BitCrack - A tool for brute-forcing private keys

[NotATether]

I think we are not scanning 2^256 but 2^160... There are 2^160 of addresses not 2^256

I took range like this
24 random 0 to F + 40 x 0
like this
e3b2c44298fc1c149afbf4c80000000000000000000000000000000000000000

Thats a private key range not an address range.

Vanitysearch is currently the only program that scans an address space.

All other programs are searching based on private keys (which means that privkeys getting the same address is possible).

You are technically correct about this search being 2^160 though, because intricate details about public key spending mean that only the HASH160 has to match for the spend to work.

[jovica888]

I saw Large Bitcoin Collider project and I saw that they found their 1st address after "only" 7400 billions of keys

The pool found a private key to f92044c7924e5525c61207972c253c9fc9f086f7 (1PiFuqGpG8yGM5v6rNHWS3TjsG6awgEGA1) as 0x6bd3b27c591. At the time of the find, there were 0 BTC on that address. This is #43 of the puzzle transaction.

I think they found 0 BTC because in the moment of collision the balance was already spent

6bd3b27c591 = 7409811047825

So is this project real or fake?? I thought maybe they calculated the addresses they will find in the future and then they sent money to them and then show those addresses like "trophies"

[NotATether]

So is this project real or fake?? I thought maybe they calculated the addresses they will find in the future and then they sent money to them and then show those addresses like "trophies"

I wasn't there at the time but others around here have reported something suspicious with them, so I wouldn't touch it with a 10-foot pole if I were you.

[gembitz]

So is this project real or fake?? I thought maybe they calculated the addresses they will find in the future and then they sent money to them and then show those addresses like "trophies"

I wasn't there at the time but others around here have reported something suspicious with them, so I wouldn't touch it with a 10-foot pole if I were you.

nah its legit whenever im short on rent i mine me some hash collisions weeeee

[NotATether]

So is this project real or fake?? I thought maybe they calculated the addresses they will find in the future and then they sent money to them and then show those addresses like "trophies"

I wasn't there at the time but others around here have reported something suspicious with them, so I wouldn't touch it with a 10-foot pole if I were you.

nah its legit whenever im short on rent i mine me some hash collisions weeeee

Is it even still running?

[batareyka]

Hi to all.
  I have this question.
Suppose I knew private keys and their mirrors.
Example
Key
00000000000000000000000000000000000000000000000000001234567890
His address
18CmidJphhs7WYXR4jskcHaEF8sqHXbY2Q

And his twin brother
0000000000000000000000000000000000000000000000000000XXXXXXXXXX
His address
18CmidJphhs7WYXR4jskcHaEF8sqHXbY2Q
Can this help in some way in solving and finding the private key algorithm?
Could this be a relief in finding any other way to find a private key?

[itod]

Hi to all.
  I have this question.
Suppose I knew private keys and their mirrors.
Example
Key
00000000000000000000000000000000000000000000000000001234567890
His address
18CmidJphhs7WYXR4jskcHaEF8sqHXbY2Q

And his twin brother
0000000000000000000000000000000000000000000000000000XXXXXXXXXX
His address
18CmidJphhs7WYXR4jskcHaEF8sqHXbY2Q
Can this help in some way in solving and finding the private key algorithm?
Could this be a relief in finding any other way to find a private key?

You assumption is imposible, unless this would be first known collision known that two different private keys produce the same hash. So the question does not make sense, like you would asking what would be if you are at the same time at two different palces.

If this is the case, just publish this "twin brother" and you would become famous as a finder of the first collision of the Bitcoin hashes.

[batareyka]

Let's say I'm still in superposition and can be at two points at the same time.
I will return to my question.
Could it be easier to find a private key when you know the twin brothers?

I don't need glory.
One way or another, everything will become the property of mankind. (or it won't.)

[_Counselor]

Let's say I'm still in superposition and can be at two points at the same time.
I will return to my question.
Could it be easier to find a private key when you know the twin brothers?

I don't need glory.
One way or another, everything will become the property of mankind. (or it won't.)

No. Collisions still randomly distributed throughout whole keyspace. Some addresses may have no collisions at all.
If you find one collision, it will not help you find another collision or solve the ECDLP.

[batareyka]

I am very grateful to you for your answer

[mynonce]

Some addresses may have no collisions at all.

