Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Discussion
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
by
lordfrs
on 17/06/2023, 10:38:06 UTC
Quote from: r1ckpwn on Today at 08:30:36 AM
Quote from: lordfrs on June 14, 2023, 11:42:50 PM
Quote from: digaran on June 14, 2023, 07:55:52 PM
Quote from: Evillo on June 14, 2023, 04:01:24 PM

Yeah .. He, most likely, generated 256 keys and manually updated the first character on the left whenever necessary.
You really think he just changed 1 digit? Some one who is an expert in cryptography would know better, but maybe he didn't want to make it very difficult and really used randomly generated keys. But if I were him, I'd have changed a few characters to make it really really hard, for example having a few 0s in a key will make it hard to reverse engineer a key manually, and brute force/kangaroo, well they have their limits.

One other thing could be placing a key outside a bit range, I'm curious did Satoshi ever confirmed that the keys are truly in the assumed bit ranges or we just hope the amounts of transactions are enough of a proof that the keys are exactly there?

But you know what I'd like to see? A large amount in a key with no exactly known bit range, somewhere between 160 and 180 bit not lower and not higher, then solving that key would be a global challenge, though not any amount which someone could spend half of it to use special tools and grab it, something which could only be solved by math and new methods.

For example, I haven't seen any tool/ algorithm capable of  adding or subtracting 1 to a key and then divide it by 2, kangaroo  engages square root calculations, BSGS looks for a match after adding/subtracting calculations, but no tool does + or - 1 then divide!

Now I look at it from a different angle. In binary, the program is more practical, for example, I know the last 8 bits of the private key anyway, because 8 bits equals a maximum of 256 digits. There was a friend who said that if the curve math is 0, multiply, if 1, add, knowing the last bit means solving ecdsa, the last 8 bits are 1 in 256, you can find the rest. If you say the last 16 bits, there is 1 possibility in 65536, these numbers can be tried, you will reduce 125 bits -16 bits =109bits.

This is the code

Code:

from sympy import mod_inverse
import secp256k1 as ice

k=mod_inverse(2,N)
neg1=ice.point_negation(ice.scalar_multiplication(1))

def ters(Qx,Scalar):
     ScalarBin = str(bin(Scalar))[2:]
     le=len(ScalarBin)
     for i in range (0,le):
        if ScalarBin[le-i] == "0":
            Qx=ice.point_multiplication(k,Qx)
        else:
            Qx=ice.point_addition(Qx,neg1)
            Qx=ice.point_multiplication(k,Qx)
     return ice.point_to_cpub(Qx)

for x in range(65536):
         print(ters(pub,x))


If the last bit is 1, it moves the point forward when divided by (2).

7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a1 +

if the last bit is 0 then normal divides

You trying to do mod_inverse using N. But N what is?



N=0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141