Vanitygen: Vanity bitcoin address generator/miner [v0.22]

[donGeilo]

You can use 'o' (small Oh) instead. Its the closest in terms of looks.

Meh. I just don't like the look! I'll probably do capitals. Haha then of course I'll get to (I) and be screwed all over again. Hmmm what a predicament.


Another noob question. Like REALLY noob so don't laugh. How do I tell if I have a GPU in the laptop? I'm assuming I don't have one at all but have no idea how to check. Why am I asking? It just took my CPU... 7 minutes to find a 4 character vanity address hahaha.

Yeah, its not easy sometimes with the limitation of symbols.

(Assuming Ubuntu) Try
lspci -vnn | grep VGA
 on a linux shell. If it says something about nVidia or AMD there is chance you can use oclvanitygen. If its an intel GPU you likely cant.

Hi, is there a way I can tell vanitygen to start the search at a specific privatekey (hex value ...), and not random?

For example all adrdesses with prefix: '123456' beginnig search at privatekey (hex value 10) 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreBoNWTw6
and then 11, 12, 12 ....? And not random?

So if my harddisk crashes i can retrieve the privatekeys back, cause i know which range i used?

Thats not how vanitygen works. The private keys are created randomly and there is no progress you can lose.

But it should be possible, just remove the random part and insert a specific starting point and remove the rekey intervall, or am I wrong?

[1714133643]

1714133643

[1714133643]

1714133643

[1714133643]

1714133643

[1714133643]

1714133643

[1714133643]

1714133643

[Chris!]

Maybe this will help you finding what GPU you have.

http://m.wikihow.com/Find-Out-What-Graphics-Card-You-Have

Intel(R) HD Graphics.


Assuming that's a GPU, how do I use the GPU version? I've always just used vanitygen64. Oclvanitygen is for Linux from my understanding... Do I just put in another command and that will us my GPU?


Also, why does Vanitygen get me double the speed Vanitygen64 does? I thought it would be the opposite.

[donGeilo]

Supposed to be these lines i think

Code:

 * Address search thread main loop
 */

void *
vg_thread_loop(void *arg)
{
	unsigned char hash_buf[128];
	unsigned char *eckey_buf;
	unsigned char hash1[32];

	int i, c, len, output_interval;
	int hash_len;

	const BN_ULONG rekey_max = 10000000;
	BN_ULONG npoints, rekey_at, nbatch;

	vg_context_t *vcp = (vg_context_t *) arg;
	EC_KEY *pkey = NULL;
	const EC_GROUP *pgroup;
	const EC_POINT *pgen;
	const int ptarraysize = 256;
	EC_POINT *ppnt[ptarraysize];
	EC_POINT *pbatchinc;

	vg_test_func_t test_func = vcp->vc_test;
	vg_exec_context_t ctx;
	vg_exec_context_t *vxcp;

	struct timeval tvstart;


	memset(&ctx, 0, sizeof(ctx));
	vxcp = &ctx;

	vg_exec_context_init(vcp, &ctx);

	pkey = vxcp->vxc_key;
	pgroup = EC_KEY_get0_group(pkey);
	pgen = EC_GROUP_get0_generator(pgroup);

	for (i = 0; i < ptarraysize; i++) {
		ppnt[i] = EC_POINT_new(pgroup);
		if (!ppnt[i]) {
			fprintf(stderr, "ERROR: out of memory?\n");
			exit(1);
		}
	}
	pbatchinc = EC_POINT_new(pgroup);
	if (!pbatchinc) {
		fprintf(stderr, "ERROR: out of memory?\n");
		exit(1);
	}

