Collection of 18.509 found and used Brainwallets

[MrFreeDragon]

I still beleive that the most brain wallets are not serious wallets, and used for test/education/fun transactions. For these transactions (as well as for some quick transit transactions) no need to create the crypto secured wallet, and the brain wallet is used.

Of course there are some real wallets generated in "brain wallet way", but such wallets can be counted on one hand.

By the way, what do you think about time locked wallets based on easy brain wallets? Let's say we take the easy passphrase "bitcoin", hence the corresponding brain compressed address to it is 18VkRiDhFu2Z17AvtpU3vL2LbTXDzCvDVo (this address has already been used of course).

However, we take the public key of this address (02218ad6cdc632e7ae7d04472374311cebbbbf0ab540d2d08c3400bb844c654231) and create the time locked wallet (for example with the help of this tool: https://coinb.in/#newTimeLocked), let's say with time lock 31 December 2019:

https://coinb.in/?verify=0450650a5eb1752102218ad6cdc632e7ae7d04472374311cebbbbf0ab540d2d08c3400bb844c654231ac#verify

We receive the P2SH address 3NTavRnFZHkMmSFYVMz5PPb48WsNyVszDW, which could be accessed only by both redeem script and private key/signature from that easy address (18VkRiDhFu2Z17AvtpU3vL2LbTXDzCvDVo). The redeem script will not by available in blockchain till the funds are released from the address.

[1714784742]

1714784742

[daboehla]

WOW big transaction to a brainwallet:
0,50000000 16qVRutZ7rZuPx7NMtapvZorWYjyaME2Ue -> 400453AC5E19A058EC45A33550FDC496E0B26AD0 / 5E884898DA28047151D0E56F8DC6292773603D0D6AABBDD62A11EF721D1542D8 / Brainwallets
 

[stalker00075]

WOW big transaction to a brainwallet:
0,50000000 16qVRutZ7rZuPx7NMtapvZorWYjyaME2Ue -> 400453AC5E19A058EC45A33550FDC496E0B26AD0 / 5E884898DA28047151D0E56F8DC6292773603D0D6AABBDD62A11EF721D1542D8 / Brainwallets
 

brainwallet "password"

[daboehla]

WOW big transaction to a brainwallet:
0,50000000 16qVRutZ7rZuPx7NMtapvZorWYjyaME2Ue -> 400453AC5E19A058EC45A33550FDC496E0B26AD0 / 5E884898DA28047151D0E56F8DC6292773603D0D6AABBDD62A11EF721D1542D8 / Brainwallets
 

brainwallet "password"

shit, true stroy! I don't save this in my database...
why should somebody do this :O

[MrFreeDragon]

WOW big transaction to a brainwallet:
0,50000000 16qVRutZ7rZuPx7NMtapvZorWYjyaME2Ue -> 400453AC5E19A058EC45A33550FDC496E0B26AD0 / 5E884898DA28047151D0E56F8DC6292773603D0D6AABBDD62A11EF721D1542D8 / Brainwallets
 

brainwallet "password"

It seems that sombody "was listening" to this brainwallet address because the outgoing 0.5BTC transaction was included in the same block as incoming transaction (block 608894)

[almightyruler]

WOW big transaction to a brainwallet:
0,50000000 16qVRutZ7rZuPx7NMtapvZorWYjyaME2Ue -> 400453AC5E19A058EC45A33550FDC496E0B26AD0 / 5E884898DA28047151D0E56F8DC6292773603D0D6AABBDD62A11EF721D1542D8 / Brainwallets
 

brainwallet "password"

It seems that sombody "was listening" to this brainwallet address because the outgoing 0.5BTC transaction was included in the same block as incoming transaction (block 608894)

Very likely. Some block explorers show double spend attempts. Some of the earlier messages in this thread include links to show that double spends happened multiple times shortly after a known brainwallet was funded. Presumably the double spend attempts are by several different "brainwallet stealer" bots.

I've even seen funds sent to dictionary word brainwallets on testnet vanish instantly.

Wonder if the person who lost 0.5 BTC used a brainwallet generator that helpfully prefilled the password field with the word "password", intending the user to replace it with their own text?

[Financisto]

Hello there,

I started (some years ago) a list that's a compilation of (open-source) Brainwallet projects (for study and improvement purposes only) here: https://bitcointalk.org/index.php?topic=1164163.0

Enjoy!

