Bitcoin puzzle transaction ~32 BTC prize to who solves it

[analyticnomad]

Take the coins from someone you know and let them know it was you. See if the law says the coins belong to the person with the key. You'll probably be arrested, as is normal for a crime.

What Satoshi said is a philosophical and technical approach to the idea that anyone with your keys can spend them, because that's actually the case. But that doesn't mean it doesn't have ethical and legal implications.

Online casino is "very ethical" business Playing on poor people souls weaknesses.

I have to disagree on this one. People don't HAVE to gamble. If you insert the "people are weak" argument, you would have to get rid of almost everything people genuinely enjoy doing. We need to take accountability for our own actions/choices.

[mcdouglasx]

Take the coins from someone you know and let them know it was you. See if the law says the coins belong to the person with the key. You'll probably be arrested, as is normal for a crime.

What Satoshi said is a philosophical and technical approach to the idea that anyone with your keys can spend them, because that's actually the case. But that doesn't mean it doesn't have ethical and legal implications.

Online casino is "very ethical" business Playing on poor people souls weaknesses.

Lol, this is typical kindergarten debate stuff: having no arguments to counter a topic and proceeding with attacks. This is called the ad hominem fallacy.

As for casinos, you're free to open a thread in the Gambling section, or in Meta if you want to complain, but here the discussion is strictly about the thread itself; otherwise, all threads would become a fruit salad.

[Wanderingaran]

This is the kind of reasoning used by those who say, "I'm not a thief for stealing his wallet; it's not my fault that the fool fell asleep with his wallet in his hand"

Obviously, it's unethical and immoral.
It's like breaking into a friend's house, seeing his seed, and stealing it, then saying he should have been more careful.

Now that it has no legal implications, that is something else.

Satoshi himself kindly disagrees. Whoever has the key, owns the funds. Now, my friend should just use private key 0x01 and transfer his life savings into that address, right? No one will ever touch it.

Last time I checked, it wasn't unethical or illegal to add two numbers together.

What's next, unethical to use quantum computers to break all cryptocurrencies? Seriously? You'd need to have a word with China about how non-ethical it is to break RSA first, since they just did that, before getting slammed by all big tech giants following along.

Take the coins from someone you know and let them know it was you. See if the law says the coins belong to the person with the key. You'll probably be arrested, as is normal for a crime.

What Satoshi said is a philosophical and technical approach to the idea that anyone with your keys can spend them, because that's actually the case. But that doesn't mean it doesn't have ethical and legal implications.

Does anyone really think the creator of this puzzle didn’t anticipate what would happen with any puzzle under 100 bits? I’m still convinced this was a pre-planned scam. Unless the puzzle’s creator personally convinces me here otherwise.

[Akito S. M. Hosana]

Unless the puzzle’s creator personally convinces me here otherwise.

Look at him, he nearly didn’t even come. 

[Benjade]

This is the kind of reasoning used by those who say, "I'm not a thief for stealing his wallet; it's not my fault that the fool fell asleep with his wallet in his hand"

Obviously, it's unethical and immoral.
It's like breaking into a friend's house, seeing his seed, and stealing it, then saying he should have been more careful.

Now that it has no legal implications, that is something else.

Satoshi himself kindly disagrees. Whoever has the key, owns the funds. Now, my friend should just use private key 0x01 and transfer his life savings into that address, right? No one will ever touch it.

Last time I checked, it wasn't unethical or illegal to add two numbers together.

What's next, unethical to use quantum computers to break all cryptocurrencies? Seriously? You'd need to have a word with China about how non-ethical it is to break RSA first, since they just did that, before getting slammed by all big tech giants following along.

