Bitcoin puzzle transaction ~32 BTC prize to who solves it

[kTimesG]

you realize that this is a truly absurd argument. You're not arguing anything, you're just saying that what you believe is true because it is.

You had 50 ways shown and proven the prefix theory is absurd itself.

It was also proven why it "wins", and why this criteria is absurd (you literally had one explanation just a few posts above).

If you think the 51st time people will bother again, I guess it's better off for you to believe that your topic is not absurd, and is also valid simply because no one responds to it.

Food for thought.

[Benjade]

For those who don't understand prefixes, if you want to try your luck, this is the best current option for puzzle 71. If you're not interested in searching the entire range, where random + sequential and prefixes are equal in terms of statistical significance, you're just trying your luck, which means you don't need to scan the entire range. You get better results by using prefixes, which have huge advantages.

https://bitcointalk.org/index.php?topic=5546684

Have you not learned anything from what fixedpaul and others tried to show you regarding your most fatal fallacy? You're comparing both walks in the same order, however you're only attaching the "random +" to the sequential version, for reasons only you understand, even though they both walk the exact same sequence of data. If you simply start off the sequential from 1 instead of 0, prefix loses in 99.999999% of the cases, but of course this is not allowed, since you gotta keep your obvious bias to perform well for total n00bz.

If you have a well-formulated mathematical position that dismisses this idea as anything more than a half-baked theory, you can comment directly on the thread I shared, something you apparently avoid doing at all costs because you know that in the technical area it is not allowed to share false information, and generally there are the most knowledgeable, where beyond your theoretical statements they verify the facts.

You dont need well-formulated mathematical, If you’re only searching for addresses that start with a given prefix, then yes, your hits will go up, but that’s just because you’re redefining your target.

But if you’re looking for one specific value, randomly checking only a subset with a certain prefix just reduces your chance of ever finding it unless you get lucky.

Your own numbers show that the prefix method wins in partial search, but only because you’re comparing the probability of matching a prefix, not the probability of finding the exact solution.

Prefix search can be useful if your goal is just to find any matching prefix, but it gives no advantage if you’re searching for a single specific solution. Filtering by prefix just biases your random guesses, not your actual odds of finding a unique target.

The goal is not finding any prefix match but finding the exact solution. That’s a fundamental misunderstanding of probability in brute-force searches.

[nomachine]

- #1 starts with a `1`
- #2 starts with either a `2` or `3`
- #3 starts with a `4`, `5`, `6`, or `7`
- #4 starts with any of the remaining possible hex chars
- then the pattern repeats for the next group of four keys, and so on...

is it actually possible that one seed phrase could/would actually make a series of consecutive keys that fit not just that specific pattern, but really any kind of repeating pattern at all...?? And how would you even find/make such a seed phrase...??

It is possible.

Code:

import random
import hashlib
import base58

for puzzle in range(1, 161):
      lower = 2 ** (puzzle - 1)
      upper = (2 ** puzzle) - 1
      seed = "SatoshiNakamotoPuzzle" + str(puzzle)
      random.seed(seed)
      dec = random.randint(lower, upper)
      private_key_hex = "%064x" %  dec
      private_key_bytes = bytes.fromhex(private_key_hex)
      extended_key = b'\x80' + private_key_bytes
      extended_key += b'\x01'
      checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4]
      wif_bytes = extended_key + checksum
      wif_compressed = base58.b58encode(wif_bytes).decode()
      print(f"Puzzle = {puzzle} {DEC} = {dec} seed = {seed} wif = {wif_compressed}")

