Vanitygen: Vanity bitcoin address generator/miner [v0.22]

[K1773R]

When I use vanitygen it says "error loading calc_address.cl"
Does anyone know the solution to this problem?

cd first to the directory where vanitiygen is

cd? Sorry, I'm a noob...
 

i guess winblows user
put calc_address.cl in the same folder as oclvanitygen.exe

[FlappySocks]

I never got oclvanitygen to work on my GPU (only CPU which gets 750kkeys/s) so I read here that I should downgrade to AMD Catalyst 12.8.
So I did that, but still oclvanitygen does not work on my GPU:

Code:

Compiling kernel, can take minutes...LLVM ERROR: Cannot select: 0x549e808: i8 = ...

Anyone knows how to fix this?

I was getting a similar error from my 7750 when I was running it with 13.1.  It works fine with 12.10, though.  I'd give that version a shot.

Is this is a bug in OpenCL?  Has it been reported to AMD?

[bitpop]

Prefix must be at the end :-(

[bitpop]

vanitygen.exe -o file.txt 1s

[bitpop]

I think it's -k mister just found it
Lay off the weed bro ;-)

[bitpop]

Make a new thread Vanitygen Prefixes and esamples

[jaywaka2713]

Make a new thread Vanitygen Prefixes and esamples

There should be a list of the major altcoins and their corresponding prefixes in the OP.

https://bitcointalk.org/index.php?topic=225680.0/

My business thread has them all. Just scroll down.

[TheJackster]

Could anyone please tell me how to rectify the following error?

Code:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.


C:\Users\#\Desktop\vanitygen>oclvanityminer -u https://vanitypool.appsot.
com/ -a ##
Get work request failed: Peer certificate cannot be authenticated with given CA
certificates

C:\Users\#\Desktop\vanitygen>oclvanityminer -u https://vanitypool.appspot
.com/ -a ##
clGetPlatformIDs(0): Unknown code -1001
clGetPlatformIDs(0): Unknown code -1001
Available OpenCL platforms:

[refer_2_me]

Hi,
So I made a brain wallet a little while ago and put some coins in it. Not many (~1-2), but given current prices, I figure it's worth it to try and get at them again. The problem is that I can't exactly remember by passphrase. It was several words with non standard capitalization and letter substitutions. I remember what the base words were, but I can't remember the substitutions. I know the bitcoin address, so my plan is to generate possible passphrases based on what I know, then generate the private keys and corresponding bitcoin address and see if it's mine.

I've written a script in python to do this, but it's slow. It takes about 0.25 seconds/hash, and it should get me what I need eventually, but I would like it to go faster. I am using the ecdsa and hashlib python libraries to generate the keys and addresses, which I believe are implemented in C.

I've looked at the code for vanitygen, but I don't know C that well and there aren't really any comments, so I'm not sure how everything works. Moreover, I have never done anything in OpenCl, so my excursion into that code was fruitless.

So my question is, is there a way to modify vanitygen or oclvanitygen to generate addresses based on trial passphrases, or sha256(trial passphrases)?
I've done a fair bit of googling, but I can't find anyone who has made a program for this purpose. I'm willing to spend some time learning C (and maybe some OpenCL) if necessary.

Thanks

TL;DR: I don't remember by brain wallet, and want to use vanitygen (or part of it) to recover it.

[refer_2_me]

Hi,
So I made a brain wallet a little while ago and put some coins in it. Not many (~1-2), but given current prices, I figure it's worth it to try and get at them again. The problem is that I can't exactly remember by passphrase. It was several words with non standard capitalization and letter substitutions. I remember what the base words were, but I can't remember the substitutions. I know the bitcoin address, so my plan is to generate possible passphrases based on what I know, then generate the private keys and corresponding bitcoin address and see if it's mine.

I've written a script in python to do this, but it's slow. It takes about 0.25 seconds/hash, and it should get me what I need eventually, but I would like it to go faster. I am using the ecdsa and hashlib python libraries to generate the keys and addresses, which I believe are implemented in C.

I've looked at the code for vanitygen, but I don't know C that well and there aren't really any comments, so I'm not sure how everything works. Moreover, I have never done anything in OpenCl, so my excursion into that code was fruitless.

