Bitcoin Forum
March 29, 2024, 11:36:08 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 »  All
  Print  
Author Topic: Prize for importing private key [WON]  (Read 18039 times)
alikim
Member
**
Offline Offline

Activity: 80
Merit: 11


View Profile
February 21, 2011, 10:39:46 AM
 #61

instead of speaking Chinese here, you'd better help normal people to understand in plain English how bitcoin wallets work...  Sad

bitcoins will never be popular if it will be a toy for a bunch of programmers
1711712168
Hero Member
*
Offline Offline

Posts: 1711712168

View Profile Personal Message (Offline)

Ignore
1711712168
Reply with quote  #2

1711712168
Report to moderator
1711712168
Hero Member
*
Offline Offline

Posts: 1711712168

View Profile Personal Message (Offline)

Ignore
1711712168
Reply with quote  #2

1711712168
Report to moderator
1711712168
Hero Member
*
Offline Offline

Posts: 1711712168

View Profile Personal Message (Offline)

Ignore
1711712168
Reply with quote  #2

1711712168
Report to moderator
The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711712168
Hero Member
*
Offline Offline

Posts: 1711712168

View Profile Personal Message (Offline)

Ignore
1711712168
Reply with quote  #2

1711712168
Report to moderator
1711712168
Hero Member
*
Offline Offline

Posts: 1711712168

View Profile Personal Message (Offline)

Ignore
1711712168
Reply with quote  #2

1711712168
Report to moderator
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 21, 2011, 11:39:46 AM
 #62

Yeah, we need to do a better job of explaining the mechanics of Bitcoin to a non-technical audience. It's important if only so more people can learn to trust it. Right now unless you're fluent in computer science Bitcoin is a black box and the existing explanations boil down to "trust us, it works".

This is a well discussed problem. It's just a case of how to do it.
Binford 6100
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


PGP OTC WOT: EB7FCE3D


View Profile
February 21, 2011, 11:43:35 AM
 #63

Yeah, we need to do a better job of explaining the mechanics of Bitcoin to a non-technical audience. It's important if only so more people can learn to trust it. Right now unless you're fluent in computer science Bitcoin is a black box and the existing explanations boil down to "trust us, it works".

http://prezi.com/tbpky5fm7qbl/bitcoin-new-p2p-currency/

what do you think of this ^^ presentation?
suitable for lay men? still too complicated? where/how would you modify it for non-techies?
audience for that presentation was a local hackerspace meeting. mostly tech savvy folks.

You can't build a reputation on what you are going to do.
hendi
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile
February 21, 2011, 01:25:49 PM
 #64

I'll also throw in 50 of my own coins for a web page that, in JavaScript, accepts such a file (copy/paste into a text area), formats a file like the above into binary and then generates a QRcode using the html5 canvas library available here:

   http://www.cipherbrain.be/qrcode/

In other words, I should be able to take a .bitkeys file, copy/paste it into a web page and without any network traffic be then able to print my keys out onto paper. Don't cheat and use your own server side code or Google chartserver - I want to be able to trust that the keys never left my computer. HTML5 app because that way it'll work on everyones systems.

http://hendi.name/bitcoin/ Like that?

You paste your .bitkeys file into the textarea, then for each key a QRcode is generated. Each generated code is labeld with its heading, so you can print everything on paper and then cut out individually keys. If you decode an QRcode, each restores to a valid .bitkeys file, i.e. starting with the v=1 line, then including the key and comment.
Hal (OP)
VIP
Sr. Member
*
expert
Offline Offline

Activity: 314
Merit: 3799



View Profile
February 21, 2011, 10:56:26 PM
 #65

I'm kind of surprised that Mike's transactions didn't show up in my wallet. Instead it still counts that address as having a positive balance. Granted it is non-standard for payments from my wallet keys to originate elsewhere, but there are other ways it could happen, involving restoring from backup.

Well I just looked at the code, and it does only watch for transactions that pay me. However it looks like the new release will rescan the block chain on startup; that will probably fix it. I wonder how costly it would be to watch for outgoing transactions all the time.

I just upgraded to 0.3.20, and while it didn't find Mike's transaction automatically, I ran with the new -rescan switch and that picked it up. Only took 10 or 15 seconds on my Macbook Air.

Hal Finney
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 21, 2011, 11:22:54 PM
 #66


Yes, very close!

There's a small bug. If there are empty lines you generate qrcodes that contain only "v=1" and nothing else. That's not a valid .bitkeys file going by my totally informal specification.

The format it prints to is not quite what I had in mind, it includes all the GUI stuff. You might want to make it hide the text area and button after the button is pressed, so when I print I only get a sheet of QRcodes.

