Bitcoin Forum
January 19, 2025, 06:59:34 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 ... 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 [184] 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 ... 359 »
  Print  
Author Topic: Bitcoin puzzle transaction ~32 BTC prize to who solves it  (Read 247246 times)
zahid888
Member
**
Offline Offline

Activity: 287
Merit: 21

the right steps towerds the goal


View Profile
October 08, 2023, 01:51:57 PM
 #3661

Is all this a robbery/steal/theft attempt?

After spending really too much time of my life trying different code and algorithms, buying and running loud hot hardware to solve #66 & #130 I started to wander about ethics of what I am trying to do !
OK, if I have a really really good luck, I will find the key after 1-2 more years!
... BUT !!! Do I have the right to take the coins in the address? ...
The coins (the money) are not mine, and the owner (the assumed puzzle creator) never said that, if I brake the private key, I have the right to take the money !!! (Also the fact that the person has more money than us, does not give us the right to take his money!)
So .. did I spent so much time of my life trying to become a thief? ...
The assumption when I started was ... That is a challenge .. I can do my best .. BUT Do I have the moral right to get money assuming it is by the rules ? ... There are no official rules? We conveniently assume the owner intentions and are ready to get his money ... but what if we are wrong?

Mr./Mrs. Puzzle creator and puzzle addresses money owner,
Please sign a message with any known non-broken puzzle address, and state your will!
Are you fine, if money from these addresses are taken?"
Or "you consider us thieves?" or ...
(the signing #150, #155... public keys are already known and will not compromise security)

Thanks

I am the creator.
Finally, I wish to express appreciation of the efforts of all developers of new cracking tools and technology.  The "large bitcoin collider" is especially innovative and interesting!
As the creator had appreciated all the developers, especially LBC, who solved puzzles from 51 to 56, I hope you have found the answer to your question.

1BGvwggxfCaHGykKrVXX7fk8GYaLQpeixA
digaran
Copper Member
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 900

🖤😏


View Profile
October 08, 2023, 04:59:50 PM
 #3662

Here, if anyone is interested, I have managed to divide puzzle 115 by 2^23 without reaching fractions, but in order to do that, you'd need to guess the last 6 characters.

Code:
from sympy import mod_inverse

N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141

def ters(scalar, target):
    k = mod_inverse(2, N)
    scalar_bin = bin(scalar)[2:]
    for i in range(len(scalar_bin)):
        if scalar_bin[i] == '0':
            result = (target * k) % N
        else:
            result = ((target * k) % N + N - 1) % N
        target = result
    return result

target1 = 31464123230573852164273674364426950
target2 = 6331078

print("Target results:")
for x in range(8388608, 8388700):
    result1 = ters(x, target1)
    (f"T1: {result1:x}")
for x in range(8388608, 8388700):
    result2 = ters(x, target2)
    (f"T2: {result2:x}")
for x in range(8388608, 8388700):
    result1 = ters(x, target1)
    result2 = ters(x, target2)
    subtraction = (result1  - result2) % N
    print(f"S:{subtraction:x}")

I am working on something new, I want to know how we could just guess the last 4 characters and divide our target by e.g, 2^120 etc, I'm sure there is a way, yesterday I figured a way to divide a target by 10, 20, 30 etc, but the results were mixed with n/10, n/20, n/30, meaning by subtracting n/10 from target/10 we could reach the actual target/10, I haven't tried that yet. God willing I will start working on it,  I just don't know why I am not interested to work with my laptop anymore, it causes distraction.😉



Do share your findings after doing your thing.



Some tips, try subtracting 2^116 from puzzle 115 and then put the result on target 2, then try dividing by different values. Grind your way through this giant iron made mountain we call elliptic curve.😂

🖤😏
alek76
Member
**
Offline Offline

Activity: 93
Merit: 16


View Profile
October 09, 2023, 02:41:55 AM
Last edit: October 09, 2023, 05:53:41 AM by alek76
 #3663

I made a new key generator. Tested the HMAC-SHA512 function, the data output is correct. Added a split of the 512 bit key into 2 keys - respectively 256 bits each.
It may not be necessary to add anything more, all the initial data is not known...

Code:
// Get Keys from SEED
void VanitySearch::getKeysFromRandomSeed(int nbitL, int nbitU, bool master, int nbThread, Int *keys) {

// Generate a seed byte sequence S of a chosen length (between 128 and 512 bits; 256 bits is advised) from a (P)RNG.
// Calculate I = HMAC-SHA512(Key = "Bitcoin seed", Data = S)
// Split I into two 32-byte sequences, IL and IR.
// Use parse256(IL) as master secret key, and IR as master chain code.

