broadcasting wich means whatever miner who has it can broadcast at any time they want. But to change and steal the funds, Mara would need the private key to change and sign a transaction with their adress instead of yours.

Someone told you we only need 1% of your confidence, and they were right. Now, can someone explain to this N00b what we can actually do if we have the hex? And please, stop repeating nonsense like a parrot.

[vneos]

Someone told you we only need 1% of your confidence, and they were right. Now, can someone explain to this N00b what we can actually do if we have the hex? And please, stop repeating nonsense like a parrot.

They are not even willing to run decoderawtransaction command themselves to see what would actually happen. Using Mara to move low bit puzzles(personaly I think less than 100) does carry some risk, but this only occurs if there are malicious people inside Mara (though I don’t think such a thing would happen). Still, it is much safer than directly using the public mempool.

Overall, using Mara is the best option available today for transferring low bit puzzles.

[nochkin]

Everybody is speaking about MARA, but is really safe?
You go on first page and say enter your transaction hex without any identification.
Even with this issue of unknowing what is happening when you submit, if everything is true about stealing, why they do not steal from everyone? There are milions of transactions every day.
If this was the case, nobody was using bitcoin anymore...

I think you need to learn how transactions signed and why only certain ones can be cracked.
In short, "millions of transactions every day" don't use low entropy private keys. There is no way you can steal them using modern equipment in any feasible way.
There is no special "identification" needed to submit a signed tx to a blockchain.
It's well known what happens when you submit your tx.

[blackd111]

Let's say you are right and i do not have this information yet and i need to read more.
If someone is staying to steal, should have already the devices(1000+) ready and they have no ideea when someone will do the transaction or not. Even if they own or rent the devices and they have in standby, the money they spent for nothing are huge!!!
Let's say they crack in minutes before the transaction is made, there are multiple solutions without using MARA:
-create 1000 transactions to a good wallet from the puzzle
-make a sweep keys with another wallet
-go and make a payment on chain
-go and convert funds on chain to another coin
Even for that they can crack your wallet?

Anyway, if you go in binance wallet, and you have the identity verified, you can add the private key there and make the transaction. If anybody want to steal the money, you are covered by Binance system because is their wallet/enviroment

So have fun!

[Cricktor]

Mara's Slipstream service is basically a non-public mempool that charges a surplus (compared to the normal public mempool fee market) to collect transactions that will become confirmed in one of Mara's next mined blocks. Transactions sent to Slipstream are NOT broadcasted to other nodes. They remain hidden from public until their attached feerate justifies to be mined in a block by Mara's mining pool.

Mara is a stock listed company to my knowledge and they would be stupid to spoil and stain their Slipstream service. Slipstream is to my knowledge the only such easily accessible public service which allows to mine non-standard and/or non-public transactions.

It's possible that other major mining pools also offer similar services, but contrary to Mara's Slipstream, they don't seem to be public. You would have to find a contact at some other reasonably large mining pool, negotiate terms and extra fees, trust they don't screw you to have them mine a transaction of yours hidden from public.

So far IIRC we have only two samples mined safely by Slipstream service of Mara, namely puzzle #67 and #68 withdrawals.
Puzzle #67 withdrawal transaction 0be77ec8...46e32986 has Audit "Not seen in Mempool" where mempool.space clearly indicates that this transaction wasn't seen in public before it was actually confirmed in a block, here of course mined by Mara.

Same is for puzzle #68 withdrawal transaction a5635eb2...88b0eb08, mempool.space's Audit is again "Not seen in Mempool", i.e. hidden from public mempools.

With unconditional FullRBF any public broadcasting of a transaction disclosing the public key of known low entropy private key "secured" funds is suicide for the funds. What some folks here posted like offering a high fee under some stupid conditions only shows one thing: a lack of understanding of consequences of FullRBF in public mempools and how mining works.

Mining blocks is a random process. It's only within larger time frames that blocks are mined in about 10 minutes on average! See the TTM column at https://bitcoinexplorer.org/blocks how variable the temporal distance of blocks is (here TTM is based on the timestamp of the block, not when the block actually was seen by a particular node in the network).


We've seen how the withdrawal of puzzle #69 was likely stolen IIRC, because the team of solvers was stupid enough to ignore so far safe hidden non-public mining via https://slipstream.mara.com.

...

Bullshit. Fortunately you won't solve any of the remaining puzzles to embarras yourself with a spectacular failure to withdraw a solution.

[blackd111]

Thank you for information! I was reading about this many times, but now i need to prove you that the Binance method will work. So i will use the  Binance method when i will find something. I was not searching anything until now but now i have a challenge.

[nochkin]

If someone is staying to steal, should have already the devices(1000+) ready and they have no ideea when someone will do the transaction or not. Even if they own or rent the devices and they have in standby, the money they spent for nothing are huge!!!

You don't have to run the rental devices when not being used. The cost is zero. That's the beauty of it.

Let's say they crack in minutes before the transaction is made, there are multiple solutions without using MARA:
-create 1000 transactions to a good wallet from the puzzle
-make a sweep keys with another wallet
-go and make a payment on chain
-go and convert funds on chain to another coin
Even for that they can crack your wallet?

That's all irrelevant to the issue and will not mitigate it at all. A good idea is to learn how TX work in Bitcoin world and how the fees are implemented in general. If you know how to code, then try to make a program to transfer crypto from one wallet to another.

Anyway, if you go in binance wallet, and you have the identity verified, you can add the private key there and make the transaction. If anybody want to steal the money, you are covered by Binance system because is their wallet/enviroment

This assumption is incorrect. It's not "their" wallet.

[blackd111]

Go to Binance terms and conditions on the Wallet when you want to import a private key. They are protecting your money if someone is trying to decode the transaction or public key.
Only if you share the private key they will not protect. So making the transfer using their wallet, do not matter what is happening because you will receive the money because the transaction is guaranteed.
So Import the private key in Binance wallet, transfer the funds to onchain wallet and VOILA! You have the money in 10 min without any risk!

[nochkin]

Go to Binance terms and conditions on the Wallet when you want to import a private key. They are protecting your money if someone is trying to decode the transaction or public key.

You keep interchanging meanings of private and public key randomly. That leads me into thinking that you are missing a general understanding how things work. I would highly recommend to learn to avoid common mistakes and losing money.

Only if you share the private key they will not protect.

Exactly the point. Since someone else has the private key, this is no longer "your" wallet and so no longer your coins.

[nochkin]

According to this process from here, you say that someone is decoding the public key and extract the private key? So if they do reverse engineering of this process from this script, this means that they can decode almost any public key and get the private key very easy, no?

That is incorrect. Not sure why you append some piece of AI code here, it will not change a thing.