Bitcoin Forum
November 15, 2024, 03:41:03 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 191 »
  Print  
Author Topic: Vanitygen: Vanity bitcoin address generator/miner [v0.22]  (Read 1153549 times)
samr7 (OP)
Full Member
***
Offline Offline

Activity: 140
Merit: 430

Firstbits: 1samr7


View Profile
July 04, 2011, 03:29:50 AM
Last edit: October 12, 2012, 03:37:50 AM by samr7
Merited by EFS (100), ABCbits (64), LoyceV (42), OmegaStarScream (30), Welsh (20), NotATether (11), OgNasty (10), pooya87 (10), malevolent (10), 1miau (10), phantastisch (5), mprep (2), DarkStar_ (2), ebliever (2), Timelord2067 (1), sabotag3x (1), BlackHatCoiner (1), FuzzyBear (1), th3nolo (1), charlie137 (1), Woshib (1), zenrol28 (1), Piggy (1), Financisto (1), CASlO (1), mccorrinall (1)
 #1

Vanitygen is a command-line vanity bitcoin address generator.

If you're tired of the random, cryptic addresses generated by regular bitcoin clients, you can use vanitygen to create a more personalized address.  Add unique flair when you tell people to send bitcoins to 1stDownqyMHHqnDPRSfiZ5GXJ8Gk9dbjL.  Alternatively, vanitygen can be used to generate random addresses offline.

Vanitygen accepts as input a pattern, or list of patterns to search for, and produces a list of addresses and private keys.  Vanitygen's search is probabilistic, and the amount of time required to find a given pattern depends on how complex the pattern is, the speed of your computer, and whether you get lucky.

The example below illustrates a session of vanitygen.  It is typical, and took about 10 sec to finish, using my Core 2 Duo E6600 CPU on x86-64 Linux:

Code:
$ ./vanitygen 1Boat
Difficulty: 4476342
Pattern: 1Boat                                                                
Address: 1BoatSLRHtKNngkdXEeobR76b53LETtpyT
Privkey: 5J4XJRyLVgzbXEgh8VNi4qovLzxRftzMd8a18KkdXv4EqAwX3tS

Vanitygen includes components to perform address searching on your CPU (vanitygen) and your OpenCL-compatible GPU (oclvanitygen).  Both can be built from source, and both are included in the Windows binary package.  Also included is oclvanityminer, the vanity address mining client.  Oclvanityminer can be used to automatically claim bounties on sites such as ThePiachu's vanity pool.

Current version: 0.22

Windows x86+x64 binaries here.  PGP signature here

Get the source from GitHub.  Includes Makefiles for Linux and Mac OS X.

FAQ

What types of patterns can vanitygen search for?

Vanitygen can search for simple prefixes or regular expression matches.

Prefixes are exact strings that must appear at the beginning of the address.  When searching for prefixes, vanitygen will ensure that the prefix is possible, and will provide a difficulty estimate.  Exact prefixes are case-sensitive by default, but may be searched case-insensitively using the -i option.

Prefixes are also very fast to search, and a list of thousands of prefixes may be specified with little or no reduction in key search rate.

Regular expressions are programmable pattern filters.  They are very powerful, and can be used to match prefixes, suffixes, varying-length sequences, etc..  For a quick tutorial, see http://www.regular-expressions.info/quickstart.html.  To enable regular expressions, use the -r command line option.  Unfortunately, regular expressions are very slow, and will have a significant impact on key search rate.  Because of this, regular expressions should only be used if their expressive power is needed.

Oclvanitygen is only effective at searching for prefixes.  Regular expressions will not work effectively with oclvanitygen, as oclvanitygen is currently unable to execute the regular expression on the GPU.

How do I specify a list of patterns?

Vanitygen can accept a list of patterns to search for, either on the command line, or from a file or stdin using the -f option.  File sources should have one pattern per line.

Upon finding a match for a given pattern, vanitygen will stop searching for additional matches for that pattern.  To search for multiple matches for each pattern, use the -k option.

How do I import the private key into bitcoin?

If you wish to spend coins received on a vanity address created by vanitygen, you must import the private key into a bitcoin client.  There are two popular methods of doing this with the standard Satoshi bitcoin client:

  • Use the importprivkey command.  To do this, select Help -> Debug Window, and in the window, on the bottom line, enter importprivkey <privatekey>, e.g.
Code:
importprivkey 5J4XJRyLVgzbXEgh8VNi4qovLzxRftzMd8a18KkdXv4EqAwX3tS
  • Jackjack's pywallet script is an all-in-one tool that directly modifies the wallet.dat file.  This works with a normal, unpatched bitcoin client, but does require Python with the bsddb package.

