|
pbies (OP)
|
 |
May 21, 2024, 11:01:25 PM |
|
So in other topics here, guys are saying, that if we have public key for puzzle 66 going public, then in few seconds we can track private key for that public key (bsgs, kangaroo) and take over the transaction making own one and moving the amount to our address.
Now think for a moment: you can do that with any transaction that is in mempool and has made public key public. It is only time matter when there will be massive take over of transactions.
PS. Let the shitstorm begin!
|
BTC: bc1qmrexlspd24kevspp42uvjg7sjwm8xcf9w86h5k
I have 9900K and 1080 Ti, gathering funds for new desktop PC for Bitcoin operations - 12900K and RTX 4090
|
|
|
Churchillvv
Full Member
 Offline
Activity: 434
Merit: 200
Eloncoin.org - Mars, here we come!
|
|
May 22, 2024, 05:59:48 AM |
|
I'm a bit of zero technical knowledge but for the puzzle 66 how often do we find public keys from made public? I guess not regular or rare.
No matter how hard the vulnerability seems before that time that you speculate that attack will take over the bitcoin devs will surely find a solution around it.
I believe since this vulnerability or puzzle 66 attack has been made known solutions are already on their way or maybe someone is working on it to fix it, so pubkeys in the mempool wouldn't get attacked and redirected to a different wallet.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3486
Merit: 10653
|
you can do that with any transaction that is in mempool and has made public key public.
If I give you two numbers and ask you to add them together will you do it at the same speed with all numbers? For example does it take you the same amount of time to add 3 and 2 together as it takes you to add 334212132454779 + 675456421213132457964? And these numbers aren't even big! It's the same in Elliptic Curve Cryptography. If you can solve ECDLP in a short time when the key range is tiny, that doesn't mean you can do the same when the key range is ginormous like 2 256. That's what the puzzle keys people are finding are, small keys in a tiny range compared to the max range of 2 256. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
khalidkhan82118
Newbie
Offline
Activity: 70
Merit: 0
|
|
May 22, 2024, 10:25:40 AM |
|
So in other topics here, guys are saying, that if we have public key for puzzle 66 going public, then in few seconds we can track private key for that public key (bsgs, kangaroo) and take over the transaction making own one and moving the amount to our address.
Now think for a moment: you can do that with any transaction that is in mempool and has made public key public. It is only time matter when there will be massive take over of transactions.
PS. Let the shitstorm begin!
How widespread do you think this issue could become, and are there any preventative measures that can be taken to protect transactions in the mempool? |
|
|
|
|
|
peter0425
|
|
May 22, 2024, 11:41:24 AM |
|
Your theory is possible and have been studied about by experts. They learned how to try and prevent such things from happening. With the cosntant evolution of technology, we can expect stronger security so the likelihood of this happening keeps decreasing as time goes by. Not to mention how hard it would be to actually generate the private key from an exposed public key if there are even any.
|
▄▄████████▄▄
▄▄████████████████▄▄
▄██████████████████████▄
▄█████████████████████████▄
▄███████████████████████████▄
| ███████████████████▄████▄
█████████████████▄███████
████████████████▄███████▀
██████████▄▄███▄██████▀
████████▄████▄█████▀▀
██████▄██████████▀
███▄▄████████████▄
██▄███████████████
░▄██████████████▀
▄█████████████▀
█████████████
███████████▀
███████▀▀ | | | Mars,
here we come! | ▄▄███████▄▄
▄███████████████▄
▄███████████████████▄
▄█████████████████████▄
▄███████████████████████▄
█████████████████████████
█████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀███████████████████▀
▀███████████████▀
▀▀███████▀▀ | ElonCoin.org | │ | | .
| │ | ████████▄▄███████▄▄
███████▄████████████▌
██████▐██▀███████▀▀██
███████████████████▐█▌
████▄▄▄▄▄▄▄▄▄▄██▄▄▄▄▄
███▀░▐███▀▄█▄█▀▀█▄█▄▀
██████████████▄██████▌
█████▐██▄██████▄████▐
█████████▀░▄▄▄▄▄
███████▄█▄░▀█▄▄░▀
███▄██▄▀███▄█████▄▀
▄██████▄▀███████▀
████████▄▀████▀█████▄▄ | .
"I could either watch it
happen or be a part of it"
▬▬▬▬▬ |
|
|
|
|
pbies (OP)
|
|
May 22, 2024, 02:44:33 PM |
|
you can do that with any transaction that is in mempool and has made public key public.