// Variables
Int IL;// IL as master secret key
Int IR;// IR as master chain code
Int pKey;
Int sKey;

// Master key generation

for (int i = 0; i < nbThread; i++) {

newSeed:

string seed = Timer::getSeed(32);// Used the random seed ???

// test seed
//seed = "bla bla bla";// Mnemonic code words

string salt = "Bitcoin seed";// = "VanitySearch";

unsigned char hseed[64];

pbkdf2_hmac_sha512(hseed, 64, (const uint8_t *)seed.c_str(), seed.length(),
(const uint8_t *)salt.c_str(), salt.length(),
hmac_sha512_nb_round);// 1024 Electrum ?
//2048);// 2048 rounds of hashing required by the BIP 39 Standard ???

// Reverse bytes (not use sha256)
unsigned char hseed_r[64];
int b = 0;
for (b = 0; b < 64; b++) hseed_r[63 - b] = hseed[b];

// Split I into two 32-byte sequences, IL and IR.
// Use parse256(IL) as master secret key, and IR as master chain code.

// Split IL and IR
unsigned long long *vTmp_IL = (unsigned long long *)&hseed_r[32];// IL as master secret key
unsigned long long *vTmp_IR = (unsigned long long *)&hseed_r;// IR as master chain code

IL.bits64[0] = vTmp_IL[0];
IL.bits64[1] = vTmp_IL[1];
IL.bits64[2] = vTmp_IL[2];
IL.bits64[3] = vTmp_IL[3];
IL.bits64[4] = 0;
//
IR.bits64[0] = vTmp_IR[0];
IR.bits64[1] = vTmp_IR[1];
IR.bits64[2] = vTmp_IR[2];
IR.bits64[3] = vTmp_IR[3];
IR.bits64[4] = 0;
// end Split

// debug printf
printf("\n[i] Nb: %d Key IL: %s ", i, IL.GetBase16().c_str());
printf("\n[i] Nb: %d Key IR: %s ", i, IR.GetBase16().c_str());

// Set Keys 256 bits
pKey.SetInt32(0);
sKey.SetInt32(0);
// Switch IL or IR
if (master) {
pKey.Set(&IL);// IL as master secret key
} else {
pKey.Set(&IR);// IR as master chain code
}

// Set Key in ranges nbitL and nbitU
uint32_t nb = nbitU / 32;
uint32_t leftBit = nbitU % 32;
uint32_t mask = 1;
mask = (mask << leftBit) - 1;
uint32_t j = 0;
for(j = 0; j < nb; j++)
sKey.bits[j] = pKey.bits[j];
sKey.bits[j] = pKey.bits[j] & mask;

//sha256(hseed, 64, (unsigned char *)sKey.bits64);// No used this function

// Trim with zeros ???
// We do not know how the high byte of the key were edited. 32 BTC Puzzle.
if (nbitU == 66) {
//printf("\n[i] Nb: %d sKey: %s ", i, sKey.GetBase16().c_str());
//sKey.SetByte(8, 0x02);// The high byte is 0x02
sKey.SetByte(8, (unsigned char)KEY66_HIGH_BYTE);// The high byte is 0x03
//printf("\n[i] Nb: %d sKey: %s ", i, sKey.GetBase16().c_str());
}

// Check length
int len = sKey.GetBitLength();
if (len < nbitL) goto newSeed;

keys[i].Set(&sKey);// Set Keys

// Hi ;-) The END ???
}
}

VanitySearch cannot divide a 512-bit number modulo the Order (only 320 bits). For this need BigNum from the OpenSSL library. Here again need OpenSSL, no matter what  Roll Eyes
nomachine
Member
**
Offline Offline

Activity: 506
Merit: 38


View Profile
October 09, 2023, 07:00:09 AM
Last edit: October 09, 2023, 07:50:16 AM by nomachine
 #3664

For this need BigNum from the OpenSSL library. Here again need OpenSSL, no matter what  Roll Eyes

if we want to trim the high bytes of the derived key with zeros, can we  do so by copying only the lower bytes of the key to the BIGNUM ?

