Bitcoin Forum
December 11, 2016, 02:23:16 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Vanity Address Generation  (Read 1722 times)
Luceo
Sr. Member
****
Offline Offline

Activity: 350


Per aspera ad astra!


View Profile
June 13, 2012, 04:29:06 PM
 #1

I'm willing to generate vanity addresses for people using my GPU. I can do up to 7 characters, case sensitive generation. An example would be in my signature, Calumon being the Digimon which appears in my avatar. I used the particular case in the signature because I couldn't use calumon or Calumon (no lowercase 'l') or CALUMON (no uppercase O or 0).

I have performed this service for Adamas on this forum.

This address generation service works by hashing out a lot of addresses with private keys randomly until the desired string is found. The addresses take the form 1DesiredVanityStringBunchOfOtherStuff.

Rules for Addresses (this is to prevent visual ambiguity):
- No uppercase 'I'
- No lowercase 'l'
- No 0 or uppercase 'O'

Security:
- There is an inherent trust issue with allowing vanity addresses to be generated by other users, which is that there is no way (that I know of -- let me know if there is a way) for me not to gain access to the private key generated for your address, which would theoretically allow me access to any BTC stored at that address.
- I will close the terminal window the private key is generated in, wipe it from my clipboard and delete all record of it (because I wouldn't want my computer to get compromised and cost you any BTC). You will have to trust that I have done this, because it's incredibly difficult to prove one way or the other, short of live-streaming the generation process (which would, of course, make the generation much slower).
- However, it is recommended, because of these trust issues, that large sums of BTC are not stored in vanity addresses. They are best used as donation addresses in signatures (like mine) which usually receive sub-1 BTC microtransactions.

Method:
- I will be using oclvanitygen on a mildly overclocked nvidia 5-series GPU. This takes approximately 5 hours to generate a 7-character vanity address (such as 1CaLuMoN... or 1Adamas1...) and significantly less time for a shorter one.
- I can send the output by private message, by e-mail or (preferably) by IRC query (freenode). I suggest that you delete the message as soon as you have imported the key so that nobody can compromise it and gain access to your Bitcoins.

Prices:
- 1 BTC for 7 character vanity addresses
- 0.25 BTC for shorter vanity addresses
- 0.5 BTC to ssh into your server and import the private key, to avoid having to send the key at all (you must have ssh working and bitcoind installed and running)

1481422996
Hero Member
*
Offline Offline

Posts: 1481422996

View Profile Personal Message (Offline)

Ignore
1481422996
Reply with quote  #2

1481422996
Report to moderator
1481422996
Hero Member
*
Offline Offline

Posts: 1481422996

View Profile Personal Message (Offline)

Ignore
1481422996
Reply with quote  #2

1481422996
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481422996
Hero Member
*
Offline Offline

Posts: 1481422996

View Profile Personal Message (Offline)

Ignore
1481422996
Reply with quote  #2

1481422996
Report to moderator
1481422996
Hero Member
*
Offline Offline

Posts: 1481422996

View Profile Personal Message (Offline)

Ignore
1481422996
Reply with quote  #2

1481422996
Report to moderator
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 13, 2012, 04:47:08 PM
 #2

I don't what vanitygen program your using, but vanitygen has a "-f -" option which then you can pipe into encrypted file which then can be used to save all the information and then have the password directly emailed to the user with the file directly sent to the user, and both the email to the user and the file will be deleted, this call all be script so it can be done.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Luceo
Sr. Member
****
Offline Offline

Activity: 350


Per aspera ad astra!


View Profile
June 13, 2012, 04:52:10 PM
 #3

I'm using oclvanitygen, which is made by the same author as vanitygen but (as the name suggests) runs on OpenCL.

The -f option just allows you to insert a bunch of patterns to create multiple addresses, as far as I know (I've only ever used oclvanitygen for one address at a time).

The -e option allows you to encrypt with a password, but you'd still have to trust that I'm not saving the password so I'm not sure how it would remove the trust issue. It may, however, be a better way of sending the priv keys. I could privatepaste the file and e-mail the password so that any would-be hacker would have to compromise your forum account and e-mail account to steal the key.

Help output:
(2:506)$ ./oclvanitygen
oclVanitygen 0.17 (OpenSSL 1.0.1c 10 May 2012)
Usage: ./oclvanitygen [-vqrikNTS] [-d <device>] [-f <filename>|-] [<pattern>...]
Generates a bitcoin receiving address matching <pattern>, and outputs the
address and associated private key.  The private key may be stored in a safe
location or imported into a bitcoin client to spend any balance received on
the address.
By default, <pattern> is interpreted as an exact prefix.