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft. The English High Court froze ransomware BTC in AA v Persons Unknown (2019), holding that cryptoassets are property recoverable by injunction. https://www.judiciary.uk/wp-content/uploads/2022/07/AA-v-Persons-Unknown-summary-case-note-SB-amended-1.pdf

And only last week the U.S. Justice Department filed a $225 million civil-forfeiture case against funds drained from victims wallets, classifying the siphoning as wire-fraud and money-laundering proceeds. https://www.justice.gov/opa/pr/united-states-files-civil-forfeiture-complaint-against-225m-funds-involved-cryptocurrency

Satoshi’s “whoever has the key owns the coin” explains how the software recognises control, not a moral green light; he never said taking a live key is acceptable. https://bitcointalk.org/index.php?topic=283061.0

The quantum-break headlines are lab demos of factoring toy 22-bit RSA keys, not a licence to empty real wallets. https://therecord.media/chinese-researchers-claim-to-have-broken-rsa-with-a-quantum-computer-experts-arent-so-sure

And the community still calls it theft when the “Blockchain Bandit” bot guesses weak keys and walks off with 45 000 ETH. https://cointelegraph.com/news/blockchain-bandit-moves-172m-eth-after-2-years-of-dormancy

So on-chain math doesn’t override off-chain law or basic ethics when you knowingly move coins that aren’t yours.

[kTimesG]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

[Benjade]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

When someone solves the puzzle they broadcast a signed transaction; at that moment the prize is theirs. A bot that copies the same signature, adds a bigger fee, and slips ahead in the next block is hijacking value it didn’t earn. Regulators are already treating that pattern as theft, not “just being faster”:

U.S. v. Peraire-Bueno (SDNY, May 2024) – two brothers who rearranged pending Ethereum transactions to grab $25 M were charged with wire fraud and money-laundering. https://wp.nyu.edu/compliance_enforcement/2024/05/22/crypto-experts-react-to-recent-sdny-ethereum-fraud-indictment/

SafeMoon front-run (DoJ press release, Jun 2025) – a bot that intercepted another trader’s mempool transaction had its $680 K haul seized as stolen cryptocurrency. https://www.justice.gov/usao-edva/pr/united-states-returns-over-680000-stolen-cryptocurrency-using-civil-asset-forfeiture

Even research papers call it what it is: “Front-Running-as-a-Service Is Theft.” https://www.coindesk.com/markets/2021/04/07/miners-front-running-as-a-service-is-theft

English law makes the same point: crypto is property, and taking it without consent is conversion (AA v Persons Unknown, 2019). https://blogs.orrick.com/blockchain/english-high-court-recognizes-cryptoassets-to-be-a-form-of-property-considerations-following-aa-v-persons-unknown/

So yes, if you fund key 42 with no conditions, whoever signs first owns it. In the puzzle, the first signer already exists; a bot that shoves their transaction aside is just pickpocketing at mempool speed.

[analyticnomad]

Does anyone really think the creator of this puzzle didn’t anticipate what would happen with any puzzle under 100 bits? I’m still convinced this was a pre-planned scam. Unless the puzzle’s creator personally convinces me here otherwise.
[/quote]


The creator was clear of his intentions and even came back to redistribute funds more equally.

Just curious though: What is this pre-planned scam you're convinced of?

[kTimesG]

So yes, if you fund key 42 with no conditions, whoever signs first owns it. In the puzzle, the first signer already exists; a bot that shoves their transaction aside is just pickpocketing at mempool speed.

I do not agree, simply because it wasn't their key, so the ownership does not exist in the first place.

Are you aware that all puzzles with exposed public keys were signed before they got solved, since they had outgoing TXs? The sweeping TXs therefore classify as theft, according to your criteria.

Again: not your key, not your coins. It is your key only when you actually create it yourself. Otherwise, it is not your key, it belongs to everyone and therefore anyone has the equal right to use it as they see fit.

[mcdouglasx]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

In the hypothetical case that you knew who stole your money, you could sue. Just because a door isn't locked doesn't mean you can break in.

The problem with this is that it's difficult to know who committed the crime. If someone discovers a vulnerability in secp256k1, then according to your logic, they could empty Binance wallets without legal repercussions, since you wouldn't be hacking them. It's just that you know how to add, and your math calculations easily give you the key. This is absurd.