Code:
#include <openssl/evp.h>
#include <openssl/rand.h>
#include <openssl/bn.h>

// Function to generate a random private key with PBKDF2-HMAC-SHA512 using OpenSSL's EVP library
BIGNUM* generateRandomPrivateKey(const BIGNUM* minKey, const BIGNUM* maxKey) {
    BIGNUM* randomPrivateKey = BN_new();
    BIGNUM* range = BN_new();

    // Calculate the range (maxKey - minKey)
    BN_sub(range, maxKey, minKey);

    unsigned char salt[16];
    // Generate a random salt
    if (RAND_bytes(salt, sizeof(salt)) != 1) {
        // Handle error
        return nullptr;
    }

    unsigned char derivedKey[64]; // SHA-512 produces a 64-byte key
    if (PKCS5_PBKDF2_HMAC((const char*)BN_bn2hex(minKey), BN_num_bytes(minKey), salt, sizeof(salt), 0, EVP_sha512(), sizeof(derivedKey), derivedKey) != 1) {
        // Handle error
        return nullptr;
    }

    // Copy the entire derived key to the BIGNUM
    BN_bin2bn(derivedKey, sizeof(derivedKey), randomPrivateKey);

    // Ensure that the derived key is within the desired range
    BN_mod(randomPrivateKey, randomPrivateKey, range, nullptr);

    // Add the minimum value to the generated random number
    BN_add(randomPrivateKey, randomPrivateKey, minKey);

    // Cleanup the range BIGNUM
    BN_free(range);

    return randomPrivateKey;
}

bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
rosengold
Jr. Member
*
Offline Offline

Activity: 149
Merit: 7


View Profile
October 09, 2023, 09:59:46 AM
 #3665

Here, if anyone is interested, I have managed to divide puzzle 115 by 2^23 without reaching fractions, but in order to do that, you'd need to guess the last 6 characters.

Code:
from sympy import mod_inverse

N = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141

def ters(scalar, target):
    k = mod_inverse(2, N)
    scalar_bin = bin(scalar)[2:]
    for i in range(len(scalar_bin)):
        if scalar_bin[i] == '0':
            result = (target * k) % N
        else:
            result = ((target * k) % N + N - 1) % N
        target = result
    return result

target1 = 31464123230573852164273674364426950
target2 = 6331078

print("Target results:")
for x in range(8388608, 8388700):
    result1 = ters(x, target1)
    (f"T1: {result1:x}")
for x in range(8388608, 8388700):
    result2 = ters(x, target2)
    (f"T2: {result2:x}")
for x in range(8388608, 8388700):
    result1 = ters(x, target1)
    result2 = ters(x, target2)
    subtraction = (result1  - result2) % N
    print(f"S:{subtraction:x}")


I still don't understand what you need to do to find the private key after find the key subtraction result, if I understand it maybe I could write a CUDA version for it.
alek76
Member
**
Offline Offline

Activity: 93
Merit: 16


View Profile
October 09, 2023, 12:48:52 PM
 #3666

if we want to trim the high bytes of the derived key with zeros, can we  do so by copying only the lower bytes of the key to the BIGNUM ?
Yes. Only he edited the high bits. Or maybe bytes  Cheesy I just replaced the high byte with 0x2.
Why divide modulo Range? Modulo the Order is probably correct, it gives a different result. And then cut off the 32-bit string.
I found an error again  Smiley
Code:
   unsigned char derivedKey[64]; // SHA-512 produces a 64-byte key
    if (PKCS5_PBKDF2_HMAC((const char*)BN_bn2hex(minKey), BN_num_bytes(minKey), salt, sizeof(salt), 0, EVP_sha512(), sizeof(derivedKey), derivedKey) != 1) {
        // Handle error
        return nullptr;
    }
****************************************************************************************
int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest,
int keylen, unsigned char *out);
****************************************************************************************
pass the seed - Input data
passlen
salt = "Bitcoin seed"; // Salt is always constant !
iter = 1    // Didn't look at the code? 0 gives 1 intervention? or 2048 intervention?
// in VanitySearch version function  0 gives 1 iteration.
keylen = 64
-------------------------------------------------------------------------------------------
Where is the Input data  Huh
digaran
Copper Member
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 900

🖤😏


View Profile
October 09, 2023, 12:59:30 PM
 #3667


I still don't understand what you need to do to find the private key after find the key subtraction result, if I understand it maybe I could write a CUDA version for it.

The main goal is to find a way to divide an unknown key( a puzzle key) as first target and use a known key as second target then do the division until you find a known key in the subtraction results, if you find 1 known key in sub result, you can derive the private key for the puzzle out of it.

