Bitcoin puzzle transaction ~32 BTC prize to who solves it

[COBRAS]

You could precompute 80000000 - ffffffff, store in ram (or DB) and then sequentially scan the rest comparing against all the start keys at once. It's around 2 billion start keys so 1 trillion left to scan (easy). Good luck.

If it's useful donate: bc1qsyhgm200sx3d4s8snjzxt6teq472k0rtl2zt74

 

Simple math NOT work for btc puzzle. Divide mul sub add - THIS IS NOT WORK result will be same if nothing do with puzzle pubkey

[jstyler]

dastic's suggestion is on the right track, but precomputing 80000000 - ffffffff is still a massive undertaking. I was thinking more along the lines of a mathematical pattern that can be derived from the given addresses. The PVK values seem to be related to a simple polynomial or exponential function. Has anyone tried checking if the PVK values follow a Fibonacci sequence or a quadratic equation?

[whistle307194]

Hello everyone,

I need to show you something I was working on for a few months and because I am actually addicted of this, you have to see it.

So basically the case is I want to verify If I am that "smart" or it is just pure coincidence.

I have just now registered first ever account.

I am working with a very interesting python script that basically get's the private key directly from the hash160 of basically any address up to puzzle 130...sounds crazy isn't it?

So basically what I need to decode private key of the hash160 of an p2pkh bitcoin address? hah a private key

Seriously..

1.Chose whatever range, like I said, for the moment I have tested until puzzle 130, generate Yourself a hex private key in between chosen range and get the compressed address.
2 Convert the hash160 of that address to decimal string.
3.Convert the hexadecimal private key to decimal as well,
4 Now using a big integer calculator for example http://www.javascripter.net/math/calculators/100digitbigintcalculator.htm ( I am also using it ) divide the decimal string of hash160 by decimal version of private key
5.The resulting string now You have to multiply times decimal private key.
6 That multiplication will result with a long string of course but quite similar with the first digits like so basically that string will be required by me.

That is pretty obvious that having only hash160 string we cannot see the private key directly can we?
 
So what I need actually to decode private key then?

I need a hex range boundary of Your address choice and the the resulting decimal string from step 6. or as You want convert it to an address back using brainwallet converter, so range boundary and an compressed address

Time to get the private key? Instant, 0.1 sec.

The most important: I don't need a private key , I will get one to verify what I say and second read carefully so You have zero questions about the steps.

Don't forget to pick up the range and address with that private key You don't use personally, that is just a test. Wanna see the results reply with what I ask for.


When I have the private key I will reply with signed message so You can verify Yourself.

I guarantee you will be intrigued.


///////////////////// 01-03-2025 / 4:25PM update /////////////////////

At this moment I am going tell You something like this..
Because I don't want bother people trying prove something that is looking a little too crazy I want to increase difficulty to crack the pvk of Your choice to make this looking even more unimaginable.

In a first post I was asking You to do the 1-6 steps and provide me a range boundary and the initial address You have got from the pvk of Your choice of that range boundary...

Now I am asking You to provide only initial address and the decimal string from step 6 (or second address while converted to B58Check using brainwallet converted) BUT no range borders!.

Use of course a range boundary not from puzzles asking me for a private key but similar range up to puzzle 130!

So now the difficulty is that I will provide pvk using these two initials without knowing range boundary at all! Try me!

[WanderingPhilospher]

snip

My point is that you cannot be certain about what Bram did until he clarifies it himself. However, my search method remains more efficient, so one thing does not negate the other. To clarify, 'full random' is 100% random, and should not be confused with 'Random+Sequential,' which introduces a sequential component that may not be entirely random if we are precise. Precision in terminology is crucial in programming.

edit:

I admit that it was a vague example. I wanted to tell you that 1024 h160 is not 100% valid proof to attest to what Bram did, but rather that his terms 'full random' are not correct, mathematically speaking.

No, you cannot say your search method remains more efficient because I do not know your search method. If it is 100% random as you describe, then you would have to find a private key in a 67 bit range to compare numbers with Bram's / other's methods.

That is pretty obvious that having only hash160 string we cannot see the private key directly can we?
 
So what I need actually to decode private key then?

I need a hex range boundary of Your address choice and the the resulting decimal string from step 6. or as You want convert it to an address back using brainwallet converter, so range boundary and an address

IS this a joke? You obviously need more than the range boundaries; you are asking people to provide you with step 6, which means they would have to know the private key. So how does this help any? With puzzles or life in general. The only people who would be intrigued are those who think you are doing something magical (and did not read everything you wrote) but in fact you are asking them to take their address's h160 and divide it by the private key (both in decimal format). If I know my private key, I don't need your tool. If I am chasing 68 or 69, your method does not help me because I obviously do not know the private key or I would sweep those funds lol.