Regarding bots, it doesn't have much to do with speed, whether it's who replaces the transaction last or with the most fees. It depends on the miner who includes the transaction and mines the block. You can send a tx and then replace it, and the first or second transaction could be mined, depending on which miner solves the block first.
It doesn't just matter who has the fastest bot, but who is the luckiest to have the transaction mined.

RBF is intended to replace stuck tx due to low fees, when these do not want to be taken into account by miners, but if the person sending the original transaction does so with enough fees and many miners include it in their proof of work, their transaction could be mined with the same chances as its replacement.

[Benjade]

So yes, if you fund key 42 with no conditions, whoever signs first owns it. In the puzzle, the first signer already exists; a bot that shoves their transaction aside is just pickpocketing at mempool speed.

I do not agree, simply because it wasn't their key, so the ownership does not exist in the first place.

Are you aware that all puzzles with exposed public keys were signed before they got solved, since they had outgoing TXs? The sweeping TXs therefore classify as theft, according to your criteria.

Again: not your key, not your coins. It is your key only when you actually create it yourself. Otherwise, it is not your key, it belongs to everyone and therefore anyone has the equal right to use it as they see fit.

“Not your key, not your coins” cuts both ways.

Until someone derives the private key, the puzzle coins are ownerless data on-chain, yes.
The moment A solves the puzzle and signs a spend, A is the key-holder ownership springs into existence at that instant, because control is proven by the valid signature.

A front-runner doesn’t discover a second key; he simply copies A’s work, rebroadcasts it with a higher fee, and pockets the reward. That’s no different from watching me unlock a safe, grabbing the cash before I can close the door, and claiming “the safe was public property.” The effort that created the new control was mine, not yours.

Outgoing test transactions by the puzzle creator don’t change that: they pre-dated any solver, and the creator explicitly offered the balance to whoever computes the key first. Once that computation is done, the solver holds the key. Copy-paste latency attacks don’t create equal rights they free-ride on another person’s cryptographic proof of ownership, that's all.

[kTimesG]

“Not your key, not your coins” cuts both ways.

Until someone derives the private key, the puzzle coins are ownerless data on-chain, yes.

"Derives the private key"?

That's basically saying "I never owned this key".

None of these arguments will ever hold in any court on this planet, simply because it is impossible to ever prove that you were the first to "derive the key", craft a TX, and having it reach a P2P node, before someone else. That shit is dealt with only after a block is mined and issue gets settled, not before.

It's one thing to hack someone's rightful assets, and a totally different thing to have 100 dudes competing over who ECDLPs first a minuscule weak key, in a mempool, over some assets that don't really belong to ANY of them until the block gets mined and the conflict is solved.

Ownership, in a legal manner, involves proving that the private key was OWNED by you, not that it was "derived". This is done by showing that the private key was indeed a full entropy 256-bits random blob, not a lame-ass zero-filled empty blob with a few bytes at the end.

At best, it can only incriminate yourself, since "deriving" pretty much means "I cracked it, because I didn't own it".

[Benjade]

“Not your key, not your coins” cuts both ways.

Until someone derives the private key, the puzzle coins are ownerless data on-chain, yes.

"Derives the private key"?

That's basically saying "I never owned this key".

None of these arguments will ever hold in any court on this planet, simply because it is impossible to ever prove that you were the first to "derive the key", craft a TX, and having it reach a P2P node, before someone else. That shit is dealt with only after a block is mined and issue gets settled, not before.

It's one thing to hack someone's rightful assets, and a totally different thing to have 100 dudes competing over who ECDLPs first a minuscule weak key, in a mempool, over some assets that don't really belong to ANY of them until the block gets mined and the conflict is solved.

Ownership, in a legal manner, involves proving that the private key was OWNED by you, not that it was "derived". This is done by showing that the private key was indeed a full entropy 256-bits random blob, not a lame-ass zero-filled empty blob with a few bytes at the end.