	BN_set_word(&vxcp->vxc_bntmp, ptarraysize);
	EC_POINT_mul(pgroup, pbatchinc, &vxcp->vxc_bntmp, NULL, NULL,
		     vxcp->vxc_bnctx);
	EC_POINT_make_affine(pgroup, pbatchinc, vxcp->vxc_bnctx);

	npoints = 0;
	rekey_at = 0;
	nbatch = 0;
	vxcp->vxc_key = pkey;
	vxcp->vxc_binres[0] = vcp->vc_addrtype;
	c = 0;
	output_interval = 1000;
	gettimeofday(&tvstart, NULL);

	if (vcp->vc_format == VCF_SCRIPT) {
		hash_buf[ 0] = 0x51;  // OP_1
		hash_buf[ 1] = 0x41;  // pubkey length
		// gap for pubkey
		hash_buf[67] = 0x51;  // OP_1
		hash_buf[68] = 0xae;  // OP_CHECKMULTISIG
		eckey_buf = hash_buf + 2;
		hash_len = 69;

	} else {
		eckey_buf = hash_buf;
		hash_len = 65;
	}

	while (!vcp->vc_halt) {
		if (++npoints >= rekey_at) {
			vg_exec_context_upgrade_lock(vxcp);
			/* Generate a new random private key */
			EC_KEY_generate_key(pkey);
			npoints = 0;

			/* Determine rekey interval */
			EC_GROUP_get_order(pgroup, &vxcp->vxc_bntmp,
					   vxcp->vxc_bnctx);
			BN_sub(&vxcp->vxc_bntmp2,
			       &vxcp->vxc_bntmp,
			       EC_KEY_get0_private_key(pkey));
			rekey_at = BN_get_word(&vxcp->vxc_bntmp2);
			if ((rekey_at == BN_MASK2) || (rekey_at > rekey_max))
				rekey_at = rekey_max;
			assert(rekey_at > 0);

			EC_POINT_copy(ppnt[0], EC_KEY_get0_public_key(pkey));
			vg_exec_context_downgrade_lock(vxcp);

			npoints++;
			vxcp->vxc_delta = 0;

			if (vcp->vc_pubkey_base)
				EC_POINT_add(pgroup,
					     ppnt[0],
					     ppnt[0],
					     vcp->vc_pubkey_base,
					     vxcp->vxc_bnctx);

			for (nbatch = 1;
			     (nbatch < ptarraysize) && (npoints < rekey_at);
			     nbatch++, npoints++) {
				EC_POINT_add(pgroup,
					     ppnt[nbatch],
					     ppnt[nbatch-1],
					     pgen, vxcp->vxc_bnctx);
}

[Avirunes]

Maybe this will help you finding what GPU you have.

http://m.wikihow.com/Find-Out-What-Graphics-Card-You-Have

Intel(R) HD Graphics.


Assuming that's a GPU, how do I use the GPU version? I've always just used vanitygen64. Oclvanitygen is for Linux from my understanding... Do I just put in another command and that will us my GPU?


Also, why does Vanitygen get me double the speed Vanitygen64 does? I thought it would be the opposite.

If i am correct then I think oclvanitygen is basically for gpu.You don't need any specific command.

I guess you will be unable to mine with your Intel GPU as shorena already picked the point in previous post though you can run up on CPU speed

[LoyceV]

So what I mean is my public key is '04AC6402...' can I use that to create multiple addresses, all at the same time?

I've been wondering about this for a while now. My understanding of the encryption isn't enough to know whether or not this is secure. If you do this, and one key would get compromised, I can imagine the other keys are no longer secure too. But I'm not sure. To be safe, I wouldn't use the same partial private key twice.

Basically I'm trying to save some time rather than generating 100 addresses on an Ubuntu Live USB then going to Vanitygen and 1 by 1 find the part private key.

Can't you figure out how to install vanitygen on the Ubuntu LIVE distribution? It shouldn't be that hard. Once you've figured it out, you can save it as a script for next time.
Using OCL on a LIVE distribution could be a lot harder, but for 5 digit searches you should be fine without it.

But it should be possible, just remove the random part and insert a specific starting point and remove the rekey intervall, or am I wrong?

