Bitcoin Forum
January 27, 2021, 05:23:03 PM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Finders keepers? I found an address with 50 BTC via brain wallet!  (Read 13209 times)
silveraz
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
January 18, 2014, 04:58:04 PM
 #1

I was playing around with the brain wallet and checking the addresses with blockchain. I found a wallet with a balance of 50 BTC! The coins were put in the wallet in 2011 and there hasn't been any activity since. I don't want to steal someones coins but if they are "lost" I don't want to have them just sitting there. It's a lot of money!  I was thinking of sending a small amount into the wallet with a message letting the person know the situation. If nothing happens after a while I guess it's "Finders Keepers, Losers Weepers." What's the right thing to do in this situation?
1611768183
Hero Member
*
Offline Offline

Posts: 1611768183

View Profile Personal Message (Offline)

Ignore
1611768183
Reply with quote  #2

1611768183
Report to moderator
1611768183
Hero Member
*
Offline Offline

Posts: 1611768183

View Profile Personal Message (Offline)

Ignore
1611768183
Reply with quote  #2

1611768183
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1611768183
Hero Member
*
Offline Offline

Posts: 1611768183

View Profile Personal Message (Offline)

Ignore
1611768183
Reply with quote  #2

1611768183
Report to moderator
1611768183
Hero Member
*
Offline Offline

Posts: 1611768183

View Profile Personal Message (Offline)

Ignore
1611768183
Reply with quote  #2

1611768183
Report to moderator
1611768183
Hero Member
*
Offline Offline

Posts: 1611768183

View Profile Personal Message (Offline)

Ignore
1611768183
Reply with quote  #2

1611768183
Report to moderator
hilariousandco
?
Global Moderator
Legendary
*
Offline Offline

Activity: 2604
Merit: 1908


Join the world-leading crypto sportsbook NOW!


View Profile
January 18, 2014, 05:08:37 PM
 #2

I was playing around with the brain wallet and checking the addresses with blockchain. I found a wallet with a balance of 50 BTC! The coins were put in the wallet in 2011 and there hasn't been any activity since. I don't want to steal someones coins but if they are "lost" I don't want to have them just sitting there. It's a lot of money!  I was thinking of sending a small amount into the wallet with a message letting the person know the situation. If nothing happens after a while I guess it's "Finders Keepers, Losers Weepers." What's the right thing to do in this situation?

Maybe I missed something here but how do you plan on claiming the coins exactly? And how do you know they're not saving the coins? Just because the wallet is dormant doesn't mean they're lost.

  ▄▄█████▄▄███████▄▄
 ███████████
     ▀▀███▄
█████████████        ▀██▄
█████████████          ██▄
███████████            ██▄
██▀▀█████▀▀              ██
██                       ██
██                       ██
▀██                     ██▀
 ▀██                   ██▀
  ▀██▄               ▄██▀
    ▀███▄▄       ▄▄███▀
       ▀▀█████████▀▀
███████████    LEADING CRYPTO SPORTSBOOK & CASINO    ███████████
MULTI
CURRENCY
1500+
CASINO GAMES
CRYPTO EXCLUSIVE
CLUBHOUSE
FAST & SECURE
PAYMENTS
..PLAY NOW!..
malevolent
can into space
Staff
Legendary
*
Offline Offline

Activity: 2814
Merit: 1505



View Profile
January 18, 2014, 05:10:10 PM
 #3

I was playing around with the brain wallet and checking the addresses with blockchain. I found a wallet with a balance of 50 BTC! The coins were put in the wallet in 2011 and there hasn't been any activity since. I don't want to steal someones coins but if they are "lost" I don't want to have them just sitting there. It's a lot of money!  I was thinking of sending a small amount into the wallet with a message letting the person know the situation. If nothing happens after a while I guess it's "Finders Keepers, Losers Weepers." What's the right thing to do in this situation?

May I ask how long it took you to find out the passphrase leading to this address? Did you automate this process or did you do it manually?

I wouldn't be sure what to do in such a situation, you can either leave it where it is because it's not actually yours, or you can send it to an address of your own to ensure no one else can steal it, but post the address and the contact details in public in multiple places (bitcointalk.org, reddit.com/r/bitcoin, etc.) so that the owner (if he still has access to to the private key or passphrase) can contact you if he finds out about his missing BTC.

silveraz
Newbie
*
Offline Offline

Activity: 10
Merit: 0


View Profile
January 18, 2014, 05:27:12 PM
 #4

May I ask how long it took you to find out the passphrase leading to this address? Did you automate this process or did you do it manually?