If I stop vanitygen when it reports 60% complete, how do I have it restart where it left off?

You don't need to.  The percentage displayed just shows how probable it is that a match would be found in the session so far.  If it finds your address with 5% on the display, you are extremely lucky.  If it finds your address with 92% on the display, you are unlucky.  If you stop vanitygen with 90% on the display, restart it, and it finds your address with 2% on the display, your first session was unlucky, but your second session was lucky.

When I double-click on vanitygen, a black window appears for a split-second and disappears, what do I do?

Currently, vanitygen only runs on the command line, and does not have a graphical user interface.  To use vanitygen, you need to open a command line window and change to the directory where you extracted the vanitygen program.  An easy way to do this in Windows 7, hold down the shift key, right-click on the folder where you unzipped vanitygen, and select "Open command window here."  Then, you can type the vanitygen command at the prompt.

Can I use vanitygen to find someone else's private key from their bitcoin address?

Yes.  Vanitygen is a cryptographic brute-forcing application, and can be used to search for a complete address.  However, you will be unhappy with the amount of time required for it to find a match.

How do I report a bug?  What do I do if it crashes?

Post to this thread, send me a PM, or send me an email!  Please run vanitygen with the -v flag for verbose output, and please include the console output in your report.

How do I build vanitygen from source?

Please refer to the file INSTALL in the source distribution.

What key search rate can I expect from hardware X?

Detailed list forthcoming.  Some ballpark estimates are listed below.

Dual-core desktop CPUs, 32-bit mode: 100-250 Kkey/s.
Dual-core desktop CPUs, 64-bit mode: 150-450 Kkey/s.
Quad-core desktop CPUs, 32-bit mode: 200-400 Kkey/s.
Quad-core desktop CPUs, 64-bit mode: 300-750 Kkey/s.

As vanitygen performs a lot of large integer arithmetic, running it in 64-bit mode makes a huge difference in key search rate, easily a 50% improvement over 32-bit mode.  If you are using a 64-bit edition of Windows, and not using a GPU, be sure to use vanitygen64.exe.

In custom builds, CPU performance will be less than expected if the OpenSSL library is an older version (<1.0.0d) or is not built with the appropriate optimizations enabled.

General formulas for expected performance on GPUs

NVIDIA GeForce 96xx, 98xx, GT 1xx, GT 2xx, GTX 2xx (G90/GT200):
Key/s = (CUDA Cores) x (Shader MHz) x 17

AMD Radeon 58xx, 59xx, 67xx, 68xx (VLIW5):
Key/s = (Stream Processors) x (Core MHz) x 20.1

AMD Radeon 69xx (VLIW4):
Key/s = (Stream Processors) x (Core MHz) x 13.6

AMD GCN, NVIDIA Fermi/Kepler: Please contribute some numbers!

Unfortunately, AMD VLIW4 does not perform as well as VLIW5 with the same number of cores/clocks.  Oclvanitygen is sensitive to integer multiply throughput, and VLIW5 can multiply concurrently with other operations, whereas multiply consumes all four ALUs in VLIW4.  At similar clocks, a hobbled Radeon 5830 will outperform a Radeon 6970.

I have a lot of compute power, and want to make vanity addresses for others.  How do I do it?

The difficulty with this is convincing your customer that, once you provide them with a vanity address, you do not have a copy of their private key.  Some methods of doing this have been discussed on the forum, and vanitygen currently supports one of them.  To generate an address securely, your customer generates a private key, and provides you with the public key part.  You use this public key as part of the address search, and when you find a match, you provide them with a partial private key.  The customer then adds the partial private key to their private key to get the vanity address.  Because the customer never disclosed their part of the private key, only they have access to the complete private key.

There are many ways to get a key pair, but to do address-for-hire, you need the complete public key in hexadecimal format.  The bitcoin address is not sufficient.  One way to generate one and get this is to use the keyconv utility, keyconv -G, and get the following parts:

Code:
$ ./keyconv -G
Pubkey (hex): 041d2e778ae6d9124736df131cd22d3a2483f336c55156d87a84c4bdc6d89f8518e33de85ae0f907a7128c476281bc8cc7742b43a54ccc2c7824dc4c4a438a7fbc
Privkey (hex): 61E00B1C57E7F0D508C7C3795F90C0ACEC1DCAF6A7B82C951D23F728FD53E4BE
Address: 15wRE5VA5uhxs5o6LayZC6imES2SeZeXd4
Privkey: 5JZPftgcsaG5Unp24cf47zP7JZEZkfnSAZzefezAVNRomKHZE8f

The customer saves the privkey part in a secure location, and provides you with the Pubkey (hex) part.