If I give you two numbers and ask you to add them together will you do it at the same speed with all numbers? For example does it take you the same amount of time to add 3 and 2 together as it takes you to add 334212132454779 + 675456421213132457964? And these numbers aren't even big! It's the same in Elliptic Curve Cryptography. If you can solve ECDLP in a short time when the key range is tiny, that doesn't mean you can do the same when the key range is ginormous like 2 256. That's what the puzzle keys people are finding are, small keys in a tiny range compared to the max range of 2 256. Well, for computers it is fast: 1. selecting second number is fast, it can be pool of 10^9 numbers which will be operated in less than a second 2. multiplying this second number with known one is one instruction for CPU, so still under one second 3. then comparing to known value is still one instruction for CPU 4. if we have hit (still under one second, two at most) we have private key, there are only miliseconds to broadcast new tx with balance coming right to us So we can do that for all mempool txs with multithreaded CPU below few seconds, where we have time of about 10 minutes when the tx will be a fact. |
BTC: bc1qmrexlspd24kevspp42uvjg7sjwm8xcf9w86h5k
I have 9900K and 1080 Ti, gathering funds for new desktop PC for Bitcoin operations - 12900K and RTX 4090
|
|
|
|
Aanuoluwatofunmi
|
|
May 22, 2024, 03:26:14 PM |
|
snipped You already started the shitstorm, so i will expect to see more of how you're going to compare seeing that bitcoin ends with the content of what you wrote down, i can only say more grease to your elbow, but know that bitcoin is not ending. |
|
|
|
|
Freddie Boyer
Member
Offline
Activity: 308
Merit: 20
Crypto WEB3 Neobank
|
|
May 22, 2024, 03:38:26 PM |
|
Well, for computers it is fast:
1. selecting second number is fast, it can be pool of 10^9 numbers which will be operated in less than a second
2. multiplying this second number with known one is one instruction for CPU, so still under one second
3. then comparing to known value is still one instruction for CPU
4. if we have hit (still under one second, two at most) we have private key, there are only miliseconds to broadcast new tx with balance coming right to us
So we can do that for all mempool txs with multithreaded CPU below few seconds, where we have time of about 10 minutes when the tx will be a fact.
Brute-force method. This is very interesting, where things that are secret will no longer be secret. I wonder what the scale will be if this is not anticipated immediately. As well as anticipating funds to be safe. |
|
|
|
|
pbies (OP)
|
|
May 22, 2024, 06:14:15 PM |
|
You already started the shitstorm, so i will expect to see more of how you're going to compare seeing that bitcoin ends with the content of what you wrote down, i can only say more grease to your elbow, but know that bitcoin is not ending.
If you would be positively directed for the idea you would already know that. If anyone can obtain pubkey and then get pvk from it, he could immediately redirect the tx to himself. That's the problem here which you don't see. Brute-force method.
This is very interesting, where things that are secret will no longer be secret. I wonder what the scale will be if this is not anticipated immediately.
As well as anticipating funds to be safe.
I think there is not much possible to do in this case. Trying to guess the pvks is easy, there is only time that prevents us from seeing txs redirected by larger group of persons. |
BTC: bc1qmrexlspd24kevspp42uvjg7sjwm8xcf9w86h5k
I have 9900K and 1080 Ti, gathering funds for new desktop PC for Bitcoin operations - 12900K and RTX 4090
|
|
|
Velemir Sava
Member
Offline
Activity: 293
Merit: 28
Enterapp
|
|
May 22, 2024, 06:50:11 PM |
|
I think there is not much possible to do in this case. Trying to guess the pvks is easy, there is only time that prevents us from seeing txs redirected by larger group of persons.
I think there is still security in the BTC system that was created by Satoshi and user funds are still in the safe category if you refer to the question from @Freddie Boyer and the answer you provided above. |
|
|
|
|
pbies (OP)
|
|
May 22, 2024, 06:59:24 PM |
|
I think there is still security in the BTC system that was created by Satoshi and user funds are still in the safe category if you refer to the question from @Freddie Boyer and the answer you provided above.
If you read the topic - this security has been breached recently by bsgs and kangaroo programs. There is no more security involved. Any transaction can be redirected currently, depends on luck hitting the pvk from pub key. |
BTC: bc1qmrexlspd24kevspp42uvjg7sjwm8xcf9w86h5k
I have 9900K and 1080 Ti, gathering funds for new desktop PC for Bitcoin operations - 12900K and RTX 4090
|
|
|
cr1776
Legendary
Offline
Activity: 4060
Merit: 1303
|
|
May 22, 2024, 07:14:55 PM |
|
you can do that with any transaction that is in mempool and has made public key public.