I wouldn't be sure what to do in such a situation, you can either leave it where it is because it's not actually yours, or you can send it to an address of your own to ensure no one else can steal it, but post the address and the contact details in public in multiple places (bitcointalk.org, reddit.com/r/bitcoin, etc.) so that the owner (if he still has access to to the private key or passphrase) can contact you if he finds out about his missing BTC.

I found it manually. I was just typing in random words. I've been doing it for a few months now and probably checked a couple hundred addresses.
Reyhs
Newbie
*
Offline Offline

Activity: 56
Merit: 0


View Profile
January 18, 2014, 06:25:33 PM
 #5

Do nothing.
bismuth
Newbie
*
Offline Offline

Activity: 15
Merit: 0


View Profile
January 18, 2014, 06:53:26 PM
 #6

Can't believe you guessed someones passphrase. Stealing the coins would make you a pickpocket. If you found a wallet on the street, 'cause you have a habit of "looking for lost objects", I would hope you would keep the wallet and attempt to contact the owner while keeping his valuables safe. There is a thing called karma if you're inclined to believe in such ideas.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 18, 2014, 07:02:30 PM
 #7

If your point is to warn the user that their BTC is likely to be stolen then perhaps consider creating a raw tx that sends their funds back to their address (so they can understand that their address is compromised without any loss of funds).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
RoxxR
Full Member
***
Offline Offline

Activity: 180
Merit: 100


View Profile
January 18, 2014, 07:08:14 PM
 #8

Move the funds to a secure address (if you have found this brainwallet manually, it means it is very vulnerable to automated bruteforcing attacks by hackers) then reveal the passphrase to give an example of how NOT to choose a passphrase.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 18, 2014, 07:09:52 PM
 #9

Move the funds to a secure address (if you have found this brainwallet manually, it means it is very vulnerable to automated bruteforcing attacks by hackers) then reveal the passphrase to give an example of how NOT to choose a passphrase.

This is also a good suggestion (but I hope if you do this you will plan to give back the 50 BTC to the original owner - so do not publish the password before they have a chance to show their ownership because once you have published it there will be no way to know).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
dailycoins
Full Member
***
Offline Offline

Activity: 139
Merit: 100

Dailycoins.net


View Profile WWW
January 18, 2014, 07:26:20 PM
 #10

Do nothing. It's not your wallet or your concern. You are about to steal someones savings even though he/she would never touch them again. You could as well steal someones car from their yard and drive it to your own garage and say that it's better to keep it there just in case someone would steal it.

MicroGuy
Legendary
*
Offline Offline

Activity: 2380
Merit: 1014


goldcoinproject.org


View Profile
January 18, 2014, 07:27:15 PM
 #11

You could withdraw the funds and move them into your wallet. Then send a small about of BTC to the address using blockchain.info and attach a message with your contact information. The only problem is the owner would have to look at blockchain.info to see the message. Keep the passphase a secret, otherwise it will be impossible for you to know when the legitimate owner contacts you.  Or you could do nothing.

Sending messages: https://bitcointalk.org/index.php?topic=413666.0
Thom
Member
**
Offline Offline

Activity: 112
Merit: 10


Be kind man, don't be mankind


View Profile WWW
January 18, 2014, 07:30:03 PM
 #12

I was about to leap on this thread to call bullshit, but seems people do in fact pick wildly insecure brainwallet passphrases.

I mean, even a classic phrase like...
Quote
it was the best of times it was the worst of times
has had 1 whole coin in it!
https://blockchain.info/address/17WenQJaYvqCNumebQU54TsixWtQ1GQ4ND

and it's literally the first thing i tried.

ridiculous. I guess I believe OP now.

I guess the moral is never make a memorable brainwallet Tongue

It's short for Thomassina ⚥ • BTC veteran, Bitcointalk neophyte • BTC1THoM4cn8hHTyE637DEPMCLcerZe1mL1X • Cex.IO Cloud Mining - don't risk preorders, mine & trade now!
༺ ☤ Curecoin - Fold Proteins, Earn Coins! ☤   CURE: B8cjEuGKH3qofsxGGEVYdTwUrpfCTxQP7u ༻
medUSA
Legendary
*
Offline Offline

Activity: 952
Merit: 1003


--Signature Designs-- http://bit.ly/1Pjbx77


View Profile WWW
January 18, 2014, 07:36:12 PM
 #13

The noble thing to do is to move the BTC to a new address and leave a message in the tx for the owner to contact you.
Question is how can you verify the one who contacts you with the correct passphrase is the REAL owner?
He could be just another brainwallet cracker...
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 18, 2014, 07:39:31 PM
 #14

Question is how can you verify the one who contacts you is the REAL owner?
He could be just another brainwallet cracker...

