There have already been examples, what other proof do you need?
Reviewing their code, just to clarify, the trick seems to be that the signed message includes the nonce concatenated as part of the string. Somehow, the OP extracts the nonce from here, which allows them to derive the private key. In short, their code generates vulnerable signatures. The nonce should never be included in the message of a signature because it is a catastrophic vulnerability.
def generate_signatures(self, priv, num_signatures=10):
sigs = []
for _ in range(num_signatures):
nonce = random.randrange(1, 2**BIT_RANGE)
note = str(os.urandom(25)) + str(nonce)
msg = bytes(note, 'utf-8')
private_key, public_key = self.make_keypair(priv)
r, s, z = self.sign_message(priv, msg, nonce)
sigs.append((z, r, s))
return sigs
Yes, Hello I have already seen similar codes, where when generating fake signatures, a nonce is also generated. By the way, Bitcoined has shown several times that its code outputs the correct value of the private key, I have seen it myself.