This is insecure. If you would do this, someone could find your private key if he knows where you started your search.
Just create (secure) backups of your private key in case your drive crashes.

[donGeilo]

So what I mean is my public key is '04AC6402...' can I use that to create multiple addresses, all at the same time?

I've been wondering about this for a while now. My understanding of the encryption isn't enough to know whether or not this is secure. If you do this, and one key would get compromised, I can imagine the other keys are no longer secure too. But I'm not sure. To be safe, I wouldn't use the same partial private key twice.

Basically I'm trying to save some time rather than generating 100 addresses on an Ubuntu Live USB then going to Vanitygen and 1 by 1 find the part private key.

Can't you figure out how to install vanitygen on the Ubuntu LIVE distribution? It shouldn't be that hard. Once you've figured it out, you can save it as a script for next time.
Using OCL on a LIVE distribution could be a lot harder, but for 5 digit searches you should be fine without it.

But it should be possible, just remove the random part and insert a specific starting point and remove the rekey intervall, or am I wrong?

This is insecure. If you would do this, someone could find your private key if he knows where you started your search.
Just create (secure) backups of your private key in case your drive crashes.

How should somebody know the range? For sure i wouldn't start at the beginning

[shorena]

-snip-

Hi, is there a way I can tell vanitygen to start the search at a specific privatekey (hex value ...), and not random?

For example all adrdesses with prefix: '123456' beginnig search at privatekey (hex value 10) 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreBoNWTw6
and then 11, 12, 12 ....? And not random?

So if my harddisk crashes i can retrieve the privatekeys back, cause i know which range i used?

Thats not how vanitygen works. The private keys are created randomly and there is no progress you can lose.

But it should be possible, just remove the random part and insert a specific starting point and remove the rekey intervall, or am I wrong?

Sure, edit the source accordingly. There is no flag for that and I dont see why either. Going through private keys in order gives you no advantage.

-snip-
This is insecure. If you would do this, someone could find your private key if he knows where you started your search.
Just create (secure) backups of your private key in case your drive crashes.

How should somebody know the range? For sure i wouldn't start at the beginning

From your disk. I dont think its a security issue unless you start at a non random place.

[Chris!]

Am I the most unlucky person in the world or what? The isn't the first time I've been around 99% probability a I'm sure it won't be the last.



I decided to go from 1-9 and then a-k (making 20 vanity addresses) and I think that should be plenty for what I need them for. Thanks for the help Shorena! They're almost all done at this point. I'm sure on a GPU this would have been less than 10 minutes haha.

[deisik]

Is it ever possible (at least theoretically) that two different people in different places at different times generate two identical addresses with the same keys? I thought that the collision could be prevented (if it is possible in the first place, of course) by checking for existing addresses on the blockchain...

But what if the addresses are generated in an offline mode?

[forumaster]

Hi, i don't know why but oclvanitygen don't work with my gpu, i have Windows 7 Home Premium with a Nvidia Geforce GT540M
here is the log:

Code:

C:\Users\Acer>C:\Users\Acer\Downloads\vanitygen-0.22-win\oclvanitygen.exe -o boat.txt 1Boat
Difficulty: 4476342
Error loading kernel file 'calc_addrs.cl': No such file or directory
Available OpenCL platforms:
0: [NVIDIA Corporation] NVIDIA CUDA
  0: [NVIDIA Corporation] GeForce GT 540M

but there is the calc_addrs.cl file! indeed vanitygen64 works well...

[shorena]

Am I the most unlucky person in the world or what? The isn't the first time I've been around 99% probability a I'm sure it won't be the last.



I decided to go from 1-9 and then a-k (making 20 vanity addresses) and I think that should be plenty for what I need them for. Thanks for the help Shorena! They're almost all done at this point. I'm sure on a GPU this would have been less than 10 minutes haha.

I have been on 99% as well, even with addresses I get paid for. This usually means its a loss, but it happens seldom so Im still up overal.