python3 test.py

Puzzle = 1 DEC = 1 seed = SatoshiNakamotoPuzzle1 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU73sVHnoWn
Puzzle = 2 DEC = 2 seed = SatoshiNakamotoPuzzle2 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU74NMTptX4
Puzzle = 3 DEC = 5 seed = SatoshiNakamotoPuzzle3 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU75s2EPgZf
Puzzle = 4 DEC = 11 seed = SatoshiNakamotoPuzzle4 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU78rNKwdiH
Puzzle = 5 DEC = 22 seed = SatoshiNakamotoPuzzle5 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU7EL1wKGDm
Puzzle = 6 DEC = 53 seed = SatoshiNakamotoPuzzle6 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU7VmMqX3qc
Puzzle = 7 DEC = 73 seed = SatoshiNakamotoPuzzle7 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU7fj3itoEY
Puzzle = 8 DEC = 148 seed = SatoshiNakamotoPuzzle8 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU8K5DxCiQf
Puzzle = 9 DEC = 306 seed = SatoshiNakamotoPuzzle9 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFU9fkdRpSex
Puzzle = 10 DEC = 634 seed = SatoshiNakamotoPuzzle10 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qYjgd9M7rFUCV5z2PfC3
*****
Puzzle = 66 DEC = 38508275138367239239 seed = SatoshiNakamotoPuzzle66 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qZWCKpZnZsCqVzc1f9vt
Puzzle = 67 DEC = 146233885779705721938 seed = SatoshiNakamotoPuzzle67 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qbeiYkkDLY2iKmA6JS3q
Puzzle = 68 DEC = 204291343762893348650 seed = SatoshiNakamotoPuzzle68 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qcopt3giY39KjX9pfekV
Puzzle = 69 DEC = 588454650131287819678 seed = SatoshiNakamotoPuzzle69 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qkTtFZibZ9tNE96yFsjS
Puzzle = 70 DEC = 826730197180747088722 seed = SatoshiNakamotoPuzzle70 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3qqDJuNu7s3FZKtsk9Pn7
Puzzle = 71 DEC = 1833056699595944202074 seed = SatoshiNakamotoPuzzle71 wif = KwDiBf89QgGbjEhKnhXJuH7LrciVrZi3rBGXpLd8yP9kGu7rqRvw

Ayo, there’s a pattern in the seed, but them keys and decimal numbers? Nah, they straight-up random.
But bruh, tryna find and reverse-engineer the seed? That’s impossible. You’d have an easier time brute-forcing private keys than crackin’ that seed, no cap.

[brainless]

Important !!!

https://www.wsj.com/world/russian-bitcoin-exchange-co-founder-to-be-freed-by-the-u-s-after-americans-release-3f5fe066

https://www.binance.com/en/square/post/20290104961601

[zorogaber]

Is there a script that can check millions of decimal numbers?

[btc11235]

- #1 starts with a `1`
- #2 starts with either a `2` or `3`
- #3 starts with a `4`, `5`, `6`, or `7`
- #4 starts with any of the remaining possible hex chars
- then the pattern repeats for the next group of four keys, and so on...

is it actually possible that one seed phrase could/would actually make a series of consecutive keys that fit not just that specific pattern, but really any kind of repeating pattern at all...?? And how would you even find/make such a seed phrase...??

It is possible.

Code:

import random
import hashlib
import base58

for puzzle in range(1, 161):
      lower = 2 ** (puzzle - 1)
      upper = (2 ** puzzle) - 1
      seed = "SatoshiNakamotoPuzzle" + str(puzzle)
      random.seed(seed)
      dec = random.randint(lower, upper)
      private_key_hex = "%064x" %  dec
      private_key_bytes = bytes.fromhex(private_key_hex)
      extended_key = b'\x80' + private_key_bytes
      extended_key += b'\x01'
      checksum = hashlib.sha256(hashlib.sha256(extended_key).digest()).digest()[:4]
      wif_bytes = extended_key + checksum
      wif_compressed = base58.b58encode(wif_bytes).decode()
      print(f"Puzzle = {puzzle} {DEC} = {dec} seed = {seed} wif = {wif_compressed}")

[results snipped]

Ayo, there’s a pattern in the seed, but them keys and decimal numbers? Nah, they straight-up random.
But bruh, tryna find and reverse-engineer the seed? That’s impossible. You’d have an easier time brute-forcing private keys than crackin’ that seed, no cap.

