Bitcoin Forum
November 03, 2024, 05:17:25 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 »  All
  Print  
Author Topic: Vanity bitcoin addresses: a new way to keep your CPU busy  (Read 29836 times)
SgtSpike
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
June 28, 2011, 09:30:17 PM
 #61

If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?
I think someone quotes something along the lines of billions of years in a previous discussion regarding this.

I suppose it depends on how efficient your algorithms are, but I wouldn't count on finding anything anytime soon.
EricJ2190
Full Member
***
Offline Offline

Activity: 134
Merit: 102


View Profile
June 28, 2011, 10:12:09 PM
 #62

If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

Never. Even if the whole generating network was behind it, it would probably never even stumble upon a previously used address, much less one that is worth more than the number of blocks it could have generated instead. Generating blocks is trivial compared to this.

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112). The probably of finding a block at 35 times the current difficulty is around 1/(2^64). Therefore, it would take 2^48 (281 trillion) times longer to find a previously used address. So if it takes you ten minutes to find a block, it will take over five billion years to find a used address.

Now keep in mind that we don't have 4 billion users, most users have far less then 65 thousand addresses, and the current difficulty is much lower then I used in these calculations. Mining sounds a lot more profitable.

NOTE: I assumed generating an address took equal time as generating a proof-of-work hash. However, I believe generating an address is actually slower since it involves both EC key generation and hashing.
no_alone
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
June 29, 2011, 07:06:59 PM
 #63

If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

Never. Even if the whole generating network was behind it, it would probably never even stumble upon a previously used address, much less one that is worth more than the number of blocks it could have generated instead. Generating blocks is trivial compared to this.

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112). The probably of finding a block at 35 times the current difficulty is around 1/(2^64). Therefore, it would take 2^48 (281 trillion) times longer to find a previously used address. So if it takes you ten minutes to find a block, it will take over five billion years to find a used address.

Now keep in mind that we don't have 4 billion users, most users have far less then 65 thousand addresses, and the current difficulty is much lower then I used in these calculations. Mining sounds a lot more profitable.

NOTE: I assumed generating an address took equal time as generating a proof-of-work hash. However, I believe generating an address is actually slower since it involves both EC key generation and hashing.

Dont you just like probability

Mine only when pc is IDLE totally indivisible...
http://forum.bitcoin.org/index.php?topic=9851.0
Mine on family computer without disturbing them

Donation : 1GjpJnLU8zdfEHW7FoCx2UUosJgc9prXN4
joan
Jr. Member
*
Offline Offline

Activity: 56
Merit: 1



View Profile
June 29, 2011, 09:17:04 PM
Last edit: June 29, 2011, 09:34:37 PM by joan
 #64

If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

(…)

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112).

The probability for two addresses to match is much higher than 1/(2^112) though. It's more complex than doing 2^160/2^48. Check the Birthday attack.
Also, TiagoTiago mentionned using current mining resources to generate addresses, so I guess it's fair to say that the 2^16 figure is underestimated, that would be more like… 2^16 per second. (But there is not 4 billion miners, yet)

While we are on probabilities, and I'm by no means an expert in these, someone mentioned in a previous page of this thread that to find the "1Kahlahan…" vanity address (8 fixed chars) would take roughly 1.28e14 attempts.
I think this is underestimated. (It seems to come from the intuitive 58^8).
My own computation gives me 2.99e+15, which is an order of magnitude higher. (I decode the base58 and do the maths on the hash160).
Yeti
Member
**
Offline Offline

Activity: 112
Merit: 10

Firstbits: 1yetiax


View Profile
June 29, 2011, 09:50:40 PM
 #65

Thanks for reviving this old thread.

I've added a "vanityAddress" function in my bash lib:
Cool, except it doesn't work...

Code:
bash: ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }: bad substitution

grondilu, my hero! This script works very nicely without patching the source code (I just use a Bitcoin binary)!

I did the following modifications to make it compatible with GNU Bash 3.x:

Code:
encodeBase58() {
    # 58 = 0x3A
    n=`echo $1 | tr '[:lower:]' '[:upper:]'`
    bc <<<"ibase=16; n=$n; while(n>0) { n%3A ; n/=3A }" |
    tac |
    while read n
    do echo -n ${base58[n]}
    done
}
...
publicKeyToAddress() {
    hash160ToAddress $(openssl ec -pubin -pubout -outform DER 2>/dev/null | tail -c65 | hash160)
}

It found a simple two letter address very quickly. Now if someone could port this to OpenCL, that would be great!

