Bitcoin Forum
October 17, 2018, 10:04:39 PM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Newly Generated Wallet has Bitcoin in balalnce  (Read 899 times)
bitMiinner
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
November 26, 2017, 03:38:58 AM
 #1

Hello All,

Today I have generated new bitcoin wallet using NBitcoin and I found that it was having already balance present in it. Although balance is of 0.037296 BTC which is less but still I am not sure how I got wallet key which have already balance in it.

If its so then how we can say BTW is safe?

Please guide me.
1539813879
Hero Member
*
Offline Offline

Posts: 1539813879

View Profile Personal Message (Offline)

Ignore
1539813879
Reply with quote  #2

1539813879
Report to moderator
1539813879
Hero Member
*
Offline Offline

Posts: 1539813879

View Profile Personal Message (Offline)

Ignore
1539813879
Reply with quote  #2

1539813879
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
HCP
Hero Member
*****
Offline Offline

Activity: 756
Merit: 932

<insert witty quote here>


View Profile
November 26, 2017, 03:50:49 AM
 #2

Can you post the address... and a signed message from that address proving that you actually have ownership of it?

The odds of this being real are pretty small... if true, congrats, you just "broke" BTC Tongue

Z3h
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
November 26, 2017, 03:57:16 AM
 #3

Even though I would love to be alive at the moment sha256 collides with old address it is so unlikely that at best this episode just increases the probability that the wallet generator is broken.

A signed transaction with the wallet address would go a long way to see this happening for real.

Anyhow, congrats Smiley
bitMiinner
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
November 26, 2017, 04:23:49 AM
 #4

Just did few research and I found that it possible. Practically yes

Here is already hacked private key address and format.

http://directory.io/0

Check from pages 0-4 almost 500 entries and all of them having different last 7 characters and rest all same.

Go with reverse engineering and generate this last 7 characters validate them and if found validate them and if found valid base58 key then generate public key + address from that.

You got access to this.

Blockchain is also hack able
DarkStar_
Legendary
*
Online Online

Activity: 1120
Merit: 1427

*dabs*


View Profile WWW
November 26, 2017, 06:10:29 AM
 #5

Just did few research and I found that it possible. Practically yes

Here is already hacked private key address and format.

http://directory.io/0

Check from pages 0-4 almost 500 entries and all of them having different last 7 characters and rest all same.

Go with reverse engineering and generate this last 7 characters validate them and if found validate them and if found valid base58 key then generate public key + address from that.

You got access to this.

Blockchain is also hack able

Not hacked, anyone can generate private keys. It doesn't mean you'll find a collision though.


HeRetiK
Hero Member
*****
Offline Offline

Activity: 896
Merit: 753


the forkings will continue until morale improves


View Profile
November 26, 2017, 12:41:15 PM
 #6

Can you post the address... and a signed message from that address proving that you actually have ownership of it?

The odds of this being real are pretty small... if true, congrats, you just "broke" BTC Tongue

I think OP might have come across a broken wallet implementation.

OP, have you gotten in touch with the devs of NBitcoin? If not, now would be the time. It seems like they got a serious bug in the way they generate their private keys.

haltingprobability
Member
**
Offline Offline

Activity: 98
Merit: 20


View Profile
November 26, 2017, 05:25:38 PM
 #7

Blockchain is also hack able

At most, it's a problem with the wallet. You will never generate, through proper key-generation methods, a colliding key-pair with someone else on the blockchain. Human intuition fails to grasp just how large 2256 really is. A colliding address is on the order of 2-160 probability, which is roughly equivalent to 1/1048. This is not "less probable than choosing the same atom twice, at random" but it's vastly improbable - it's zero for all practical purposes.
cr1776
Legendary
*
Offline Offline

Activity: 2030
Merit: 1008


View Profile
November 26, 2017, 05:46:31 PM
 #8

Can you post the address... and a signed message from that address proving that you actually have ownership of it?

The odds of this being real are pretty small... if true, congrats, you just "broke" BTC Tongue

I think OP might have come across a broken wallet implementation.

OP, have you gotten in touch with the devs of NBitcoin? If not, now would be the time. It seems like they got a serious bug in the way they generate their private keys.


And OP, related to this USE A DIFFERENT WALLET. If there are coins in that address, as above, this may be a buggy wallet and as such someone else could access coins you put there too.

Better to be safe than lose your coins.
aplistir
Full Member
***
Online Online

Activity: 266
Merit: 108



View Profile
November 26, 2017, 05:53:46 PM
 #9

Can you post the address... and a signed message from that address proving that you actually have ownership of it?

The odds of this being real are pretty small... if true, congrats, you just "broke" BTC Tongue

So...
Anyone owning a wallet address with some balance in it is now a PROOF that a collision has occurred Huh
I do not see how that proves anything.

However. If the address has an old spend action in it, and you are able to spend with a different private key publishing a different public key to the blockchain in the process. That would indeed convince me.
 