It is unbelievable, but each address exists approximately 2^96 times in the whole 2^256 bit space. (2^256 / 2^160 = 2^96)
So the chances that an address has no collisions at all are ~ 1 in 2^96, that means nearly zero.
We can be sure, that there are always collisions for an address.

[batareyka]

Some addresses may have no collisions at all.

It is unbelievable, but each address exists approximately 2^96 times in the whole 2^256 bit space. (2^256 / 2^160 = 2^96)
So the chances that an address has no collisions at all are ~ 1 to 2^96, that means nearly zero.
We can be sure, that there are always collisions for an address.

You are right they are and there are many of them.

[qiudaoyu]

Hi all,

I've been working on a tool for brute-forcing Bitcoin private keys.

.....

The performance is good, but can likely be improved. On my hardware (GeForce GT 640) it gets 9.4 million keys per second compressed, 7.3 million uncompressed.

....

Thoughts?


Thanks!

what I am going to say is purely theoretical, as I have never tried to brute force private keys.

I don´t think you will have any success doing this.
If you have enough hash power, you would probably make more money working as an honest node, mining.

Bitcoin protocol is secure enough. If it were brute force-able, bitcoin wouldn't be worth anything.

What i think you could do is to find a collision. If someone made an insecure private key, by just hashing some passphrase... maybe you could have some luck. I tried to do this once, but never found anything. I tried those terms like "wallet" "bitcoin". I found some addresses which used to have balances, but not anymore. But I was doing manually, like 1 address/3 minutes lol

If you could somehow at the same time check if any of those 9.4 million keys/sec have any balance in btc/bch/btg etc...

But I don't think any of that will work, and will be a waste of time and resources.

[soferox]

I have a question. Recently there was a flood and a notebook containing a offline wallet was damage and it destroyed part of a WIF private key, so now I basically have:

Kw**********(I have the next 40 characters, just not posting for obvious reasons), so I am missing 10 characters in all.

I also have the public key. Is it possible to use this software to start a search at Kw... and iterate over the missing 10 characters with the known 40 characters also in the key.

For example : 1GuqEWwH5iRZ89oo5xw26FqmyZFMWZrtPi - is the public address

and for the WIF private key I'd have Kw**********JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7

Any advice is appreciated and examples are even more appreciated

Thank you,
S.

[soferox]

searching for 58^10 on a binary level means I'd have to search 430,804,206,899,405,824 possible combos. With a CPU that would take centuries. I need to leverage GPUs to try and speed up the process.

[soferox]

no ,just 5 minutes:)

if you know Kw**********JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7, you can setup only for start "kw" with end "JzXaqU2rcFSoaLaehAQHqoQX1cWCo92tAA3ihLJ7"

Those 10 missing characters having a possible 58^10th power though. So it definitely won't take 5 minutes to brute force the 10 unknown characters. Unless what I am asking. can i set this software up to start at Kw and end with my 40 characters which would improve my chances by a lot using GPUs as using a CPU will not be possible in my lifetime.

If you can show an example of how I should configure the command to run this software I would greatly appreciate it, and happily tip once I recover the key.

[soferox]

no, propably you never tried this.

here example for find where start and stop is "5K" priate key:)

Code:

#wyszukiwanie v_1

import ecdsa
import hashlib
import base58
import time
import csv
import string
# base58 alphabet
alphabet = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'

adres_balance={}


def sha256(arg) :
	''' Return a sha256 hash of a hex string '''
	byte_array = bytearray.fromhex(arg)
	m = hashlib.sha256()
	m.update(byte_array)
	return m.hexdigest()

def b58encode(hex_string) :
	''' Return a base58 encoded string from hex string '''
	num = int(hex_string, 16)
	encode = ""
	base_count = len(alphabet)
	while (num > 0) :
		num, res = divmod(num,base_count)
		encode = alphabet[res] + encode
	return encode

def b58decode(v):
	''' Decode a Base58 encoded string as an integer and return a hex string '''
	if not isinstance(v, str):
		v = v.decode('ascii')
	decimal = 0
	for char in v:
		decimal = decimal * 58 + alphabet.index(char)
	return hex(decimal)[2:] # (remove "0x" prefix)

