mmdough
Member
 Offline
Activity: 70
Merit: 10
|
 |
July 14, 2011, 07:39:46 PM |
|
"This string contains 0.25 BTC hiding in plain sight."
Which string? The encapsulated one. That's implied but not stated. I doubt it's a trick question... but go off on that tangent if you want.  That's my MO. I start with the liar's paradox as an axiom and go from there. It makes politics more interesting, I'll tell you that. |
|
|
|
|
|
|
|
|
|
You get merit points when someone likes your post enough to give you some. And for every 2 merit points you receive, you can send 1 merit point to someone else!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
GeniuSxBoY
|
|
July 14, 2011, 07:40:52 PM |
|
They're in plain sight.
He told us where they were.
Yet they're hidden behind the address.
and he pointed out that he already sent them so he wouldn't be able to say they weren't there yet.
|
Be humble!
|
|
|
casascius (OP)
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
July 14, 2011, 07:42:02 PM |
|
When they are "found" in the proper sense of the word, you should see them spent on the block explorer into the winner's wallet. This spend will have been done by the winner, not by me.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
GeniuSxBoY
|
|
July 14, 2011, 07:42:54 PM |
|
...
|
Be humble!
|
|
|
mmdough
Member
Offline
Activity: 70
Merit: 10
|
|
July 14, 2011, 07:43:57 PM |
|
If you find it you will be able to send it to yourself.
Implies that unless you can get at that address, you haven't found 'em yet. When they are "found" in the proper sense of the word, you should see them spent on the block explorer into the winner's wallet. This spend will have been done by the winner, not by me.
It's not a riddle in the sense that he wants you to answer-- it's a race to grab the coins. BUT HOW |
|
|
|
|
|
AtlasONo
|
|
July 14, 2011, 07:44:41 PM |
|
Plain site is an e-wallet
|
|
|
|
|
SgtSpike
Legendary
Offline
Activity: 1400
Merit: 1005
|
|
July 14, 2011, 07:47:57 PM |
|
I bet the SHA-256 of that message is the private key needed to claim the bounty.
Doesn't look like a private key to me... 47510706d76bc74a5d57bdcffc68c9bbbc2d496bef87c91de7f616129ac62b5f Lots of 5's in there though... maybe it starts at a midpoint and goes to whatever characters are necessary for a private key? Every 256-bit value is a valid private key. I tried importing it, and the python script I am using says "Bad private key". |
|
|
|
|
|
AtlasONo
|
|
July 14, 2011, 07:51:12 PM |
|
I know what it is but i don't know the specifics of what I have o do
|
|
|
|
|
mmdough
Member
Offline
Activity: 70
Merit: 10
|
|
July 14, 2011, 07:51:48 PM |
|
I'll bet you anything the e-wallet is a spruce code somewhere.
Well, I'll bet you .25 BTC that it is.
No, wait, I won't.
|
|
|
|
|
JoelKatz
Legendary
Offline
Activity: 1596
Merit: 1012
Democracy is vulnerable to a 51% attack.
|
|
July 14, 2011, 07:54:00 PM |
|
I bet the SHA-256 of that message is the private key needed to claim the bounty.
Doesn't look like a private key to me... 47510706d76bc74a5d57bdcffc68c9bbbc2d496bef87c91de7f616129ac62b5f Lots of 5's in there though... maybe it starts at a midpoint and goes to whatever characters are necessary for a private key? Every 256-bit value is a valid private key. I tried importing it, and the python script I am using says "Bad private key". Your scripts expects the key to be encapsulated in an X.509 DER object, including the particular type of key it is and so on. It was not designed to import the raw private key data. |
I am an employee of Ripple. Follow me on Twitter @JoelKatz
1Joe1Katzci1rFcsr9HH7SLuHVnDy2aihZ BM-NBM3FRExVJSJJamV9ccgyWvQfratUHgN
|
|
|
|
cuddlefish
|
|
July 14, 2011, 08:04:03 PM |
|
protip: It's a deterministic wallet, we have our seed here, now figure out the PRNG
or it may be an encoded private key, sha256, so single-seed no nonce.
|
|
|
|
|
gentakin
Member
Offline
Activity: 98
Merit: 10
|
|
July 14, 2011, 08:08:02 PM |
|
Your scripts expects the key to be encapsulated in an X.509 DER object, including the particular type of key it is and so on. It was not designed to import the raw private key data.