Having 2 different keys that generate the same address would definitely be an address collision. And it is 2^96 times more probable than accidentally finding the exact same private/public key pair that generates the same address.

I believe that an address collision is bound to happen sooner or later. The probability is very low, but that does not mean it is impossible Smiley

My Address: 121f7zb2U4g9iM4MiJTDhEzqeZGHzq5wLh
aplistir
Full Member
***
Online Online

Activity: 266
Merit: 108



View Profile
November 26, 2017, 06:09:23 PM
 #10

Today I have generated new bitcoin wallet using NBitcoin and I found that it was having already balance present in it. Although balance is of 0.037296 BTC which is less but still I am not sure how I got wallet key which have already balance in it.

If its so then how we can say BTW is safe?

I looked from the blockchain. There are only 4 addresses with balance of  0.037296 BTC . So which of these is yours?   Grin Grin
Code:
1BL7BiH2poVZ8Uuj2LVT3WXajxfir1db8G       0.03729600
1CYtTy7XjyWmBRzQsdPSLz1hNE2mwejw4t       0.03729600
1HvXCTEvPhjxZuqN961FjT4zjvzaf1Bzjh        0.03729600

3PVkw5qrCr3o62vvrAH3S1f13MFLVHdZ6f      0.03729600

And the last one of those is probably a multisig address, so I am pretty sure that isn't it.

Bitcoin is considered safe, because it is very improbable that address collision would happen. Not impossible though.

My Address: 121f7zb2U4g9iM4MiJTDhEzqeZGHzq5wLh
AtheistAKASaneBrain
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500


View Profile
November 26, 2017, 06:45:07 PM
 #11

Can you post the address... and a signed message from that address proving that you actually have ownership of it?

The odds of this being real are pretty small... if true, congrats, you just "broke" BTC Tongue

I think OP might have come across a broken wallet implementation.

OP, have you gotten in touch with the devs of NBitcoin? If not, now would be the time. It seems like they got a serious bug in the way they generate their private keys.


This must be it. There are guys running key generation machines all day, it's called the "Large Bitcoin Collider", and to my knowledge, they've passed trillions of created addresses and there isn't a single collision yet. They only found flaws on some wallets but they don't count as legit collapses.

I don't think that OP won the hardest lottery ever to win to be honest, I would need further proof.
btctousd81
Sr. Member
****
Offline Offline

Activity: 392
Merit: 252


View Profile WWW
November 27, 2017, 02:59:12 AM
 #12

either you are super duper lucky, or bad wallet generator code.

looks like wallets random number generator isnt that much random .

try , contacting wallet's support ,
try generating more address if something like this happens again, then defeinetely wallet issue, dont use that wallet.

what wallet generator is that ?


                                       

Spendulus
Legendary
*
Offline Offline

Activity: 2030
Merit: 1074



View Profile
November 27, 2017, 03:51:06 AM
 #13

Hello All,

Today I have generated new bitcoin wallet using NBitcoin and I found that it was having already balance present in it. Although balance is of 0.037296 BTC which is less but still I am not sure how I got wallet key which have already balance in it.

If its so then how we can say BTW is safe?

Please guide me.

What has likely happened here is that you have downloaded and installed a wallet that has been altered so that funds put into it could be stolen. This requires only that the perp generate a limited series of private keys that are known or discoverable to him. In the simplest case, each wallet installed would generate the same keys, and he would have a script scanning the blockchain for funds in these addresses.

You have evidence of at least two wallets with the same key.

I suggest deleting the wallet, maybe print the private keys first so they can be studied. Then start fresh, first establishing that your computer is clean. Start fresh with a different wallet, one that you can download and validate the signature on.
Nicolas Dorier
Hero Member
*****
Offline Offline

Activity: 700
Merit: 501


View Profile
November 27, 2017, 06:11:32 AM
 #14

What is the wallet name? This can come from:

1. A malicious wallet
2. A bug of RNG in NBitcoin (unlikely, as it is using the underlying OS RNG)
3. A wallet done by somebody who replaced the default RNG of NBitcoin by an unsecure one.
4. A bug in the underlying OS RNG (which would be very bad)

Please give more details.

Bitcoin address 15sYbVpRh6dyWycZMwPdxJWD4xbfxReeHe
nopara73
Newbie
*
Online Online

Activity: 21
Merit: 6


View Profile
November 27, 2017, 06:31:59 AM
 #15

> Today I have generated new bitcoin wallet using NBitcoin and I found that it was having already balance present in it.

NBitcoin is a library. One cannot "generate a wallet" with it. Do you mean `new Key()` code had a collision?
AtheistAKASaneBrain
Hero Member
*****
Offline Offline

Activity: 770
Merit: 500


View Profile
November 27, 2017, 02:40:43 PM
 #16

There should be a rule that says that unless your discovery of a newly generated address with coins on it happened in Bitcoin Core then chances are your software is shit and there's something wrong with the code.