Some examples to simplify the method used:

P= 2678845/52453 = 51.07134005681277
What do we need here? We need to divide n by a number to get this : 0.07134005681277  then if we subtract the result of p/52453 from this  0.07134005681277 we will get 51, bingo, since we can generate 1 up to 51 and store on device, whenever we hit 51 we can immediately notice there is a match found.  But in reality we would need to store at least 1 TB public keys to compare for a match.

The problem is finding a way to divide n by scalar to reach 0.07134005681277 or even close enough to that depending on how many of such results we can store.


On another note, I'm interested to figure out, when we divide n by e.g, n/45, if we then multiply the result by 450, we get something like 1/45*450 = 9.9999999 finding the part in bold will help solving the key, but these are just ideas, needs testing.

🖤😏
alek76
Member
**
Offline Offline

Activity: 93
Merit: 16


View Profile
October 09, 2023, 01:17:56 PM
Merited by citb0in (1)
 #3668

I still don't understand what you need to do to find the private key after find the key subtraction result, if I understand it maybe I could write a CUDA version for it.
It is impossible to determine whether a point on a curve is even or odd - without a known private key. Therefore, factoring a known private key into factors is a waste of time.
nomachine
Member
**
Offline Offline

Activity: 506
Merit: 38


View Profile
October 09, 2023, 04:22:32 PM
Last edit: October 09, 2023, 06:33:27 PM by nomachine
 #3669

Where is the Input data  Huh

Puzzle creator tattooed on the upper arm.  Grin
I don't see any other solution than that the input is random.

bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
digaran
Copper Member
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 900

🖤😏


View Profile
October 09, 2023, 05:29:13 PM
 #3670

It doesn't matter what our target is, even or odd you just need to correctly guess the last 2 hex characters and then you can use the script I posted above to divide your key by 1024, but first you'd need to subtract n/4 from the result on 1024 - index.
Try it yourself and you will see, even if we guess the last 2 chars incorrectly, there is a way to again calculate p/1024 no matter what.  God willing I should be able to figure that out, it's complicated I know but once it's solved you realize how easy it was.

🖤😏
alek76
Member
**
Offline Offline

Activity: 93
Merit: 16


View Profile
October 09, 2023, 06:16:25 PM
Last edit: October 10, 2023, 08:41:40 PM by Mr. Big
 #3671

At the Puzzle creator tattooed on the upper arm.  Grin
I don't see any other solution than that the input is random.
Tattoo with QR code. Yes  Grin.



It doesn't matter what our target is, even or odd you just need to correctly guess the last 2 hex characters and then you can use the script I posted above to divide your key by 1024, but first you'd need to subtract n/4 from the result on 1024 - index.
Try it yourself and you will see, even if we guess the last 2 chars incorrectly, there is a way to again calculate p/1024 no matter what.  God willing I should be able to figure that out, it's complicated I know but once it's solved you realize how easy it was.
Spent a lot of time, but I haven't gotten the correct result.
nomachine
Member
**
Offline Offline

Activity: 506
Merit: 38


View Profile
October 09, 2023, 08:21:37 PM
Last edit: October 09, 2023, 09:20:28 PM by nomachine
 #3672


Yes. Only he edited the high bits. Or maybe bytes  Cheesy

Code:
Puzzle 65 b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xa88\xb15\x05\xb2hg'
Puzzle 64 b"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\x05\x1f'\xb0\x91\x12\xd4"
Puzzle 63 b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00|\xce^\xfd\xac\xcfh\x08'
and so on....

  Roll Eyes

bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
digaran
Copper Member
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 900

🖤😏


View Profile
October 09, 2023, 08:25:00 PM
 #3673

It doesn't matter what our target is, even or odd you just need to correctly guess the last 2 hex characters and then you can use the script I posted above to divide your key by 1024, but first you'd need to subtract n/4 from the result on 1024 - index.
Try it yourself and you will see, even if we guess the last 2 chars incorrectly, there is a way to again calculate p/1024 no matter what.  God willing I should be able to figure that out, it's complicated I know but once it's solved you realize how easy it was.
Spent a lot of time, but I haven't gotten the correct result.
How come?, here put this on scalar_1 =
Code:
0x00000000000000000000000000000000003aab07a231499b94e9412cb6d34334
Scalar_2 =
Code:
0x0000000000000000000000000000000000000000000000000000000000000034
Start range = 1024, end range = 1025, the result is :
Code:
3fffffffffffffffffffffffffffffffaeabc5e46dbab46156d9d1f37f3b4521
Then subtract n/4 from above =
Code:
3fffffffffffffffffffffffffffffffaeabb739abd2280eeff497a3340d9050
Result =
Code:
0000000000000000000000000000000000000eaac1e88c5266e53a504b2db4d1
Multiplied by 1024 =
Code:
00000000000000000000000000000000003aab07a231499b94e9412cb6d34400



You are not supposed to get the exact result, but if you add and subtract to your target public key like adding 1k G, sub 1k G, and have those 2k keys saved, when you multiply by 1024 you should see a match.