1YetiaXeuRzX9QJoQNUW84oX2EiXnHgp3 or http://payb.tc/yeti

Since Bitcoin Randomizer is dead, join the Bitcoin Pyramid (referrer id #203)! Be quick, be on top! Instant payout as soon as one of your referrals deposits!
EricJ2190
Full Member
***
Offline Offline

Activity: 134
Merit: 102


View Profile
June 29, 2011, 10:14:44 PM
 #66

If mining hardware was instead dedicated to generating new addresses; how long do you think would it take till someone stumbled on an existing address that had more BTC stored than what the person would have earned by mining?

(…)

Their are 2^160 possible addresses. Lets say 2^32 (4 billion) people use Bitcoin and each generate 2^16 (65 thousand) address. That gives us 2^48 total addresses out of 2^160 possible. The probability of a generated address matching one of these is 1/(2^112).

The probability for two addresses to match is much higher than 1/(2^112) though. It's more complex than doing 2^160/2^48. Check the Birthday attack.
Also, TiagoTiago mentionned using current mining resources to generate addresses, so I guess it's fair to say that the 2^16 figure is underestimated, that would be more like… 2^16 per second. (But there is not 4 billion miners, yet)

While we are on probabilities, and I'm by no means an expert in these, someone mentioned in a previous page of this thread that to find the "1Kahlahan…" vanity address (8 fixed chars) would take roughly 1.28e14 attempts.
I think this is underestimated. (It seems to come from the intuitive 58^8).
My own computation gives me 2.99e+15, which is an order of magnitude higher. (I decode the base58 and do the maths on the hash160).


The 2^16 figure is just the for the number of addresses actually being used by each normal user, not what you can generate. My point in that part was that there are no more than 2^48 bitcoin addresses that would be of any interest to find a private key for.

For the Birthday Attack, this just means it would be easier to find some two private keys that result in a common but unspecified address. However, we are not looking for any collision here. We specifically are looking for a key with an address in the set of previously used addresses. This is the same as PoW hashing, which I am comparing it with, where we are looking for value with a hash in the set of acceptable hashes.
dserrano5
Legendary
*
Offline Offline

Activity: 1974
Merit: 1029



View Profile
June 30, 2011, 07:15:05 AM
 #67

Hmm, if I quote the regex in the shell, the generated address is shorter:

Code:
$ ./bitcoind getaddressesbyaccount ''
[
    "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
    ...
]
$ ./bitcoind getnewaddress '' '^11'
...searching...
$ ./bitcoind getaddressesbyaccount ''
[
    "11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4",
    "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
    ...
]
$ ./bitcoind getnewaddress '' ^11
...searching...
$ ./bitcoind getaddressesbyaccount ''
[
    "113wjPuzxuDn3WjjautVdQu28DhA8zqhy3",
    "11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4",
    "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
    ...
]
$ _

Does that make sense? I understand addresses have a fixed length.
Yeti
Member
**
Offline Offline

Activity: 112
Merit: 10

Firstbits: 1yetiax


View Profile
June 30, 2011, 07:59:37 AM
 #68

Nope, probably a bug. The address you generated is not a valid bitcoin address.

1YetiaXeuRzX9QJoQNUW84oX2EiXnHgp3 or http://payb.tc/yeti

Since Bitcoin Randomizer is dead, join the Bitcoin Pyramid (referrer id #203)! Be quick, be on top! Instant payout as soon as one of your referrals deposits!
dserrano5
Legendary
*
Offline Offline

Activity: 1974
Merit: 1029



View Profile
June 30, 2011, 08:41:35 AM
 #69

Nope, probably a bug. The address you generated is not a valid bitcoin address.

bitcoind disagrees:

Code:
$ for I in 113wjPuzxuDn3WjjautVdQu28DhA8zqhy3 11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4 12345Vypv2QSmuRXcciT5oEB27mPbWGeva; do
>     ./bitcoind validateaddress $I |grep -E 'isvalid|address'
> done
    "isvalid" : true,
    "address" : "113wjPuzxuDn3WjjautVdQu28DhA8zqhy3",
    "isvalid" : true,
    "address" : "11dYT3E4D9QWocteC9bnMzvWaSSqNn8m4",
    "isvalid" : true,
    "address" : "12345Vypv2QSmuRXcciT5oEB27mPbWGeva",
$ _

A different installation of bitcoin (version 0.3.21) on a different computer gives the same output.
Yeti
Member
**
Offline Offline

Activity: 112
Merit: 10

Firstbits: 1yetiax


View Profile
June 30, 2011, 09:07:15 AM
 #70

Ok, good to know. Then all the "checkAddress" scripts are wrong. They seem to check for a fixed length.