At best, it can only incriminate yourself, since "deriving" pretty much means "I cracked it, because I didn't own it".

You’re mixing up “can’t be proved” with “I don’t know how to prove it.” 

Every Bitcoin Core node stores when it first saw a tx (getrawmempool true). Mempool.observer, forkmonitor.info, etc. archive those feeds. If my tx hit the network at 17:12:03 and yours appears at 17:12:27, the gap is public and cryptographically tied to the txid.

Deterministic ECDSA RFC 6979 forces each signer to use a different nonce r. Two people who really derived the key produce two distinct signatures; a copy-paste front-runner re-broadcasts the identical sig. Comparing scriptSig bytes is enough to show who computed and who plagiarised.

I can sign an arbitrary message (“Block 850 000, puzzle X, I own this key”) and timestamp that hash with OpenTimestamps or even into the blockchain days before broadcasting the spend. When the puzzle falls, I reveal the signature; the hash already on-chain nails the timeline.

Courts deal with timestamped digital evidence every day e-mails, server logs, CCTV metadata so spare us the “no court on the planet” flourish. In practice the front-runner’s best hope is anonymity, not legal theory, because the maths makes the order of discovery trivially auditable.

Since you're acting in bad faith, I certainly wouldn't want to be your friend IRL, you might steal things from me... 

[Wanderingaran]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

The creator of a "Bitcoin puzzle" (where funds are locked behind a private key that must be brute-forced) is intentionally creating a scenario where theft is incentivized. Even if they frame it as a game or challenge, the legal reality is:

They knowingly put funds in a position where unauthorized access is the only way to claim them.

They are effectively encouraging hacking/unauthorized access, which is illegal in most jurisdictions (e.g., under computer fraud, unauthorized access, or theft laws).


If the puzzle creator never relinquished ownership (e.g., by clearly stating "this is not yours until you solve X"), then solving the puzzle does not grant legal ownership, it’s still theft.

If they implied abandonment (e.g., "Whoever finds this can have it"), then it might be a gray area, but most legal systems don’t recognize brute-forcing as a legitimate claim method.

The puzzle creator could be legally liable because:

They structured a scheme that requires illegal actions (unauthorized access) to claim funds.

They knowingly set up a system that violates computer crime laws (e.g., CFAA in the U.S., similar laws in the EU/UK).

They may be seen as an accomplice to theft by deliberately creating conditions where theft is the only way to obtain the funds.


The puzzle creator is not innocent, they designed a system that requires illegal actions to claim funds. While they might argue it’s a "game," the law doesn’t generally recognize brute-forcing private keys as a legitimate way to transfer ownership.

[Benjade]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

The creator of a "Bitcoin puzzle" (where funds are locked behind a private key that must be brute-forced) is intentionally creating a scenario where theft is incentivized. Even if they frame it as a game or challenge, the legal reality is:

They knowingly put funds in a position where unauthorized access is the only way to claim them.

They are effectively encouraging hacking/unauthorized access, which is illegal in most jurisdictions (e.g., under computer fraud, unauthorized access, or theft laws).


If the puzzle creator never relinquished ownership (e.g., by clearly stating "this is not yours until you solve X"), then solving the puzzle does not grant legal ownership, it’s still theft.

If they implied abandonment (e.g., "Whoever finds this can have it"), then it might be a gray area, but most legal systems don’t recognize brute-forcing as a legitimate claim method.

The puzzle creator could be legally liable because:

They structured a scheme that requires illegal actions (unauthorized access) to claim funds.

They knowingly set up a system that violates computer crime laws (e.g., CFAA in the U.S., similar laws in the EU/UK).

They may be seen as an accomplice to theft by deliberately creating conditions where theft is the only way to obtain the funds.


The puzzle creator is not innocent, they designed a system that requires illegal actions to claim funds. While they might argue it’s a "game," the law doesn’t generally recognize brute-forcing private keys as a legitimate way to transfer ownership.

