Bitcoin Forum
March 19, 2024, 09:15:22 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 4 5 »  All
  Print  
Author Topic: Vanity bitcoin addresses: a new way to keep your CPU busy  (Read 29754 times)
grondilu
Legendary
*
Offline Offline

Activity: 1288
Merit: 1076


View Profile
October 20, 2010, 07:36:24 PM
 #21

IllSend1000BTCtoWhoEvrMakesDisAddr

Awww, even replacing the lower-case-l's with 1's it ain't right:
Code:
$ bitcoind validateaddress I11Send1000BTCtoWhoEvrMakesDisAddr
{
    "isvalid" : false
}

Hum ?  What did I get wrong ?  I thought it would be ok.   I guess I didn't understand what base58 is exactly...  My bad.


edit:
ok I checked Satoshi's code (in base58.h), and now I know :

//
// Why base-58 instead of standard base-64 encoding?
// - Don't want 0OIl characters that look the same in some fonts and
//      could be used to create visually identical looking account numbers.
// - A string with non-alphanumeric characters is not as easily accepted as an account number.
// - E-mail usually won't line-break if there's no punctuation to break at.
// - Doubleclicking selects the whole number as one word if it's all alphanumeric.
//

Unlike traditional banking where clients have only a few account numbers, with Bitcoin people can create an unlimited number of accounts (addresses). This can be used to easily track payments, and it improves anonymity.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1710839722
Hero Member
*
Offline Offline

Posts: 1710839722

View Profile Personal Message (Offline)

Ignore
1710839722
Reply with quote  #2

1710839722
Report to moderator
1710839722
Hero Member
*
Offline Offline

Posts: 1710839722

View Profile Personal Message (Offline)

Ignore
1710839722
Reply with quote  #2

1710839722
Report to moderator
1710839722
Hero Member
*
Offline Offline

Posts: 1710839722

View Profile Personal Message (Offline)

Ignore
1710839722
Reply with quote  #2

1710839722
Report to moderator
khal
Hero Member
*****
Offline Offline

Activity: 540
Merit: 500



View Profile WWW
April 29, 2011, 09:54:15 AM
 #22

Vanity key tried 29'800'000.

How long will it take to find an adress matching : "^1Khalahan[A-Z0-9]" ? Cheesy
ByteCoin
Sr. Member
****
expert
Offline Offline

Activity: 416
Merit: 277


View Profile
April 29, 2011, 10:47:32 AM
 #23

How long will it take to find an address matching : "^1Khalahan[A-Z0-9]" ? Cheesy

You need to search about 1.28E14 keys. Using my software (if I remember the performance correctly) that'd take me about 4 years.

ByteCoin
khal
Hero Member
*****
Offline Offline

Activity: 540
Merit: 500



View Profile WWW
April 29, 2011, 11:07:35 AM
 #24

Wow... i should be a little less gluttonous though... or really lucky :p
Thanks for the estimation.
mathx
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
May 29, 2011, 05:54:48 PM
 #25

Wow... i should be a little less gluttonous though... or really lucky :p
Thanks for the estimation.

Is your software using the GPU too? Whats the nominal market value for this derivative market? Smiley

You sharing your vanity generation code? Smiley
gmaxwell
Moderator
Legendary
*
expert
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
May 29, 2011, 06:19:28 PM
 #26

If there is a demand for it, I might be tempted to start a webservice like the faucet where people can buy vanity addresses for a small bitcoin fee. I have a simple handshake scheme which allows me to generate a new address for you without me finding out your private key. My method sounds like it's faster than Gavin's and mathematically it's non-trivial. It can find addresses containing a short string like "gavin" in a fraction of a second for example.
ByteCoin

I think the claim that you can do this search without knowing the private key is surprising and dubious.

I'd be interested in hearing more about how you propose to do this.
 

mathx
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
May 29, 2011, 06:27:55 PM
 #27

I have a simple handshake scheme which allows me to generate a new address for you without me finding out your private key.

How does this work? You HAVE to explain it or the public wont trust your keys. Furthermore, some segment of the population has to understand it fully, the rest will follow the herd of smart people.

