Bitcoin Forum
September 26, 2021, 12:02:43 PM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: About vanity address generation through a pool  (Read 66 times)
BlackHatCoiner
Hero Member
*****
Online Online

Activity: 560
Merit: 1305


Not your node, not your rules.


View Profile WWW
May 28, 2021, 12:26:43 PM
 #1

I recently read how this Vanity Pool works. I may haven't understood it well, but does this “private and public key addition” have the same security as a normal address? Also, if we assume that k1 + k2 = k3, why would pk1 + pk2 = pk3? (where k = private key and pk = public key)

Isn't there a simpler way to achieve this by multi-sig? You'll generate two private keys and compute their public keys. You'll keep secret your k1 and give to the pool the k2 and the pk1. Then the pool can brute force your 2-of-2 multi-sig address without knowing k1. It can work for segwit addresses, not sure for legacy.

1632657763
Hero Member
*
Offline Offline

Posts: 1632657763

View Profile Personal Message (Offline)

Ignore
1632657763
Reply with quote  #2

1632657763
Report to moderator
1632657763
Hero Member
*
Offline Offline

Posts: 1632657763

View Profile Personal Message (Offline)

Ignore
1632657763
Reply with quote  #2

1632657763
Report to moderator
1632657763
Hero Member
*
Offline Offline

Posts: 1632657763

View Profile Personal Message (Offline)

Ignore
1632657763
Reply with quote  #2

1632657763
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1632657763
Hero Member
*
Offline Offline

Posts: 1632657763

View Profile Personal Message (Offline)

Ignore
1632657763
Reply with quote  #2

1632657763
Report to moderator
1632657763
Hero Member
*
Offline Offline

Posts: 1632657763

View Profile Personal Message (Offline)

Ignore
1632657763
Reply with quote  #2

1632657763
Report to moderator
1632657763
Hero Member
*
Offline Offline

Posts: 1632657763

View Profile Personal Message (Offline)

Ignore
1632657763
Reply with quote  #2

1632657763
Report to moderator
ranochigo
Legendary
*
Online Online

Activity: 2478
Merit: 2685

@ me if you need my response


View Profile
May 28, 2021, 12:58:15 PM
Last edit: May 28, 2021, 01:09:17 PM by ranochigo
 #2

I may haven't understood it well, but does this “private and public key addition” have the same security as a normal address?
Yes.
Also, if we assume that k1 + k2 = k3, why would pk1 + pk2 = pk3? (where k = private key and pk = public key)
ECDSA is associative. Remember that G + G = 2G, this is the same concept. (G being generator point).

(2K + 4K)G = 6KG

6KG being your ECDSA public key.

2K + 4K = 6K

K3 being your ECDSA private key.
Isn't there a simpler way to achieve this by multi-sig? You'll generate two private keys and compute their public keys. You'll keep secret your k1 and give to the pool the k2 and the pk1. Then the pool can brute force your 2-of-2 multi-sig address without knowing k1. It can work for segwit addresses, not sure for legacy.
You don't give the pool your private keys. Multisig requires two keys that has no relation.

NotATether
Hero Member
*****
Online Online

Activity: 658
Merit: 2046


Cryptographic Crawler


View Profile WWW
May 28, 2021, 01:20:15 PM
Last edit: May 28, 2021, 03:40:18 PM by NotATether
Merited by ETFbitcoin (1), Heisenberg_Hunter (1)
 #3

A pool works by submitting to it, along with the address prefix, a normal public key that you have generated. You also generate its corresponding public key.

In the vanity generation process, every time you inspect a searched private key, you compute its public key, you combine it with the public key you provided and then you do RIPEMD160/SHA256 and base58 encoding on that result, and only then comparing the result with your prefix.

Then for the resulting private key you get, you combine it with the private key of the submitted public key, to get the private key that corresponds to the public key listed in the results.

The combination process could be anything, but it's usually addition or multiplication because that's what bitaddress.org supports.

I'll attach an image soon, I'm in the process of making it and it should make things easier to understand.

edit:


Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!