crzy
|
|
June 26, 2020, 06:45:23 AM |
|
Learned a lot here. Thanks to those who answered the question from the OP.
This helps a lot honestly since we should be more aware of a situation like this, though I never heard this kind of problem so maybe this wont exist at all. The developer creates a huge number of combination words to ensure its uniqueness but of course if the wallet comes from suspicious site, then this kind of problem might exist so they can scam the users, its hard to say it.
|
|
|
|
|
|
|
|
Transactions must be included in a block to be properly completed. When you send a transaction, it is broadcast to miners. Miners can then optionally include it in their next blocks. Miners will be more inclined to include your transaction if it has a higher transaction fee.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
20kevin20
Legendary
Offline
Activity: 1134
Merit: 1597
|
|
June 26, 2020, 07:10:54 AM |
|
Thanks for these numbers. I see a lot of "get rich fast" posts/questions from new members to this forum lately in which they think it is possible to find private keys to well funded addresses by bruteforcing. I think most of these questions arise when people just don't have a grasp about the near infinite candidates. So I'm probably gonna use your number example as reply in the future to point out there's a difference between "theoretical possible" and "practictal feasible".
Even if you happen to be the VERY lucky one to get a "well funded" address through private key generating or bruteforcing, stealing not the morally best thing you can do - if someone found yours, you wouldn't like all your funds to be scrapped off your accounts either, would you.. It's an interesting research but at the end of the day, finding a used private key does not make it yours. You only get control of it, but that doesn't mean you can claim the money because that's literally theft.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
June 26, 2020, 11:24:27 AM |
|
That's not going to happen considering the probability and I'm sure if the limit for the private keys has been reach, no new users will allowed to create a wallet. That's not how it works. There is no way to monitor or record which private keys have been generated, and so there is no mechanism to stop producing keys or prevent the production of duplicate keys. Even if every possible private key had been generated by someone somewhere (which will never happen), then wallets would continue to generate more. -snip- Here is an older post of mine which gives a staggering way of thinking about just how large the numbers we are dealing with are.
|
|
|
|
covfefe_
|
|
June 26, 2020, 01:47:11 PM |
|
And what about mnemonic phrases. They have limited it all on a bunch of mnemonic phrases that are dictionary words. And another question, are the address created after the mnemonic phrase or is their some association. Would entering same mnemonic phrase on different devices at once create two sets of different private keys?
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
June 26, 2020, 01:50:39 PM |
|
In terms of numbers, a 24 word seed phrase is the same as a private key - they encode 2256 bits of information.
The same seed phrase will always lead to the same set of private keys and therefore the same addresses, regardless of the device or wallet used. This is the whole point of using them as a back up - they will always restore access to your coins.
|
|
|
|
chichidori
Legendary
Offline
Activity: 1694
Merit: 1003
|
|
June 26, 2020, 02:01:40 PM |
|
Yes they can spend all of your funds on that address if your using a seed phrase to generate your address and someone from the other side of the world coincidentally make the same seed phrase but the chance of it are so slim, generating an address from BTC client without using any seed phrase will not make any duplicates.
|
|
|
|
Alert31
Member
Offline
Activity: 1041
Merit: 25
Trident Protocol | Simple «buy-hold-earn» system!
|
|
June 26, 2020, 03:47:46 PM |
|
Yes,but not totally the same. It is just a very little percentage to have the same private key because it was generated uniquely. You can't guess it. You'll just have a headache,it's better to bet on lottery than to guess a private key. That's why you need to take care your private key and never try to share it to others so that they don't have access to your wallet and spend all your funds.
|
|
|
|
jeanne19
Newbie
Offline
Activity: 11
Merit: 0
|
|
June 26, 2020, 04:53:10 PM |
|
What is the probability that someone else will predict 12 random words generated by a random generator? It is possible but very minimal. If you are so lucky, then why not try this method in bank accounts and penetrate an account with millions of dollars and send it to your bank account? Or participate in one of the games based on expectations and win thousands of dollars. Guessing is difficult.
|
|
|
|
thirdprize
|
|
June 26, 2020, 06:57:21 PM |
|
The whole security system for bitcoin is not that it is impossible (which would be good) but that it is vvvveeerrryyy unlikely. Not impossible.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
June 27, 2020, 08:01:06 AM |
|
The whole security system for bitcoin is not that it is impossible (which would be good) but that it is vvvveeerrryyy unlikely. It is impossible to have a security system which is impossible to hack, and as far as security systems go, bitcoin's is pretty darn good. Given that most 2FA codes are 6 digits long, there is a 1 in 10 6 chance of someone guessing your 2FA code. Assuming an average house lock as 8 tumblers, and each tumbler can adopt one of 10 positions, then there is a 1 in 10 8 chance that someone will be able to guess your exact house key shape and unlock your door. Given a standard credit card has a 15 or 16 digit number on it, there is at most a 1 in 10 16 chance that someone will be able to guess your credit card number. If you use a password manager to generate a long and totally random 16 character password, drawing from the full ASCII 95 character set of upper and lowercase letters, numbers, and symbols, (e.g. CY\u4"=t{rV%;N9S), there is a 1 in 4.4*10 31 chance of someone guessing it. The chance of someone guessing your private key is 1 in 1.158*10 77. The chance of someone correctly guessing your password, your 2FA code, your credit card number, and the key to your house simultaneously is 4.4*10 61, which is still around 2 thousand trillion times more likely than them guessing your private key.
|
|
|
|
TheArchaeologist
|
|
June 27, 2020, 08:23:03 AM |
|
The chance of someone correctly guessing your password, your 2FA code, your credit card number, and the key to your house simultaneously is 4.4*1061, which is still around 2 thousand trillion times more likely than them guessing your private key.