So my question is, is there a way to modify vanitygen or oclvanitygen to generate addresses based on trial passphrases, or sha256(trial passphrases)?
I've done a fair bit of googling, but I can't find anyone who has made a program for this purpose. I'm willing to spend some time learning C (and maybe some OpenCL) if necessary.

Thanks

TL;DR: I don't remember by brain wallet, and want to use vanitygen (or part of it) to recover it.

Alternatively, is it possible to use John the Ripper or similar to generate bitcoin addresses and test that way?

[bitpop]

Is there a way to set gpu intensity? My computer keeps crashing with 100%

[SnitraM]

So I made a brain wallet a little while ago and put some coins in it. Not many (~1-2), but given current prices, I figure it's worth it to try and get at them again. The problem is that I can't exactly remember by passphrase. It was several words with non standard capitalization and letter substitutions. I remember what the base words were, but I can't remember the substitutions. I know the bitcoin address, so my plan is to generate possible passphrases based on what I know, then generate the private keys and corresponding bitcoin address and see if it's mine.

I've written a script in python to do this, but it's slow. It takes about 0.25 seconds/hash, and it should get me what I need eventually, but I would like it to go faster. I am using the ecdsa and hashlib python libraries to generate the keys and addresses, which I believe are implemented in C.

By "brain wallet" I assume you mean you forgot your wallet password?

If so and as you know python and what word your password is made from, make a python program that
makes potential passwords and call "bitcoind walletpassphrase <try password> 1" and check return the
value(s?). When you successfully unlock your wallet, you've found it.

E. g. If you know your password was "refer" but you might have used "3" instead of "e", the program
would generate refer, r3fer, ref3r, r3f3r and try them one by one.

This is offtopic for vanitygen, so I suggest you create another thread if you need further help.

[bitpop]

Brain seed

[refer_2_me]

No, as Wolf0 pointed out, I mean a brain wallet, where the private key is sha256(passpharase). You can make them here: https://www.bitaddress.org/

[SnitraM]

No, as Wolf0 pointed out, I mean a brain wallet, where the private key is sha256(passpharase). You can make them here: https://www.bitaddress.org/

Wolf0, oyage oluve podiy. Let me know when you find that on the net.

refer_2_me, I see. Well as vanitygen is generating addresses it should not be very hard to make what you
want.

However it think the easiest is if python generates the pontential passphrases, which you then run through
sha256sum and recode to bitcoin base58. sha256sum is from coreutils.

Or possibly take the address generation code from bitcoind and make it do what you want (again input
from a python passphrase generator).

[laughingbear]

while running oclvanitygen -d 0 -p 0 -o output.txt 1R
results in
C:\Users\admin\Desktop\vanitygen_catalyst\32>oclvanitygen -d 0 -o output.txt 1R
Difficulty: 1353
Match idx: 0
CPU hash: b3b8b1f62fb59e659835af2b81238fd979ca7e15
GPU hash: 049ae2c66df6d65bb092caa95c759c0599542a13
Found delta: 7338843 Start delta: 1
[3.61 Mkey/s][total 7340032]                                                   M
atch idx: 0
CPU hash: 22c34ee82b97f5b8af8ec9c7d2b9cd3b2e2b0421
GPU hash: 04afbde26e27f40663e0ce86223409a873019ff1
Found delta: 7335852 Start delta: 1
[5.32 Mkey/s][total 14680064]                                                  M
atch idx: 0
CPU hash: 47aa2162ee34797c81c0799254d7b5b266e4d5f1
GPU hash: 049381dea7d7d0638e44a8f0d9f2bc6e10d3ca4c
Found delta: 7326918 Start delta: 1
[6.09 Mkey/s][total 22020096]                                                  M
atch idx: 0
CPU hash: 6635552c18744c27a9f1976801f8439e406abdc3
GPU hash: 04ae7a508a7e8087b54b0947d46186c8f330c875
Found delta: 7338098 Start delta: 1
[6.58 Mkey/s][total 29360128]                                                  ^


And it just goes on forever and ever. but if i do it with the cpu version it work for perfect in no time. i read through form and have not noticed any thing posted about this.

I've come across this too with a full uninstall of newer drivers (removal tool) and downgrading to 12.8.

