Solution : explicit scalar d such that d⋅G=Q on secp256k1

[MikeJ_NpC]

 i  have constructed an explicit scalar d such that d⋅G=Q on secp256k1, where Q is the well‑known public key for the 12ib / 1A7k wallet, and MY d also satisfies a specific modular condition; this makes my work a concrete discrete‑logarithm solution for that particular point under my stated assumptions and factual data.
HOWEVER for the skeptics it does not constitute public proof that this d is the historical private key actually used..BECAUSE i have not enacted a transaction for this as of yet... despite having the nonce and able to parse the preimages from 75% of spent txns which eludes to the fact of it being that key indeed.

To compute d⋅G with the standard generator G and group order n, you recover exactly the public key Q above, and standard hashing/Base58Check from this Q yield the 12ib and 1A7k addresses.
This is a concrete solution of the elliptic‑curve discrete logarithm problem for the specific point Q under secp256k1.


Here is my statement of fact. Instead of deleitng my posts asking for help on the transaction... maybe it can be discussed instead.  Why should my request be frowned on when this has been allowed in past instances and mine is not on a active wallet or with any nefarious overtones.
Its not like im releasing the method, i just want to finish it ...

This is my statement on claim and ownership ... as i have not seen anyone come close to solving it and wont be able too.
resolved months ago.. thank you.



yes i do want help on the txn... as there are multiple issues most with concensus which has changed and other quarks that were not present then ...
if your going to delete my post - then send me a pm stating why ... or are we just playing bias games as someone else solved it? ...

[mcdouglasx]

Why don't you sign your message with something like "I, X, have the password for this address" and include a reference to your post? Otherwise, your post will be considered false. Remember, evidence is what matters here. I could say "I am Satoshi," but without proof, why would anyone take me seriously?
You're in the technical discussion area, so it's obvious you'll get those conclusions from the moderators if you simply come with unsupported claims.

[MikeJ_NpC]

Why don't you sign your message with something like "I, X, have the password for this address" and include a reference to your post? Otherwise, your post will be considered false. Remember, evidence is what matters here. I could say "I am Satoshi," but without proof, why would anyone take me seriously?
You're in the technical discussion area, so it's obvious you'll get those conclusions from the moderators if you simply come with unsupported claims.

its not that easy...if i have issues with the txn same thing would be with the msg.  the preimage should be the same credit associated.  I have it signed outside core which comes back as true and shows the address.

[kTimesG]

If your concern is that you'd expose the public key, post the SHA256 of it so anyone can verify it hashes down to the correct base58 address.

Otherwise, if you can't do this, and since there are no reasons to not want to do this, as it is safe to do it, you should STFU, since it would mean you are obviously trolling or you want to scam somebody.

[mcdouglasx]

Why don't you sign your message with something like "I, X, have the password for this address" and include a reference to your post? Otherwise, your post will be considered false. Remember, evidence is what matters here. I could say "I am Satoshi," but without proof, why would anyone take me seriously?
You're in the technical discussion area, so it's obvious you'll get those conclusions from the moderators if you simply come with unsupported claims.

its not that easy...if i have issues with the txn same thing would be with the msg.  the preimage should be the same credit associated.  I have it signed outside core which comes back as true and shows the address.

There's no technical difference between signing a message and signing a transaction.

On the other hand, perhaps you generated a script that produces a valid signature but doesn't meet the standard parameters. In other words, your script might have an implementation flaw that validates the signature, but in reality, for secp256k1, it's not a valid process. Therefore, it's an invalid signature and not a real solution.

And that explains the reason for your problems.

[gmaxwell]

If your concern is that you'd expose the public key, post the SHA256 of it so anyone can verify it hashes down to the correct base58 address.

The public key is on the blockchain for this address so nothing to expose there.

It took me a minute to realize what you were suggesting-- perhaps because I knew the pubkey for that address was known-- so I thought I'd reiterate it for others who might also be confused:

A normal P2PKH address is RIPEMD160(SHA2(PUBKEY)).  In cases where only the address is known because no outputs with that script have been spent, a personal could reveal knowledge of a SHA256 value that RIPEMD160s to the address.  This would be strong evidence that they know the pubkey (or know someone who does at least!).  But it would keep the pubkey itself private, which might be relevant if it were a special sort vulnerable to attack if it were known (e.g. vulnerable to a meet in the middle attack because the private key was selected from a known limited range).