$ ./pywallet.py
A mandatory option is missing
Usage: pywallet.py [options]
[..]
--importprivkey=KEY import private key from vanitygen
(vanitygen seems to output base58-encoded privkeys) $ ./pywallet.py --importprivkey=9MYaow1fLJHwaYgZVs6fLeALpTWuZY4zTA2NfFz8eMNQAiGQmzqeaHAYstXQ81vgVc
Bad private key
So I probably got the hash wrong. I used an online sha256 tool, copied that sentence into the form field, got the hash in base64, then converted base64 to hex using another online tool, then used a copy-pasted python script to create this base58 key. It was worth a try.  |
1HNjbHnpu7S3UUNMF6J9yWTD597LgtUCxb
|
|
|
julz
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
July 14, 2011, 08:16:19 PM |
|
I think I'm gonna have to give up. I can't find a website that imports private keys - and bitcoind crashes on my one working linux box.
Someone try importing TssgcsBChginpnst
Just a guess!
|
@electricwings BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
|
|
|
|
|
mmdough
Member
Offline
Activity: 70
Merit: 10
|
|
July 14, 2011, 08:40:08 PM |
|
How does one import a private key anyway? Do I need a new version of the client? I have an old one, I believe.
|
|
|
|
|
|
BitcoinPorn
|
|
July 14, 2011, 08:43:59 PM |
|
How does one import a private key anyway? Do I need a new version of the client? I have an old one, I believe.
It's as easy as... #!/bin/bash
base58=({1..9} {A..H} {J..N} {P..Z} {a..k} {m..z})
bitcoinregex="^[$(printf "%s" "${base58}")]{34}$"
decodeBase58() {
local s=$1
for i in {0..57}
do s="${s//${base58}/ $i}"
done
dc <<< "16o0d${s// /+58*}+f"
}
encodeBase58() {
# 58 = 0x3A
bc <<<"ibase=16; n=${1^^}; while(n>0) { n%3A ; n/=3A }" |
tac |
while read n
do echo -n ${base58[n]}
done
}
checksum() {
xxd -p -r <<<"$1" |
openssl dgst -sha256 -binary |
openssl dgst -sha256 -binary |
xxd -p -c 80 |
head -c 8
}
checkBitcoinAddress() {
if [[ "$1" =~ $bitcoinregex ]]
then
h=$(decodeBase58 "$1")
checksum "00${h::${#h}-8}" |
grep -qi "^${h: -8}$"
else return 2
fi
}
hash160() {
openssl dgst -sha256 -binary |
openssl dgst -rmd160 -binary |
xxd -p -c 80
}
hash160ToAddress() {
printf "%34s\n" "$(encodeBase58 "00$1$(checksum "00$1")")" |
sed "y/ /1/"
}
hash256ToAddress() {
#printf "80$1$(checksum "80$1")"
printf "%34s\n" "$(encodeBase58 "80$1$(checksum "80$1")")" |
sed "y/ /1/"
}
publicKeyToAddress() {
hash160ToAddress $(
openssl ec -pubin -pubout -outform DER |
tail -c 65 |
hash160
)
}
privateKeyToWIF() {
hash256ToAddress $(openssl ec -text -noout -in data.pem | head -5 | tail -3 | fmt -120 | sed 's/[: ]//g')
}
openssl ecparam -genkey -name secp256k1 | tee data.pem &>/dev/null
sleep 3
echo " "
echo "BITCOINS OFF-THE-GRID (BOTG) : A VERY SECURE SAVINGS ACCOUNT!"