🖤😏
Denis_Hitov
Newbie
*
Offline Offline

Activity: 49
Merit: 0


View Profile
October 09, 2023, 09:26:37 PM
 #3674

It doesn't matter what our target is, even or odd you just need to correctly guess the last 2 hex characters and then you can use the script I posted above to divide your key by 1024, but first you'd need to subtract n/4 from the result on 1024 - index.
Try it yourself and you will see, even if we guess the last 2 chars incorrectly, there is a way to again calculate p/1024 no matter what.  God willing I should be able to figure that out, it's complicated I know but once it's solved you realize how easy it was.
Spent a lot of time, but I haven't gotten the correct result.
How come?, here put this on scalar_1 =
Code:
0x00000000000000000000000000000000003aab07a231499b94e9412cb6d34334
Scalar_2 =
Code:
0x0000000000000000000000000000000000000000000000000000000000000034
Start range = 1024, end range = 1025, the result is :
Code:
3fffffffffffffffffffffffffffffffaeabc5e46dbab46156d9d1f37f3b4521
Then subtract n/4 from above =
Code:
3fffffffffffffffffffffffffffffffaeabb739abd2280eeff497a3340d9050
Result =
Code:
0000000000000000000000000000000000000eaac1e88c5266e53a504b2db4d1
Multiplied by 1024 =
Code:
00000000000000000000000000000000003aab07a231499b94e9412cb6d34400



You are not supposed to get the exact result, but if you add and subtract to your target public key like adding 1k G, sub 1k G, and have those 2k keys saved, when you multiply by 1024 you should see a match.


Bro, you've completely confused everyone here.
Which script should I insert this data into???
digaran
Copper Member
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 900

🖤😏


View Profile
October 09, 2023, 11:00:18 PM
 #3675

Bro, you've completely confused everyone here.
Which script should I insert this data into???

I only provide the concept and the logics, you can't directly and easily solve a key with my scripts, first you need to work with scalar to learn how each key reacts to different numbers when divided.

Now I see why you are confused, sorry for that, here use this one I posted here https://bitcointalk.org/index.php?topic=5469636.msg62964103#msg62964103
Just replace scalar_1 and scalar_2, start range, end range with above values.  Also set this line for i in range(start_range + (start_range%2), end_range, 1):  make sure it's 1 instead of 2, I bolded 1 to make it easier to notice.  When you learned how it works, Let me know and I will point you to a script using public keys instead of scalar.😉

🖤😏
ing1996
Newbie
*
Offline Offline

Activity: 8
Merit: 0


View Profile
October 11, 2023, 04:45:01 AM
 #3676

hello everyone. There is one question, I'm sorry that it's a little off topic. There is half of the qr code of the private key, (half of the top of the qr code), the question is, is it possible to recover the remaining half? (Half of the lower part).
nomachine
Member
**
Offline Offline

Activity: 506
Merit: 38


View Profile
October 11, 2023, 05:40:42 AM
 #3677

hello everyone. There is one question, I'm sorry that it's a little off topic. There is half of the qr code of the private key, (half of the top of the qr code), the question is, is it possible to recover the remaining half? (Half of the lower part).

oftopic. better open a new topic. Grin
https://aioo.be/2015/07/28/Decoding-a-partial-QR-code.html

bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
digaran
Copper Member
Hero Member
*****
Offline Offline

Activity: 1330
Merit: 900

🖤😏


View Profile
October 11, 2023, 06:59:16 AM
 #3678

Do we look like the kind of people capable of helping anyone? I mean can't they see we're waist deep in this swamp? Dude if we knew how to "solve" anything we would have solved our problem.🤣

Alright back on topic, I might have found a solution to divide a key with stride of 2, MEANING God willing we may be able to halve the entire key range and then search  our way to find a key, this is hot out of oven.