It's moot here since anyone who cares to know can know the pubkey by looking at the blockchain: https://www.blockstream.info/tx/99f44a1e654e57c0d9918d2d2df728093cde0ed9e768c50737b3b77a37a656fb

Otherwise, if you can't do this, and since there are no reasons to not want to do this, as it is safe to do it, you should STFU, since it would mean you are obviously trolling or you want to scam somebody.

Indeed, there is a slow flood of scamming / market manipulation attempts based on false claims of having cracked some wallet or another.  The whole purpose of this kind of cryptography is that it's trivial to prove you know a private key without revealing anything other than that fact.  Any claim that doesn't come with that kind of proof is correctly ignored.   Mankind's capacity to be scammed knows no bound, however.

[ActiveC]

r=0xd6597d465408e6e11264c116dd98b539740e802dc756d7eb88741696e20dfe7d
s=0x14b9d3e76c5b1629ecf97fff95d7a4bbdac87cc26099ada28066c6ff1eb91912
z=SHA256('What represents the nonce value of this signature MikeJ_NpC? (2026-03-07, Not your key, not your wallet.)')

PubKey=0xa996702272b343f43b2dc03cc662a9c008dc9db8eabcd248e13cb5fb950120e0, 0x02c47f8b4eb4323d0a877710a2b8be1b12fbde1cfd6886b9c415921dc6573119

The nonce of this DER format signature is indeed the private key of the 12ib7dApVFvg82TXKycWBNpN8kFyiAN1dr address.

MikeJ_NpC get a life with your suggestions and claims, unless you post a valid signature, all you write is void, can we all agree on that?!

[GFOXOG]

If your concern is that you'd expose the public key, post the SHA256 of it so anyone can verify it hashes down to the correct base58 address.

The public key is on the blockchain for this address so nothing to expose there.

It took me a minute to realize what you were suggesting-- perhaps because I knew the pubkey for that address was known-- so I thought I'd reiterate it for others who might also be confused:

A normal P2PKH address is RIPEMD160(SHA2(PUBKEY)).  In cases where only the address is known because no outputs with that script have been spent, a personal could reveal knowledge of a SHA256 value that RIPEMD160s to the address.  This would be strong evidence that they know the pubkey (or know someone who does at least!).  But it would keep the pubkey itself private, which might be relevant if it were a special sort vulnerable to attack if it were known (e.g. vulnerable to a meet in the middle attack because the private key was selected from a known limited range).

It's moot here since anyone who cares to know can know the pubkey by looking at the blockchain: https://www.blockstream.info/tx/99f44a1e654e57c0d9918d2d2df728093cde0ed9e768c50737b3b77a37a656fb

Otherwise, if you can't do this, and since there are no reasons to not want to do this, as it is safe to do it, you should STFU, since it would mean you are obviously trolling or you want to scam somebody.

Indeed, there is a slow flood of scamming / market manipulation attempts based on false claims of having cracked some wallet or another.  The whole purpose of this kind of cryptography is that it's trivial to prove you know a private key without revealing anything other than that fact.  Any claim that doesn't come with that kind of proof is correctly ignored.   Mankind's capacity to be scammed knows no bound, however.

* Edit.

Actually I stand corrected.

Not sure this is the correct "Mike" but funny you are trying to recover something myself and one very well known member of the MultiBit developers have been working on.
With a genuine person called "Mike" for a number of years now.

If you claim you have info on 12ib or anything related to it I would be interested to speak with you.

I highly doubt you're claims you have something the only way anyone could have this data is it was stolen from the original user.

Someone on the forum is gate keeping or refusing to connect once more with is to resolve this.

If you have something of value that you found then say so, don't claim it's your haul when we know it's not.

We have a genuine client in the UK who claims to have purchased 12ib and it's contents back in 2010 with a bank transfer. (verified)

Someone on here knows what he asked for. 

We are afraid years later the puzzle still remains unsolved.

If you know what was asked for all those years ago and you recall the "how's You're"  or "Simple"

then get in touch..