Is it ever possible (at least theoretically) that two different people in different places at different times generate two identical addresses with the same keys? I thought that the collision could be prevented (if it is possible in the first place, of course) by checking for existing addresses on the blockchain...

But what if the addresses are generated in an offline mode?

Nothing is checked, not with online wallets, not with services (e.g. blockchain.info), not offline, no where. A collision is not prevented, its just so unlikely that it can be considered impossible. Some GPU system create over 60Million keys per second, thats not possible when a check would be needed. What would the check even accomplish? I could still spend your funds.

[deisik]

Nothing is checked, not with online wallets, not with services (e.g. blockchain.info), not offline, no where. A collision is not prevented, its just so unlikely that it can be considered impossible. Some GPU system create over 60Million keys per second, thats not possible when a check would be needed. What would the check even accomplish? I could still spend your funds.

How unlikely is this? I mean if it is today considered highly unlikely, what will happen tomorrow when, say, some system could create not just 60M keys per second but 60MM keys per second (and check in real-time against existing addresses at that)? Wouldn't this render Bitcoin useless and worthless instantaneously? To me, it is always fishy when something is considered impossible, since impossible things and events have a tendency to actually happen one day...

"640K ought to be enough for anybody"

[shorena]

Nothing is checked, not with online wallets, not with services (e.g. blockchain.info), not offline, no where. A collision is not prevented, its just so unlikely that it can be considered impossible. Some GPU system create over 60Million keys per second, thats not possible when a check would be needed. What would the check even accomplish? I could still spend your funds.

How unlikely is this? I mean if it is today considered unlikely, what will happen tomorrow when, say, some system could create not just 60M keys per second but 60MM keys per second (and check real-time against existing addresses at that)? Wouldn't this render Bitcoin useless and worthless immediately? To me, it is always fishy when something is considered impossible, since it has a tendency to actually happen one day...

"640K ought to be enough for anybody"

I assume with 60MM you mean 60Terrakeys/sec (6*10¹³). Lets assume this is what a tomorrow^TM GPU can do and that there are a billion (10⁹) people brute forcing keys. They somehow manage to never generate the same keys among them. How long would they need to create half of all possible version 1 bitcoin addresses?

Well there are 2¹⁶⁰ possible addresses and the attackers can check 6*10¹³⁺⁹ per second. They would reach half after 2¹⁵⁹/6*10²² ~ 1.21791*10²⁵ seconds or ~ 3.8619 *10¹⁷ (386,199,274,197,452,360) years.

calculation: https://www.wolframalpha.com/input/?i=(2%5E159%2F(6*10%5E22))%2F(60*60*24*365) (the link breaks due to the brackets, copy pasta)

[LoyceV]

How unlikely is this? I mean if it is today considered highly unlikely, what will happen tomorrow when, say, some system could create not just 60M keys per second but 60MM keys per second (and check in real-time against existing addresses at that)? Wouldn't this render Bitcoin useless and worthless immediately? To me, it is always fishy when something is considered impossible, since impossible things have a tendency to actually happen one day...

It's hard to comprehend the full impact of statistics: it's not something you can "feel" being right. Rough estimate: it's less likely than a plane crashing on your head the moment you crash your car the day you won the lottery. And yet, people say: "but it is possible". "Very unlikely" just doesn't cut it
This image is often used to illustrate how unlikely it is:


Without checking the math, I'll quote this user:

Given your example of 1 billion users at 10 addresses each:

There are 2^160 or about 1,460,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 possible addresses
In your scenario, 1,000,000,000 people are using 10 addresses each for a total of 10,000,000,000 possible addresses
10,000,000,000 / 2^160 should yield the probability of a collision occurring
10,000,000,000 / 2^160 = 0.00000000000000000000000000000000000000684

So the chances of a collision occurring in your scenario are approximately 0.000000000000000000000000000000000000684%

See why we don't consider collisions an issue?

