Need Urgent Help To Recover My Old Lost Wallet

[nc50lc]

-snip-

I understand that you have difficulty with reading and understanding written text. I suggest either returning to school or, if it's a medical issue, seeking urgent medical attention.

Okay, but since I've provided you puzzle #66's partial WIF, go and solve it quickly now.

I'm "nicely" asking if you just mistyped since having access to the unsolved puzzles' public keys makes more sense than getting their partial WIF.
If that's not what you mean, you must be misunderstanding the few other posts that you've replied to.

regards,

[1715617704]

1715617704

[1715617704]

1715617704

[ymgve2]

and seconds there is only one output.

So if the puzzle creator were to spend a few satoshis from puzzle 130, you could solve the key by having the second transaction output + the existing partial WIF/key? Can you explain how do you find leakage of private key from second outputs?

It is possible that there is some way to use lattice attacks to reduce the problem when there are multiple signatures, but it is a different and more difficult problem than the more well known lattice attack against weak nonces, since in this case it would be assumed the nonces are not weak.

[ripemdhash]

Little explanation.

what we know: if we have two outputs:) if one , it doesn't matter.

1.  We know:

a. partial WIF of privatekey
b. r1,s1,z1 and r2,s2,z2  ( two transactions)

2. What we can do?

a. first we must re-arrange the transactions outputs as : nonce is privatekey, and privatekeys is a nonce.!  -> yes we can

b. we know partial WIF of privatekey as nonce - we can use Monte Carlo together with LLL

c. recentering for partial integers plus BKZ or LLL.

becouse: IF OP has partial WIF example knowns MSB , not known middle, and Known LSB - it is easy even for 23 missing characters.

Post Scriptum: depends how much MSB with LSB we know - maybe we need implement enumeration.

[ymgve2]

The problem is that the nonces are different, which when swapped means that the "private keys" are different

[CrunchyF]

Little explanation.

b. we know partial WIF of privatekey as nonce - we can use Monte Carlo together with LLL

c. recentering for partial integers plus BKZ or LLL.

becouse: IF OP has partial WIF example knowns MSB , not known middle, and Known LSB - it is easy even for 23 missing characters.

Post Scriptum: depends how much MSB with LSB we know - maybe we need implement enumeration.

Do u mean that you can use Lattice attack only with one signature? Have u sources or studies to show about this attack?

[ymgve2]

Actually, let's make it a challenge.

This is a 120 bit private key with the remaining part all zeros: 5HpHagT65TZzG1PH3CSu63k8EXXXXXXXXXXXXXXXXXXXXXCggk4

This number of bits have been solved in the infamous puzzle challenge, but with great computational effort.

The address is 1HCQXqpBwLpwWQ2F2995PwcAPVkTdtpAHe - I've now used it in four transactions so that gives you four signatures. Feel free to claim it. I will in addition give you 0.03 BTC if you give a full explanation with code after claiming it.

[digaran]

Actually, let's make it a challenge.

This is a 120 bit private key with the remaining part all zeros: 5HpHagT65TZzG1PH3CSu63k8EXXXXXXXXXXXXXXXXXXXXXCggk4

This number of bits have been solved in the infamous puzzle challenge, but with great computational effort.

The address is 1HCQXqpBwLpwWQ2F2995PwcAPVkTdtpAHe - I've now used it in four transactions so that gives you four signatures. Feel free to claim it. I will in addition give you 0.03 BTC if you give a full explanation with code after claiming it.

Don't you think paying pennies for gold is a bit of insult? If you want the challenge accepted, make it 100 btc.

[ripemdhash]

I would like to say it is only joke from my side. THERE IS NO POSSIBILITY to crack in this way.


thanks Digaran, you know for what.

[ymgve2]

Actually, let's make it a challenge.

This is a 120 bit private key with the remaining part all zeros: 5HpHagT65TZzG1PH3CSu63k8EXXXXXXXXXXXXXXXXXXXXXCggk4

This number of bits have been solved in the infamous puzzle challenge, but with great computational effort.

The address is 1HCQXqpBwLpwWQ2F2995PwcAPVkTdtpAHe - I've now used it in four transactions so that gives you four signatures. Feel free to claim it. I will in addition give you 0.03 BTC if you give a full explanation with code after claiming it.

Don't you think paying pennies for gold is a bit of insult? If you want the challenge accepted, make it 100 btc.

