Bitcoin Forum
November 16, 2024, 06:48:59 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 »  All
  Print  
Author Topic: [CLAIMED!] Bounty: 0.25 BTC. Find the Bitcoins hidden in plain sight.  (Read 10141 times)
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
July 15, 2011, 03:03:56 AM
 #61

Since a SHA256 can be computed from any string, and a Bitcoin address can be computed from any 256-bit value, it follows that every sentence has a corresponding Bitcoin address.


"My bum really hurts" --> 1NCKYVgwK7gN8sA4Y8gZzePZ6QHUN1zbmz

"Trix are for kids" --> 1BhakTJnBMYGmcNDF44e4T1JJMR5AfcEty

"I love my MacBook Pro" --> 14JdvVQiVwTx4eHxchXoqW4z2PL5rw3Cbo

"As it turns out, I actually sent 0.10 BTC to the bitcoin address corresponding to this sentence." --> 1Dfucy6z2BxUHavLUhDooc7UeuQj52Ek3D

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
Serge
Legendary
*
Offline Offline

Activity: 1050
Merit: 1000


View Profile
July 15, 2011, 04:28:46 AM
 #62

can this be done on Windows? and how one would import such key into the wallet there?
I have php w/ openssl on it  and may figure out how to run openssl from command line
EricJ2190
Full Member
***
Offline Offline

Activity: 134
Merit: 102


View Profile
July 15, 2011, 04:50:32 AM
 #63

can this be done on Windows? and how one would import such key into the wallet there?
I have php w/ openssl on it  and may figure out how to run openssl from command line

Sure. I just claimed the last .1 BTC using Windows. Casascius even made an awesome tool in Visual C# to convert between address formats. As for importing private keys, you need a client patched with sipa's patch. I also believe someone made a Python script to directly import keys into your wallet, which might be easier. For hashing, you can use command-line OpenSSL or one of the many websites out there that will hash strings for you.
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
July 15, 2011, 05:08:41 AM
 #64

"Here is another 0.08 BTC waiting to be claimed."
(Please let someone else claim if you've already claimed one)

Another one: "Pay to the order of John Doe, 0.08 BTC"

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500


Posts: 69


View Profile WWW
July 15, 2011, 05:20:32 AM
 #65

Since a SHA256 can be computed from any string, and a Bitcoin address can be computed from any 256-bit value, it follows that every sentence has a corresponding Bitcoin address.
Did a logo for my podcast based on this.



http://www.xorbin.com/tools/sha256-hash-calculator is what I used.  Now I feel like taking everyones address' and see if I can find words (I need to find a better link for this, or maybe understand this sha stuff a bit better lol)

Anonymous
Guest

July 15, 2011, 05:34:26 AM
 #66

I wonder what the bitcoin address of the entire bible is ?


I wonder what twitter looks like as bitcoin addresses ?
casascius (OP)
Mike Caldwell
VIP
Legendary
*
Offline Offline

Activity: 1386
Merit: 1140


The Casascius 1oz 10BTC Silver Round (w/ Gold B)


View Profile WWW
July 15, 2011, 05:40:41 AM
 #67

Another challenge: 0.08 BTC to be had in "货币的怪才" which is the Google translation of "Currency of the geeks"

Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable.  I never believe them.  If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins.  I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion.  Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice.  Don't keep coins online. Use paper or hardware wallets instead.
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500


Posts: 69


View Profile WWW
July 15, 2011, 05:48:08 AM
 #68

When will the mac version of this riddle solving Bitcoin program be released for non coders, I want free money :p

gentakin
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
July 15, 2011, 06:23:15 AM
 #69

The bounty arrived at my wallet in block 136300: http://blockexplorer.com/tx/3267be98b592862bf23ae5e711b74c4fb2f5f2249f55f4afbec32bb23ac34c11#i1725603

Here's my explanation how I did it (it is probably the most complicated way to do it, but that's what you get for trial-and-error I guess..)

  • Hash the string using an online sha256 tool: http://www.xorbin.com/tools/sha256-hash-calculator - result is 47510706d76bc74a5d57bdcffc68c9bbbc2d496bef87c91de7f616129ac62b5f (in hex)
  • Read the vanitygen code (I knew it shows the private key in base58, so the solution must be inside the code). See the encode_privkey function.
  • Come up with this code:
Code:
	char print_buf[512];
// Notice this is the hex hash from above, and 0x80 (=128) prepended to it. I figured this out from encode_privkey.
unsigned char hash1[33] = {128, 0x47,0x51,0x07,0x06,0xd7,0x6b,0xc7,0x4a,0x5d,0x57,0xbd,0xcf,0xfc,0x68,0xc9,0xbb,0xbc,0x2d,0x49,0x6b,0xef,0x87,0xc9,0x1d,0xe7,0xf6,0x16,0x12,0x9a,0xc6,0x2b,0x5f};