[whistle307194]

That is pretty obvious that having only hash160 string we cannot see the private key directly can we?
 
So what I need actually to decode private key then?

I need a hex range boundary of Your address choice and the the resulting decimal string from step 6. or as You want convert it to an address back using brainwallet converter, so range boundary and an address

IS this a joke? You obviously need more than the range boundaries; you are asking people to provide you with step 6, which means they would have to know the private key. So how does this help any? With puzzles or life in general. The only people who would be intrigued are those who think you are doing something magical (and did not read everything you wrote) but in fact you are asking them to take their address's h160 and divide it by the private key (both in decimal format). If I know my private key, I don't need your tool. If I am chasing 68 or 69, your method does not help me because I obviously do not know the private key or I would sweep those funds lol.

No, that is no joke.
That is a tool that may make Your $$$ equipment useless when corretly used. Test me.

[nomachine]

I am working with a very interesting python script that basically get's the private key directly from the hash160 of basically any address up to puzzle 130...sounds crazy isn't it?

So basically what I need to decode private key of the hash160 of an p2pkh bitcoin address? hah a private key

Seriously..

Are you kidding us or are you serious? Trying to get a private key from a hash160 is like trying to unblend a smoothie back into whole fruits. The bananas, strawberries, and crypto magic are gone forever. No matter how hard you try, you’re not getting that banana back!" 🍌😂

Go back a few pages and see how the kangaroo script works. See the sequence of operations it performs.

modulo = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
order = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
Gx = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
Gy = gmpy2.mpz(0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8)
PG = (Gx, Gy)

def add(P, Q):
    if P == (0, 0): return Q
    if Q == (0, 0): return P
    Px, Py = P
    Qx, Qy = Q
    if Px == Qx:
        if Py == Qy:
            inv_den = gmpy2.invert(Py << 1, modulo)
            m = (3 * Px * Px * inv_den) % modulo
        else:
            return (0, 0)
    else:
        inv_dx = gmpy2.invert(Qx - Px, modulo)
        m = ((Qy - Py) * inv_dx) % modulo
    x = (m * m - Px - Qx) % modulo
    y = (m * (Px - x) - Py) % modulo
    return (x, y)

def mul(k, P=PG):
    R0, R1 = (0, 0), P
    for i in reversed(range(k.bit_length())):
        if (k >> i) & 1:
            R0, R1 = add(R0, R1), add(R1, R1)
        else:
            R1, R0 = add(R0, R1), add(R0, R0)
    return R0

def X2Y(X, y_parity, p=modulo):
    X3_7 = (pow(X, 3, p) + 7) % p
    if gmpy2.jacobi(X3_7, p) != 1:
        return None
    Y = gmpy2.powmod(X3_7, (p + 1) >> 2, p)
    return Y if (Y & 1) == y_parity else (p - Y)

The function mul(k, P=PG) is performing scalar multiplication on the elliptic curve:

It takes a number k (the private key).
It multiplies it by the generator point PG (which is a fixed point on the curve).
This gives a new point (X, Y), which is the public key.
Since elliptic curves don't have normal multiplication, we use point addition (add()) repeatedly to get k * PG.

👉 This is a one-way operation!

Given k, we can compute (X, Y).
But given (X, Y), finding k is impossible (this is the ECDLP problem).

Bitcoin doesn’t store (X, Y) directly; instead, it compresses the public key using X2Y(X, y_parity).

A full public key is (X, Y).
A compressed public key is just X and y_parity (0 or 1 for even/odd Y).
The function X2Y(X, y_parity) helps recover Y from X.
After this, Bitcoin:

Hashes the compressed public key (SHA-256 → RIPEMD-160 → hash160).
Encodes it into a Bitcoin address with  →  (Base58Check).

👉 So, when someone says they can reverse hash160 back to a private key, they’re skipping all these steps!
That’s why it’s impossible. 😆

[whistle307194]

I am working with a very interesting python script that basically get's the private key directly from the hash160 of basically any address up to puzzle 130...sounds crazy isn't it?

So basically what I need to decode private key of the hash160 of an p2pkh bitcoin address? hah a private key

Seriously..