It's not correct and you are mixing up “unauthorized access” with a public bounty.

The puzzle creator openly puts the coins in addresses meant to be cracked and even thanks the community for building new cracking tools. That is an implied green light: the only way to claim the prize is to derive the key, and the owner clearly intends that to happen. No computer system is being broken into and the funds are not protected by anything but the puzzle itself, so there is no “unauthorized access” under computer-crime laws. It is a public bounty, not theft.  https://bitcointalk.org/index.php?topic=1306983.msg18765941#msg18765941

[Wanderingaran]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

The creator of a "Bitcoin puzzle" (where funds are locked behind a private key that must be brute-forced) is intentionally creating a scenario where theft is incentivized. Even if they frame it as a game or challenge, the legal reality is:

They knowingly put funds in a position where unauthorized access is the only way to claim them.

They are effectively encouraging hacking/unauthorized access, which is illegal in most jurisdictions (e.g., under computer fraud, unauthorized access, or theft laws).


If the puzzle creator never relinquished ownership (e.g., by clearly stating "this is not yours until you solve X"), then solving the puzzle does not grant legal ownership, it’s still theft.

If they implied abandonment (e.g., "Whoever finds this can have it"), then it might be a gray area, but most legal systems don’t recognize brute-forcing as a legitimate claim method.

The puzzle creator could be legally liable because:

They structured a scheme that requires illegal actions (unauthorized access) to claim funds.

They knowingly set up a system that violates computer crime laws (e.g., CFAA in the U.S., similar laws in the EU/UK).

They may be seen as an accomplice to theft by deliberately creating conditions where theft is the only way to obtain the funds.


The puzzle creator is not innocent, they designed a system that requires illegal actions to claim funds. While they might argue it’s a "game," the law doesn’t generally recognize brute-forcing private keys as a legitimate way to transfer ownership.

It's not correct and you are mixing up “unauthorized access” with a public bounty.

The puzzle creator openly puts the coins in addresses meant to be cracked and even thanks the community for building new cracking tools. That is an implied green light: the only way to claim the prize is to derive the key, and the owner clearly intends that to happen. No computer system is being broken into and the funds are not protected by anything but the puzzle itself, so there is no “unauthorized access” under computer-crime laws. It is a public bounty, not theft.  https://bitcointalk.org/index.php?topic=1306983.msg18765941#msg18765941

While the puzzle creator may intend for the funds to be claimed by cracking the key, that doesn’t automatically make it legal. Most jurisdictions don’t recognize brute-forcing as a valid way to transfer ownership. It’s still technically unauthorized access under computer crime laws. The creator’s forum posts might show intent, but unless they structured this as a binding contract or explicit waiver, the law could still view solvers as committing theft. In practice, nobody gets prosecuted because  is pseudonymous and the creator isn’t complaining, but that doesn’t make it legally safe.

[kTimesG]

You’re mixing up “can’t be proved” with “I don’t know how to prove it.”  

Every Bitcoin Core node stores when it first saw a tx (getrawmempool true). Mempool.observer, forkmonitor.info, etc. archive those feeds. If my tx hit the network at 17:12:03 and yours appears at 17:12:27, the gap is public and cryptographically tied to the txid.

Deterministic ECDSA RFC 6979 forces each signer to use a different nonce r. Two people who really derived the key produce two distinct signatures; a copy-paste front-runner re-broadcasts the identical sig. Comparing scriptSig bytes is enough to show who computed and who plagiarised.

I can sign an arbitrary message (“Block 850 000, puzzle X, I own this key”) and timestamp that hash with OpenTimestamps or even into the blockchain days before broadcasting the spend. When the puzzle falls, I reveal the signature; the hash already on-chain nails the timeline.

Courts deal with timestamped digital evidence every day e-mails, server logs, CCTV metadata so spare us the “no court on the planet” flourish. In practice the front-runner’s best hope is anonymity, not legal theory, because the maths makes the order of discovery trivially auditable.

