BitBills Zero-Day (non-destructive private key sweeping)

[tcatm2]

Hey,

tcatm here. I am verifying my identity by signing this post with my old Bitcoincharts donation address: 1Nqr3MqVyUp6k3o3QPePAdn4Yg4tzgB9kw

This message was written at block height 935269, hash 0000000000000000000054e89aaa3a93f631a96583376bb22c8702e2c3bfe6b5

I have discovered a trivial, non-destructive method to extract private keys from BitBills using common household equipment. I have verified this works. I will release the full technical methodology next week.

Please sweep your funds and store them securely. Do not buy BitBills from someone you do not trust. The physical tamper-evidence is no longer a guarantee that the key has not been accessed.

To my knowledge, there are around 1,300 BTC unredeemed in BitBills as of today.

Best,
tcatm

Signature: HJ1XxuhBnXcDVYAyK+y9bbE11QoRquFr3I2VhmdCWjaLXcuu7hrIQ76ggwcs7LobMPhs4L32BIP7WcJaMAhYDYU=

[krogothmanhattan]

Hey,

tcatm here. I am verifying my identity by signing this post with my old Bitcoincharts donation address: 1Nqr3MqVyUp6k3o3QPePAdn4Yg4tzgB9kw

This message was written at block height 935269, hash 0000000000000000000054e89aaa3a93f631a96583376bb22c8702e2c3bfe6b5

I have discovered a trivial, non-destructive method to extract private keys from BitBills using common household equipment. I have verified this works. I will release the full technical methodology next week.

Please sweep your funds and store them securely. Do not buy BitBills from someone you do not trust. The physical tamper-evidence is no longer a guarantee that the key has not been accessed.

To my knowledge, there are around 1,300 BTC unredeemed in BitBills as of today.

Best,
tcatm

Signature: HJ1XxuhBnXcDVYAyK+y9bbE11QoRquFr3I2VhmdCWjaLXcuu7hrIQ76ggwcs7LobMPhs4L32BIP7WcJaMAhYDYU=

  So what you are saying is you can read the private keys without removing the holograms or removing the hologram and placing back without anyone noticing?

  Or ARE ALL PRIVATE KEYS compromised somehow by you using common household equipment? Is that why ALL BITBILLS need to be swept??

[tcatm2]

As far as I can tell, the cryptography is not affected. However, I found a way to read the private key of BitBills without opening them or leaving a trace.

If you have held the card continuously in a safe since you bought it, your funds are fine (as far as I can tell). However, because the hologram no longer proves the key hasn't been seen, you cannot trust any BitBill on the secondary market. That is why I recommend sweeping.

[krogoth]

As far as I can tell, the cryptography is not affected. However, I found a way to read the private key of BitBills without opening them or leaving a trace.

If you have held the card continuously in a safe since you bought it, your funds are fine (as far as I can tell). However, because the hologram no longer proves the key hasn't been seen, you cannot trust any BitBill on the secondary market. That is why I recommend sweeping.

Thanks....I figured that's what you meant....so my bills are fine then.

 Thanks for letting us know.

    They were able to do to Casascius something similar

   https://www.coindesk.com/markets/2013/08/13/defcon-hackers-crack-physical-bitcoin-casascius-coins

    So this ain't the first time a physical collectable can be compromised.

    As long as the maker ain't fucken around and a person bought from maker or a trusted person.... hopefully should be fine
Have had mine for many years and plan to NEVER SWEEP.

   

[alandelon]

Hey,

tcatm here. I am verifying my identity by signing this post with my old Bitcoincharts donation address: 1Nqr3MqVyUp6k3o3QPePAdn4Yg4tzgB9kw

This message was written at block height 935269, hash 0000000000000000000054e89aaa3a93f631a96583376bb22c8702e2c3bfe6b5

I have discovered a trivial, non-destructive method to extract private keys from BitBills using common household equipment. I have verified this works. I will release the full technical methodology next week.

Please sweep your funds and store them securely. Do not buy BitBills from someone you do not trust. The physical tamper-evidence is no longer a guarantee that the key has not been accessed.

To my knowledge, there are around 1,300 BTC unredeemed in BitBills as of today.

Best,
tcatm

Signature: HJ1XxuhBnXcDVYAyK+y9bbE11QoRquFr3I2VhmdCWjaLXcuu7hrIQ76ggwcs7LobMPhs4L32BIP7WcJaMAhYDYU=

It really intrigues me how you did it. Thanks for the information. It’s a good thing for a coin to go through this kind of testing, since the whole idea behind all of this is to make sure no one gets scammed and that collecting remains fully trustworthy, both on a personal level and physically, without any manipulation.

[MoparMiningLLC]

well someone took it to heart - a bitbills 1.0 BTC was just redeemed.

https://mempool.space/tx/1772f9790ce3c7c13725a700246d54ed7f4964f8ce54fa38c5c01b31b7b5d3d0

[alandelon]

well someone took it to heart - a bitbills 1.0 BTC was just redeemed.

https://mempool.space/tx/1772f9790ce3c7c13725a700246d54ed7f4964f8ce54fa38c5c01b31b7b5d3d0

I think it’s fine, and you know why? Because that person may have bought it second-hand — you never really know. But if they obtained it firsthand, I think redeeming it might be an exaggeration. Also, in the future, it may no longer be valuable to sell it with the BTC still on the card, since if it can be manipulated that easily, it will likely be harder to sell.

[tcatm2]

well someone took it to heart - a bitbills 1.0 BTC was just redeemed.

https://mempool.space/tx/1772f9790ce3c7c13725a700246d54ed7f4964f8ce54fa38c5c01b31b7b5d3d0

That was me preparing a BitBill so I can safely expose the private key in a demonstration next week.

Signature using that sending address: G8Mb/Z9G5nsfvLNAECP+9V0z+xI8awgLXop3OMF1+8L+PwKF42IwAnKLUQaHJR8RtF9C2HwEhNvhcRhnXtVHn74=

[tcatm2]

https://talkimg.com/images/2026/02/06/UEeCBv.png

Let's just say for now, that the ink used for the security pattern (now violet) had a significantly shorter chemical shelf-life than the ink used for the private key itself, and has likely degraded years ago.