Options:
-v            Verbose output
-q            Quiet output
-r            Use regular expression match instead of prefix
              (Feasibility of expression is not checked)
-i            Case-insensitive prefix search
-k            Keep pattern and continue search after finding a match
-N            Generate namecoin address
-T            Generate bitcoin testnet address
-X <version>  Generate address with the given version
-e            Encrypt private keys, prompt for password
-E <password> Encrypt private keys with <password> (UNSAFE)
-p <platform> Select OpenCL platform
-d <device>   Select OpenCL device
-S            Safe mode, disable OpenCL loop unrolling optimizations
-w <worksize> Set work items per thread in a work unit
-t <threads>  Set target thread count per multiprocessor
-g <x>x<y>    Set grid size
-b <invsize>  Set modular inverse ops per thread
-V            Enable kernel/OpenCL/hardware verification (SLOW)
-f <file>     File containing list of patterns, one per line
              (Use "-" as the file name for stdin)
-o <file>     Write pattern matches to <file>
-s <file>     Seed random number generator from <file>

gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 13, 2012, 05:02:06 PM
 #4

The -e option allows you to encrypt with a password, but you'd still have to trust that I'm not saving the password so I'm not sure how it would remove the trust issue. It may, however, be a better way of sending the priv keys. I could privatepaste the file and e-mail the password so that any would-be hacker would have to compromise your forum account and e-mail account to steal the key.

I am talking about pipes, idk what OS your using but you want to pipe in the pattern (aka "-f -") so you don't know, then the output can be sent to a file which ANOTHER program would encrypt and using /dev/random you can get a seed to create a random string to make the password, but how do we know your legit, you are just a JR memeber and, scams are on the raise Smiley so it be in your best interest to look into protecting the user and yourself.

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
area
Full Member
***
Offline Offline

Activity: 176


View Profile
June 13, 2012, 05:11:57 PM
 #5

There's a discussion about how to outsource address generation without trust required at https://bitcointalk.org/index.php?topic=56839.0 which you may like to read.

Mine the best coin, all the time, using Cryptoswitcher
Luceo
Sr. Member
****
Offline Offline

Activity: 350


Per aspera ad astra!


View Profile
June 13, 2012, 05:32:11 PM
 #6

I am talking about pipes, idk what OS your using but you want to pipe in the pattern (aka "-f -") so you don't know, then the output can be sent to a file which ANOTHER program would encrypt and using /dev/random you can get a seed to create a random string to make the password, but how do we know your legit, you are just a JR memeber and, scams are on the raise Smiley so it be in your best interest to look into protecting the user and yourself.

You don't know I'm legit, that's my major concern because I obviously haven't proved myself. I only have three successful trades and to all intents and purposes they are microtransactions.

If I'm understanding you right, basically you're talking about a script to run something like:

1. Decrypt your input pattern file with a key
2. Pass your decrypted input pattern to oclvanitygen and output to a file (./oclvanitygen -f yourfile -o newfile)
3. Encrypt 'newfile' with a password I don't know, and e-mail you newfile and the password
4. Delete newfile and yourfile from my local file system

What I'm saying is, even if I do that, the customer has to believe that I am doing that. There's no way I can prove that I'm not just taking the output, manually encrypting it and sending them the encrypted file. This does create a better security mechanism which makes it probably worth trying (I might try to script this on perl over CGI so that the user can order vanity addresses online), but doesn't remove the trust issue.

There's a discussion about how to outsource address generation without trust required at https://bitcointalk.org/index.php?topic=56839.0 which you may like to read.

I'll take a look, might give me some ideas but I'm not an OpenCL programmer so if it requires the development of new programs, the most I'll be able to do is offer a bounty on it. Tongue

gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
June 13, 2012, 05:39:03 PM
 #7

I am talking about pipes, idk what OS your using but you want to pipe in the pattern (aka "-f -") so you don't know, then the output can be sent to a file which ANOTHER program would encrypt and using /dev/random you can get a seed to create a random string to make the password, but how do we know your legit, you are just a JR memeber and, scams are on the raise Smiley so it be in your best interest to look into protecting the user and yourself.

You don't know I'm legit, that's my major concern because I obviously haven't proved myself. I only have three successful trades and to all intents and purposes they are microtransactions.

If I'm understanding you right, basically you're talking about a script to run something like:

1. Decrypt your input pattern file with a key
2. Pass your decrypted input pattern to oclvanitygen and output to a file (./oclvanitygen -f yourfile -o newfile)
3. Encrypt 'newfile' with a password I don't know, and e-mail you newfile and the password
4. Delete newfile and yourfile from my local file system

What I'm saying is, even if I do that, the customer has to believe that I am doing that. There's no way I can prove that I'm not just taking the output, manually encrypting it and sending them the encrypted file. This does create a better security mechanism which makes it probably worth trying (I might try to script this on perl over CGI so that the user can order vanity addresses online), but doesn't remove the trust issue.

There's a discussion about how to outsource address generation without trust required at https://bitcointalk.org/index.php?topic=56839.0 which you may like to read.

I'll take a look, might give me some ideas but I'm not an OpenCL programmer so if it requires the development of new programs, the most I'll be able to do is offer a bounty on it. Tongue

no completely wrong not what i was saying at all, instead of files you would use pipes to route the data from program to program, no trace of the data could be found on the local file system, so no chance of you saying.

Also you don't need to be an OpenCL programmer that stuff has been built already js

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Luceo
Sr. Member
****
Offline Offline

Activity: 350


Per aspera ad astra!


View Profile
June 13, 2012, 06:01:46 PM
 #8

You have to pipe input from somewhere and to somewhere, it can't come out of thin air or be piped into thin air.

Somewhere can be a file, an input or a variable from a remote method call, but in any of these cases the customer is going to have to give me (or my script) the data and trust me to give them the output.

Ergo, they are going to have to believe that the script does what I say it does.

Can you give me a detailed example of how this can be handled with no trust requirement?

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!