encode_b58_check(hash1, sizeof(hash1), print_buf); // This actually computes sha256 twice, so that's why it was correct

printf("privkey: %s\n", print_buf);
  • Executing this code prints the private key in base58.
  • Create a new wallet.dat.
  • Use the pywallet tool (from github) to import the privkey in base58 into the new wallet.
  • Start bitcoin with -rescan. It takes some time but finds the 0.25BTC.
  • Send them to my main wallet.
  • wait.. go to sleep.
  • wake up, find the bounty in my main wallet.

Congrats to the other bounty takers. I think this is a nice system for "offline wallets".

1HNjbHnpu7S3UUNMF6J9yWTD597LgtUCxb
Leon
Newbie
*
Offline Offline

Activity: 14
Merit: 0



View Profile
July 15, 2011, 06:32:38 AM
 #70

Can someone explain this? Shocked
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500


Posts: 69


View Profile WWW
July 15, 2011, 06:40:54 AM
 #71

What the fuck, a link I gave helped.  Donations now people! I will never get any of these bounties myself!

I feel this if I'm not running Linux in this thread, I'm useless.  And I am pretty sure most people in the thread just think that about everybody in general lol

Leon
Newbie
*
Offline Offline

Activity: 14
Merit: 0



View Profile
July 15, 2011, 06:43:53 AM
 #72

What the fuck, a link I gave helped.  Donations now people! I will never get any of these bounties myself!

I feel this if I'm not running Linux in this thread, I'm useless.  And I am pretty sure most people in the thread just think that about everybody in general lol

I'm still so... very...... lost..... and......... confused.............  Cry
SgtSpike
Legendary
*
Offline Offline

Activity: 1400
Merit: 1005



View Profile
July 15, 2011, 07:28:21 AM
 #73

What the fuck, a link I gave helped.  Donations now people! I will never get any of these bounties myself!

I feel this if I'm not running Linux in this thread, I'm useless.  And I am pretty sure most people in the thread just think that about everybody in general lol
I'm with ya.  Sad  And I'm no good at compiling things, so everyone who posts source code without binaries makes me sad...
spruce
Full Member
***
Offline Offline

Activity: 140
Merit: 100


View Profile
July 15, 2011, 07:31:47 AM
 #74


I could see a future bitcoin client allowing redemption of coins sitting on "passphrases", and the creation of those same passphrases <snip>


Bingo! I bet that would be *very* popular with both the general public and the press, as long as it was relatively malware-proof.
EricJ2190
Full Member
***
Offline Offline

Activity: 134
Merit: 102


View Profile
July 15, 2011, 08:13:59 AM
 #75

Step-by-step guide to claiming coins, easy mode:

Step 1: Create a new bitcoin wallet.
Start bitcoin with a fresh wallet to keep from polluting your current wallet with these addresses. You can do this by temporarily moving your wallet.dat out of your bitcoin data directory, or by making bitcoin use a new data directory. The step is optional but highly recommended.

Step 2: Hash the string using SHA-256 to get the hex private key.
Go to http://www.xorbin.com/tools/sha256-hash-calculator and enter the string. For example, "Damnesia" gives "58c00ef49f161ac94e40cde5106227e09a6dc1840cf601c877b48d9ccc7ebdbe". This is your private key in hexadecimal form.

Step 3: Convert the hex to base58 bitcoin private key format.
Go to http://blockexplorer.com/q/hashtoaddress/x/80 replacing "x" with the hex private key. This tells BBE to encode a bitcoin address of version 80, which is used for private keys. For our example above, we'd go to http://blockexplorer.com/q/hashtoaddress/58c00ef49f161ac94e40cde5106227e09a6dc1840cf601c877b48d9ccc7ebdbe/80 . This gives us the encoded private key of "5JVNazqC4JucAHUeRLhcqrbGFAro2CySd2ptDaDnPe18G9tmuAs".

Step 4: Import the private key into your bitcoin wallet.
If you can build or obtain a copy of bitcoin with sipa's importwallet, start bitcoind (or bitcoin -server) and run "bitcoin importkey y" where y is the base58-encoded private we just created. Now just wait for it to finish scanning the block chain for transactions. If you can't get a patched client, get Python and pywallet. Stop bitcoin altogether and run "python pywallet.py --importprivkey=y" where y is the base58-encoded private key. Run bitcoin -rescan.

