out of range private keys

[akaki]

Hi,

we can read in [https://en.bitcoin.it/wiki/Private_key] the following:

Range of valid ECDSA private keys
Nearly every 256-bit number is a valid ECDSA private key. Specifically, any 256-bit number from 0x1 to N=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140 is a valid private key.
The range of valid private keys is governed by the secp256k1 ECDSA standard used by Bitcoin

However, in reality even the full 256 bits range and beyond work.
For Example, using 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF, we get the address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm that is valid (even transacted before).

As far as I understood, in ECDSA calculations we use %N, therefore we loop, and there is also a prviate key < N that also gives the same address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm.

am I right ?

[BlackHatCoiner]

Well, no. We can't use anything beyond 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364140. The fact that k∈[1, N] with m > N doesn't make m - N a number outside that range.

The private key of this address is m - N with m = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF. Specifically, it's

Code:

0x14551231950B75FC4402DA1732FC9BEBE

With a compressed public key of:

Code:

039166C289B9F905E55F9E3DF9F69D7F356B4A22095F894F4715714AA4B56606AF

WIF:

Code:

KwDiBf89QgGbjEhKnhXJuH7grrzmjVFJVSqqLimWN6cB6k6v8AAF

[pooya87]

However, in reality even the full 256 bits range and beyond work.
For Example, using 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF, we get the address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm that is valid (even transacted before).

No, they don't work because they are technically invalid. You are just using a tool that decided not to show you any error or warning message that the key you gave it is out of range, and instead handles it silently under the hood.

As far as I understood, in ECDSA calculations we use %N, therefore we loop, and there is also a prviate key < N that also gives the same address 1PRWyFKTsQSJaUdX9VKgQNw8JERPw2kMFm.

am I right ?

In ECC we are working in a finite field so the operations are always modulo m.
Any private key > N is invalid, you can modify its value to make it valid. One way is to compute is mod N.