Ok, I think I see my mistake... I just went back to the original comment, and I realize now that I had read "a single master seed" as "master seed phrase" and not "a seed used to prime a RNG" ... Meaning, I thought the idea being proposed was that the puzzles were initially created by, like, using some off-the-shelf wallet software to automatically create a new wallet, complete with a BIP-39 seed phrase and a list of associated private keys, and then changing/masking those private keys to make the puzzles' keys, which (of course) would have disassociated them all from the original BIP-39 seed phrase... And I couldn't for the life of me figure out how that would be easier than just generating them all the way you show above...

So, I am dumb, just not the way I'd feared

[mahmood1356]

My question is: Have all those who managed to solve the previous puzzles published the recovered private keys in this forum?
 If not, then who has published the private keys of the solved puzzles in this forum? Is there anyone in this forum who has all the keys???

[mcdouglasx]

you realize that this is a truly absurd argument. You're not arguing anything, you're just saying that what you believe is true because it is.

You had 50 ways shown and proven the prefix theory is absurd itself.

It was also proven why it "wins", and why this criteria is absurd (you literally had one explanation just a few posts above).

If you think the 51st time people will bother again, I guess it's better off for you to believe that your topic is not absurd, and is also valid simply because no one responds to it.

Food for thought.

what I say, you realize that I could argue the same to invalidate your arguments without specifying absolutely anything, that is the art of debate, and in debates I know all the existing tactics, even the low ones, which are the ones you generally use in your comments, which are literally going to a topic and giving a generalized argument that is ambiguously correct but not for the specific topic, which in principle creates uncertainty that you could be right, that is why in rckangaroo retired coder tells you that you do not know something, in Mark1 you talk about things that have nothing to do with the topic, and you theorize about supposed things that you do better but that you never reveal.

[nomachine]

Ok, I think I see my mistake... I just went back to the original comment, and I realize now that I had read "a single master seed" as "master seed phrase" and not "a seed used to prime a RNG" ... Meaning, I thought the idea being proposed was that the puzzles were initially created by, like, using some off-the-shelf wallet software to automatically create a new wallet, complete with a BIP-39 seed phrase and a list of associated private keys, and then changing/masking those private keys to make the puzzles' keys, which (of course) would have disassociated them all from the original BIP-39 seed phrase... And I couldn't for the life of me figure out how that would be easier than just generating them all the way you show above...

So, I am dumb, just not the way I'd feared

Personally, if I were the creator, I would use this simple python script.You could straight-up import all them keys from 1 to 160 into Electrum right from the command line. Move all the bread in two clicks, no cap. Me? I’d use a Social Security Number as the seed, toss in ‘SatoshiNakamotoPuzzle’ plus the puzzle number, and bam, we locked in. I wouldn't even lie that I used a wallet.  

[onepuzzle]

Ok, I think I see my mistake... I just went back to the original comment, and I realize now that I had read "a single master seed" as "master seed phrase" and not "a seed used to prime a RNG" ... Meaning, I thought the idea being proposed was that the puzzles were initially created by, like, using some off-the-shelf wallet software to automatically create a new wallet, complete with a BIP-39 seed phrase and a list of associated private keys, and then changing/masking those private keys to make the puzzles' keys, which (of course) would have disassociated them all from the original BIP-39 seed phrase... And I couldn't for the life of me figure out how that would be easier than just generating them all the way you show above...

So, I am dumb, just not the way I'd feared

Personally, if I were the creator, I would use this simple python script.You could straight-up import all them keys from 1 to 160 into Electrum right from the command line. Move all the bread in two clicks, no cap. Me? I’d use a Social Security Number as the seed, toss in ‘SatoshiNakamotoPuzzle’ plus the puzzle number, and bam, we locked in. I wouldn't even lie that I used a wallet.  