Are you kidding us or are you serious? Trying to get a private key from a hash160 is like trying to unblend a smoothie back into whole fruits. The bananas, strawberries, and crypto magic are gone forever. No matter how hard you try, you’re not getting that banana back!" 🍌😂

Go back a few pages and see how the kangaroo script works. See the sequence of operations it performs.

modulo = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
order = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
Gx = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
Gy = gmpy2.mpz(0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8)
PG = (Gx, Gy)

def add(P, Q):
    if P == (0, 0): return Q
    if Q == (0, 0): return P
    Px, Py = P
    Qx, Qy = Q
    if Px == Qx:
        if Py == Qy:
            inv_den = gmpy2.invert(Py << 1, modulo)
            m = (3 * Px * Px * inv_den) % modulo
        else:
            return (0, 0)
    else:
        inv_dx = gmpy2.invert(Qx - Px, modulo)
        m = ((Qy - Py) * inv_dx) % modulo
    x = (m * m - Px - Qx) % modulo
    y = (m * (Px - x) - Py) % modulo
    return (x, y)

def mul(k, P=PG):
    R0, R1 = (0, 0), P
    for i in reversed(range(k.bit_length())):
        if (k >> i) & 1:
            R0, R1 = add(R0, R1), add(R1, R1)
        else:
            R1, R0 = add(R0, R1), add(R0, R0)
    return R0

def X2Y(X, y_parity, p=modulo):
    X3_7 = (pow(X, 3, p) + 7) % p
    if gmpy2.jacobi(X3_7, p) != 1:
        return None
    Y = gmpy2.powmod(X3_7, (p + 1) >> 2, p)
    return Y if (Y & 1) == y_parity else (p - Y)

The function mul(k, P=PG) is performing scalar multiplication on the elliptic curve:

It takes a number k (the private key).
It multiplies it by the generator point PG (which is a fixed point on the curve).
This gives a new point (X, Y), which is the public key.
Since elliptic curves don't have normal multiplication, we use point addition (add()) repeatedly to get k * PG.

👉 This is a one-way operation!

Given k, we can compute (X, Y).
But given (X, Y), finding k is impossible (this is the ECDLP problem).

Bitcoin doesn’t store (X, Y) directly; instead, it compresses the public key using X2Y(X, y_parity).

A full public key is (X, Y).
A compressed public key is just X and y_parity (0 or 1 for even/odd Y).
The function X2Y(X, y_parity) helps recover Y from X.
After this, Bitcoin:

Hashes the compressed public key (SHA-256 → RIPEMD-160 → hash160).
Encodes it into a Bitcoin address with  →  (Base58Check).

👉 So, when someone says they can reverse hash160 back to a private key, they’re skipping all these steps!
That’s why it’s impossible. 😆

Great! So You're a second person currently that does not believe at all but reacts like I am at least scammer Read my post once again Sir then pick up what is needed and let me shock You a bit!

[Akito S. M. Hosana]

👉 So, when someone says they can reverse hash160 back to a private key, they’re skipping all these steps!
That’s why it’s impossible. 😆

Forget math, let's use Magic-Based Private Key Recovery!

1️⃣ Adobe Illustrator & The Sacred Geometry of Bitcoin ✨
Open an SVG of the secp256k1 curve in Illustrator.
Draw random arrows in different font sizes.
Connect "mystical" hex numbers inside squares, triangles, and circles.
Eventually, a private key will just "appear" (probably in Comic Sans).

2️⃣ Numerology & The Power of Hex 🔢🔺
Take the Bitcoin address, convert it into hex.
Rearrange the numbers like a Sudoku puzzle.
Add a "magic" constant (random prime number).
Somehow, a private key pops out—if not, add another hex and pretend it worked.

3️⃣ Horoscope-Based Key Recovery 🔭 ?

If Mercury is in retrograde, your hash160 might decrypt itself.
 

[whistle307194]

👉 So, when someone says they can reverse hash160 back to a private key, they’re skipping all these steps!
That’s why it’s impossible. 😆

Forget math, let's use Magic-Based Private Key Recovery!

1️⃣ Adobe Illustrator & The Sacred Geometry of Bitcoin ✨

Open an SVG of the secp256k1 curve in Illustrator.
Draw random arrows in different font sizes.
Connect "mystical" hex numbers inside squares, triangles, and circles.
Eventually, a private key will just "appear" (probably in Comic Sans).
2️⃣ Numerology & The Power of Hex 🔢🔺

Take the Bitcoin address, convert it into hex.
Rearrange the numbers like a Sudoku puzzle.
Add a "magic" constant (random prime number).
Somehow, a private key pops out—if not, add another hex and pretend it worked.
3️⃣ Horoscope-Based Key Recovery 🔭

If Mercury is in retrograde, your hash160 might decrypt itself.
 