Til then tho, there's no market.
ploum
Sr. Member
****
Offline Offline

Activity: 428
Merit: 253



View Profile WWW
May 29, 2011, 06:29:04 PM
 #28


But there are 2^160 possible bitcoin addresses,

Just to give some perspective: in order to run out of addresses, each human currently living on the planet (±6 billions) has to generate 500 million of addresses for each single nano-second (10⁻⁹s) during the entire age of the universe (15 billions of years).

I think that, from that point of view, the system is pretty safe.

davout
Legendary
*
Offline Offline

Activity: 1372
Merit: 1007


1davout


View Profile WWW
June 04, 2011, 04:08:26 AM
 #29

Just to give some perspective: in order to run out of addresses, each human currently living on the planet (±6 billions) has to generate 500 million of addresses for each single nano-second (10⁻⁹s) during the entire age of the universe (15 billions of years).
Read "the restaurant at the end of the universe" you might then want to review your statement Cheesy

grondilu
Legendary
*
Offline Offline

Activity: 1288
Merit: 1076


View Profile
June 04, 2011, 04:56:12 AM
 #30

Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:

Code:
#!/bin/bash
#
# This is free and unencumbered software released into the public domain.
#
# Anyone is free to copy, modify, publish, use, compile, sell, or
# distribute this software, either in source code form or as a compiled
# binary, for any purpose, commercial or non-commercial, and by any
# means.
#
# In jurisdictions that recognize copyright laws, the author or authors
# of this software dedicate any and all copyright interest in the
# software to the public domain. We make this dedication for the benefit
# of the public at large and to the detriment of our heirs and
# successors. We intend this dedication to be an overt act of
# relinquishment in perpetuity of all present and future rights to this
# software under copyright law.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
#
#
# Requires bc, dc, openssl, xxd
#

base58=({1..9} {A..H} {J..N} {P..Z} {a..k} {m..z})
bitcoinregex="^[$(printf "%s" "${base58[@]}")]{34}$"

decodeBase58() {
    local s=$1
    for i in {0..57}
    do s="${s//${base58[i]}/ $i}"
    done
    dc <<< "16o0d${s// /+58*}+f"
}

encodeBase58() {
    # 58 = 0x3A
    bc <<<"ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }" |
    tac |
    while read n
    do echo -n ${base58[n]}
    done
}

checksum() {
    xxd -p -r <<<"$1" |
    openssl dgst -sha256 -binary |
    openssl dgst -sha256 -binary |
    xxd -p -c 80 |
    head -c 8
}

checkBitcoinAddress() {
    if [[ "$1" =~ $bitcoinregex ]]
    then
        h=$(decodeBase58 "$1")
        checksum "00${h::${#h}-8}" |
        grep -qi "^${h: -8}$"
    else return 2
    fi
}

hash160() {
    openssl dgst -sha256 -binary |
    openssl dgst -rmd160 -binary |
    xxd -p -c 80
}

hash160ToAddress() {
    printf "%34s\n" "$(encodeBase58 "00$1$(checksum "00$1")")" |
    sed "y/ /1/"
}

publicKeyToAddress() {
    hash160ToAddress $(
    openssl ec -pubin -pubout -outform DER 2>/dev/null |
    tail -c 65 |
    hash160
    )
}

makeBitcoinPair() {
    openssl ecparam -genkey -name secp256k1 |
        tee >(gpg -ae -r grondilu) |
        openssl ec -pubout |
        publicKeyToAddress
}

timestamp() {
    hash160ToAddress "$(hash160)"
}

bigEndianHex2littleEndianHex() {
    local s=''
    while read -n 2 char
    do s=$char$s
    done
    echo $s
}

bitcoinHash() {
    bigEndianHex2littleEndianHex |
    xxd -p -r |
    openssl dgst -sha256 -binary |
    openssl dgst -sha256 -binary |
    xxd -p -c 80 |
    bigEndianHex2littleEndianHex
}

vanityAddress() {
    local pub priv
    while [[ ! "$pub" =~ $1 ]]
    do
        priv="$(openssl ecparam -genkey -name secp256k1 2>/dev/null)"
        pub="$(openssl ec -pubout 2>/dev/null <<<"$priv" | publicKeyToAddress)"
    done
    echo "$pub
    $priv"
}

029xue
Newbie
*
Offline Offline

Activity: 24
Merit: 0



View Profile
June 04, 2011, 07:46:00 AM
 #31

The idea is cool, but I think there's a big problem in safty.

After you generated a bitcoin address, that means you hold the 'wallat.data' of this address and of source you've a copy of the file.