def privToWif(priv, verbose=False) :
	''' Produce a WIF from a private key in the form of an hex string '''
	# 1 - Take a private key
	_priv = priv.lower() # just for aesthetics
	if verbose : print("Private key: "+_priv)
	# 2 - Add a 0x80 byte in front of it
	priv_add_x80 = "80" + _priv
	if verbose : print("Private with x80 at beginning: "+priv_add_x80)
	# 3 - Perform SHA-256 hash on the extended key 
	first_sha256 = sha256(priv_add_x80)
	if verbose : print("sha256: " + first_sha256.upper())
	# 4 - Perform SHA-256 hash on result of SHA-256 hash 
	seconf_sha256 = sha256(first_sha256)
	if verbose : print("sha256: " + seconf_sha256.upper())
	# 5 - Take the first 4 bytes of the second SHA-256 hash, this is the checksum 
	first_4_bytes = seconf_sha256[0:8]
	if verbose : print("First 4 bytes: " + first_4_bytes)
	# 6 - Add the 4 checksum bytes from point 5 at the end of the extended key from point 2 
	resulting_hex = priv_add_x80 + first_4_bytes
	if verbose : print("Resulting WIF in HEX: " + resulting_hex)
	# 7 - Convert the result from a byte string into a base58 string using Base58Check encoding. This is the Wallet Import Format 
	result_wif = b58encode(resulting_hex)
	if verbose : print("Resulting WIF: " + result_wif)
	return result_wif

 


def zamien_na_adres(klucz): 
    #start = time.time()
# WIF to private key by https://en.bitcoin.it/wiki/Wallet_import_format
    Private_key = base58.b58decode_check(klucz) 
    Private_key = Private_key[1:]

# Private key to public key (ecdsa transformation)
    signing_key = ecdsa.SigningKey.from_string(Private_key, curve = ecdsa.SECP256k1)
    verifying_key = signing_key.get_verifying_key()
    public_key = bytes.fromhex("04") + verifying_key.to_string()

# hash sha 256 of pubkey
    sha256_1 = hashlib.sha256(public_key)

# hash ripemd of sha of pubkey
    ripemd160 = hashlib.new("ripemd160")
    ripemd160.update(sha256_1.digest())

# checksum
    hashed_public_key = bytes.fromhex("00") + ripemd160.digest()
    checksum_full = hashlib.sha256(hashlib.sha256(hashed_public_key).digest()).digest()
    checksum = checksum_full[:4]
    bin_addr = hashed_public_key + checksum
    #print(time.time()-start)
# encode address to base58 and print
    return base58.b58encode(bin_addr) 

# zmienne do wyszukiwania

############################################
# wyszukiwanie min max
############################################

def string_to_ord(dana):
    x = []
    
    for character in dana:
        x.append(ord(character))
        
    return x
    
moje ={}    
def _binary_search(szukana,x,y, zakres_low, zakres_high):
    
    """Binary search that returns (index, low, high) of the final search step"""
    while zakres_low <= zakres_high:
        index = (zakres_low + zakres_high) // 2
        dane,war =generuj_dane(index)
        
        current_element = dane[war][x:y]
        #zmiana na int
        current_val=string_to_ord(current_element)
        szukana_val=string_to_ord(szukana)
        #print(current_element)
        #print(current_val)
        #print(szukana_val)
        if current_element[41:42]=="N": moje[dane]=war
        if current_element[x:y] == szukana[x:y]:
            return (index, zakres_low, zakres_high)
        elif current_val[x:y] < szukana_val[x:y]:
            zakres_low = index + 1
        elif current_val[x:y] > szukana_val[x:y]:
            zakres_high = index - 1

    return (-1, 0, 0)

def lower_bound(szukana,x,y,zakres_min,zakres_high):
    """Returns the index of the first occurrence of element in array"""
    index = -1
    first_index, low, high = _binary_search(szukana,x,y, zakres_min, zakres_high)
    index = first_index
    while first_index != -1:
        index = first_index
        first_index, low, high = _binary_search(szukana,x,y, low, first_index-1)
    index=hex(index)
    index = index.replace('0x','').replace('L','').zfill(64)
    return index
    
def upper_bound(szukana,x,y,zakres_min,zakres_high):
     """Returns the index of the last occurence of element in array"""
     index = -1
     first_index, low, high = _binary_search(szukana,x,y, zakres_min, zakres_high)
     index = first_index
     while first_index != -1:
         index = first_index
         first_index, low, high = _binary_search(szukana,x,y, first_index+1, high)
     index=hex(index)
     index = index.replace('0x','').replace('L','').zfill(64)
     return index    
     
def szukaj(szukana,x,y,low, max):
    """Basic binary search"""
    min_w=lower_bound(szukana,x,y,low,max)
    #print(min_w)
    max_w=upper_bound(szukana,x,y,int(min_w,16),max)
    #print(max_w)
    return min_w, max_w
    
