I’ve identified a case involving multiple Bitcoin P2PKH transactions where the same ECDSA nonce r is reused across different private keys. The addresses are mathematically related, and the total funds involved are around 4 BTC.

We know that when the same nonce k is reused across signatures with different keys, we get two equations with three unknowns (k, d1, d2). This usually isn’t enough to recover any private key.

However, I’ve been investigating how k might have been generated. My analysis points to a cloned virtual environment using MT19937 (Mersenne Twister), likely with the same seed reused to generate multiple private keys or nonces across transactions.

This could explain how the same r appears in signatures from different keys. As MT19937 is not suitable for cryptographic use, predictable nonces may be involved.

Questions:

Has anyone seen a similar case involving MT19937 and nonce/key reuse?

Any known attacks or tools to reverse-engineer k or the seed from reused r values?

Is there any way to exploit this pattern to recover private keys?