2^160 possible addresses

Do I understand correctly that not all private keys have a valid public key?
I ran this:

Code:

./vanitygen -i 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 1g 1h 1i 1j 1k 1l 1m 1n 1o 1p 1q 1r 1s 1t 1u 1v 1w 1x 1y 1z -o tempfile.txt -q -k

for 11.345 seconds. It checks about 127 kkey/s, and found 5366 keys. That results in 473 keys/s being found, while 270 times more keys have been checked.

[deisik]

So the chances of a collision occurring in your scenario are approximately 0.000000000000000000000000000000000000684%

See why we don't consider collisions an issue?

These chances are really high actually. If we write them in a more concise manner that would be 6.84 x 10^-38. Just for comparison, the top supercomputer as of today is capable of making 9.3 x 10^16 floating point calculations per second (and they are now talking about reaching 10^18 flops by 2020). Yes, I know that generating an address requires many calculations but, on the other hand, someone could develop a highly specialized chip for doing just that. In fact, I expected the chances to be way lower than that, and way lower is actually an underestimation of being truly lower. Somehow, I thought the odds of a collision should be on the order of something like 10^-1000. But even that I wouldn't consider as quite impossible on a long enough timeline...

And don't forget about pure luck

[shorena]

-snip-

2^160 possible addresses

Do I understand correctly that not all private keys have a valid public key?
I ran this:

Code:

./vanitygen -i 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 1g 1h 1i 1j 1k 1l 1m 1n 1o 1p 1q 1r 1s 1t 1u 1v 1w 1x 1y 1z -o tempfile.txt -q -k

for 11.345 seconds. It checks about 127 kkey/s, and found 5366 keys. That results in 473 keys/s being found, while 270 times more keys have been checked.

Well for one you didnt check for all possible two symbol prefixes (missed capital letters), but the actual reason why there are only 2¹⁶⁰ different possible address is different. There are 2²⁵⁶ private keys. The public key to each private key gets hashed with RIPEMD160 among another algorithm (SHA256) which has a 160 bit output. Thus the can never be more than 2¹⁶⁰ addresses. It is assumed that each address has 2⁹⁶ private keys that allow spending coins from them. This might not be true for all keys as its unclear whether the distribution is uniform. Its possible that some addresses have 2⁹⁶+X keys while others have 2⁹⁶-X keys, where X is not zero.

So the chances of a collision occurring in your scenario are approximately 0.000000000000000000000000000000000000684%

See why we don't consider collisions an issue?

These chances are really high actually. If we write them in a more concise manner that would be 6.84 x 10^-38. Just for comparison, the top supercomputer as of today is capable of making 9.3 x 10^16 floating point calculations per second (and they are now talking about reaching 10^18 flops by 2020). Yes, I know that generating an address requires many calculations but, on the other hand, someone could develop a highly specialized chip for doing just that. In fact, I expected the chances to be way lower than that, and way lower is actually an underestimation of being truly lower. Somehow, I thought the odds of a collision should be on the order of something like 10^-1000. But even that I wouldn't consider as quite impossible on a long enough timeline...

And don't forget about pure luck

See the picture above? Its about the physical(!) limitations of counting(!) to 2²⁵⁶. Thus its somewhat wrong as we only need to check 2¹⁶⁰ (which is faster) and we are not counting (ECDSA math and hashes are slower than counting). The ballpark is still correct though. In my example above I even assumed 10²² attacks per second.

Brute-Force is not possible. The only way to attack bitcoin is to find a flaw. In terms of math you need a shortcut. Its easy to calculate A+5=C for any A. If you know the result C you can easily reverse the input from that. This is currently not possible for private key -> public key calculations. Currently we can only select a random private key, calculate the public key and check the result. These shortcuts will be found and when that day comes bitcoin will need to adapt. They will however not be found over night (see e.g. RSA and factorisation), but there will be gradual improvement from 2²⁵⁶ steps to maybe 2¹⁹² and enough time to adapt to a different algorihm[1].