If I give you two numbers and ask you to add them together will you do it at the same speed with all numbers? For example does it take you the same amount of time to add 3 and 2 together as it takes you to add 334212132454779 + 675456421213132457964? And these numbers aren't even big! It's the same in Elliptic Curve Cryptography. If you can solve ECDLP in a short time when the key range is tiny, that doesn't mean you can do the same when the key range is ginormous like 2 256. That's what the puzzle keys people are finding are, small keys in a tiny range compared to the max range of 2 256. If OP really wants to understand the technical details a bit more (vs "End of Bitcoin" number #1000000012340), this thread has some discussion about it: https://bitcointalk.org/index.php?topic=5322009.0 |
|
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1554
Merit: 7548
Protocols over bureaucrats
|
|
May 22, 2024, 07:32:28 PM
Last edit: May 22, 2024, 08:40:05 PM by BlackHatCoiner |
|
For example does it take you the same amount of time to add 3 and 2 together as it takes you to add 334212132454779 + 675456421213132457964? It takes the same time. Integer addition is instant, O(1). Did you mean elliptic curve point addition, perhaps? Edit: For fixed-width integers (e.g., 32-bit, 64-bit), it's O(1). For arbitrary-precision, it's O(n) (with n being the number of multiples of the fixed width integers, i.e. adding fixed-width n times). It's still fast, though. 1. selecting second number is fast, it can be pool of 10^9 numbers which will be operated in less than a second 10^9 is tiny space. We're talking about 2^256 = ~10^78. You can't store that range somewhere, if that's what you meant. If you read the topic - this security has been breached recently by bsgs and kangaroo programs. There is no more security involved. Any transaction can be redirected currently, depends on luck hitting the pvk from pub key.
What topic? The probability of hitting a securely generated private key from public key is extremely slim. It's only public keys that were generated non-securely that are compromised. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
cr1776
Legendary
Offline
Activity: 4060
Merit: 1303
|
|
May 22, 2024, 07:38:34 PM |
|
For example does it take you the same amount of time to add 3 and 2 together as it takes you to add 334212132454779 + 675456421213132457964? It takes the same time. Integer addition is instant, O(1). Did you mean elliptic curve point addition, perhaps? Edit: For fixed-width integers (e.g., 32-bit, 64-bit), it's O(1). For arbitrary-precision, it's O(n) (with n being the number of bits in the integers, i.e. adding fixed-width n times). It's still fast, though. I think he just meant that you can add 3 and 2 together instantly in your head whereas it will take you longer to add 334212132454779 + 675456421213132457964 since most people can't add them instantly without resorting to pencil and paper. Similarly as the space searched expands like the numbers above got larger, searching takes much longer. |
|
|
|
|
seoincorporation
Legendary
Offline
Activity: 3192
Merit: 2978
Top Crypto Casino
|
|
May 22, 2024, 07:41:33 PM |
|
So in other topics here, guys are saying, that if we have public key for puzzle 66 going public, then in few seconds we can track private key for that public key (bsgs, kangaroo) and take over the transaction making own one and moving the amount to our address.
Now think for a moment: you can do that with any transaction that is in mempool and has made public key public. It is only time matter when there will be massive take over of transactions.
PS. Let the shitstorm begin!
If it would be that easy, then someone would already do it. The only way to get the private key from the public key is by brute force, and as we know, to brute-force bitcoin addresses is a waste of time, there are better odds of finding a wallet on the street than finding a private key. So, nothing to worry about. |
|
|
|
lucolo
Legendary
Offline
Activity: 1092
Merit: 1021
|
|
May 22, 2024, 07:43:06 PM |
|
By that time, won't we find a preventive solution?
|
|
|
|
|
Stalker22
Legendary
Offline
Activity: 1540
Merit: 1360
|
|
May 22, 2024, 08:06:56 PM |
|
I have always been fascinated by how some folks can make big claims without knowing squat about the subject. OP, you bandy around terms like bsgs and kangaroo like they are some kind of magic that can crack any encryption just like that. Do you even know what these methods represent and what they are capable of doing?
If you are really interested in learning about this kind of stuff, I would suggest asking questions about things you dont understand before making such outlandish claims.
|
|
|
|
Reatim
Sr. Member
Offline
Activity: 2870
Merit: 362
Eloncoin.org - Mars, here we come!
|
|
May 22, 2024, 08:07:29 PM |
|
you can do that with any transaction that is in mempool and has made public key public.
