|
|
samson
Legendary
 Offline
Activity: 2097
Merit: 1070
|
 |
December 02, 2017, 10:46:41 AM |
|
And soon there will be many more people trying to steal coins from that kind of addresses. Not many. There are no more than a dozen people in the whole world who can create and run such software. Keeping and updating in realtime the database is not simple and cheap task. You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address" 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple") and count the sweep attempts here: https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T(this block-explorer shows conflicting transactions) No more than a dozen.....lol...  |
|
|
|
|
kahc
Member
Offline
Activity: 350
Merit: 13
|
|
December 02, 2017, 03:12:30 PM |
|
And soon there will be many more people trying to steal coins from that kind of addresses. Not many. There are no more than a dozen people in the whole world who can create and run such software. Keeping and updating in realtime the database is not simple and cheap task. You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address" 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple") and count the sweep attempts here: https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T(this block-explorer shows conflicting transactions) No more than a dozen.....lol... I always thought that double-spender with the highest sending fee got favored. But it seems like the one with 312sat/B got included in the block first. |
|
|
|
|
|
carlisle1
|
|
December 02, 2017, 10:13:18 PM |
|
Wow  Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious. I am really excited to find out in which priv key generation code this thing is implemented. hes really a genius and an expert in hes field,its one of a kind to find such discovery but what made me think is how many people in crypto can do this kind of key generating code hacking,hope this one will alarm the authorities to make precautionary measures. |
|
|
|
|
Spendulus
Legendary
Offline
Activity: 2926
Merit: 1386
|
|
December 03, 2017, 03:54:28 AM |
|
Wow Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious. I am really excited to find out in which priv key generation code this thing is implemented. hes really a genius and an expert in hes field,its one of a kind to find such discovery but what made me think is how many people in crypto can do this kind of key generating code hacking,hope this one will alarm the authorities to make precautionary measures. There is reason to suspect, and to look for more such issues. |
|
|
|
|
|
btctousd81
|
|
December 03, 2017, 05:18:14 AM |
|
first3 methods are nothing new, i saw the same methods in some video , posted here .
using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
|
|
|
|
|
Intersan
|
|
December 03, 2017, 10:27:10 PM |
|
Wow Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious. I am really excited to find out in which priv key generation code this thing is implemented. hes really a genius and an expert in hes field,its one of a kind to find such discovery but what made me think is how many people in crypto can do this kind of key generating code hacking,hope this one will alarm the authorities to make precautionary measures. He have done a good work. I guess hackers are also upgrading their way of hacking and must come up with a new way of stealing. I do also hope that authorities will be concerned about it especially now that there are many new users in this forum. Bitcoin have attracted many attention when it reached $10 000 and of course it also looks so good in the eyes of hackers. We should always be careful. |
|
|
|
dacsee
Newbie
Offline
Activity: 18
Merit: 0
|
|
December 04, 2017, 04:20:22 AM |
|
Very interesting technical story.
Luckily that in today's age, most generated keys are derived from a high degree of randomness, instead of easily guessable keywords / phrases
|
|
|
|
|
|
amaclin1
|
|
December 04, 2017, 07:15:19 AM |
|
Luckily that in today's age, most generated keys are derived from a high
degree of randomness, instead of easily guessable keywords / phrases Sure?  |
|
|
|
|
Spendulus
Legendary
Offline
Activity: 2926
Merit: 1386
|
|
December 05, 2017, 01:07:35 AM |
|
Very interesting technical story.