Then, you run vanitygen or oclvanitygen, and specify the customer's public key:

Code:
$ ./vanitygen -P 041d2e778ae6d9124736df131cd22d3a2483f336c55156d87a84c4bdc6d89f8518e33de85ae0f907a7128c476281bc8cc7742b43a54ccc2c7824dc4c4a438a7fbc 1Boat
Difficulty: 4476342
Pattern: 1Boat                                                                
Address: 1BoatWxEHyVXkjS78d16LMuj8YMdZ1Kce8
PrivkeyPart: 5KCwog8Ndt64ZicNSGoDBRf4vACBptM2GUtSJCmkbqpieC8idcP

Because a public key was specified, vanitygen now provides a PrivkeyPart rather than a Privkey result, which is useful only to your customer.  The customer then takes the partial private key produced by vanitygen and adds it to their private key.  This can be done using ThePiachu's handy website, or using the keyconv utility:

Code:
$ ./keyconv -c 5JZPftgcsaG5Unp24cf47zP7JZEZkfnSAZzefezAVNRomKHZE8f 5KCwog8Ndt64ZicNSGoDBRf4vACBptM2GUtSJCmkbqpieC8idcP
Address: 1BoatWxEHyVXkjS78d16LMuj8YMdZ1Kce8
Privkey: 5J1Jieusaa6vegTQZ7PNG3hMcsM2FjgHPK1BkPjbYyQsWb9k5vj

Here, keyconv is able to recreate the final address found by vanitygen, based on the two private key parts.  It is also able to create the final private key.  This is infeasible for someone who does not have both parts of the private key, and provides your customer with real security.

This process is very complicated.  A simpler way to do it is to use a bounty pool such as vanity pool.

How do I participate in vanity pool?

To do this, use the oclvanityminer program.  Oclvanityminer works much like a familiar bitcoin miner.  It connects to a bounty server, downloads a list of bounties, automatically chooses one, searches for a match, and submits the results back to the server when one is found.  Oclvanityminer periodically reconnects to the bounty server to check if bounties have been claimed, or more profitable bounties have been posted.  An example session:

Code:
$ ./oclvanityminer -u https://vanitypool.appspot.com/ -a 1samr7UZxtC6MEAFHqr1h3Kq453xJJbe4
Searching for pattern: "1satoshi" Reward: 0.100000 Value: 0.000007 BTC/MkeyHr
Difficulty: 51529903411245
Searching for pattern: "1Satoshi" Reward: 0.100000 Value: 0.000007 BTC/MkeyHr
Next match difficulty: 25764951705622 (2 prefixes)
[6.14 Mkey/s][total 62914560][Prob 0.0%][50% in 33.6d]

Note that vanitypool and oclvanityminer are currently under development.

How secure are the addresses generated by this program?  Will someone be able to guess the private key and steal my BTC?

Vanitygen uses the OpenSSL random number generator.  This is the same RNG used by bitcoin and a good number of HTTPS servers.  It is regarded as well-scrutinized.  On Linux, the RNG will be seeded from /dev/urandom.  Guessing the private key of an address found by vanitygen will be no easier than guessing a private key created by bitcoin itself.  Nonetheless, if you feel the default RNG is unable to provide numbers that are sufficiently difficult to guess, vanitygen can be directed to seed the RNG from an external file using the -s option.

To speed up address generation, vanitygen uses the RNG to choose a private key, and literally increments the private key in a loop searching for a match.  As long as the starting point is not disclosed, if a match is found, the private key will not be any easier to guess than if every private key tested were taken from the RNG.  Vanitygen will also reload the private key from the RNG after 10,000,000 unsuccessful searches (100M for oclvanitygen), or when a match is found and multiple patterns are being searched for.

What security measures should I take?

  • Secure any systems used to generate addresses.  Don't run web browsers on them.  Keep malware and unauthorized individuals out.
  • Ensure that any private keys reported by vanitygen are stored and transmitted securely.
  • The command line method of importing private keys into bitcoin requires you to enter your private key on the command line.  Bitcoin takes a long time to perform an import, and while it is running, your private key will be visible in the output of "ps," so be careful!  Also, the private key may be leaked to your shell history file.  Kill your shell and shred your shell history file after importing.

What are the other methods of generating vanity addresses?

The original method of generating vanity addresses is a patch to the official bitcoin client created by Gavin Andresen.  Details can be found here.

Forum user Nyhm created an in-browser vanity address generator.