I am afraid that You are absolutely correct! Want evidence? Read my first post once again, provide what I have already explained, then I will do the rest, don't worry;)

[nomachine]

👉 So, when someone says they can reverse hash160 back to a private key, they’re skipping all these steps!
That’s why it’s impossible. 😆

Take the Bitcoin address, convert it into hex.
Rearrange the numbers like a Sudoku puzzle.
Add a "magic" constant (random prime number).
Somehow, a private key pops out—if not, add another hex and pretend it worked

If Mercury is in retrograde, your hash160 might decrypt itself.
 

I just spat my juice out onto the monitor. 

Almost on every other page someone here explains that this is a Sudoku puzzle. 

[WanderingPhilospher]

No, that is no joke.
That is a tool that may make Your $$$ equipment useless when corretly used. Test me.

Look, I am not even going to attempt to recreate what you are doing or saying, so I will not say it does or does not work. That is not what I was saying nor said.

I am asking you, in what way does this help with anything? How will it help solve a puzzle / challenge? How does it help if I lost my WIF / private key?

How does it help, in any way?

How will it replace any equipment??

[nomachine]

You're a second person currently that does not believe at all but reacts like I am at least scammer Read my post once again Sir then pick up what is needed and let me shock You a bit!

If you think hash160 can magically create a private key without elliptic curve multiplication or ECDSA, then you’re basically speaking programming fiction, not Python. If you skip elliptic curve multiplication, you're not reversing Bitcoin; you’re just hashing numbers randomly and hoping for a miracle. And you showed up here claiming to program in Python? You either need to change your approach or reject the AI if it’s advising you this nonsense.

[Akito S. M. Hosana]

You're a second person currently that does not believe at all but reacts like I am at least scammer Read my post once again Sir then pick up what is needed and let me shock You a bit!

If you think hash160 can magically create a private key without elliptic curve multiplication or ECDSA, then you’re basically speaking programming fiction, not Python. If you skip elliptic curve multiplication, you're not reversing Bitcoin; you’re just hashing numbers randomly and hoping for a miracle. And you showed up here claiming to program in Python? You either need to change your approach or reject the AI if it’s advising you this nonsense.

I've seen about five python scripts on GitHub that skip the signing_key = ecdsa.SigningKey.from_string(private_key_bytes, curve=ecdsa.SECP256k1) step. Instead, they apply hashing directly to decimal numbers. There’s even one script that claims to use some quantum computing API. These scripts completely ignore elliptic curve multiplication, making them useless for anything related to real Bitcoin key generation. They fundamentally misunderstand how Bitcoin work.

[kTimesG]

4 Now using a big integer calculator for example http://www.javascripter.net/math/calculators/100digitbigintcalculator.htm ( I am also using it ) divide the decimal string of hash160 by decimal version of private key
5.The resulting string now You have to multiply times decimal private key.
6 That multiplication will result with a long string of course but quite similar with the first digits like so basically that string will be required by me.

That is pretty obvious that having only hash160 string we cannot see the private key directly can we?

Actually yes you can.

Guys, he's simply factorizing the number at step 6, which is a multiple of the private key.

Since the private key is a known divisor of the hash, it's basically instant to try out all possible combinations of the factors as a private key, hash it, check if for similarity.

Even faster if we know the range of pvt key - filter most of the factor combinations products even before multiplying. But usually you'll have very few factors anyway.

[vneos]

....
4 divide the decimal string of hash160 by decimal version of private key
5.The resulting string now You have to multiply times decimal private key.
....

What are you talking about? Doesn’t the result of step five still end up being the decimal string of hash160?

Code:

(decimal string of hash160 / decimal version of private key) * decimal version of private key = decimal string of hash160

I feel like you're just messing with us.

[kTimesG]

....
4 divide the decimal string of hash160 by decimal version of private key
5.The resulting string now You have to multiply times decimal private key.
....

What are you talking about? Doesn’t the result of step five still end up being the decimal string of hash160?

Code:

(decimal string of hash160 / decimal version of private key) * decimal version of private key = decimal string of hash160

I feel like you're just messing with us.

Well, the thing is he can derive back the private key from some V = (h160 / pk) * pk

Let's break this down:

If (h160 mod pk) is 0, than V == h160, and the private key divides V.
Solution: factorize V (since it's not a prime), compute private key from all potential factor products. Match by V (which is the same as the h160).

If (h160 mod pk) is not 0, then we have V = int[h160 / pk] * pk
So V is again, not a prime, because we multiplied some integral part with the private key.
Solution: same as above.

Magic.

[whistle307194]

You're a second person currently that does not believe at all but reacts like I am at least scammer Read my post once again Sir then pick up what is needed and let me shock You a bit!