Since you're acting in bad faith, I certainly wouldn't want to be your friend IRL, you might steal things from me...  

Timestamps of a transaction is not included in the transaction, so the gaps you mention and any logs of any public archives are the time when the TX was seen by that node.

So it's basically not a proof at all. What you call a replacement TX might as well be the first TX that some archival node sees.

And I have no idea what you are talking about regarding the identical signatures. The nonce is random, or it's created deterministically based on the TX data, so unless I'm sending out stuff to the SAME address (and same value), it's gonna be a different nonce -> different signature. Actually, I think it would need to be the exact byte-by-byte TX, in order for signatures to be identical.

There is no way to actually prove that my TX was not actually created and transmitted before your TX.

The timestamp of a TX is, eventually, the timestamp of the mined block. Any other timestamps are not legal proof of anything, as there's no way to validate the TX broadcasting timestamp.

It's also very funny how you would think that sending some signed message days before the actual TX would serve any legal purpose at all, because, unless you're signing it with the key you're about to spend, it can be basically sent out by anyone. So it's futile as it doesn't proof anything. And if you do sign it correctly, you already know what would happen, since signing it exposes the public key.

I feel like we're going in circles with what "not your key, not your funds" means in the context of a public blockchain.

[Cricktor]

I don't know what some don't understand with this puzzle and how someone can argue that a solver of a particular puzzle is a thief.

The puzzle creator has deliberately setup the puzzles to have the "community" try to claim them. Benjade points this out. It doesn't matter what motivation the creator had. The puzzle creator knew that a big chunk of the puzzles will be solved and withdrawn by solvers. He or she obviously donated the coins for this, let's call it technological study.

Even after a lot of the puzzles were solved already, they were topped up considerably to make it a worthy challenge to push solving tech to the limits. Whoever donated the coins for the puzzles, knew what they were doing.


If someone is stupid enough to use very weak and/or publicly known private keys or utterly bad brainwallets based on publicly known secrets data then I'd argue those sort of deserve to loose their coins to bots or whomever, simply due to ignorance and vast stupidity (I recognize that stupidity doesn't justify all evil actions, but hey, you get my point I guess). And yes, such bots exist, are armed and ready to almost instantly replace transactions that show up in public mempools. That's a known fact.

My standpoint is that getting to know a private key to valid UTXOs doesn't make you the legit owner of those UTXOs, but technically you can spend them and probably quite many would do this. I don't want to try to put these and those into some camps, it's a bit pointless. Make it up with yourself in which camp you sit. But this doesn't apply to coins that are deliberately laid out to be claimed like in the context of the Bitcoin puzzle transactions and coins.

Since the inception of low entropy puzzle stealing bots a solver of a low bit-range puzzle is challenged with a new problem for which MARA pool's Slipstream service has proven to be a working solution. Puzzle solver for 67 and 68 was smart enough and has proven this so far that Slipstream didn't scam but calmly confirmed the withdrawal transaction. Good and a must to know.

Puzzle solver for 69 failed to gain this crucial knowledge and it looked very much like they lost their prize to some bots. I would call this bad preperation and ignorance of quick state-of-the-art solution technology.

I forgot from which bit count on it's simply unlikely a bot could find a solution once a public key is exposed in public mempool, even when the next block to mine may take more than an hour to be found. Blocks are found roughly on average over 2016 blocks every 10minutes. You can't predict when the next valid block is published.

Future puzzle solver of 135 doesn't need to care about Slipstream service. Future puzzle solver of 71+ should very much use Slipstream or there will be a lot of tears.

[Benjade]

@kTimesG Having a valid signature may satisfy the Bitcoin protocol, but off-chain it’s still treated as theft.

It's not theft if it never belonged to the one who claimed it theft.

I'd start there. By this logic, all the guys who solved puzzles so far are thieves.

By the same logic, if I add funds to private key 42, and I call it my assets, then I should sue whoever transfers the funds in the very next block. Correct?