The only solution I can use to avoid the loop above is to run in safemode with the -S flag.

This does run a lot slower than normal.... however it is still a lot faster than my CPU.

I ran into this issue myself - was mining for a prefix 1piit79 on a 7970 and didn't realize it was a bug until I tried 3 times (and wasted quite a lot of GPU time - 50% tok ~7h )

Funnily enough it worked just fine when I ran it on 5870 (and it was surprisingly just a bit slower than the 7970).

I am having the same issue with my 7970.  Does anyone have a fix for this? Id love to use this, but nothing works.  safe mode isnt working for me.

[scintill]

However it think the easiest is if python generates the pontential passphrases, which you then run through
sha256sum and recode to bitcoin base58. sha256sum is from coreutils.

It is not quite that easy.  After sha256 you have to do an elliptic curve multiply of the bitcoin curve's generator point by the private key to derive the public key.  Then DER-encode that point, sha256 and then ripemd160 it.  Then base58check-encode.

refer_2_me, I would do it all in one script and not involve OpenCL.  If you're actually "close" to the passphrase, it seems like a relatively naive CPU implementation will find it quicker than the time it would take you to develop and test the OpenCL code (unless you're really interested in learning OpenCL and want to do it for fun.)

I am surprised your Python script got such poor performance.  If you can post it (omitting passphrase generation) maybe somebody can optimize it.

[refer_2_me]

However it think the easiest is if python generates the pontential passphrases, which you then run through
sha256sum and recode to bitcoin base58. sha256sum is from coreutils.

It is not quite that easy.  After sha256 you have to do an elliptic curve multiply of the bitcoin curve's generator point by the private key to derive the public key.  Then DER-encode that point, sha256 and then ripemd160 it.  Then base58check-encode.

refer_2_me, I would do it all in one script and not involve OpenCL.  If you're actually "close" to the passphrase, it seems like a relatively naive CPU implementation will find it quicker than the time it would take you to develop and test the OpenCL code (unless you're really interested in learning OpenCL and want to do it for fun.)

I am surprised your Python script got such poor performance.  If you can post it (omitting passphrase generation) maybe somebody can optimize it.

Thanks for your reply.

What i'm doing is (roughly) the following:

Code:

import sys
import os
import hashlib, binascii
import ecdsa 

secp256k1curve=ecdsa.ellipticcurve.CurveFp(115792089237316195423570985008687907853269984665640564039457584007908834671663,0,7)
secp256k1point=ecdsa.ellipticcurve.Point(secp256k1curve,0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798,0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8,0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
secp256k1=ecdsa.curves.Curve('secp256k1',secp256k1curve,secp256k1point,(1,3,132,0,10))

def gen_keys(string):
    '''
    Generate the private key and address for the given input string using ecdsa
    
    Arguments:
    string -- input string
    
    Return:
    private_key, addr -- private key and BTC address
    '''
    pk_hex = hashlib.sha256(string).hexdigest()
    pk = int(pk_hex,16)
    pko=ecdsa.SigningKey.from_secret_exponent(pk,secp256k1)
    pubkey=binascii.hexlify(pko.get_verifying_key().to_string())
    pubkey2=hashlib.sha256(binascii.unhexlify('04'+pubkey)).hexdigest()
    pubkey3=hashlib.new('ripemd160',binascii.unhexlify(pubkey2)).hexdigest()
    pubkey4=hashlib.sha256(binascii.unhexlify('00'+pubkey3)).hexdigest()
    pubkey5=hashlib.sha256(binascii.unhexlify(pubkey4)).hexdigest()
    pubkey6=pubkey3+pubkey5[:8]
    pubnum=int(pubkey6,16)
    pubnumlist=[]
    while pubnum!=0: pubnumlist.append(pubnum%58); pubnum/=58
    address=''
    for l in ['123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'[x] for x in pubnumlist]:
        address=l+address
    return pk_hex, '1'+address 


if __name__ == '__main__':
    #my passphrases to try, generated in another script
    wordlist = ( word.strip() for word in open(sys.argv[1]).readlines() )
    for word in wordlist:
        priv_key, addr = gen_keys(word)
        if addr == '1...........': #my bitcoin addresss
            print 'Found it!\nPrivate Key:', priv_key, '\nAddress:',addr
            sys.exit()

So on a single CPU, it takes about 0.25 seconds for each pass phrase that I check (4 per second). I figure that I have a few million to test (this may be way off), so it seems like it should be worth some time.