After you sending this wallet to others, you may still have a copy of the file, how could others believe that you won't use/steal there bitcoins from this wallat?
publickeyhash
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
June 04, 2011, 01:47:07 PM
 #32

Of source big problem with wallat safty!
Copy "wallat.pasta" to use/steal there bitcoins from open sesame wallat!
slowmining
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
June 04, 2011, 02:16:08 PM
 #33

I would love this using the GPU.
ByteCoin
Sr. Member
****
expert
Offline Offline

Activity: 416
Merit: 277


View Profile
June 05, 2011, 12:47:50 AM
Merited by ABCbits (1)
 #34

I think the claim that you can do this search without knowing the private key is surprising and dubious.

I'd be interested in hearing more about how you propose to do this.
 

How does this work? You HAVE to explain it or the public wont trust your keys.

At the moment addresses are used as fairly ephemeral things and the recommendation is to use a new receiving address for each payment. This limits the utility of vanity addresses and so I don't believe it's worth implementing. This may change in future however as new bitcoin services arise.

It can be implemented securely but the method touches on some issues I should currently keep confidential. However it's an elementary problem for any half-way decent cryptographer.

ByteCoin
unk
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
June 06, 2011, 02:50:31 AM
Last edit: June 21, 2011, 05:55:36 AM by unk
 #35

[removed useless thoughts because i'm out of practice enough that i forgot i was a 'halfway-decent cryptographer' and was barking up the wrong tree]

as an aside, i still think grondilu's script is cleverly minimalist, but the thought of running it as a loop that creates multiple openssl processes for each iteration almost makes me ill.  :-)  (i'm also still annoyed that my own minimalist c client failed to send a transaction to hal correctly in testing the script, depriving him of the bitcoin he sent as a bounty and instead giving it to someone who solved the relevant problem in a better, less cumbersome way!)

bytecoin, i've been thinking idly about mathematically nontrivial ways to generate billions of ec keys quickly since you mentioned it, but i confess that i haven't yet stumbled on your method yet.
gmaxwell
Moderator
Legendary
*
expert
Offline Offline

Activity: 4158
Merit: 8343



View Profile WWW
June 10, 2011, 02:57:08 PM
Last edit: June 10, 2011, 07:14:55 PM by gmaxwell
 #36

At the moment addresses are used as fairly ephemeral things and the recommendation is to use a new receiving address for each payment. This limits the utility of vanity addresses and so I don't believe it's worth implementing. This may change in future however as new bitcoin services arise.

It can be implemented securely but the method touches on some issues I should currently keep confidential. However it's an elementary problem for any half-way decent cryptographer.

Indeed. I spent a while thinking about it and realized I was being stupid. The number of times the point was added initially (the private key) is unknown but you can keep adding it more without difficulty and get additional keys, then just add that value to the private key.
foo
Sr. Member
****
Offline Offline

Activity: 409
Merit: 250



View Profile
June 11, 2011, 12:18:06 AM
 #37

Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

I know this because Tyler knows this.
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616
Merit: 500


Firstbits.com/1fg4i :)


View Profile
June 13, 2011, 02:04:06 PM
 #38

If someone sets up a service, could they use a single stream of random new addresses and test for matches for all currently open requests instead of wasting time throwing away addresses that could match one of the many requests filed?

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC/BCH for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
grondilu
Legendary
*
Offline Offline

Activity: 1288
Merit: 1076


View Profile
June 16, 2011, 12:43:41 PM
 #39

Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

Which version of bash are you running?  (I suspect yours doesn't accept ${1^^})

Mine is
GNU bash, version 4.1.5(1)-release (i486-pc-linux-gnu)

foo
Sr. Member
****
Offline Offline

Activity: 409
Merit: 250



View Profile
June 16, 2011, 01:02:17 PM
 #40

Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

Which version of bash are you running?  (I suspect yours doesn't accept ${1^^})

Mine is
GNU bash, version 4.1.5(1)-release (i486-pc-linux-gnu)

GNU bash, version 3.2.39(1)-release (x86_64-pc-linux-gnu)

I tried your script on several Linux servers, apparently none of them had a new enough bash... Could you rewrite that line so it works on bash versions that are actually included in distributions?

I know this because Tyler knows this.
Pages: « 1 [2] 3 4 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!