My problem is when I find a solution I forget what it was after 10 minutes. Only if I can repeat it several times, then it stays with me.

Everything I have managed to accomplish so far ( which is none, lol ), been with the help of scalar operations instead of curve ops.

For a few days I have been wondering, where are those guys who said they were working on some new scripts to divide by 3 etc, reduce bits etc?  More importantly, why are we publicly trying to crack a potentially $2 trillion vault, have we lost our minds or just don't care about anything but a few coins for ourselves? Taunting indeed.😅

🖤😏
nomachine
Member
**
Offline Offline

Activity: 506
Merit: 38


View Profile
October 11, 2023, 09:55:45 AM
Last edit: October 14, 2023, 07:21:40 PM by nomachine
 #3679

I managed to prove experimentally on 5 different computers that everything is in seed. You can speed up solving the puzzle by a million years if you know the correct seed. And the best thing is that you can always achieve the same result in the same time. Proof is in the pudding.

PC-1
  • [Kangaroo]: Wed Oct 11 11:51:00 2023
  • [Puzzle]: 50
  • [Lower range limit]: 562949953421312
  • [Upper range limit]: 1125899906842623
  • [Xcoordinate]: f46f41027bbf44fafd6b059091b900dad41e6845b2241dc3254c7cdd3c5a16c6
  • [Ycoordinate]: eb3dfcc04c320b55c529291478550be6072977c0c86603fb2e4f5283631064fb
  • [Using  4 CPU cores for parallel search]:
  • [Core]: 03, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 01, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 04, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 02, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • PUZZLE SOLVED: Wed Oct 11 11:51:18 2023, total time: 18.38 sec, Core: 04
  • WIF:  -0000000000000000000000000000000000000000000000000022bd43c2e9354

PC-2
  • [Kangaroo]: Wed Oct 11 11:53:38 2023
  • [Puzzle]: 50
  • [Lower range limit]: 562949953421312
  • [Upper range limit]: 1125899906842623
  • [Xcoordinate]: f46f41027bbf44fafd6b059091b900dad41e6845b2241dc3254c7cdd3c5a16c6
  • [Ycoordinate]: eb3dfcc04c320b55c529291478550be6072977c0c86603fb2e4f5283631064fb
  • [Using  12 CPU cores for parallel search]:
  • [Core]: 10, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 11, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 12, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 01, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 02, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 03, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 04, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 05, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 06, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 07, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 08, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • [Core]: 09, [Random seed]: b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
  • PUZZLE SOLVED: Wed Oct 11 11:53:57 2023, total time: 18.96 sec , Core: 03
  • WIF:  -0000000000000000000000000000000000000000000000000022bd43c2e9354

It will solve Puzzle 50 in 18 seconds  regardless of which computer i was using.

Code:
Code:
import sys
import os
import time
import random
import hashlib
import gmpy2
from gmpy2 import mpz
from functools import lru_cache
import multiprocessing
from multiprocessing import Pool, cpu_count

os.system("clear")

# Constants
MODULO = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
ORDER = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
GX = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
GY = gmpy2.mpz(0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8)

# Define Point class
class Point:
    def __init__(self, x=0, y=0):
        self.x = x
        self.y = y

PG = Point(GX, GY)
ZERO_POINT = Point(0, 0)

# Function to multiply a point by 2
def multiply_by_2(P, p=MODULO):
    c = gmpy2.f_mod(3 * P.x * P.x * gmpy2.powmod(2 * P.y, -1, p), p)
    R = Point()
    R.x = gmpy2.f_mod(c * c - 2 * P.x, p)
    R.y = gmpy2.f_mod(c * (P.x - R.x) - P.y, p)
    return R

# Function to add two points
def add_points(P, Q, p=MODULO):
    dx = Q.x - P.x
    dy = Q.y - P.y
    c = gmpy2.f_mod(dy * gmpy2.invert(dx, p), p)
    R = Point()
    R.x = gmpy2.f_mod(c * c - P.x - Q.x, p)
    R.y = gmpy2.f_mod(c * (P.x - R.x) - P.y, p)
    return R

# Function to calculate Y-coordinate from X-coordinate
@lru_cache(maxsize=None)
def x_to_y(X, y_parity, p=MODULO):
    Y = gmpy2.mpz(3)
    tmp = gmpy2.mpz(1)

    while Y > 0:
        if Y % 2 == 1:
            tmp = gmpy2.f_mod(tmp * X, p)
        Y >>= 1
        X = gmpy2.f_mod(X * X, p)