How did you come to the conclusion that he used Python? Just because it's easier?
"Satoshi" wrote Bitcoin in C++. A true Satoshi fanboy — like saatoshi_rising — would only use C++.
Also, the random function in C++ gives different results than in Python.
The programming language does matter here — unless HMAC is used.

[kTimesG]

what I say, you realize that I could argue the same to invalidate your arguments without specifying absolutely anything, that is the art of debate, and in debates I know all the existing tactics, even the low ones, which are the ones you generally use in your comments, which are literally going to a topic and giving a generalized argument that is ambiguously correct but not for the specific topic, which in principle creates uncertainty that you could be right, that is why in rckangaroo retired coder tells you that you do not know something, in Mark1 you talk about things that have nothing to do with the topic, and you theorize about supposed things that you do better but that you never reveal.

Talk about going totally off-topic...

Have you heard of the word "advice"? Or even "educated advice"?

I'm literally not obliged, nor anyone, to cook your meal and put it under your nose. If you have the recipe, but you don't know how to cook, that's your problem, not mine.

Sounds like you want an entire dinner served, after you already have all the ingredients under your nose. Dude, I'm not hiding anything spectacular, but also there is no need to show off anything. However, there's a huge difference between going totally nuts, and actually improving and advising on stuff that doesn't go full delilah in the realm of non-rationality and fantasy land.

What I don't get is why you keep so intensely to push your absurd ideas forward, but you don't actually follow up on them yourself. Are you afraid that maybe they don't actually work as described, and it just messes with people's mind? I'm not going into any argument or debate with you simply because that was already settled, and you feel the need for a rehash every once in a while, while I don't.

[bibilgin]

@mcdouglasx my friend,

Don't bother yourself.
"Some people say the sky is only blue." They console themselves by saying that it will change color and go back to being blue.

How did you come to the conclusion that he used Python? Just because it's easier?
"Satoshi" wrote Bitcoin in C++. A true Satoshi fanboy — like saatoshi_rising — would only use C++.
Also, the random function in C++ gives different results than in Python.
The programming language does matter here — unless HMAC is used.

Could it be JAVA?   

[onepuzzle]

@mcdouglasx my friend,

Don't bother yourself.
"Some people say the sky is only blue." They console themselves by saying that it will change color and go back to being blue.

How did you come to the conclusion that he used Python? Just because it's easier?
"Satoshi" wrote Bitcoin in C++. A true Satoshi fanboy — like saatoshi_rising — would only use C++.
Also, the random function in C++ gives different results than in Python.
The programming language does matter here — unless HMAC is used.

Could it be JAVA?   

Satoshis last message:

I do hope your BitcoinJ continues to be developed into an alternative client. It gives Java devs something to work on, and it’s easier with a simpler foundation that doesn’t have to do everything.

[nomachine]

How did you come to the conclusion that he used Python? Just because it's easier?

If you were a Puzzle BTC creator in 2015, you could have used Bitcoin Core, Electrum, or Armory. Electrum (written in Python) was already popular in 2015, and its wallet format is well-documented. Importing keys via the command line (electrum importprivkey) would be trivial with Python-generated WIFs.

Python’s random.seed() function ensures deterministic key generation, unlike C++’s std::rand(), which varies across implementations unless carefully controlled.

Python’s random uses a Mersenne Twister, while C++’s std::rand() depends on the compiler.

Since Electrum itself is written in Python, a Python script would integrate seamlessly.

The same code works unchanged from 2015 to 2025 (thanks to Python’s stability).You just need to know the seed.

[onepuzzle]

How did you come to the conclusion that he used Python? Just because it's easier?

If you were a Puzzle BTC creator in 2015, you could have used Bitcoin Core, Electrum, or Armory. Electrum (written in Python) was already popular in 2015, and its wallet format is well-documented. Importing keys via the command line (electrum importprivkey) would be trivial with Python-generated WIFs.

Python’s random.seed() function ensures deterministic key generation, unlike C++’s std::rand(), which varies across implementations unless carefully controlled.