There is a new vanity address generator for Android.
SgtSpike
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
July 04, 2011, 04:06:59 AM
 #2

Am I reading this right, that it generates 23k addresses per second?  And this particular address was found after 80,000?
samr7 (OP)
Full Member
***
Offline Offline

Activity: 140
Merit: 430

Firstbits: 1samr7


View Profile
July 04, 2011, 04:26:13 AM
 #3

Am I reading this right, that it generates 23k addresses per second?  And this particular address was found after 80,000?

That's correct!

For comparison, I couldn't even get 1,000/sec out of the patched client.  Is that normal?
Pieter Wuille
Legendary
*
qt
Offline Offline

Activity: 1072
Merit: 1181


View Profile WWW
July 04, 2011, 12:16:31 PM
 #4

Currently, it is difficult to import the private key into bitcoin.  Sipa's showwallet branch has a new command called "importprivkey" that accepts the base-58 encoded private key.  Vanitygen has been tested to work with that version of bitcoin, although it had to be restarted to get the imported vanity address to show up on the list in the GUI.

I've just pushed a bugfix, and can't reproduce the problem now. Could you try again?

PS: yes, it's quite normal your code is a lot faster - the vanity patch just tried generating random keys until a match was found, requiring generating 256 random bits + an EC multiplication per attempt. Your code only needs an EC addition per attempt.

I do Bitcoin stuff.
Shevek
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
July 04, 2011, 02:44:25 PM
 #5

What entropy sources it uses?

Proposals for improving bitcoin are like asses: everybody has one
1SheveKuPHpzpLqSvPSavik9wnC51voBa
pB11
Newbie
*
Offline Offline

Activity: 12
Merit: 2


View Profile
July 04, 2011, 04:25:33 PM
Last edit: July 04, 2011, 04:38:49 PM by pB11
 #6

What entropy sources it uses?
It uses linux time() (measured in seconds) and process PID when EC_KEY_generate_key() is invoked.
Code:
openssl-1.0.0d/crypto/bn/bn_rand.c:144
             time(&tim);
             RAND_add(&tim,sizeof(tim),0.0);
I suppose its standard behavior of programs based on OpenSSL.

EC_KEY_generate_key() adds entropy (based on time()) every 1000000 keys or so.
Basically private key (integer) starts from random number and increases for 1000000 keys.
Then new entropy added and new private key generated.

Should be secure after first iteration (1M).

error
Hero Member
*****
Offline Offline

Activity: 588
Merit: 500



View Profile
July 04, 2011, 06:22:40 PM
 #7

Waiting for the first GPU vanity address miner.

3KzNGwzRZ6SimWuFAgh4TnXzHpruHMZmV8
samr7 (OP)
Full Member
***
Offline Offline

Activity: 140
Merit: 430

Firstbits: 1samr7


View Profile
July 04, 2011, 08:09:52 PM
 #8

I've just pushed a bugfix, and can't reproduce the problem now. Could you try again?

Yep, imported keys show up immediately in the GUI now.  Thanks sipa!
davux
Sr. Member
****
Offline Offline

Activity: 288
Merit: 263


Firstbits.com/1davux


View Profile WWW
July 04, 2011, 09:13:17 PM
 #9

I have a system with 2 CPUs. According to the CPU usage applet, the original bitcoind + vanity patch uses both CPUs, but vanitygen seem to use only one.

Unfortunately I'm unable to provide a fix, sorry.

1DavuxH9tLqU4c7zvG387aTG4mA7BcRpp2
México (Oaxaca) – France - Leeds
davux
Sr. Member
****
Offline Offline

Activity: 288
Merit: 263


Firstbits.com/1davux


View Profile WWW
July 04, 2011, 09:27:19 PM
 #10

It would be interesting to have an estimated time of finding a match, based on the rate.

1DavuxH9tLqU4c7zvG387aTG4mA7BcRpp2
México (Oaxaca) – France - Leeds
Yeti
Member
**
Offline Offline

Activity: 112
Merit: 10

Firstbits: 1yetiax


View Profile
July 04, 2011, 09:48:34 PM
 #11

Hi,

great job! I am still running that bash script for a couple of days and it hasn't found a simple ^1Abcd type of address yet.

Thanks a bunch for this!!! At first I was unable to compile the source, but I found out which package to install for PCRE support: libpcre3 and libpcre3-dev.

It's testing away now with 10,000 keypairs a second. Wow, this really could get me hooked on trying out OpenCL coding, if only I had the time...