[almightyruler]

A couple of months ago someone sent 3.4 BTC to a brainwallet

Funds were appropriated immediately; sweep transaction was included in the same block as the funding transaction.

https://www.blockchain.com/btc/address/13QZd78daoq3HaMKN9KAdFsVY9iYLKLfbm

Since it's so recent I won't post the passphrase, but it seems to be just a simple saying, perhaps also referring to a book title.

3.4 BTC!!!

[BTCW]

I have discovered what I called "perturbed SHA256 hashes". Like this:

SHA256("398") leads to

Code:

188c1fdca79d927f6e812133173fc41d3a4e57074de521020274caa9bb29af7d (found in "all" hash databases)
5J16cPLSHRR7CLQuKRWzCWDeXfrzDWYRUksjaTSH86x349BxuUk
17XNdhPkz8eSWibrMRjYY292Y9B6uRFvir

which is probably in every bot's database. However, check this out

Code:

188c1fdca79d927f6e812133173fc41d3a4e57074de521020274caa9bb29ae57 (found in "no" hash databases)
5J16cPLSHRR7CLQuKRWzCWDeXfrzDWYRUksjaTSH86x2Uzb2iY9
19rDLwxcP9Y3hEjXAkpkuMamKjLs1dgtiA

Both are found on the blockchain. Notice the pattern? The two differ only by a few bytes at the end of the hexadecimal string. The latter one is with an extraordinarily high certainty not the SHA256 hash of a known input.

Looks like someone took a known hash and changed it just a little. Clever!

My recommendation is perturbing well-known hashes.

[BTCW]

I thought this was a little cute

Code:

printf '\xF0\x9F\x92\xA9' | sha256sum
34722ef0267ceda14f0e2b756b83e85d6e79e458967895e72b07f87da7c0e275
5JDPFAB3Nt52bb2kQ4Sw2vi5JCi5LvPYdxtZu9LysDT52R2HBzh
1CNmL3ECHtAPxb9QZWrW29bq4t9T4SDUR4

https://www.blockchain.com/btc/address/1CNmL3ECHtAPxb9QZWrW29bq4t9T4SDUR4

Since it is (pseudocode): SHA256(poop emoji)

(Reference: https://www.fileformat.info/info/unicode/char/1f4a9/index.htm)

Conclusion: Add emojis to your wordlists 

[ashraful1980]

I thought this was a little cute

Code:

printf '\xF0\x9F\x92\xA9' | sha256sum
34722ef0267ceda14f0e2b756b83e85d6e79e458967895e72b07f87da7c0e275
5JDPFAB3Nt52bb2kQ4Sw2vi5JCi5LvPYdxtZu9LysDT52R2HBzh
1CNmL3ECHtAPxb9QZWrW29bq4t9T4SDUR4

https://www.blockchain.com/btc/address/1CNmL3ECHtAPxb9QZWrW29bq4t9T4SDUR4

Since it is (pseudocode): SHA256(poop emoji)

(Reference: https://www.fileformat.info/info/unicode/char/1f4a9/index.htm)

Conclusion: Add emojis to your wordlists 

Dear Sir,
You are really great. But i have a question that the value of '\xF0\x9F\x92\xA9' how to find and where from found......

[vapourminer]

I think it would be a good idea if wallet software included a blacklist of such addresses, as well as known weak brainwallets, showing an additional dialog with a strong warning that funds may be permanently lost (or stolen) if the transaction proceeds. Checking any generated (inbound) addresses against the list would also help catch any glaring address generation bugs. (An assert that the result must not equal <hash of empty string> after each call to sha256 or ripemd160 would have caught this error.)

centralized database of bad addys?

may sound good on 1st glance but nope for me.

maybe check against some private, local blacklist maintained by the user but thats up the user.

EDIT: saw that post was 7 months old oops

[BASE16]

I thought this was a little cute

Code:

printf '\xF0\x9F\x92\xA9' | sha256sum
34722ef0267ceda14f0e2b756b83e85d6e79e458967895e72b07f87da7c0e275
5JDPFAB3Nt52bb2kQ4Sw2vi5JCi5LvPYdxtZu9LysDT52R2HBzh
1CNmL3ECHtAPxb9QZWrW29bq4t9T4SDUR4

https://www.blockchain.com/btc/address/1CNmL3ECHtAPxb9QZWrW29bq4t9T4SDUR4

Since it is (pseudocode): SHA256(poop emoji)

(Reference: https://www.fileformat.info/info/unicode/char/1f4a9/index.htm)

Conclusion: Add emojis to your wordlists 

Dear Sir,
You are really great. But i have a question that the value of '\xF0\x9F\x92\xA9' how to find and where from found......