I should have known that since the bitcoin client probably does internal checks when generating an address. Wink

1YetiaXeuRzX9QJoQNUW84oX2EiXnHgp3 or http://payb.tc/yeti

Since Bitcoin Randomizer is dead, join the Bitcoin Pyramid (referrer id #203)! Be quick, be on top! Instant payout as soon as one of your referrals deposits!
dserrano5
Legendary
*
Offline Offline

Activity: 1974
Merit: 1029



View Profile
June 30, 2011, 09:24:13 AM
 #71

The wiki says:

Quote
Mainline addresses can be 25-34 characters in length, and testnet addresses can be 26-34 characters in length. Most addresses are 33 or 34 characters long, though.

I had already read that when I first knew about bitcoin, but I read so many things in a couple of days that it's no surprise I've forgotten many of them Smiley.
Yeti
Member
**
Offline Offline

Activity: 112
Merit: 10

Firstbits: 1yetiax


View Profile
June 30, 2011, 09:56:36 AM
 #72

Yeah, the regex that is used in grondilu's scripts is pretty simple. It just checks for base58 characters and a length of 34. Theymos' PHP script validates the checksum, afai can tell.

grondilu, do you have a newer version of your bash lib with checksum check? Otherwise I'm tempted to port the checksum check to bash.

1YetiaXeuRzX9QJoQNUW84oX2EiXnHgp3 or http://payb.tc/yeti

Since Bitcoin Randomizer is dead, join the Bitcoin Pyramid (referrer id #203)! Be quick, be on top! Instant payout as soon as one of your referrals deposits!
Ryland R. Taylor-Almanza
Legendary
*
Offline Offline

Activity: 882
Merit: 1001



View Profile
July 01, 2011, 12:01:32 AM
 #73

Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

.BITSLER.                 ▄███
               ▄████▀
             ▄████▀
           ▄████▀  ▄██▄
         ▄████▀    ▀████▄
       ▄████▀        ▀████▄
     ▄████▀            ▀████▄
   ▄████▀                ▀████▄
 ▄████▀ ▄████▄      ▄████▄ ▀████▄
█████   ██████      ██████   █████
 ▀████▄ ▀████▀      ▀████▀ ▄████▀
   ▀████▄                ▄████▀
     ▀████▄            ▄████▀
       ▀████▄        ▄████▀
         ▀████▄    ▄████▀
           ▀████▄▄████▀
             ▀██████▀
               ▀▀▀▀
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄            
▄▄▄▄▀▀▀▀    ▄▄█▄▄ ▀▀▄         
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄      
█  ▀▄▄  ▀█▀▀ ▄      ▀████   ▀▀▄   
█ █▄  ▀▄   ▀████       ▀▀ ▄██▄ ▀▀▄
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█  ▀▀       ▀▄▄ ▀████      ▄▄▄▀▀▀  █
█            ▄ ▀▄    ▄▄▄▀▀▀   ▄▄  █
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
█ ▄▄   ███   ▀██  █           ▀▀  █ 
█ ███  ▀██       █        ▄▄      █ 
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  
▀▄            █        ▀▀      █  
▀▀▄   ███▄  █   ▄▄          █   
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    
▀▀▄   █   ▀▀▄▄▄▀▀▀         
▄▄▄▄▄▄▄▄▄▄▄█▄▄▀▀▀▀              
              ▄▄▄██████▄▄▄
          ▄▄████████████████▄▄
        ▄██████▀▀▀▀▀▀▀▀▀▀██████▄
▄     ▄█████▀             ▀█████▄
██▄▄ █████▀                ▀█████
 ████████            ▄██      █████
  ████████▄         ███▀       ████▄
  █████████▀▀     ▄███▀        █████
   █▀▀▀          █████         █████
     ▄▄▄         ████          █████
   █████          ▀▀           ████▀
    █████                     █████
     █████▄                 ▄█████
      ▀█████▄             ▄█████▀
        ▀██████▄▄▄▄▄▄▄▄▄▄██████▀
          ▀▀████████████████▀▀
              ▀▀▀██████▀▀▀
            ▄▄▄███████▄▄▄
         ▄█▀▀▀ ▄▄▄▄▄▄▄ ▀▀▀█▄
       █▀▀ ▄█████████████▄ ▀▀█
     █▀▀ ███████████████████ ▀▀█
    █▀ ███████████████████████ ▀█
   █▀ ███████████████▀▀ ███████ ▀█
 ▄█▀ ██████████████▀      ▀█████ ▀█▄
███ ███████████▀▀            ▀▀██ ███
███ ███████▀▀                     ███
███ ▀▀▀▀                          ███
▀██▄                             ▄██▀
  ▀█▄                            ▀▀
    █▄       █▄▄▄▄▄▄▄▄▄█
     █▄      ▀█████████▀
      ▀█▄      ▀▀▀▀▀▀▀
        ▀▀█▄▄  ▄▄▄
            ▀▀█████
[]
BitVapes
Full Member
***
Offline Offline

Activity: 140
Merit: 100


BitVapes.com


View Profile WWW
July 01, 2011, 06:03:10 AM
 #74

Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

someone posted a working patch for the latest bitcoin source, it compiled fine for me in linux.  I verified it worked by having it "search" for a 1-byte vanity address 'a' and it gave me one.