It's not really "gold" since it's such a special situation, where over half of the bits of the private key is known. Just curious if someone manages to find a way where multiple transactions (with proper nonces) actually weakens the security of such a key.

[Turing0x]

No, even if you have the same specs as your old specs when you generated this WIF key it's still impossible to recover the missing 21 characters it would take decades to brute force these missing characters.

I think you were thinking that you can generate the same WIF key by having the same entropy that is impossible never heard someone succeed in doing this even me I tried that thing past year's ago without success, I just want to recover my old private key due to backup corruption but no it doesn't work.

Be careful on the post below that asks for public addresses and the WIF key with missing characters.

i want to just try it , even if it fails

i am not willing to share any of my private info with anyone , i am aware of this .

[Turing0x]

What do you mean you have the device entropy details?

When generating a private key, your computer collects entropy from various sources. Mouse movements, network activity, thermal noise etc. You can't just redo the process and expect to get the same entropy, because the entropy is dependent on beyond RAM and probably other hardware info. In fact, I think that preventing the recovery of an entropy is what the Cryptographically Secure Random Number Generator is trying to accomplish in the first place, for if it wasn't, other programs could work out your private keys.

i want to just try it , even if i fails , i have been already in this for few years .

[Turing0x]

Can you share the public key and then the characters of your WIF which you have?

DO NOT share such information with anyone here or in your personal message.

- Jay -

Are you talking to me or advising others against me? Lol, even if OP shared both public key and the remaining of the WIF  characters, nobody could solve the key in a few thousand  years, a 256 bit private key is not something we could simply brute force.

I don't know if there is a public key, but this seems more like a sold wallet case where the buyer thinks he can get help from here to find his fortune.  No public key/ address, means there is something wrong with this case.

i have shared examples of the public key and the remaining WIF Characters , not the real one , i am aware  that this sensitive information can't be shared with anyone .


well , it's not a sold fake hex edited wallet or something like this , it's my own wallet from 2011 / 2012

nothing wrong with the case , i have been reading through Secp256k1 in the past few years and i know that it's impossible to bruteforce a 256bit private key , but in my case i have some bits missing from the end of the wif , it's not easy as i know because the checksum is missing too , so i was thinking that i can try ( even if it's not possible ) to do it through the same entropy that was core using in 2011 / 2012 .

at least i know the start range of my old private key .

i have tried to write some simple python codes that using the random module , but the problem is the random here is repeated and i need something to be done that makes the code saves the work from the last point and start from it , i guess diving in the ocean through public keys will not lead me to anything .


i think that the randomness logic that bitcoin core was using can be found in the Key.cpp in the core source code , but i don't have such knowledge to implement it through python .


so i need a little helping hand to arrange things together , maybe i know something but it's scrambled in my head so i don't know the right ordering of it .

[digaran]

You are knocking on the wrong door, what you need is a service, a programmer could do what you are looking for in exchange of a fee.
Btw, you can't reproduce the exact conditions of when your private key was generated, the purpose of randomly generated key is to avoid reproducing it again.

I suggest to open a service request here https://bitcointalk.org/index.php?board=52.0
And ask for a willing programmer, you will see how fast you get what you need.

Good luck, hope you find your coins.

Actually, let's make it a challenge.

This is a 120 bit private key with the remaining part all zeros: 5HpHagT65TZzG1PH3CSu63k8EXXXXXXXXXXXXXXXXXXXXXCggk4

This number of bits have been solved in the infamous puzzle challenge, but with great computational effort.

The address is 1HCQXqpBwLpwWQ2F2995PwcAPVkTdtpAHe - I've now used it in four transactions so that gives you four signatures. Feel free to claim it. I will in addition give you 0.03 BTC if you give a full explanation with code after claiming it.

Don't you think paying pennies for gold is a bit of insult? If you want the challenge accepted, make it 100 btc.

It's not really "gold" since it's such a special situation, where over half of the bits of the private key is known. Just curious if someone manages to find a way where multiple transactions (with proper nonces) actually weakens the security of such a key.

You know what? Now that I think about it, puzzle 120 and 125 both have 2 outputs, they never revealed the keys, if somehow some anonymous individual claimed the few bucks on your address and at the same time revealed the keys for 120 and 125 but without revealing any algorithm/ program, it would be really great, ! Right?