Hi please see emoji bytecode here https://apps.timwhitlock.info/emoji/tables/unicode 

[almightyruler]

I think it would be a good idea if wallet software included a blacklist of such addresses, as well as known weak brainwallets, showing an additional dialog with a strong warning that funds may be permanently lost (or stolen) if the transaction proceeds. Checking any generated (inbound) addresses against the list would also help catch any glaring address generation bugs. (An assert that the result must not equal <hash of empty string> after each call to sha256 or ripemd160 would have caught this error.)

centralized database of bad addys?

may sound good on 1st glance but nope for me.

maybe check against some private, local blacklist maintained by the user but thats up the user.

EDIT: saw that post was 7 months old oops

The blacklist check doesn't need to block the transaction, just strongly advise that it's a known compromised/problem address and to double check that everything is correct before clicking on OK.

It's not a general blacklist, just specifically for addresses where the keys are widely known (SHA256 dictionary words, low range private keys) or they are 99.99999999% likely to be unspendable (address of 0, RIPEMD160 hash of dictionary words, RIPEMD160 hash of empty string).

Perhaps you think I was suggesting that there should be some global "this person ripped me off so I want to add their address" kind of thing... no.

BTW, wallet software is pretty centralized anyway, right? I would actually appreciate if a wallet popped up a warning that my funds were likely to be lost.

[LoyceV]

BTW, wallet software is pretty centralized anyway, right? I would actually appreciate if a wallet popped up a warning that my funds were likely to be lost.

I see no point in this. If I'm paying someone who sent me a compromized address, he could just as well scam me by using a brand new address so this doesn't help. If my own wallet generates a new address, proper random generation should ensure it's not part of such a list. You could easily create and publish billions of private keys, I don't want such a database bloating my wallet.
If you're manually creating such an address using dumb methods, you're on your own

[almightyruler]

BTW, wallet software is pretty centralized anyway, right? I would actually appreciate if a wallet popped up a warning that my funds were likely to be lost.

I see no point in this. If I'm paying someone who sent me a compromized address, he could just as well scam me by using a brand new address so this doesn't help.

I don't understand your point. Why would a scammer invite you to send money to an address where the private key is known by multiple people?

This is nothing to do with scamming - it's about preventing mistakes. Like people sending to the brainwallet "password", or software having a brain fart and sending to the hash of a blank string.

Original post for more context: https://bitcointalk.org/index.php?topic=4768828.msg52494961#msg52494961

[LoyceV]

Why would a scammer invite you to send money to an address where the private key is known by multiple people?

I had a different interpretation of what you meant.

This is nothing to do with scamming - it's about preventing mistakes. Like people sending to the brainwallet "password", or software having a brain fart and sending to the hash of a blank string.

Still, that's going to be a very long list. Brainwallets must be brute-forced by many different attackers who check billions of addresses.

[almightyruler]

This is nothing to do with scamming - it's about preventing mistakes. Like people sending to the brainwallet "password", or software having a brain fart and sending to the hash of a blank string.

Still, that's going to be a very long list. Brainwallets must be brute-forced by many different attackers who check billions of addresses.

Yeah, there's no way it could be a comprehensive list (and with user passphrases, no list could be near 100% complete anyway), so I could imagine it getting out of hand, however even a list with say 50k entries could still prevent some silly mistakes.

(I wonder if anyone has ever trolled a victim by convincing them to send funds to a provably unspendable address? The troll gains no financial benefit, but the victim still suffers a loss.)

[naufragus]

that is almost silly
we need to be sure the parametre space is large enough

[DaCryptoRaccoon]

This is nothing to do with scamming - it's about preventing mistakes. Like people sending to the brainwallet "password", or software having a brain fart and sending to the hash of a blank string.

Still, that's going to be a very long list. Brainwallets must be brute-forced by many different attackers who check billions of addresses.

Yeah, there's no way it could be a comprehensive list (and with user passphrases, no list could be near 100% complete anyway), so I could imagine it getting out of hand, however even a list with say 50k entries could still prevent some silly mistakes.

(I wonder if anyone has ever trolled a victim by convincing them to send funds to a provably unspendable address? The troll gains no financial benefit, but the victim still suffers a loss.)

This sounds horrible I sometimes wonder about funds that end up sent to these known addresses it would be nice if there was somewhere you could check this like you do with haveibeenpwnd password checker it would be nice to be able to throw a public key into something similar to see if it's known already on the network I know a simple check on explorer would do but if there were a way to collect all the known brainwallets or "weak" addressing i'm sure people would use it.

Anyone found anymore interesting ones recent?