    X = gmpy2.f_mod(tmp + 7, p)

    Y = gmpy2.f_div(gmpy2.add(p, 1), 4)
    tmp = gmpy2.mpz(1)

    while Y > 0:
        if Y % 2 == 1:
            tmp = gmpy2.f_mod(tmp * X, p)
        Y >>= 1
        X = gmpy2.f_mod(X * X, p)

    Y = tmp

    if Y % 2 != y_parity:
        Y = gmpy2.f_mod(-Y, p)

    return Y

# Function to compute a table of points
def compute_point_table():
    points = [PG]
    for k in range(255):
        points.append(multiply_by_2(points[k]))
    return points

POINTS_TABLE = compute_point_table()

# Global event to signal all processes to stop
STOP_EVENT = multiprocessing.Event()

# Function to check and compare points for potential solutions
def check(P, Pindex, DP_rarity, A, Ak, B, Bk):
    check = gmpy2.f_mod(P.x, DP_rarity)
    if check == 0:
        message = "\r[+] [Pindex]: {}".format(Pindex)
        messages = []
        messages.append(message)
        output = "\033[01;33m" + ''.join(messages) + "\r"
        sys.stdout.write(output)
        sys.stdout.flush()
        A.append(mpz(P.x))
        Ak.append(mpz(Pindex))
        return comparator(A, Ak, B, Bk)
    else:
        return False

# Function to compare two sets of points and find a common point
def comparator(A, Ak, B, Bk):
    global STOP_EVENT
    result = set(A).intersection(set(B))

    if result:
        sol_kt = A.index(next(iter(result)))
        sol_kw = B.index(next(iter(result)))
        difference = Ak[sol_kt] - Bk[sol_kw]
        HEX = "%064x" % difference
        t = time.ctime()
        pid = os.getpid()  # Get the process ID
        core_number = pid % cpu_count()  # Calculate the CPU core number
        total_time = time.time() - starttime
        print(f"\033[32m[+] PUZZLE SOLVED: {t}, total time: {total_time:.2f} sec, Core: {core_number+1:02} \033[0m")
        print(f"\033[32m[+] WIF: \033[32m {HEX} \033[0m")
        with open("KEYFOUNDKEYFOUND.txt", "a") as file:
            file.write("\n\nSOLVED " + t)
            file.write(f"\nTotal Time: {total_time:.2f} sec")
            file.write("\nPrivate Key (decimal): " + str(difference))
            file.write("\nPrivate Key (hex): " + HEX)
            file.write(
                "\n-------------------------------------------------------------------------------------------------------------------------------------\n"
            )

        STOP_EVENT.set()  # Set the stop event to signal all processes

# Memoization for point multiplication
ECMULTIPLY_MEMO = {}

# Function to multiply a point by a scalar
def ecmultiply(k, P=PG, p=MODULO):
    if k == 0:
        return ZERO_POINT
    elif k == 1:
        return P
    elif k % 2 == 0:
        if k in ECMULTIPLY_MEMO:
            return ECMULTIPLY_MEMO[k]
        else:
            result = ecmultiply(k // 2, multiply_by_2(P, p), p)
            ECMULTIPLY_MEMO[k] = result
            return result
    else:
        return add_points(P, ecmultiply((k - 1) // 2, multiply_by_2(P, p), p))

# Recursive function to multiply a point by a scalar
def mulk(k, P=PG, p=MODULO):
    if k == 0:
        return ZERO_POINT
    elif k == 1:
        return P
    elif k % 2 == 0:
        return mulk(k // 2, multiply_by_2(P, p), p)
    else:
        return add_points(P, mulk((k - 1) // 2, multiply_by_2(P, p), p))

# Generate a list of powers of two for faster access
@lru_cache(maxsize=None)
def generate_powers_of_two(hop_modulo):
    return [mpz(1 << pw) for pw in range(hop_modulo)]

t = time.ctime()
sys.stdout.write("\033[01;33m")
sys.stdout.write(f"[+] [Kangaroo]: {t}" + "\n")
sys.stdout.flush()

# Configuration for the puzzle
puzzle = 50
compressed_public_key = "03f46f41027bbf44fafd6b059091b900dad41e6845b2241dc3254c7cdd3c5a16c6"  # Puzzle 50
lower_range_limit = 2 ** (puzzle - 1)
upper_range_limit = (2 ** puzzle) - 1
kangaroo_power = puzzle // 8
Nt = Nw = (2 ** kangaroo_power // puzzle) * puzzle + 8
DP_rarity = 8 * puzzle
hop_modulo = (puzzle // 2) + 8

