Are there people attempting to brute force random keys?

[BitBustah]

Does anyone know of people out there attempting to brute force random addresses (no prior information at all, just hoping for a miracle)

[1714027326]

1714027326

[1714027326]

1714027326

[1714027326]

1714027326

[xhomerx10]

Does anyone know of people out there attempting to brute force random addresses (no prior information at all, just hoping for a miracle)

 Yep. 
https://bitcointalk.org/index.php?topic=1573035.0

[pooya87]

Does anyone know of people out there attempting to brute force random addresses (no prior information at all, just hoping for a miracle)

 Yep. 
https://bitcointalk.org/index.php?topic=1573035.0

they are not brute forcing random addresses/private keys. they are solving a puzzle to find private keys that were intentionally placed in an extremely smaller space compared to actual private key range to be found easily.

[xhomerx10]

Does anyone know of people out there attempting to brute force random addresses (no prior information at all, just hoping for a miracle)

 Yep. 
https://bitcointalk.org/index.php?topic=1573035.0

they are not brute forcing random addresses/private keys. they are solving a puzzle to find private keys that were intentionally placed in an extremely smaller space compared to actual private key range to be found easily.

 Oh!  I thought they were in a fruitless pursuit for ill-gotten coins so I didn't delve into it when it started and never got the full story.  All this time I thought they were a bunch of thieving bastards who would never be successful.
 I might have been wrong on one of those counts

[PrimeNumber7]

I would refer you to the below picture to help you understand the probability of finding a "random" private key with coin in it:


There are 2^160 possible private keys. For comparison, there are currently approximately 2^26 unspent outputs, however some addresses have multiple unspent outputs.

If a private key was generated randomly, for all intents and purposes, it is not going to be found out via a brute force attack.

[Jean_Luc]

Something about that is on the Readme of VanitySearch, for those who want formulas and who want to calculate probability
https://github.com/JeanLucPons/VanitySearch#trying-to-attack-a-list-of-addresses

[bones261]

How about if you generated a vanity address? Would it be more feasible for someone to crack the private key if they used the same vanity address generator? Or are random generators so good these days that any bias is negligible?

[Jean_Luc]

How about if you generated a vanity address? Would it be more feasible for someone to crack the private key if they used the same vanity address generator? Or are random generators so good these days that any bias is negligible?

This is a good question. Concerning VanitySearch if you use a passphase seed, a base key is generated and used to generate addresses up to reach the desired prefix (similar to BIP38 and BIP44 derivation paths),  no PNRG is used. Trying to find the key would require to find the seed and to compute until the prefix is reached. That means that to find a private key you have to perform (in average) 'prefix difficulty' time 'number of possible seed' iterations, which is huge.
A tool such as john the ripper that generates password can beat weak passwords on system using fast password encryption algorithms (such as MD5) but in the case of vanity addresses, you need for each password to run up to the prefix difficulty. In other words, this is unfeasible.

[o_e_l_e_o]

Not strictly what you asked, but there are plenty of examples of people brute-forcing brain wallets. Given that these are frequently protected by common passwords, sayings, phrases, quotes, song lyrics, etc, there have been many thousand which have been "hacked". Indeed, some people have set up bots to monitor the most commonly used brain wallets, and will steal your funds within seconds if you are naive enough to use them.

This thread - Collection of 18.509 found and used Brainwallets - has loads of examples and more information.

[Jean_Luc]

Just to be more precise. VanitySearch is not a brain wallet and you do not have to recall the password used. The password is just used to generated a base key and to hack the final private key you have to compute up the 'prefix difficulty' for each 'bad password' you will try.

[PrimeNumber7]

How about if you generated a vanity address? Would it be more feasible for someone to crack the private key if they used the same vanity address generator? Or are random generators so good these days that any bias is negligible?

A vanity address generator is bruteforcing private key --> address combinations, but instead of looking for addresses with unspent outputs, they are looking for an address that starts with, or contains a specific critera.

There are many possible addresses that start with 1b0ne for example, far more addresses than have ever been used in the history of bitcoin. Using the same example, it is exponentially more difficult to find an address that starts with 1b0nes than 1b0ne -- with each additional criteria, it becomes exponentially more difficult to "find" a private key associated with the address that matches your criteria.

Unless your computer is using a broken RNG, it should not generate the same vanity address twice using a vanity generator.

Not strictly what you asked, but there are plenty of examples of people brute-forcing brain wallets. Given that these are frequently protected by common passwords, sayings, phrases, quotes, song lyrics, etc, there have been many thousand which have been "hacked". Indeed, some people have set up bots to monitor the most commonly used brain wallets, and will steal your funds within seconds if you are naive enough to use them.

According to lingolics analysis, there are 3,000 words that make up 95% of literature, even though there are over 170,000 english words.

If you use a 5 word brain wallet out of a 3,000 word vocabulary, using words picked at random, you brain wallet will be one of 3000^5 combinations, or ~2^58 combinations. This is much smaller than the 2^160 possible private keys, or is (1.97 * 10^-29)% of total possible private keys. This is assuming the brain wallet is chosen at random, and most are not.

[o_e_l_e_o]

This is assuming the brain wallet is chosen at random, and most are not.