Step 5: Send the coins to your main wallet.
Send yourself the coins so nobody else can claim them. Once you get a confirmation or two, the coins are yours and you can close bitcoin and switch back to your primary wallet. Have fun!
BitcoinPorn
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500


Posts: 69


View Profile WWW
July 15, 2011, 08:48:46 AM
 #76

Donations for sharing that http://www.xorbin.com/tools/sha256-hash-calculator link can be given to 1Eeya8PUji6kFVwQYwgwrKvv7gHkk6GAdg that is now part of the Official Step by Step Guide btw.

I think that is as close as I'll come to this shit still, those easy instructions are still too much lol.  I was good until Step 4.

brendio
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500



View Profile
July 15, 2011, 09:40:08 AM
Last edit: July 15, 2011, 09:56:12 AM by brendio
 #77

Wahoo! Didn't see EricJ's post until after I made a claim a muck harder way, but glad to have learnt a bit along the way, even if it was a bit trial and error.

I have not programmed in Python before, but I thought is easier than C# for trying to muck around in since it doesn't need to be compiled. I made a copy of Joric's pywallet.py script and renamed it muckaround.py. I then added an option in def main() to take a string input.

Code:
	parser.add_option("--b58encodestr", dest="keystr", 
help="convert string to b58 key")

Then I canabalised the section where pywallet normally writes the wallet file and replaced it with:

Code:
		#Take sha256 hash of key string
priv_key = hashlib.sha256(options.keystr).digest()
#Convert hash to bitcoin address
priv_key = SecretToASecret(priv_key)
print priv_key

It took quite a bit of mucking around with various functions to get it right. I made quite a few different functions and had them print out the base 58 hash until I saw one that looked right.

I then imported it into a blank wallet with the original pywallet.py script. Checked the output addresses in block explorer to see there was still some bitcoin there and then fired up bitcoin with the -rescan option.

My method doesn't work for the Chinese version, since it comes up as "? ? ? ?" in the cmd window.

gentakin
Member
**
Offline Offline

Activity: 98
Merit: 10


View Profile
July 15, 2011, 10:02:16 AM
 #78

Donations for sharing that http://www.xorbin.com/tools/sha256-hash-calculator link can be given to 1Eeya8PUji6kFVwQYwgwrKvv7gHkk6GAdg that is now part of the Official Step by Step Guide btw.

Come on, this is on the first google results page. I didn't use that link because you posted about it, I actually found it myself. So your link didn't help me (I only read your post after taking the bounty). And I guess EricJ knows how to google as well.


Also, python for windows exists, so you could get a bounty even with a less developer friendly OS like windows. Smiley

1HNjbHnpu7S3UUNMF6J9yWTD597LgtUCxb
oOoOo
Full Member
***
Offline Offline

Activity: 238
Merit: 100


View Profile
July 15, 2011, 10:38:56 AM
 #79

I was good until Step 4.

Agreed. We urgently need a user-friendly import/export function in the client!

This is the most secure "wallet" there could possibly be. No no copies of wallet.dat, no encryption, no USB stick/paper/printing which can be lost, no malware which secretly steals my coins, no storage or bank vault, no life CD, no nothing! Just a simple passphrase I can remember. Since nothing is stored or written down anywhere this wallet concept is basically impossible to compromise.
The only flaw is that I might forget my passphrase, but I can still write hints/clues which can make my help remember while still being 100% secure. We need this.

.
pc
Sr. Member
****
Offline Offline

Activity: 253
Merit: 250


View Profile
July 15, 2011, 12:45:43 PM
 #80

Agreed. We urgently need a user-friendly import/export function in the client!
I'm sure it's coming. I've learned a lot compiling Bitcoin myself, though. Bitcoin is still very young, and still needs a lot of work to be completely usable by the masses.

This is the most secure "wallet" there could possibly be. No no copies of wallet.dat, no encryption, no USB stick/paper/printing which can be lost, no malware which secretly steals my coins, no storage or bank vault, no life CD, no nothing! Just a simple passphrase I can remember. Since nothing is stored or written down anywhere this wallet concept is basically impossible to compromise.
The only flaw is that I might forget my passphrase, but I can still write hints/clues which can make my help remember while still being 100% secure. We need this.

I'm pretty sure that it'd be much more secure to have a completely random number for your private key (as Bitcoin does by default), encrypt that number with your passphase (such as say encrypting your wallet.dat with TrueCrypt as some people do now anyway), and store that on "the cloud" somewhere if you're worried about losing it. With the amount of hashing/computing power already in the hands of bitcoin enthusiasts, trying to hash all dictionary words and passphrases up to a few words and seeing if they're the private key to money in the chain is going to be a lot easier than needing to find wallets and brute force each one separately. My sense of scale may be deceiving me, but that's my intuition at least.
Pages: « 1 2 3 [4] 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!