Bitcoin puzzle transaction ~32 BTC prize to who solves it

[zahid888]

"1h7EsfXpgCLftpU4vucjkCbX1Wktop8GM"

This wallet '1BGvwggxfCaHGykKrVXX7fk8GYaLQpeixA' is also in the same way , don't worry, you are not alone on this journey. The only difference is that your car has completely out of fuel, while my car can still go a little further.

[nomachine]

If you believe in "luck" and "chance", you should buy lottery tickets to try your luck.

If you don't buy a ticket, you can't win. It's the same with Puzzle if you do nothing..

[Denis_Hitov]

the equation in my head can solve.....

It's called imagination. 

Not any more, as I just tested a few tricks, it works. Note that I'm not forcing anyone to believe me, I don't know who to trust that's it, therefore my only option is Satoshi/author of this challenge.

I have been called delusional, scammer, liar etc,  without these name callings I wouldn't be here right now. It's the fuel for my engine.

Hi.
Share in a personal what kind of tricks you do and how they work?

[alek76]

Creator use master keys or child keys? BIP-32 or BIP-39 format? Who can know?

If I can say anything it'd be for the author of this puzzle to bless me beyond my own imagination
I have tried my best but I am still not going to give up either. you can search or do a lookup of my wallet address. I have definitely invested over $30k in the puzzle 66 alone throughout the whole random scan and my wallet address is 1h7EsfXpgCLftpU4vucjkCbX1Wktop8GM, you can do your search from the private key scanner or 66 bits puzzle
I spend so much resources there but no luck
I am running my search lowkey now but I am almost being drained but still not giving up
A blessing is nothing imaginable or unimaginable but nothing is impossible for God to do.
I just pray for the ability to be able to keep  up as it is so much fun

It is likely that he used a BIP-39 wallet. Because BIP 0039 was created on 2013-09-10, and it is more durable. Uses 2048 rounds of HMAC-SHA512 hashing from SEED. This means that an attack on SEED is not possible. A short phrase of unknown length out of a possible 2048 words. Maybe she's not on the BIP-39 wirdlist. We will never know. I'm currently making a random seed code using the HMAC-SHA512 function. That's why I asked I've already split a 512-bit key into 2 256-bit keys... For now I'll continue this...

[digaran]

Hi.
Share in a personal what kind of tricks you do and how they work?

This is one of my tricks.🤣  you just jump hoping for the best.

[nomachine]

I'm currently making a random seed code using the HMAC-SHA512 function.

80% that is electrum
https://github.com/spesmilo/electrum/blob/e81f4bdcd11a072e7c4f38fb1c7eec19c2f7e1a8/electrum/storage.py#L164
He may have even changed the source code. 

[_Counselor]

Even though the 120 key was found, I'm still interested in finding it since it hasn't been published. If anyone still has kangaroo's workfiles for 120 puzzle with DP of 30 bits and above, I would be grateful if you share them.

[citb0in]

Even though the 120 key was found, I'm still interested in finding it since it hasn't been published. If anyone still has kangaroo's workfiles for 120 puzzle with DP of 30 bits and above, I would be grateful if you share them.

let's say the finder of puzzle 120 will reveal the private key. In what way does it help you proceeding with finding #66 or #130 or ... ?

[_Counselor]

let's say the finder of puzzle 120 will reveal the private key. In what way does it help you proceeding with finding #66 or #130 or ... ?

I strongly doubt that this will somehow help to solve 130 or 66, just as the keys 63, 115 and below previously did not help to solve 120 and 64. This is just something like scientific interest. I previously spent a lot of time and resources trying to solve puzzle 120 and I'm still curious about its key. If the finder or puzzle's author would just publish the key itself, I would also be grateful.

[citb0in]

yeah, but what's the point? I cannot imagine it's pure curiosity. What's the real reason ?

[_Counselor]

yeah, but what's the point? I cannot imagine it's pure curiosity. What's the real reason ?

I already wrote the real reason. Or are you expecting me to write something like "using the 120 key, I know how to calculate 130"? Unfortunately, this is not so, and if it were possible, then the one who found 120 and 125 would have solved the next puzzles long ago.

[citb0in]

This is just something like scientific interest. I previously spent a lot of time and resources trying to solve puzzle 120 and I'm still curious about its key.

I understand what you wrote, but I don't understand the real interest. Let's assume this is the real key for the 120bit puzzle 9C15FC66A182003BB1BE5D1DF12CAB
what did you gain from this insight other than the satisfaction of pure curiosity ?

[_Counselor]

I understand what you wrote, but I don't understand the real interest. Let's assume this is the real key for the 120bit puzzle 9C15FC66A182003BB1BE5D1DF12CAB
what did you gain from this insight other than the satisfaction of pure curiosity ?

I don’t know what else to answer you other than what I already wrote.

Anyway, as I wrote above, if anyone else besides me is still interested in finding out the key to 120 and still has kangaroo's workfiles for 120 puzzle with DP of 30 bits and above, please share them. Workfiles for 125 not interesting me, because I did not work on it.

[alek76]

I'm currently making a random seed code using the HMAC-SHA512 function.

80% that is electrum
https://github.com/spesmilo/electrum/blob/e81f4bdcd11a072e7c4f38fb1c7eec19c2f7e1a8/electrum/storage.py#L164
He may have even changed the source code. 