Python’s random uses a Mersenne Twister, while C++’s std::rand() depends on the compiler.

Since Electrum itself is written in Python, a Python script would integrate seamlessly.

The same code works unchanged from 2015 to 2025 (thanks to Python’s stability).You just need to know the seed.

1. Mnemonic → Seed (BIP-39)

A sequence of 12–24 words (the mnemonic) is fed into PBKDF2-SHA512 with 2,048 iterations and the salt "mnemonic" + optional passphrase to produce a 512-bit seed. This seed is the secret starting point for the entire wallet.

Code:

Seed = PBKDF2(passphrase=mnemonic, salt="mnemonic"+optional_passphrase, iterations=2048, HMAC-SHA512)

2. Master-Key + Chain-Code (BIP-32)

The 512-bit seed is processed with HMAC-SHA512 using the key "Bitcoin seed". The left 32 bytes of the output become the Master Private Key, the right 32 bytes the Master Chain Code. Together they form the root node for all subsequent key derivations.

Code:

I = HMAC-SHA512(key="Bitcoin seed", data=Seed)  
Master_PrivateKey = I_L (left 32 Bytes)  
Master_ChainCode  = I_R (right 32 Bytes)  

random.seed("some string") + random.randint() is deterministic, but not secure, standardized, or hierarchical. Real HD wallets use strictly defined KDFs (PBKDF2, HMAC-SHA512), chain codes, and mnemonics to ensure maximum security and interoperability.

https://media2.giphy.com/media/v1.Y2lkPTc5MGI3NjExamJmZXVuNGxybGszb2Qyand1dGpwNWF3dTY4c2hjdzcyd3Y1a3dqbiZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/15BuyagtKucHm/giphy.gif

[Akito S. M. Hosana]

works unchanged from 2015 to 2025

Like your fishing rods? I'm starting to understand why you're fishing and why you don't care about anything here. 

[mcdouglasx]

what I say, you realize that I could argue the same to invalidate your arguments without specifying absolutely anything, that is the art of debate, and in debates I know all the existing tactics, even the low ones, which are the ones you generally use in your comments, which are literally going to a topic and giving a generalized argument that is ambiguously correct but not for the specific topic, which in principle creates uncertainty that you could be right, that is why in rckangaroo retired coder tells you that you do not know something, in Mark1 you talk about things that have nothing to do with the topic, and you theorize about supposed things that you do better but that you never reveal.

Talk about going totally off-topic...

Have you heard of the word "advice"? Or even "educated advice"?

I'm literally not obliged, nor anyone, to cook your meal and put it under your nose. If you have the recipe, but you don't know how to cook, that's your problem, not mine.

Sounds like you want an entire dinner served, after you already have all the ingredients under your nose. Dude, I'm not hiding anything spectacular, but also there is no need to show off anything. However, there's a huge difference between going totally nuts, and actually improving and advising on stuff that doesn't go full delilah in the realm of non-rationality and fantasy land.

What I don't get is why you keep so intensely to push your absurd ideas forward, but you don't actually follow up on them yourself. Are you afraid that maybe they don't actually work as described, and it just messes with people's mind? I'm not going into any argument or debate with you simply because that was already settled, and you feel the need for a rehash every once in a while, while I don't.

Let me know when you contribute something even halfway interesting to the forum that is nothing more than pure criticism, because even though you disagree and suffer with everything that people post on the forum, and in the few cases in which you do not criticize them directly you allude to the fact that you would do it better, I do not understand why you are still here, if I were you I would be tired of going to the jungle to teach monkeys to read if I knew that it was an impossible mission for me.

[btc11235]

Python’s random uses a Mersenne Twister, while C++’s std::rand() depends on the compiler.

The same code works unchanged from 2015 to 2025 (thanks to Python’s stability).You just need to know the seed.

Didn't C++ get std::mersenne_twister_engine in 2011 (that doc says it came with C++11 if I'm reading it correctly)? I'm not super familiar with C++ though, so maybe this isn't what I think it is? Of course, that's assuming that, even if C++ was used, that it wasn't an older version without the Mersenne Twister option available, etc...