Fix those two things and I'll send you 50 coins.
riX
Sr. Member
****
Offline Offline

Activity: 326
Merit: 252



View Profile
February 21, 2011, 11:31:00 PM
 #67

Yeah, we need to do a better job of explaining the mechanics of Bitcoin to a non-technical audience. It's important if only so more people can learn to trust it. Right now unless you're fluent in computer science Bitcoin is a black box and the existing explanations boil down to "trust us, it works".

http://prezi.com/tbpky5fm7qbl/bitcoin-new-p2p-currency/

what do you think of this ^^ presentation?
suitable for lay men? still too complicated? where/how would you modify it for non-techies?
audience for that presentation was a local hackerspace meeting. mostly tech savvy folks.

Very nice, you should make a new thread, people will miss it here.

Sorry, I can't help you with your lost password.

PGP key: 0x9F31802C79642F25
Binford 6100
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


PGP OTC WOT: EB7FCE3D


View Profile
February 21, 2011, 11:43:07 PM
 #68

Yeah, we need to do a better job of explaining the mechanics of Bitcoin to a non-technical audience. It's important if only so more people can learn to trust it. Right now unless you're fluent in computer science Bitcoin is a black box and the existing explanations boil down to "trust us, it works".

http://prezi.com/tbpky5fm7qbl/bitcoin-new-p2p-currency/

what do you think of this ^^ presentation?
suitable for lay men? still too complicated? where/how would you modify it for non-techies?
audience for that presentation was a local hackerspace meeting. mostly tech savvy folks.

Very nice, you should make a new thread, people will miss it here.

i'm ok with not reaching the full potential audience by hiding the link here
i could just add it to my signature and see who picks up the link

You can't build a reputation on what you are going to do.
hendi
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile
February 22, 2011, 07:16:46 AM
 #69

Cool! If there's anything else you (or someone else) wants this small script to do, don't hesitate to ask Smiley

There's a small bug. If there are empty lines you generate qrcodes that contain only "v=1" and nothing else. That's not a valid .bitkeys file going by my totally informal specification.
I now validate each line by checking for a valid base58 bitcoin address followed by the blocknumber. If an invalid line is found, you'll get notified with a popup. I'm not sure if this is the best notification style, I'll try later with showing the .bitkeys file and highlight wrong formatted lines, maybe that's better?

The format it prints to is not quite what I had in mind, it includes all the GUI stuff. You might want to make it hide the text area and button after the button is pressed, so when I print I only get a sheet of QRcodes.
Done.
JollyGreen
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
February 22, 2011, 07:50:38 AM
 #70

Yeah, we need to do a better job of explaining the mechanics of Bitcoin to a non-technical audience. It's important if only so more people can learn to trust it. Right now unless you're fluent in computer science Bitcoin is a black box and the existing explanations boil down to "trust us, it works".

This is a well discussed problem. It's just a case of how to do it.

Did anyone ever come up with an algorithm they wanted to release that generates a public key from a private key?  Smiley
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 22, 2011, 09:52:08 AM
 #71

I sent you 50 coins Hendi, thanks. That program is still kind of useless without the implementation of key import/export. Perhaps somebody will step up at some point and implement it.
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 22, 2011, 09:52:28 AM
 #72

JollyGreen, I posted the (single) line of code you need to do that with the Bouncy Castle implementation above, see here:

   pub = ecParams.getG().multiply(priv).getEncoded();

Note that the multiply method here is an elliptic curve point multiplication, not an arithmetic multiply.

If you're asking what an EC point multiply is, I suggest reading this:

  http://www.imperialviolet.org/2010/12/04/ecc.html

or possibly asking Hal, as he is the professional cryptographer on this forum not me Wink
hendi
Newbie
*
Offline Offline

Activity: 57
Merit: 0


View Profile
February 22, 2011, 11:02:31 AM
 #73

I sent you 50 coins Hendi, thanks. That program is still kind of useless without the implementation of key import/export. Perhaps somebody will step up at some point and implement it.
Cool, thanks! My first earned bitcoins Cool

After exams I'll have a look at the bitcoin c++ source code and try to come up with the import/export.
JollyGreen
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
February 23, 2011, 06:33:40 AM
 #74

JollyGreen, I posted the (single) line of code you need to do that with the Bouncy Castle implementation above, see here:

   pub = ecParams.getG().multiply(priv).getEncoded();

Note that the multiply method here is an elliptic curve point multiplication, not an arithmetic multiply.

If you're asking what an EC point multiply is, I suggest reading this:

  http://www.imperialviolet.org/2010/12/04/ecc.html

or possibly asking Hal, as he is the professional cryptographer on this forum not me Wink


How was Hal able to get the private key?  It seems the private key is stored in a CPrivKey structure in bitcoin and that is stored in the wallet.  Are the bytes that make up the CPrivKey structure the same as the base58 decoded bytes of Hal's private key?

I'm new to all this, but it looks like CPrivKey structures are DER encoded private keys.  Can you explain what it means to DER encode or decode something and is Hal's private key DER encoded?
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 23, 2011, 08:18:46 AM
 #75

Presumably Hal modified his copy of BitCoin to extract the private key, or maybe he used Gavins bitcointools package which reads the database directly.