echo " "
echo "THE FOLLOWING WILL BE THE PRIVATE HEX KEY NEEDED TO ACCESS YOUR BITCOINS!"
echo "***RECORD THIS NUMBER CAREFULLY*** IT CONTAINS NUMBERS 0-9 AND LETTERS A-F."
echo "THIS WILL HELP SO YOU DON'T ACCIDENTALLY CONFUSE SIMILAR LOOKING DIGITS LATER ON!"
echo "KEEP THIS HEX KEY SAFE. HIDE IT AND/OR LOCK IT UP SOMEWHERE."
echo "IT IS THE ONLY WAY TO ACCESS THE BTC IN THE FUTURE. WHOEVER HAS THAT HEX KEY"
echo "CAN SPEND YOUR MONEY. RECORD THE WHOLE LINE AFTER 'read EC key' "
echo " "
echo "ONLY USE THIS HEX KEY AND ADDRESS IF THIS SCRIPT WAS RUN OFF OF A LIVE CD WITH"
echo "NO INTERNET CONNECTION. REBOOT COMPUTER WHEN DONE TO CLEAR RAM."
echo "DO NOT COPY THIS HEX KEY ANYWHERE ONTO A COMPUTER."
echo " "
openssl ec -text -noout -in data.pem | head -5 | tail -3 | fmt -120 | sed 's/[: ]//g'
privateKeyToWIF
sleep 2
echo " "
echo "THE FOLLOWING IS THE BITCOIN ADDRESS YOU CAN SEND YOUR SAVINGS TO."
echo "RECORD THE ADDRESS CAREFULLY. IT IS NOT CRITICAL YOU KEEP THIS ADDRESS"
echo "SECRET. THE HEX CODE AND THE WALLET-IMPORT-KEYCODE MUST REMAIN SECRET!"
echo "THE LINE THAT BEGINS WITH THE NUMBER 1 IS THE BITCOIN ADDRESS."
echo " "
openssl ec -pubout < data.pem | publicKeyToAddress
echo " "
echo "SPECIAL THANKS TO 'grondilu' AND 'unk' WHO MADE THIS SCRIPT POSSIBLE!!"
|
|
|
|
mmdough
Member
Offline
Activity: 70
Merit: 10
|
|
July 14, 2011, 08:45:58 PM |
|
How does one import a private key anyway? Do I need a new version of the client? I have an old one, I believe.
It's as easy as... {code} Bitchin, thanks edit: Looking at it now, it doesn't do what I wanted... actually at all. But thanks anyway, it's neat. |
|
|
|
|
julz
Legendary
Offline
Activity: 1092
Merit: 1001
|
|
July 14, 2011, 08:48:26 PM |
|
I'm pretty sure some of you are overcomplicating the key import process.
If it's hidden in 'plain sight' - you probably don't need to hash it etc and use python or shell scripts.
Just work out which letters to read off e.g 1st and last letter of each word?
And follow the instructions on bitbills to import.
The impossible part for me is running a bitcoind that has the 'importprivkey' command.
The paper wallet thing looks interesting.. once the gui allows key import.
|
@electricwings BM-GtyD5exuDJ2kvEbr41XchkC8x9hPxdFd
|
|
|
casascius (OP)
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
July 14, 2011, 08:52:36 PM |
|
You guys are on the right track. It is likely to be found soon.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
casascius (OP)
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1136
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
July 14, 2011, 08:54:15 PM |
|
(vanitygen seems to output base58-encoded privkeys) $ ./pywallet.py --importprivkey=9MYaow1fLJHwaYgZVs6fLeALpTWuZY4zTA2NfFz8eMNQAiGQmzqeaHAYstXQ81vgVc
Bad private key
So I probably got the hash wrong. I used an online sha256 tool, copied that sentence into the form field, got the hash in base64, then converted base64 to hex using another online tool, then used a copy-pasted python script to create this base58 key. It was worth a try. This is not a valid Base58-encoded wallet import string. Valid Base58-encoded wallet import strings always start with '5'. |
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
|