Luckily that in today's age, most generated keys are derived from a high degree of randomness... How do you know for sure? |
|
|
|
|
Dr.Z
Newbie
Offline
Activity: 16
Merit: 0
|
|
December 05, 2017, 01:19:52 AM |
|
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
|
|
|
|
|
|
bigvito19
|
|
December 05, 2017, 08:03:15 PM |
|
first3 methods are nothing new, i saw the same methods in some video , posted here .
using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
What's the video link? |
|
|
|
|
BurtW
Legendary
Offline
Activity: 2646
Merit: 1138
All paid signature campaigns should be banned.
|
|
December 05, 2017, 08:09:21 PM
Last edit: December 05, 2017, 08:47:18 PM by BurtW |
|
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread. |
Our family was terrorized by Homeland Security. Read all about it here: http://www.jmwagner.com/ and http://www.burtw.com/ Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated! |
|
|
J. Cooper
Full Member
Offline
Activity: 294
Merit: 125
Alea iacta est
|
|
December 05, 2017, 08:31:27 PM |
|
Wow Amazing discovery of a amazing coup. The guy who made this and the guy which discovered it are pure genious. I am really excited to find out in which priv key generation code this thing is implemented. hes really a genius and an expert in hes field,its one of a kind to find such discovery but what made me think is how many people in crypto can do this kind of key generating code hacking,hope this one will alarm the authorities to make precautionary measures. I fail to see what authorities have to do with this in the first place. But regardless, super interesting find. I'm going to read up a lot more on this when I find some free time over the weekend. first3 methods are nothing new, i saw the same methods in some video , posted here .
using merkle roto and tx id as a private key and generate bitcoin address.,
but its like shooting in dark.
Is there a way you can provide me with a link to that video. I would like to aquire some more information on this matter. |
|
|
|
|
|
nibor
|
|
December 05, 2017, 09:29:30 PM |
|
And soon there will be many more people trying to steal coins from that kind of addresses. Not many. There are no more than a dozen people in the whole world who can create and run such software. Keeping and updating in realtime the database is not simple and cheap task. You can do a following test: send a small amount ( 0.0010 btc ) to "the most compromissed address" 1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T sha("correct horse battery staple") and count the sweep attempts here: https://bitaps.com/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T(this block-explorer shows conflicting transactions) Make that only a few million.... bitcoinj.org and a few 1000 lines of java and you are done. Only need a 5-50 gig leveldb database... Maybe a few days work plus another few to test it and get the sweep to work... |
|
|
|
|
Dr.Z
Newbie
Offline
Activity: 16
Merit: 0
|
|
December 06, 2017, 01:49:23 AM |
|
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread. What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified. |
|
|
|
|
kahc
Member
Offline
Activity: 350
Merit: 13
|
|
December 06, 2017, 01:53:30 AM |
|
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
The do not. Stop spreading FUD. Don't be an idiot, read the thread. What I am saying who put those code there and why Blockchain.info did not aware that the key generation program had been modified. If you did read the thread, then you must be smoking something good Blockchain.info checked their code repository, these addresses are not generated from them. |
|
|
|
|
Spendulus
Legendary
Offline
Activity: 2926
Merit: 1386
|
|
December 06, 2017, 03:58:03 AM |
|
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
Nobody said they did. Maybe it was a hacked wallet, or a key logger running on a computer whee the transaction occurred. |
|
|
|
|
Dr.Z
Newbie
Offline
Activity: 16
Merit: 0
|
|
December 06, 2017, 05:41:44 AM |
|
If you did read the thread, then you must be smoking something good Blockchain.info checked their code repository, these addresses are not generated from them. It is well explained in the thread why it was not a hacked wallet. Because if someone hacked into the wallet, he was no need to import a "blockhash or txhash based address", just hardcode one will be good. |
|
|
|
|
User365
Sr. Member
Offline
Activity: 434
Merit: 251
physics, mathematics and engineering
|
|
December 06, 2017, 10:23:14 AM |
|
How comes Blockchain.info generates private keys using block hashes or tx id instead of random numbers. Who had the privilege to change the key generation methods?
Nobody said they did. Maybe it was a hacked wallet, or a key logger running on a computer whee the transaction occurred. According to the facts of the OP I think it is safe to say that this was a dev of a company which implemented it into the code. A malware would act different (f.e. Hardcode priv key's so nobody can recognize it) |
[could be your ad]
|
|
|
|