[1] a sidenote: SegWit actually make this super easy.

[HCP]

These chances are really high actually. If we write them in a more concise manner that would be 6.84 x 10^-38. Just for comparison, the top supercomputer as of today is capable of making 9.3 x 10^16 floating point calculations per second (and they are now talking about reaching 10^18 flops by 2020).

You're comparing apples with rainbows there...

The values are not even remotely related to one another... how many floating point calcs you can do in a second, is not a number you can directly compare to the chances of 1billion users (who each have 10 addresses) having an address collision!!?!

Bear in mind... people aren't saying it isn't possible... as the odds are >0... they're just soooooooooooooooooooooo very tiny... that if it does happen, well... that's just "Bad Luck™"

[shorena]

These chances are really high actually. If we write them in a more concise manner that would be 6.84 x 10^-38. Just for comparison, the top supercomputer as of today is capable of making 9.3 x 10^16 floating point calculations per second (and they are now talking about reaching 10^18 flops by 2020).

You're comparing apples with rainbows there...

The values are not even remotely related to one another... how many floating point calcs you can do in a second, is not a number you can directly compare to the chances of 1billion users (who each have 10 addresses) having an address collision!!?!

Bear in mind... people aren't saying it isn't possible... as the odds are >0... they're just soooooooooooooooooooooo very tiny... that if it does happen, well... that's just "Bad Luck™"

If people are afraid of this they should just never reuse addresses. This greatly limits the chances they lose a large amount of coins. The chance that it happens once is so tiny, what are the odds that you "guess" 100, 500 or 1000 addresses?

[LoyceV]

Well for one you didnt check for all possible two symbol prefixes (missed capital letters)

I did "-i": case insensitive.

but the actual reason why there are only 2¹⁶⁰ different possible address is different. There are 2²⁵⁶ private keys. The public key to each private key gets hashed with RIPEMD160 among another algorithm (SHA256) which has a 160 bit output. Thus the can never be more than 2¹⁶⁰ addresses. It is assumed that each address has 2⁹⁶ private keys that allow spending coins from them. This might not be true for all keys as its unclear whether the distribution is uniform. Its possible that some addresses have 2⁹⁶+X keys while others have 2⁹⁶-X keys, where X is not zero.

This doesn't explain why I don't find 1 public key for every private key. This is the other way around: 1 public key has a lot of (unknown!) private keys, but each private key should have 1 public key, right?
If I run vanitygen for 1 second searching for all possible prefixes at 127 kkeys/s, why don't I get 127,000 keys?

Somehow, I thought the odds of a collision should be on the order of something like 10^-1000. But even that I wouldn't consider as quite impossible on a long enough timeline...

And don't forget about pure luck

This is the reason I said it's hard to comprehend very small chances (and very large numbers). If you're that lucky, why don't you guess the winning lotto numbers every time?

One more example to try to put it into perspective: even though there are billions of stars in billions of galaxies, each weighing billions of tonnes, each containing billions and billions of atoms, the visible universe is estimated to contain between 10⁷⁸ and 10⁸⁰ atoms.
Only 10⁸⁰ tiny particles, such a small number.

[forumaster]

Hi, i don't know why but oclvanitygen don't work with my gpu, i have Windows 7 Home Premium with a Nvidia Geforce GT540M
here is the log:

Code:

C:\Users\Acer>C:\Users\Acer\Downloads\vanitygen-0.22-win\oclvanitygen.exe -o boat.txt 1Boat
Difficulty: 4476342
Error loading kernel file 'calc_addrs.cl': No such file or directory
Available OpenCL platforms:
0: [NVIDIA Corporation] NVIDIA CUDA
  0: [NVIDIA Corporation] GeForce GT 540M

but there is the calc_addrs.cl file! indeed vanitygen64 works well...

is NVIDIA SM2.1 supported? if not, it could explain this error... 
I updated everything with Nvidia GeForce Experience but nothing...