If I give you two numbers and ask you to add them together will you do it at the same speed with all numbers? For example does it take you the same amount of time to add 3 and 2 together as it takes you to add 334212132454779 + 675456421213132457964? And these numbers aren't even big! It's the same in Elliptic Curve Cryptography. If you can solve ECDLP in a short time when the key range is tiny, that doesn't mean you can do the same when the key range is ginormous like 2 256. That's what the puzzle keys people are finding are, small keys in a tiny range compared to the max range of 2 256. Well, for computers it is fast: 1. selecting second number is fast, it can be pool of 10^9 numbers which will be operated in less than a second 2. multiplying this second number with known one is one instruction for CPU, so still under one second 3. then comparing to known value is still one instruction for CPU 4. if we have hit (still under one second, two at most) we have private key, there are only miliseconds to broadcast new tx with balance coming right to us So we can do that for all mempool txs with multithreaded CPU below few seconds, where we have time of about 10 minutes when the tx will be a fact. That’s not realistic at all. Even with the most advanced computer, it can’t possibly find the correct combination with a possibility of 2^256 combinations. Just the amount of possibilities is enormous that if you just look for it without any logic, it would be very difficult to do so. 10 minutes to do probably with a supercomputer but then it would have been so expensive as you’d probably need more than one considering bitcoin’s power and the energy needed to go through them. |
▄▄████████▄▄
▄▄████████████████▄▄
▄██████████████████████▄
▄█████████████████████████▄
▄███████████████████████████▄
| ███████████████████▄████▄
█████████████████▄███████
████████████████▄███████▀
██████████▄▄███▄██████▀
████████▄████▄█████▀▀
██████▄██████████▀
███▄▄████████████▄
██▄███████████████
░▄██████████████▀
▄█████████████▀
█████████████
███████████▀
███████▀▀ | | | Mars,
here we come! | ▄▄███████▄▄
▄███████████████▄
▄███████████████████▄
▄█████████████████████▄
▄███████████████████████▄
█████████████████████████
█████████████████████████
█████████████████████████
▀███████████████████████▀
▀█████████████████████▀
▀███████████████████▀
▀███████████████▀
▀▀███████▀▀ | ElonCoin.org | │ | | .
| │ | ████████▄▄███████▄▄
███████▄████████████▌
██████▐██▀███████▀▀██
███████████████████▐█▌
████▄▄▄▄▄▄▄▄▄▄██▄▄▄▄▄
███▀░▐███▀▄█▄█▀▀█▄█▄▀
██████████████▄██████▌
█████▐██▄██████▄████▐
█████████▀░▄▄▄▄▄
███████▄█▄░▀█▄▄░▀
███▄██▄▀███▄█████▄▀
▄██████▄▀███████▀
████████▄▀████▀█████▄▄ | .
"I could either watch it
happen or be a part of it"
▬▬▬▬▬ |
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1554
Merit: 7548
Protocols over bureaucrats
|
|
May 22, 2024, 08:12:31 PM |
|
I think he just meant that you can add 3 and 2 together instantly in your head whereas it will take you longer to add 334212132454779 + 675456421213132457964 since most people can't add them instantly without resorting to pencil and paper. Humans can't add large numbers, because of lack of memory. You can't memorize the addition of 8173 with 2509, let alone with larger numbers. That's why you write it down, and then operate mechanically the step-by-step algorithm for column addition (starting from the rightmost column), as you've learned in elementary school, which has a time complexity of O(n). Computers on the other hand, handle addition differently. When you give a computer a number, it reads it in a fixed-size set of bits. For example, 8173 and 2509 in 32-bit will be expressed as: 00000000000000000001111111101101
00000000000000000000100111001101 The addition here is done bit-by-bit, starting from the rightmost, with the following conditions: - If both bits added are '0', final bit is '0'.
- If one bit is '1' and the other is '0', final bit is '1'.
- If both bits are '1', final bit is '0' and we keep a carry ('1') for the next addition.
00000000000000000001111111101101
00000000000000000000100111001101
+
00000000000000000010100110111010 This way, regardless the digits of your number, if it can be represented with 32 or 64 bits, addition finishes in O(1) time complexity, in contrast with humans' algorithm, where time complexity increases linearly as the digits increase. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
|
pbies (OP)
|
|
May 22, 2024, 09:12:39 PM |
|
I have always been fascinated by how some folks can make big claims without knowing squat about the subject. OP, you bandy around terms like bsgs and kangaroo like they are some kind of magic that can crack any encryption just like that. Do you even know what these methods represent and what they are capable of doing?
If you are really interested in learning about this kind of stuff, I would suggest asking questions about things you dont understand before making such outlandish claims.
That are simplified words of other guys here in another topic. If you want to battle about what they are saying you are free to go. Nonsense is when you score my knowledge without knowing what I actually know. Talking simple does not mean that someone is dumb. |
BTC: bc1qmrexlspd24kevspp42uvjg7sjwm8xcf9w86h5k
I have 9900K and 1080 Ti, gathering funds for new desktop PC for Bitcoin operations - 12900K and RTX 4090
|
|
|
|