I let it run for a few minutes trying to find one with 'BitVapes' but I'm sure it would take over 9,000 years.   I did notice it only tied to one cpu core so I kicked off multiple instances to max out my cpus before shutting it down for fear of melting my box on this basically futile but fun effort.

Buy Electronic Cigarettes with Bitcoin @ http://bitvapes.com
SgtSpike
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
July 01, 2011, 06:31:14 AM
 #75

Anyway to generate a vanity address in windows with the current bitcoin client? My friend wants one.

someone posted a working patch for the latest bitcoin source, it compiled fine for me in linux.  I verified it worked by having it "search" for a 1-byte vanity address 'a' and it gave me one.

I let it run for a few minutes trying to find one with 'BitVapes' but I'm sure it would take over 9,000 years.   I did notice it only tied to one cpu core so I kicked off multiple instances to max out my cpus before shutting it down for fear of melting my box on this basically futile but fun effort.
Just curious - does the patch say how many addresses it generates and looks through per second?
BitVapes
Full Member
***
Offline Offline

Activity: 140
Merit: 100


BitVapes.com


View Profile WWW
July 01, 2011, 06:55:19 AM
 #76

Just curious - does the patch say how many addresses it generates and looks through per second?

not that I can tell, it just says "Searching..."

Buy Electronic Cigarettes with Bitcoin @ http://bitvapes.com
joan
Jr. Member
*
Offline Offline

Activity: 56
Merit: 1



View Profile
July 01, 2011, 08:30:35 AM
 #77

It should dump a message in the log every 100K attempts though.
dserrano5
Legendary
*
Offline Offline

Activity: 1974
Merit: 1029



View Profile
July 01, 2011, 09:28:44 AM
 #78

Just curious - does the patch say how many addresses it generates and looks through per second?

Look in the debug.log for lines like "Vanity key tried 100000". Give it some minutes (20?) to appear though.

What I really miss in the debug log is a timestamp; shouldn't be hard to add even when not being able to say hello in C++ Smiley.
samr7
Full Member
***
Offline Offline

Activity: 140
Merit: 430

Firstbits: 1samr7


View Profile
July 01, 2011, 05:40:14 PM
 #79

I have an observation to make about this.

The parts of the address after the leading "1" would appear to be computed from a pseudorandom integer ranging 0 .. (256^24)-1.

The largest possible value is 33 base-58 digits long, approximately:

23.33798 x 58^32

If the address value is chosen randomly between 0 and the value above, then:

95.715% will be equal or greater than 58^32, and that group will produce an address with 33 characters following the "1", where the first letter is in the set "23456789ABCDEFGHJKLMNPQR".

3.894% will be less than 58^32 and greater than or equal to 256^23.  These will produce an address with 32 characters following the "1", with any base-58 character except "1" as the first letter.

0.391% will be less than 256^23, i.e. the most significant byte is 0.  The base-58 encoder will prefix these with at least two 1s instead of one.

So, the easier vanity addresses start with "23456789ABCDEFGHJKLMNPQR".  If you want a vanity address starting with any letter from "STUVWXYZabcdefghijkmnopqrstuvwxyz", you're going to have to spend a lot more cycles to find it.
SgtSpike
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
July 01, 2011, 05:55:39 PM
 #80

I have an observation to make about this.

The parts of the address after the leading "1" would appear to be computed from a pseudorandom integer ranging 0 .. (256^24)-1.

The largest possible value is 33 base-58 digits long, approximately:

23.33798 x 58^32

If the address value is chosen randomly between 0 and the value above, then:

95.715% will be equal or greater than 58^32, and that group will produce an address with 33 characters following the "1", where the first letter is in the set "23456789ABCDEFGHJKLMNPQR".

3.894% will be less than 58^32 and greater than or equal to 256^23.  These will produce an address with 32 characters following the "1", with any base-58 character except "1" as the first letter.

0.391% will be less than 256^23, i.e. the most significant byte is 0.  The base-58 encoder will prefix these with at least two 1s instead of one.

So, the easier vanity addresses start with "23456789ABCDEFGHJKLMNPQR".  If you want a vanity address starting with any letter from "STUVWXYZabcdefghijkmnopqrstuvwxyz", you're going to have to spend a lot more cycles to find it.
Interesting...  I have noticed a lot fewer lower case letters in addresses than upper case, and wondered why that was....
Pages: « 1 2 3 [4] 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!