Also, while I agree that since 2015 (or earlier) Python's RNG has been stable/idempotent (AFAIK, again I only have a passing familiarity Python as well), it's not like it has never changed... It wasn't even using Mersenne Twister prior to 2003:

The random module now uses a new algorithm, the Mersenne Twister, implemented in C.
-- https://docs.python.org/3/whatsnew/2.3.html

...and in 2014 the default seed was changed (made more robust/complex): https://github.com/python/cpython/issues/65669 ... Which of course didn't impact seeded randoms, but is still something (albeit minor) to consider...

All I mean to say is that I'm often tempted to try and figure-out the seed(s) used to generate the puzzle keys, as I think you've spent quite a lot of time doing... But every time I think about it, I have to remind myself that we just don't know enough / have enough data about where to start... Which version of which language was used, and which RNG (standard or cryptographic, Mersenne Twister or something else, etc) was used, or whether the rand was seeded once, before the loop with a static seed (like I tend to do, which I think is kind-of a common C# pattern) or again on every loop with a dynamically changing seed (the way the code you posted was), not to mention the seed's exact value itself, and who knows what other factors...

Anyway, if you or anyone has more thoughts on this, please do share if you're willing... Obviously, cracking the 'secret' to all the remaining puzzles at once would be the Holy Grail of this whole thing I'm just not holding out any hope for it, and I think nomachine has also long-since abandoned this route too...

[nomachine]

All I mean to say is that I'm often tempted to try and figure-out the seed(s) used to generate the puzzle keys, as I think you've spent quite a lot of time doing... But every time I think about it, I have to remind myself that we just don't know enough / have enough data about where to start... Which version of which language was used, and which RNG (standard or cryptographic, Mersenne Twister or something else, etc) was used, or whether the rand was seeded once, before the loop with a static seed (like I tend to do, which I think is kind-of a common C# pattern) or again on every loop with a dynamically changing seed (the way the code you posted was), not to mention the seed's exact value itself, and who knows what other factors...

In 2015, a Puzzle BTC creator using Python + Electrum would likely have:

Generated keys via random.seed() (not PBKDF2/HMAC-SHA512).

Used WIF format (easily imported into Electrum using importprivkey) and ignored BIP-32/39.

This kept the puzzle simple, reproducible, and Electrum-friendly.

Consistent with real 2015 examples like 1FLAMEN6, which used raw SHA-256/RIPEMD160 hashes (not HD wallets) and WIF keys.

But who cares if I'm right or wrong? 

[kTimesG]

Let me know when you contribute something even halfway interesting to the forum that is nothing more than pure criticism, because even though you disagree and suffer with everything that people post on the forum, and in the few cases in which you do not criticize them directly you allude to the fact that you would do it better, I do not understand why you are still here, if I were you I would be tired of going to the jungle to teach monkeys to read if I knew that it was an impossible mission for me.

Come on, don't cry so hard just cuz no one cares about your "probabilistic brute-force" undoubtedly-best-to-be-used kindergarten script, that you want real experts to congratulate you for. Well, maybe bib does, the expert cryptographer researcher who can't even count H160 bits properly, and will go to great lengths to show that he's right (when he's obviously just digging his hole deeper), so my bad.

Since you're looking for a Nobel, they don't hand that for mathematical breakthroughs, like breaking elliptic curves over prime fields (and two hash functions) with some AI script that runs fancy analysis on flawed principles, and compares performance by using sports gambling methodologies.

Now, on a serious note, you won't really find any criticism in your prefix theory, simply because there is nothing to criticize. Go ahead, and implement it in an actual real scenario, see how well it goes for you. Then, come back with actual results (if there are any). Not the other way around, which is simply misleading people into actually thinking that it somehow works, based on the words that you are suggesting (like "undoubtedly" but with zero actual proofs to back it up).