If you think hash160 can magically create a private key without elliptic curve multiplication or ECDSA, then you’re basically speaking programming fiction, not Python. If you skip elliptic curve multiplication, you're not reversing Bitcoin; you’re just hashing numbers randomly and hoping for a miracle. And you showed up here claiming to program in Python? You either need to change your approach or reject the AI if it’s advising you this nonsense.

I think I did it already Sir. Try me.

....
4 divide the decimal string of hash160 by decimal version of private key
5.The resulting string now You have to multiply times decimal private key.
....

What are you talking about? Doesn’t the result of step five still end up being the decimal string of hash160?

Code:

(decimal string of hash160 / decimal version of private key) * decimal version of private key = decimal string of hash160

I feel like you're just messing with us.

Exactly and You have readed my first post correctly so in order to get the private key I need that decimal hash160 string and a range boundary, optionally You can provide the initial address You have got in the first step.
Then I will provide results almost immediately.

No, that is no joke.
That is a tool that may make Your $$$ equipment useless when corretly used. Test me.

Look, I am not even going to attempt to recreate what you are doing or saying, so I will not say it does or does not work. That is not what I was saying nor said.

I am asking you, in what way does this help with anything? How will it help solve a puzzle / challenge? How does it help if I lost my WIF / private key?

How does it help, in any way?

How will it replace any equipment??

I am not going to judge Your personal opinion about my idea whatever You say Sir.
How does it help? Well as You can see the prizes are still untouched meaning I did not yet got them that's a fact
Why it will replace any powerfull equipment? Why would You purchase or use such a thing if the script can beat the task before You even blink...
Don't get me wrong please!..I wouldn't bother nobody knowing I am talking shi#t so if You're not enough sure but still a bit interested hit me up!

[vneos]

Exactly and You have readed my first post correctly so in order to get the private key I need that decimal hash160 string and a range boundary, optionally You can provide the initial address You have got in the first step.
Then I will provide results almost immediately.

Okay, let's do this.

decimal hash160 string:

Code:

1282931445580409769159733555426437642907293617404

range boundary:

Code:

80000000000000000:fffffffffffffffff

Pls give me the private key immediately. 

[whistle307194]

Exactly and You have readed my first post correctly so in order to get the private key I need that decimal hash160 string and a range boundary, optionally You can provide the initial address You have got in the first step.
Then I will provide results almost immediately.

Okay, let's do this.

decimal hash160 string:

Code:

1282931445580409769159733555426437642907293617404

range boundary:

Code:

80000000000000000:fffffffffffffffff

Pls give me the private key immediately. 

I need to clarify something once again - Yes, You have readed my first post correctly but You did not do the steps I ask for.
That would be simply too easy to give something I also want

[brainless]

Hello everyone,

I need to show you something I was working on for a few months and because I am actually addicted of this, you have to see it.

So basically the case is I want to verify If I am that "smart" or it is just pure coincidence.

I have just now registered first ever account.

I am working with a very interesting python script that basically get's the private key directly from the hash160 of basically any address up to puzzle 130...sounds crazy isn't it?

So basically what I need to decode private key of the hash160 of an p2pkh bitcoin address? hah a private key

Seriously..

1.Chose whatever range, like I said, for the moment I have tested until puzzle 130, generate Yourself a hex private key in between chosen range and get the address.
2 Convert the hash160 of that address to decimal string.
3.Convert the hexadecimal private key to decimal as well,
4 Now using a big integer calculator for example http://www.javascripter.net/math/calculators/100digitbigintcalculator.htm ( I am also using it ) divide the decimal string of hash160 by decimal version of private key
5.The resulting string now You have to multiply times decimal private key.
6 That multiplication will result with a long string of course but quite similar with the first digits like so basically that string will be required by me.

That is pretty obvious that having only hash160 string we cannot see the private key directly can we?
 
So what I need actually to decode private key then?

I need a hex range boundary of Your address choice and the the resulting decimal string from step 6. or as You want convert it to an address back using brainwallet converter, so range boundary and an address

Time to get the private key? Instant, 0.1 sec.

The most important: I don't need a private key , I will get one to verify what I say and second read carefully so You have zero questions about the steps.

Don't forget to pick up the range and address with that private key You don't use personally, that is just a test. Wanna see the results reply with what I ask for.


When I have the private key I will reply with signed message so You can verify Yourself.

I guarantee you will be intrigued.

Sorry to say it's kids game you are talking
A = h160
B = pk
C= stage 6 ( h160/A)
Result is example 1234t6789.0011223344

You will get only 123456789 by player
How to find
H160 /C
You will get closeset pk within 1000keys up and down
It's simple math game
Better consider how to solve puzzle's
Don't waste time in basic math games