DER encoding is just a way of wrapping up a binary data structure in a 'somewhat' self describing form. If you read up on Google protocol buffers, DER/ASN1 encoding is a very similar concept to that but much older and not at all widely used, as it's kind of a pain to deal with. The key Hal posted is not DER encoded. The DER encoded privkey structure has some goop in there that isn't necessary, it's only the 256 bit value that is important.
JollyGreen
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
February 23, 2011, 08:32:07 AM
 #76

Presumably Hal modified his copy of BitCoin to extract the private key, or maybe he used Gavins bitcointools package which reads the database directly.

DER encoding is just a way of wrapping up a binary data structure in a 'somewhat' self describing form. If you read up on Google protocol buffers, DER/ASN1 encoding is a very similar concept to that but much older and not at all widely used, as it's kind of a pain to deal with. The key Hal posted is not DER encoded. The DER encoded privkey structure has some goop in there that isn't necessary, it's only the 256 bit value that is important.

It seems from the bitcoin code that the private keys are stored in CPrivKey structures as DER encoded private keys.  Is there a way to decode these out of the DER structure?  Is there a way to pull just the private key from the EC_KEY structure?

If you look at the CKey class, they store the private key in the EC_KEY* pkey structure, but the only way it gets into or out of that class is through a CPrivKey, which looks to be DER encoded or decoded into pkey.

I'm trying to figure out how to get the raw 256 bit value from the private keys stored in the wallet.  There seems to be no direct route, so I'm trying to create one.

I think the basic idea is that people want to backup their coins on paper, so it seems one way to do that is to store the private key on paper in a few different methods.  I can also see it being useful if the bitcoin client offered this paper backup method as an option.
Binford 6100
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500


PGP OTC WOT: EB7FCE3D


View Profile
February 23, 2011, 08:36:20 AM
 #77

How was Hal able to get the private key?  It seems the private key is stored in a CPrivKey structure in bitcoin and that is stored in the wallet.  Are the bytes that make up the CPrivKey structure the same as the base58 decoded bytes of Hal's private key?

I'm new to all this, but it looks like CPrivKey structures are DER encoded private keys.  Can you explain what it means to DER encode or decode something and is Hal's private key DER encoded?

search for forum where a bounty was for wallet key dump tool
keywords grondilu, wallet dump key ...

or as mike wrote, try to mod the client. i'm not sure if bitcointools are as userfriendly as the solution of grondilu

not answering how to remove the key from a wallet.
if you need to get hands on private keys, please start with an empty new wallet to avoid any losses

unless you know what you're doing

I think the basic idea is that people want to backup their coins on paper, so it seems one way to do that is to store the private key on paper in a few different methods.  I can also see it being useful if the bitcoin client offered this paper backup method as an option.
imho no way to get this to the main client. dump keys maybe but no print outs.
this ain't steampunk

You can't build a reputation on what you are going to do.
mgiuca
Newbie
*
Offline Offline

Activity: 25
Merit: 7


View Profile
February 23, 2011, 11:43:12 PM
 #78

@JollyGreen: I have had a closer look at the DER structure for the 279-byte private key. Not looking at the OpenSSL code -- it is rat nests of macros. Just experimenting with my own data. Looks like the 256-bit "actual private key" is located in bytes 9 through 40 (inclusive) of the DER key. The public key is located in bytes 214 through 279. All of the remaining bytes (0 through 8 and 41 through 213) are constant.

Therefore, grabbing out bytes 9 through 40 of the private key dumped by bitcointools is sufficient for getting the 256-bit key. What I don't understand still is how to derive the public key from this private key. I know you are supposed to find a number called "G" and elliptically-multiply it with the private key. But I have no idea how to a) find G, or b) do elliptic curve multiplication.
Mike Hearn
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1128


View Profile
February 24, 2011, 10:06:48 AM
 #79

G is a constant specified by the curve parameters. BitCoin uses the secp256k1 curve in which G is equal to

  02 79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798

in compressed form.

If you want to do what we've been doing on this thread I suggest you either:

a) Wait for me or somebody else to release code showing how to do it

b) Study the lightweight Bouncy Castle API and see how to do EC crypto with that, as it's probably easier to understand than OpenSSL



JollyGreen
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
February 24, 2011, 10:17:39 AM
 #80

G is a constant specified by the curve parameters. BitCoin uses the secp256k1 curve in which G is equal to

  02 79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798

in compressed form.

If you want to do what we've been doing on this thread I suggest you either:

a) Wait for me or somebody else to release code showing how to do it

b) Study the lightweight Bouncy Castle API and see how to do EC crypto with that, as it's probably easier to understand than OpenSSL

Hey mike,
Thanks for the help once again Smiley  I actually have gotten some java code to run that is ready to do the math for generating a public key from the private key.  I just don't have the Base58.decodeToBigInteger function.  Is that something you could release? Smiley  It would save me some time.

Pages: « 1 2 3 [4] 5 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!