# Precompute powers of two for faster access
powers_of_two = generate_powers_of_two(hop_modulo)

T, t, dt = [], [], []
W, w, dw = [], [], []

if len(compressed_public_key) == 66:
    X = mpz(compressed_public_key[2:66], 16)
    Y = x_to_y(X, mpz(compressed_public_key[:2]) - 2)
else:
    print("[error] pubkey len(66/130) invalid!")

print(f"[+] [Puzzle]: {puzzle}")
print(f"[+] [Lower range limit]: {lower_range_limit}")
print(f"[+] [Upper range limit]: {upper_range_limit}")
print("[+] [Xcoordinate]: %064x" % X)
print("[+] [Ycoordinate]: %064x" % Y)

W0 = Point(X, Y)
starttime = oldtime = time.time()

Hops = 0

# Worker function for point search
def search_worker(
    Nt, Nw, puzzle, kangaroo_power, starttime, lower_range_limit, upper_range_limit
):
    global STOP_EVENT
    pid = os.getpid()
    core_number = pid % cpu_count()
    #Random seed Config
    #constant_prefix = b''  #back to no constant
    #constant_prefix = b'\xbc\x9b\x8cd\xfc\xa1?\xcf' #Puzzle 50 seed - 10-18s
    constant_prefix = b'\xbc\x9b\x8cd\xfc\xa1?\xcf'
    prefix_length = len(constant_prefix)
    length = 8
    ending_length = length - prefix_length
    with open("/dev/urandom", "rb") as urandom_file:
        ending_bytes = urandom_file.read(ending_length)
    random_bytes = constant_prefix + ending_bytes
    print(f"[+] [Core]: {core_number+1:02}, [Random seed]: {random_bytes}")
    random.seed(random_bytes)
    t = [
        mpz(
            lower_range_limit
            + mpz(random.randint(0, upper_range_limit - lower_range_limit))
        )
        for _ in range(Nt)
    ]
    T = [mulk(ti) for ti in t]
    dt = [mpz(0) for _ in range(Nt)]
    w = [
        mpz(random.randint(0, upper_range_limit - lower_range_limit)) for _ in range(Nw)
    ]
    W = [add_points(W0, mulk(wk)) for wk in w]
    dw = [mpz(0) for _ in range(Nw)]

    Hops, Hops_old = 0, 0

    oldtime = time.time()
    starttime = oldtime

    while True:
        for k in range(Nt):
            Hops += 1
            pw = T[k].x % hop_modulo
            dt[k] = powers_of_two[pw]
            solved = check(T[k], t[k], DP_rarity, T, t, W, w)
            if solved:
                STOP_EVENT.set()
                break
            t[k] = mpz(t[k]) + dt[k]  # Use mpz here
            T[k] = add_points(POINTS_TABLE[pw], T[k])

        for k in range(Nw):
            Hops += 1
            pw = W[k].x % hop_modulo
            dw[k] = powers_of_two[pw]
            solved = check(W[k], w[k], DP_rarity, W, w, T, t)
            if solved:
                STOP_EVENT.set()
                break
            w[k] = mpz(w[k]) + dw[k]  # Use mpz here
            W[k] = add_points(POINTS_TABLE[pw], W[k])

        if STOP_EVENT.is_set():
            break

# Main script
if __name__ == "__main__":
    process_count = cpu_count()
    print(f"[+] [Using  {process_count} CPU cores for parallel search]:")

    # Create a pool of worker processes
    pool = Pool(process_count)
    results = pool.starmap(
        search_worker,
        [
            (
                Nt,
                Nw,
                puzzle,
                kangaroo_power,
                starttime,
                lower_range_limit,
                upper_range_limit,
            )
        ]
        * process_count,
    )
    pool.close()
    pool.join()

bc1qdwnxr7s08xwelpjy3cc52rrxg63xsmagv50fa8
dextronomous
Full Member
***
Offline Offline

Activity: 438
Merit: 105


View Profile
October 11, 2023, 10:14:23 AM
 #3680

PUZZLE SOLVED: Wed Oct 11 12:13:21 2023, total time: 13.47 sec
  • WIF:  -0000000000000000000000000000000000000000000000000022bd43c2e9354

nice catching again nomachine, is this programmable for 120th and up
Pages: « 1 ... 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 [184] 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 ... 359 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!