Many wallets use very common sayings and phrases which would be easily guessed by a human, let alone brute-forced by a computer. Some are even simpler than that:

https://www.blockchain.com/btc/address/1CgCMLupoVAnxFJwHTYTKrrRD3uoi3r1ag - stored 5 BTC, passphrase "the"
https://www.blockchain.com/btc/address/158zPR3H2yo87CZ8kLksXhx3irJMMnCFAN - stored 30 BTC, passphrase "wallet"
https://www.blockchain.com/btc/address/1HZwkjkeaoZfTSaJxDw6aKkxp45agDiEzN - stored 59 BTC, passphrase "" (i.e blank - literally no passphrase)
https://www.blockchain.com/btc/address/14NWDXkQwcGN1Pd9fboL8npVynD5SfyJAE - stored 501 BTC, passphrase "bitcoin is awesome"

Regardless, even if you do pick 4 or 5 seemingly random words, or use a random string of characters, as you say, you are reducing the total entropy by many many orders of magnitude. It's not worth the risk.

[PrimeNumber7]

This is assuming the brain wallet is chosen at random, and most are not.

Many wallets use very common sayings and phrases which would be easily guessed by a human, let alone brute-forced by a computer. Some are even simpler than that:

Some of these brainwallets had coin sent to them in the early days of bitcoin when maybe not many people, if anyone was actively trying to find brainwallets with coin they could steal. For example, passphrase "bitcoin is awesome" had 500 btc sent in November 2012, and a minute later, the coin was sent back to the same address that sent the 500 btc.

Forum user Taras was one of the early people to use passphrase "" (i.e blank - literally no passphrase), but it is unclear to me if he was using it on his own account, or was stealing others' money from that address.

The other two examples you gave, passphrase "the" and passphrase "wallet" appear to be part of the 2015 stress test "attacks". Both of these addresses had many transactions of small financial value sent to them, starting near the time the stress tests started. After one of the "stress tests" they published the private keys associated with many of the addresses with unspent outputs, and maybe they were using weak brainwallet addresses as well so those "hunting" for brainwallets would try to spend those unspent outputs.

Regardless, even if you do pick 4 or 5 seemingly random words, or use a random string of characters, as you say, you are reducing the total entropy by many many orders of magnitude. It's not worth the risk.

Correct. There was some research done in 2015 that highlighted the risks of using a brainwallet, that were severe enough that "brainwallet.org", a then-popular website used to create brainwallets, decided to shut down.

[jerry0]

Curious about this.  Electrum only has 12 words.  Nano ledger has 24 and i believe you could add more to it.


So how many words are in the entire word list?  So are all those words used in electrum and nano ledger s?


If that is the case, couldn't someone look at the entire word list and just enter words like this and see if they get one?


Example... im using random words here as i don't know the entire word list



Phone Mouse Cat Dog Eat Fat Orange Pink Yellow Rat Growl Drink




Couldn't someone just spent a long time just randomly typing words like this and then pressing enter to see if anything shows up?  Then say they remove the last word of drink and put chips for example?  Thus like trial and error but do it manually?  There has to be ppl doing this right?


The other thing is aren't there computer software that does this try to crack the code itself by trial and error?  Because even if there are many combinations of words and how fast computers are, they wouldn't hit any one of them?  Like its not okay this doesn't work, take few seconds, heres another 12 or 24 word phrase?

[o_e_l_e_o]

So how many words are in the entire word list?

The BIP 39 wordlist contains 2048 words.

Couldn't someone just spent a long time just randomly typing words like this and then pressing enter to see if anything shows up? Then say they remove the last word of drink and put chips for example?  Thus like trial and error but do it manually?

Sure, but they would do it until the heat death of the universe and never get a match.

The other thing is aren't there computer software that does this try to crack the code itself by trial and error?  Because even if there are many combinations of words and how fast computers are, they wouldn't hit any one of them?  Like its not okay this doesn't work, take few seconds, heres another 12 or 24 word phrase?

With a 12 word phrase, there are 2048¹² possible combinations, or 5.45*10³⁹. In reality, the actual number of valid seeds is slightly less due to checksums, but let's not over complicate things.
Even if you had a billion computers all checking a billion combinations a second for a billion years, you would only have checked around 0.0006% of all combinations. If you are looking instead at 24 word phrases, your final percentage becomes astronomically small.


As an aside, don't confuse a 12/18/24 word phrase with a brain wallet. The first uses the BIP 39 word list, is generated from your wallet seed, and is highly secure. The latter is usually thought up by a human and can use any word or character (much like a password), and therefore is usually neither random nor secure.

[Raj Lassi]

Does anyone know of people out there attempting to brute force random addresses (no prior information at all, just hoping for a miracle)

I throw random private keys (and brute force variants) at a known hash160.  Fun, but totally psycho.
Doing about 4 billion hashes per slow CPU core per day, and usually 12 or more cores running.
Such a waste of time and energy, but I continue to senselessly tweak my code.

[keychainX]

Does anyone know of people out there attempting to brute force random addresses (no prior information at all, just hoping for a miracle)

BLADE RUNNER 2049

/KX