1YetiaXeuRzX9QJoQNUW84oX2EiXnHgp3 or http://payb.tc/yeti

Since Bitcoin Randomizer is dead, join the Bitcoin Pyramid (referrer id #203)! Be quick, be on top! Instant payout as soon as one of your referrals deposits!
Shevek
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
July 04, 2011, 10:16:22 PM
 #12

What entropy sources it uses?

It uses linux time() (measured in seconds) and process PID when EC_KEY_generate_key() is invoked.


This method sucks! Snuff the weak source of entropy is the favourite side attack for a half-skilled hacker.

Use at least /dev/random And consider pick random bits from hotbits and random.org.

Proposals for improving bitcoin are like asses: everybody has one
1SheveKuPHpzpLqSvPSavik9wnC51voBa
willphase
Hero Member
*****
Offline Offline

Activity: 767
Merit: 500


View Profile
July 04, 2011, 11:18:58 PM
 #13

sucks to have a name with illegal base58 characters in it Sad

Will

samr7 (OP)
Full Member
***
Offline Offline

Activity: 140
Merit: 430

Firstbits: 1samr7


View Profile
July 04, 2011, 11:28:46 PM
 #14

This method sucks! Snuff the weak source of entropy is the favourite side attack for a half-skilled hacker.

Use at least /dev/random And consider pick random bits from hotbits and random.org.

Would you be more inclined to use this program if it had a command line option to initialize private keys from /dev/random, or one of those network sources, instead of using the OpenSSL default mechanism?  I'm more than happy to add it or apply a patch if it will make you feel safer about using the generated keys.
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
July 04, 2011, 11:38:13 PM
 #15

I'd like to present a standalone command line vanity address generator called vanitygen.

awesome! thanks!

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
pyna
Newbie
*
Offline Offline

Activity: 1
Merit: 0


View Profile
July 05, 2011, 12:13:45 AM
Last edit: July 05, 2011, 01:12:19 AM by theymos
 #16

I think the generate_address_regex() function is broken. Looks like &b58[p] is calculated incorrectly.

I stuck a printf right before output_match() is called:

./vanitygen -r 1.{26}XX
Before output_match: 1H6d1q8niPVvci5zGnpbTkRfaBhWhWSXX5
 After output_match: 1H6d1q8niPVvci5zGnpbTkRfaBhWhXcbEn

The address that the regex is being compared to is never a valid address, and the (valid) end address always differs in the last few characters.

Took me the longest time to figure out this was why all my regexes with $ in it behaved ... unexpectedly.
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
July 05, 2011, 12:27:44 AM
 #17

sucks to have a name with illegal base58 characters in it Sad

Will

try "vanitygen -r [Ww]iLL"

(no need to use [Ii] and/or [Ll] because l (small L) and I are not in base58, I think.

EDIT: found one in seconds: 1NZED7AR8hbwiLLkTWwXgZvM89FZqFiXnj

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
July 05, 2011, 12:45:04 AM
 #18

maybe I found a bug, or maybe I'm using regex wrongly:

"./vanitygen/vanitygen -r [Mm]oL[Ee][Cc]" gave me 1H3fttgZCe89zhViCRmk7DX8JmoLJ2mvTV (missing "ec")

found 1BYYdM3vfndwmoLec6tQjcx7sAeLRxTvTq with the same command

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
samr7 (OP)
Full Member
***
Offline Offline

Activity: 140
Merit: 430

Firstbits: 1samr7


View Profile
July 05, 2011, 12:58:13 AM
 #19

maybe I found a bug, or maybe I'm using regex wrongly:

"./vanitygen/vanitygen -r [Mm]oL[Ee][Cc]" gave me 1H3fttgZCe89zhViCRmk7DX8JmoLJ2mvTV (missing "ec")

found 1BYYdM3vfndwmoLec6tQjcx7sAeLRxTvTq with the same command

Yep, that's a bug!  The regular expression search loop incorrectly generates the lower four byte test code.

I'll post a new version in a bit with a fix for that problem.

Thanks for pointing it out.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13420


View Profile
July 05, 2011, 01:12:55 AM
 #20

I think the generate_address_regex() function is broken. Looks like &b58[p] is calculated incorrectly.

I stuck a printf right before output_match() is called:

./vanitygen -r 1.{26}XX
Before output_match: 1H6d1q8niPVvci5zGnpbTkRfaBhWhWSXX5
 After output_match: 1H6d1q8niPVvci5zGnpbTkRfaBhWhXcbEn

The address that the regex is being compared to is never a valid address, and the (valid) end address always differs in the last few characters.

Took me the longest time to figure out this was why all my regexes with $ in it behaved ... unexpectedly.

This reply was just merged here.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 191 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!