I'm more into tech than math so once again thanks for these numbers! Pointing things out like this gives a measurement to "yeah, it's possible but not likely".
|
Sooner or later you're going to realize, just as I did, that there's a difference between knowing the path and walking the path
|
|
|
thirdprize
|
|
June 29, 2020, 07:38:04 PM |
|
The chance of someone correctly guessing your password, your 2FA code, your credit card number, and the key to your house simultaneously is 4.4*1061, which is still around 2 thousand trillion times more likely than them guessing your private key.
You have public key, you can try and find the private key for it. You have a (valid) private key, you can try and find other public keys for it. As you say the odds are slim, but they are still odds. Apart from time, CPU power and storage, there is nothing stopping you from generating a list of all the pairs in existence.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
June 29, 2020, 07:52:20 PM |
|
You have public key, you can try and find the private key for it. Knowing a public key reveals zero information about the associated private key, and does not make brute forcing it any easier. You still have to check 2 256 keys. You have a (valid) private key, you can try and find other public keys for it. If you have a valid private key, then you can find exactly 1 associated public key. I'm not sure what you mean by "find other public keys" - there are none to find. Apart from time, CPU power and storage, there is nothing stopping you from generating a list of all the pairs in existence. Apart from time, in that the sun will die before you get even a tiny fraction of the way through, and CPU power and storage, in that even just listing every private key (never mind calculating and storing the public keys or addresses) would take up approximately 1 billion trillion trillion trillion trillion (10 57) times more storage than there is in the entire world. For reference, the difference between the current global storage and that needed to store all the private keys (10 57), is larger than the difference between a single atom and all the atoms in the entire world (10 50).
|
|
|
|
BlackHatCoiner
Legendary
Online
Activity: 1498
Merit: 7340
Farewell, Leo
|
|
June 29, 2020, 09:22:35 PM |
|
Apart from time, in that the sun will die before you get even a tiny fraction of the way through, and CPU power and storage, in that even just listing every private key (never mind calculating and storing the public keys or addresses) would take up approximately 1 billion trillion trillion trillion trillion (1057) times more storage than there is in the entire world. For reference, the difference between the current global storage and that needed to store all the private keys (1057), is larger than the difference between a single atom and all the atoms in the entire world (1050). Wow, are they so many different combinations really? My head cannot fully understand this "hugeness"...
|
. .HUGE. | | | | | | █▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . CASINO & SPORTSBOOK ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄█ | | |
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18509
|
|
June 30, 2020, 10:57:48 AM |
|
Wow, are they so many different combinations really? Yes. Since there are 2 256 private keys, and each private key is 32 bytes, then that works out as 3.7*10 78 bytes, which is equivalent to 3.7*10 57 zettabytes (a zettabyte is a billion terabytes). Current estimates put global storage at around 2 zettabytes. My head cannot fully understand this "hugeness"... Humans cannot comprehend these kind of numbers. It is easier to just think of brute forcing a private key as impossible, because it is. Actually, the probability of any particular person being born is much, far much less than figures relevant to the collision of bitcoin addresses, but he/she nonetheless appears into this world. Anything that has a probability other than a strict zero may happen. Well yes, if we look retrospectively then improbable things happen all the time. The difference is predicting which improbable thing is going to happen before it happens. Someone wins the lottery every week. Predicting which person that will be in advance is incredibly unlikely. The next private key I generate will be some combination of letters of numbers. Predicting that combination in advance is impossible. If you are going to look retrospectively, then the chances of any event happening is so small as to be miraculous.
|
|
|
|
angelvic73
Newbie
Offline
Activity: 24
Merit: 0
|
|
June 30, 2020, 06:05:38 PM |
|
hey, I wonder, even if the probability so small is, if someone else get the same private key as me could he/she spend my Bitcoins and viceversa? would we have the same Bitcoin Adress?
No, it is impossible. When generating keys, several levels of encryption and decryption are used. As well as guessing the key, the probability is almost zero.
|
|
|
|
Arkann
|
|
June 30, 2020, 06:29:03 PM |
|
Thank you very much for the information. These articles are really very informative and answered me many of my questions, especially regarding the security of an ethereum wallet and the ability to have an individual personal key to access the wallet.
|
|
|
|
thirdprize
|
|
July 09, 2020, 09:03:33 AM |
|
I suppose when you think about it, the chances of someone randomly guessing your email and bank password are much higher than getting access to your BTC. Email 30 characters max and passwords 6 to 16. That is a lot less combinations to try.
|
|
|
|
MCobian
|
|
July 09, 2020, 09:24:21 AM |
|
Until now I have never encountered an event that has the same private key between one and another, in other words almost impossible to happen. Let's just say that someone who has the same private key as I have, means that i can access his wallet and vice versa. After all, if there is anyone who has the same private key, it is impossible for each other to know. Because everyone keep a private key in a safe place, which is impossible for others to know.
|
|
|
|
BlackHatCoiner
Legendary
Online
Activity: 1498
Merit: 7340
Farewell, Leo
|
|
July 09, 2020, 10:09:37 AM |
|
Until now I have never encountered an event that has the same private key between one and another, in other words almost impossible to happen. Let's just say that someone who has the same private key as I have, means that i can access his wallet and vice versa. After all, if there is anyone who has the same private key, it is impossible for each other to know. Because everyone keep a private key in a safe place, which is impossible for others to know.
Yes, but if you make a transaction, the other guy will notice it.
|
. .HUGE. | | | | | | █▀▀▀▀ █ █ █ █ █ █ █ █ █ █ █ █▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ . CASINO & SPORTSBOOK ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█ █ █ █ █ █ █ █ █ █ █ █ ▄▄▄▄█ | | |
|
|
|
|