Indeed that is the problem and "the lesson" people need to learn about creating a "brain wallet". If you pick any sort of phrase, lyric or quote that is known you are going to lose your coins.

Perhaps the best thing (if the OP is determined to move those coins) is to just send them to either a charity or to some project so at least they are used for something to benefit the ecosystem.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
RoxxR
Full Member
***
Offline Offline

Activity: 180
Merit: 100


View Profile
January 18, 2014, 07:39:33 PM
 #15

The noble thing to do is to move the BTC to a new address and leave a message in the tx for the owner to contact you.
Question is how can you verify the one who contacts you with the correct passphrase is the REAL owner?
He could be just another brainwallet cracker...

Exactly.  
Ritual
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
January 18, 2014, 07:54:14 PM
 #16

I don't understand this.

Does this mean that anyone exploring can pick phrases at random and try them against my wallet til it breaks (best of luck heh)?

OK, so I can see that brainwallet generates a private key from a phrase, which you can then throw at whatever.

But where does THIS go? Like, once the phrase is turned into a hash, where exactly do you start throwing this at addresses?

I ask purely because I am now concerned for the security of my wallet. Wallet security is something I have been trying to figure out, but haven't yet quite grasped.

I don't get it? Can anyone explain? I'm about to deposit significant funds (to me) to bitcoins, and I don't want to get attacked like this :/

Rit/

Newbie oriented mining site - http://cryptoexperiment.wordpress.com/ --- Free BTC - http://freebitco.in/?r=231531
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1004


Ian Knowles - CIYAM Lead Developer


View Profile WWW
January 18, 2014, 07:59:25 PM
 #17

But where does THIS go? Like, once the phrase is turned into a hash, where exactly do you start throwing this at addresses?

The private key is a SHA256 of your "pass phrase" (when you use something like brainwallet.org).

So the problem is that your "pass phrase" needs to something that someone with a lot of computing power and a huge set of "common pass phrases" won't find.

You can be secure using a "pass phrase" but you would probably want to consider doing a few things to be sure:

1) Length should be 20 characters minimum (better 40 or more).

2) You should mix languages, slang as well as numbers and special characters.

3) Do not pick any lyric or "saying" or famous quote (for sure people are mining these as we post).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Ritual
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
January 18, 2014, 08:08:28 PM
 #18

Sorry, maybe I am not being clear.

Let's say someone did guess my passphrase, and they knew my BTC address.

How in the world could they transfer? Are there transfer services where these two are all you need?Huh

Ritual.

Ps: /paranoid mode on

Newbie oriented mining site - http://cryptoexperiment.wordpress.com/ --- Free BTC - http://freebitco.in/?r=231531
RoxxR
Full Member
***
Offline Offline

Activity: 180
Merit: 100


View Profile
January 18, 2014, 08:12:13 PM
 #19

Sorry, maybe I am not being clear.

Let's say someone did guess my passphrase, and they knew my BTC address.

How in the world could they transfer? Are there transfer services where these two are all you need?Huh

Ritual.

Ps: /paranoid mode on

Www.brainwallet.org
odolvlobo
Legendary
*
Offline Offline

Activity: 3108
Merit: 1771



View Profile
January 18, 2014, 08:20:52 PM
 #20

I don't understand this.
Does this mean that anyone exploring can pick phrases at random and try them against my wallet til it breaks (best of luck heh)?

This discussion is not about cracking someone's wallet by guessing their password. The discussion is about using common or simple phrases as the source for a private key.

This post demonstrates the problem very clearly:

I mean, even a classic phrase like...
Quote
it was the best of times it was the worst of times
has had 1 whole coin in it!
https://blockchain.info/address/17WenQJaYvqCNumebQU54TsixWtQ1GQ4ND
and it's literally the first thing i tried.
...
I guess the moral is never make a memorable brainwallet Tongue

Buy stuff on Amazon with BTC or convert Amazon points to BTC here: Purse.io
Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!