Everyone that has been using the native client since day 1 has never had one of these so called collisions. It just hasn't happened. You have more chances of getting hit by an asteroid tomorrow during your commute to your job than you'll ever have chances to get a legitimate collision, literally speaking.
buwaytress
Hero Member
*****
Offline Offline

Activity: 770
Merit: 703


I bit, therefore I am


View Profile
November 27, 2017, 02:52:35 PM
 #17

We've had staff, mods, and very reputable members already point out the fallibility of these collision claims. They and and others have given the hard number approximates on probability to ever have this happen and thanks Darkstar for that graphic (which I now intend to use!).

Not usually mean but OP is clearly a troll, belongs in the Collider discussion thread with other shills, along with flat earthers and co.

Now that you've shown Bitcoin can be broken, better go break the Bitcoin bank at casinos =)

There should be a rule that says that unless your discovery of a newly generated coin happened in Bitcoin Core then chances are your software is shit and there's something wrong with the code.

Everyone that has been using the native client since day 1 has never had one of these so called collisions. It just hasn't happened. You have more chances of getting hit by an asteroid tomorrow during your commute to your job than you'll ever have chances to get a legitimate collision, literally speaking.

I'd say the chances of that happening to him 100 times in a row were still higher!

HeRetiK
Hero Member
*****
Offline Offline

Activity: 896
Merit: 753


the forkings will continue until morale improves


View Profile
November 27, 2017, 07:10:35 PM
 #18

There should be a rule that says that unless your discovery of a newly generated address with coins on it happened in Bitcoin Core then chances are your software is shit and there's something wrong with the code.

Everyone that has been using the native client since day 1 has never had one of these so called collisions. It just hasn't happened. You have more chances of getting hit by an asteroid tomorrow during your commute to your job than you'll ever have chances to get a legitimate collision, literally speaking.

Well, sometimes it does go deeper than your own code:

https://bitcoin.org/en/alert/2013-08-11-android

Either way, if a user comes across such a "collision" they should definitely report it -- albeit rather by contacting the devs directly instead of posting on a public forum.

Also I will now blame you for my newfound phobia of rocks falling from the sky.

Spendulus
Legendary
*
Offline Offline

Activity: 2030
Merit: 1074



View Profile
November 27, 2017, 09:16:02 PM
 #19

There should be a rule that says that unless your discovery of a newly generated address with coins on it happened in Bitcoin Core then chances are your software is shit and there's something wrong with the code.

Everyone that has been using the native client since day 1 has never had one of these so called collisions. It just hasn't happened. You have more chances of getting hit by an asteroid tomorrow during your commute to your job than you'll ever have chances to get a legitimate collision, literally speaking.

Well, sometimes it does go deeper than your own code:

https://bitcoin.org/en/alert/2013-08-11-android

Either way, if a user comes across such a "collision" they should definitely report it -- albeit rather by contacting the devs directly instead of posting on a public forum.

Also I will now blame you for my newfound phobia of rocks falling from the sky.

Look, there is the android RNG problem you mention, there was a similar one that enabled the Sony playstation hack, there are others. A dysfunction random number gen is a direct enabler of back door entry and of password decryption.

In practice there isn't any difference between active insertion of defective RNG and accidental actions as the end result is the same, an insecure system capable of being successfully attacked.

An address with funds in it on loading a wallet is glaring evidence of the existence of a problem with the wallet, but not of the cryptographic system.
HeRetiK
Hero Member
*****
Offline Offline

Activity: 896
Merit: 753


the forkings will continue until morale improves


View Profile
November 27, 2017, 11:03:00 PM
 #20

There should be a rule that says that unless your discovery of a newly generated address with coins on it happened in Bitcoin Core then chances are your software is shit and there's something wrong with the code.

Everyone that has been using the native client since day 1 has never had one of these so called collisions. It just hasn't happened. You have more chances of getting hit by an asteroid tomorrow during your commute to your job than you'll ever have chances to get a legitimate collision, literally speaking.

Well, sometimes it does go deeper than your own code:

https://bitcoin.org/en/alert/2013-08-11-android

Either way, if a user comes across such a "collision" they should definitely report it -- albeit rather by contacting the devs directly instead of posting on a public forum.

Also I will now blame you for my newfound phobia of rocks falling from the sky.

Look, there is the android RNG problem you mention, there was a similar one that enabled the Sony playstation hack, there are others. A dysfunction random number gen is a direct enabler of back door entry and of password decryption.

In practice there isn't any difference between active insertion of defective RNG and accidental actions as the end result is the same, an insecure system capable of being successfully attacked.

An address with funds in it on loading a wallet is glaring evidence of the existence of a problem with the wallet, but not of the cryptographic system.

Ah, sorry, I guess that came out wrong.

I merely wanted to point out that sometimes the error lies beyond the scope of the application developer, ie. your software can still fall victim to a vulnerability without your code being shit. In either case it should be reported because best case the application has a problem, worst case its the platform's -- or the used crypto library's -- fault.

I didn't mean to imply that Bitcoin's keyspace is even remotely small enough for a collision to occur.


Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!