Geez.

The creator of a "Bitcoin puzzle" (where funds are locked behind a private key that must be brute-forced) is intentionally creating a scenario where theft is incentivized. Even if they frame it as a game or challenge, the legal reality is:

They knowingly put funds in a position where unauthorized access is the only way to claim them.

They are effectively encouraging hacking/unauthorized access, which is illegal in most jurisdictions (e.g., under computer fraud, unauthorized access, or theft laws).


If the puzzle creator never relinquished ownership (e.g., by clearly stating "this is not yours until you solve X"), then solving the puzzle does not grant legal ownership, it’s still theft.

If they implied abandonment (e.g., "Whoever finds this can have it"), then it might be a gray area, but most legal systems don’t recognize brute-forcing as a legitimate claim method.

The puzzle creator could be legally liable because:

They structured a scheme that requires illegal actions (unauthorized access) to claim funds.

They knowingly set up a system that violates computer crime laws (e.g., CFAA in the U.S., similar laws in the EU/UK).

They may be seen as an accomplice to theft by deliberately creating conditions where theft is the only way to obtain the funds.


The puzzle creator is not innocent, they designed a system that requires illegal actions to claim funds. While they might argue it’s a "game," the law doesn’t generally recognize brute-forcing private keys as a legitimate way to transfer ownership.

It's not correct and you are mixing up “unauthorized access” with a public bounty.

The puzzle creator openly puts the coins in addresses meant to be cracked and even thanks the community for building new cracking tools. That is an implied green light: the only way to claim the prize is to derive the key, and the owner clearly intends that to happen. No computer system is being broken into and the funds are not protected by anything but the puzzle itself, so there is no “unauthorized access” under computer-crime laws. It is a public bounty, not theft.  https://bitcointalk.org/index.php?topic=1306983.msg18765941#msg18765941

While the puzzle creator may intend for the funds to be claimed by cracking the key, that doesn’t automatically make it legal. Most jurisdictions don’t recognize brute-forcing as a valid way to transfer ownership. It’s still technically unauthorized access under computer crime laws. The creator’s forum posts might show intent, but unless they structured this as a binding contract or explicit waiver, the law could still view solvers as committing theft. In practice, nobody gets prosecuted because  is pseudonymous and the creator isn’t complaining, but that doesn’t make it legally safe.

“Unauthorized access” only occurs when you defeat a safeguard without the owner’s permission.
The puzzle creator has already said “first to crack the key keeps the coins,” which is explicit consent, exactly like a bug-bounty program inviting you to hack their test server. Contract law treats that as a unilateral offer: perform the task, keep the reward. Once consent is public, brute-forcing the key is neither theft nor computer misuse, because the owner has waived exclusivity and the only “system” you touch is the open blockchain.

Here:
Computer Fraud and Abuse Act — 18 U.S.C. § 1030(a): every CFAA offense hinges on accessing a computer “without authorization” or “exceeding authorized access.” If the owner invites you to try, that element is missing. https://www.law.cornell.edu/uscode/text/18/1030

And there:
DOJ charging policy for the CFAA (19 May 2022): prosecutors are told not to bring charges for “good-faith security research” when the owner has authorized the activity. https://www.justice.gov/archives/opa/pr/department-justice-announces-new-policy-charging-cases-under-computer-fraud-and-abuse-act

[Akito S. M. Hosana]

While the puzzle creator may intend for the funds to be claimed by cracking the key, that doesn’t automatically make it legal. Most jurisdictions don’t recognize brute-forcing as a valid way to transfer ownership. It’s still technically unauthorized access under computer crime laws. The creator’s forum posts might show intent, but unless they structured this as a binding contract or explicit waiver, the law could still view solvers as committing theft. In practice, nobody gets prosecuted because  is pseudonymous and the creator isn’t complaining, but that doesn’t make it legally safe.

Okay, I admit it, I'm a criminal in the making. I have to admit, I'm not very good at this.