I've profiled the code using cProfile and I found that 0.23 seconds of the execution comes from a single line:

Code:

pko=ecdsa.SigningKey.from_secret_exponent(pk,secp256k1)

The above code is heavily based on this post: https://bitcointalk.org/index.php?topic=84238

[scintill]

OK, I switched it to use OpenSSL for the key derivation, and it is much faster.  Did a 99,171 word dictionary file in 53 seconds: 1,871 per second (3 GHz processor.)  The downside could be that it doesn't work on your system because it's not pure Python.  I think it's supposed to work on Windows if you have OpenSSL DLL's, and maybe on Mac OS too.  It's here: https://gist.github.com/scintill/5829284/54bcc0a9a44809c3fb4b53259239316520bbfe17 .  The OpenSSL wrapper is from here: https://github.com/joric/brutus/blob/master/ecdsa_ssl.py .

Make sure you are using the right compression flag (which translates into the DER-encoding of the pubkey: starts with 04 hex byte if uncompressed, 02 or 03 if compressed.)  Whether your address is compressed will depend on what tool and settings you used to generate it.  If it has been spent from before, then you can look in the blockchain to be sure of whether it is compressed or not.  Otherwise, I don't think you can tell from just the address.  You can tell from the private key, which starts with 5 if uncompressed, K or L if compressed.

The Python way can be parallelized pretty easily by splitting the input file into, say, 4 files, and running 4 instances of the script at a time.

If you want to try OpenCL, from what little I know, I think it would be best to do the SHA256 in batches (so the inputs are the same smallish uniform size they are now), then give all the hashes to the OpenCL kernel, and have each kernel derive the hash160 and see if it equals the target address, and run those in parallel.  I guess the SHA256 becomes a bottleneck, so maybe it would be better to try to do that in the OpenCL kernel, but as far as memory management it might be harder to adjust the vanitygen design for string inputs.

Also, I think the base58-encode is not quite right in the Python. It should pad with "1" for each leading zero in the public key hash.  If your target address doesn't start with "11..." I don't think it will matter though.

[refer_2_me]

OK, I switched it to use OpenSSL for the key derivation, and it is much faster.  Did a 99,171 word dictionary file in 53 seconds: 1,871 per second (3 GHz processor.)  The downside could be that it doesn't work on your system because it's not pure Python.  I think it's supposed to work on Windows if you have OpenSSL DLL's, and maybe on Mac OS too.  It's here: https://gist.github.com/scintill/5829284/54bcc0a9a44809c3fb4b53259239316520bbfe17 .  The OpenSSL wrapper is from here: https://github.com/joric/brutus/blob/master/ecdsa_ssl.py .

Make sure you are using the right compression flag (which translates into the DER-encoding of the pubkey: starts with 04 hex byte if uncompressed, 02 or 03 if compressed.)  Whether your address is compressed will depend on what tool and settings you used to generate it.  If it has been spent from before, then you can look in the blockchain to be sure of whether it is compressed or not.  Otherwise, I don't think you can tell from just the address.  You can tell from the private key, which starts with 5 if uncompressed, K or L if compressed.

The Python way can be parallelized pretty easily by splitting the input file into, say, 4 files, and running 4 instances of the script at a time.

If you want to try OpenCL, from what little I know, I think it would be best to do the SHA256 in batches (so the inputs are the same smallish uniform size they are now), then give all the hashes to the OpenCL kernel, and have each kernel derive the hash160 and see if it equals the target address, and run those in parallel.  I guess the SHA256 becomes a bottleneck, so maybe it would be better to try to do that in the OpenCL kernel, but as far as memory management it might be harder to adjust the vanitygen design for string inputs.

Also, I think the base58-encode is not quite right in the Python. It should pad with "1" for each leading zero in the public key hash.  If your target address doesn't start with "11..." I don't think it will matter though.

Oh man, I can't thank you enough. I can confirm that it works on my installation of Ubuntu 13.04 BTW. I haven't recovered the key yet, but it won't take long now.

Thanks again!