Thanks for the advice. I'll take a look at this code. I just installed 2048 interactions and the keys began to be generated for a very long time.

[nomachine]

   seed = random.getrandbits(128)
    seed_value = int(seed)
    random.seed(seed_value)
    seed = str(seed_value)

It's not even close to 128.

The closest I've come up with 8 to 2 ** 65

30568377238562584866, b'\xc9\xd9\x1d\xbc\x16\x9d\xdb\x86'

Code:

import random
puzzle = 65
lower_range_limit = 2 ** (puzzle - 1)
upper_range_limit = (2 ** puzzle) - 1
owner_salt = b'\xc9\xd9\x1d\xbc\x16\x9d\xdb\x86'
random.seed(owner_salt)
dec = random.randint(lower_range_limit, upper_range_limit)
print(f"{dec}, {owner_salt}")

but even so a part is missing to get a 100% accurate result.

it seems most likely that pbkdf2_hmac was used

hashlib.pbkdf2_hmac('sha512', os.urandom(8 ), b'', iterations=1024)[:32]

some combination like this.

https://docs.python.org/3/library/hashlib.html

[alek76]

   seed = random.getrandbits(128)
    seed_value = int(seed)
    random.seed(seed_value)
    seed = str(seed_value)

It's not even close to 128.

The closest I've come up with 8 to 2 ** 65

30568377238562584866, b'\xc9\xd9\x1d\xbc\x16\x9d\xdb\x86'

Code:

import random
puzzle = 65
lower_range_limit = 2 ** (puzzle - 1)
upper_range_limit = (2 ** puzzle) - 1
owner_salt = b'\xc9\xd9\x1d\xbc\x16\x9d\xdb\x86'
random.seed(owner_salt)
dec = random.randint(lower_range_limit, upper_range_limit)
print(f"{dec}, {owner_salt}")

but even so a part is missing to get a 100% accurate result.

it seems most likely that pbkdf2_hmac was used

hashlib.pbkdf2_hmac('sha512', os.urandom(8 ), b'', iterations=1024)[:32]

some combination like this.

In that code, the 512-bit key is normalized by division modulo % CURVE_ORDER
from_arbitrary_size_secret()

Code:

def normalize_secret_bytes(cls, privkey_bytes: bytes) -> bytes:
        scalar = string_to_number(privkey_bytes) % CURVE_ORDER
        if scalar == 0:
            raise Exception('invalid EC private key scalar: zero')
        privkey_32bytes = number_to_string(scalar, CURVE_ORDER)
        return privkey_32bytes

As the creator said, you need to trim the high bytes of the key with zeros!

[EternityMessage]

Is all this a robbery/steal/theft attempt?

After spending really too much time of my life trying different code and algorithms, buying and running loud hot hardware to solve #66 & #130 I started to wander about ethics of what I am trying to do !
OK, if I have a really really good luck, I will find the key after 1-2 more years!
... BUT !!! Do I have the right to take the coins in the address? ...
The coins (the money) are not mine, and the owner (the assumed puzzle creator) never said that, if I brake the private key, I have the right to take the money !!! (Also the fact that the person has more money than us, does not give us the right to take his money!)
So .. did I spent so much time of my life trying to become a thief? ...
The assumption when I started was ... That is a challenge .. I can do my best .. BUT Do I have the moral right to get money assuming it is by the rules ? ... There are no official rules? We conveniently assume the owner intentions and are ready to get his money ... but what if we are wrong?

Mr./Mrs. Puzzle creator and puzzle addresses money owner,
Please sign a message with any known non-broken puzzle address, and state your will!
Are you fine, if money from these addresses are taken?"
Or "you consider us thieves?" or ...
(the signing #150, #155... public keys are already known and will not compromise security)

Thanks

[nomachine]

As the creator said, you need to trim the high bytes of the key with zeros!

I think it's obvious that he has his own custom deterministic wallet. Based on an existing one or completely new one from scratch.

That said, I'm not sure it can sign a message with that tool.

[alek76]

As the creator said, you need to trim the high bytes of the key with zeros!

I think it's obvious that he has his own custom deterministic wallet. Based on an existing one or completely new one from scratch.

That said, I'm not sure it can sign a message with that tool.

Maybe. And it’s not even necessary, just add your own salt, and that will be enough - going over SEED will be useless.

Code:

string seed = Timer::getSeed(32);

//seed = "bla bla bla";// Mnemonic code words

string salt = "Bitcoin seed";// = "VanitySearch";

unsigned char hseed[64];

pbkdf2_hmac_sha512(hseed, 64, (const uint8_t *)seed.c_str(), seed.length(),
(const uint8_t *)salt.c_str(), salt.length(),
//2048);// 2048 rounds of hashing required by the BIP 39 Standard ???
//2048);// Used 2048 rounds ???
//0);// Used 0 rounds !!!
1024);// Electrum ?

[digaran]

Thanks

Welcome.
Did you think about this before buying/ spending money on it? Or after failing to find a key you realized what you are doing is morally wrong?
Consider yourself as a security testing expert, but before getting to work, first calculate the cost and the profit and then continue, when you are done, just show us how you did it if you want to earn honestly.   I don't see solving these puzzles and taking the coins morally wrong.