    
####################################################################
def generuj_dane(wartosc):
    war = hex(wartosc)
    war = war.replace('0x','').replace('L','').zfill(64)
    return generuj(war), war
 
def search (target): 
    
    # Definiujmey zmienne, przechowujące zakres, który badamy
    
    left =  int("000000000000000000000000000000000000007777777eb4b4d68d49da3408a",16)
    right = int("fffffffffffffffffffffffffffffffffffffffffffffeb4b4d68d49da3408a",16) 
    index = 0 
    
    # Sprawdzamy czy zakres który jest badany, nie jest pusty
    
    while left < right: 
        
        # dzielimy listę na 2 zbiory
        
        index = (left + right) // 2 
        #print(index)
        # Jeżeli znaleźliśmy liczbę to kończymy
        # jeżeli lewa strona, jest mniejsza do ją odrzucamy
        # a jeżeli nie, to odrzucamy prawą stronę
         
        
        dane,war =generuj_dane(index)
        #print(dane[war])
        if dane[war][0:6]==target: 
            #print(dane[war])
            return war 
        else: 
            if dane[war][0:6]<target: 
                left = index+1 
            else: 
                right = index 
                
    return -1 



 
step=1

def generuj(start):
    dana={}
    set_a=[]
    i = 0
     
    while i < 1:
        wif = privToWif(start)
        adres = zamien_na_adres(wif)
        set_a.append(adres)
        for letter in set_a:
            #print("adres set "+str(letter,'utf-8'))
            adres = str(letter,'utf-8')
            set_a.remove(letter)
            dana[start]=wif
        if str(adres) in adres_balance:
            print(" adres : " + str(adres))
            print(" wif   : " + str(wif))
            print(" value : " + str(adres_balance[adres]))
            with open("/mnt/hgfs/Nowy/hack2.csv", "a") as duplikatf:
                duplikatf.write(str(adres) + "," +str(wif)+'\n')
        #with open("/mnt/hgfs/Nowy/dane.csv", "a") as duplikatf:
                #duplikatf.write(str(1) + "," +str(wif[0:6])+","+str(wif[6:42])+","+str(wif[42:51])+'\n') 
           
        i+=1
    return dana

adres_balance={}

 


min_w, max_w=szukaj("5K",0,2,int("1",16),int("fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd036413b",16))
print(min_w + ' ' + max_w)
print((int(max_w,16) - int(min_w,16)))
 
print(moje)
 

I appreciate the help. What coding language is this, python? and how would I format my key into here? I am still a bit skeptical how it can solve 10 missing characters in 5 minutes as you say.

Thanks,
S.

[soferox]

I don't think this will help. I have already done something similar which is how I cam to determine it will take to long. But thank you for offering help. I appreciate it.

Thanks,
S.

[PawGo]

Hi,
1) you may check my program WifSolver to see if it helps.
https://github.com/PawelGorny/WifSolver

2) in your case I think it is possible to convert program into task for BitCrack. Using Gpu solution will be find much faster. Let me know if you need help with configuring bitcrack - how to configure range start/stop, stride etc

3) BUT! If you say that you know publickey, we may use even faster solution, Kangaroo. I have prepared a special version of it to work with custom stride, somewhere on the forum I post explanation how it works. If it works, for 10 missing characters result will be done in VERY reasonable time.

Check the post:
https://bitcointalk.org/index.php?topic=5315607.msg56298967#msg56298967

[mynonce]

3) BUT! If you say that you know publickey, we may use even faster solution, Kangaroo. I have prepared a special version of it to work with custom stride, somewhere on the forum I post explanation how it works. If it works, for 10 missing characters result will be done in VERY reasonable time.

If there is an outgoing transaction, then with the un/compressed public key and kangaroo or pollard, also possible.

Sadly this was an offline wallet, so it only ever had incoming transaction. It has never sent out.

@PawGo
New thread for that case
Missing 10 Characters in WIF Private Key - Can I recover them?
http://bitcointalk.org/index.php?topic=5379131.0