Search content
Sort by
Showing 20 of 22 results by K0rvexX
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
Of course, what prevents me from selling a script that I created, which has the correct functions for safe transfers without being stolen?
If I want to sell it, I won't give it away for free. I’m not foolish enough to hand over the ‘knife and the cheese’ to someone so they can benefit from it without my compensation. I’ve already tested it multiple times. Even
military-grade security measures haven’t succeeded in interfering with my transfers, which range from 66 to 100 bits—all tested and functioning perfectly."
If I want to sell it, I won't give it away for free. I’m not foolish enough to hand over the ‘knife and the cheese’ to someone so they can benefit from it without my compensation. I’ve already tested it multiple times. Even
military-grade security measures haven’t succeeded in interfering with my transfers, which range from 66 to 100 bits—all tested and functioning perfectly."
I too created a one of kind, state of the art, military grade, quantum immune, AI powered, blockchain mathematics, once in a millennia, [insert buzzword here] method that transfers funds in an instant with no fees cross-blockchain completely securely. I thoroughly tested it with my buddies in my basement and it completely works (source: trust me bro). I won't be giving it away since I want to profit from the code that chatgpt game me in 2 minutes, that's why I'm selling it for 999 morbillion BTC.
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
And for those who still think that a hashing function is reversible, let me give you a quick rundown on why that's practically impossible.
A hashing function like SHA256 or RIPEMD160 or MD5 aren't encryption functions, meaning they are NOT meant to "hide" data so only someone with the correct keys could read it. They are only used for VERIFICATION, meaning they don't hold ANY information on the underlying data, but are simply used to represent a unique signature associated with that specific piece of data to detect alterations or tampering.
What makes them irreversible is that they completely disregard some parts of the data through the use of bit-shifting and mixing different keys. Take a modular function for example, N = m (mod k), m still hold a piece of information related to N, but you can't recover N knowing m and k. Now combine that with conditional operations, boolean operations and so one, for 64 rounds. And there you have it, a 256bit string that just tells you the file or message is what it's claiming to be.
Focus your efforts on more software or hardware optimizations instead of wasting your time on mathematical paradoxes. That's the whole point of this challenge, to push creativity and ingenuity to its limits, not foster insanity and delusion.
A hashing function like SHA256 or RIPEMD160 or MD5 aren't encryption functions, meaning they are NOT meant to "hide" data so only someone with the correct keys could read it. They are only used for VERIFICATION, meaning they don't hold ANY information on the underlying data, but are simply used to represent a unique signature associated with that specific piece of data to detect alterations or tampering.
What makes them irreversible is that they completely disregard some parts of the data through the use of bit-shifting and mixing different keys. Take a modular function for example, N = m (mod k), m still hold a piece of information related to N, but you can't recover N knowing m and k. Now combine that with conditional operations, boolean operations and so one, for 64 rounds. And there you have it, a 256bit string that just tells you the file or message is what it's claiming to be.
Focus your efforts on more software or hardware optimizations instead of wasting your time on mathematical paradoxes. That's the whole point of this challenge, to push creativity and ingenuity to its limits, not foster insanity and delusion.
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
The amount of insanity surfacing these couple of weeks is genuinely insane. People coming out of nowhere, claiming they found the magical way to transfer funds with absolutely zero proof and charging bands for it, the other one is apparently Gauss 2.0 and found a way to crack sha256, and others think they can outsmart a damn random distribution and find a pattern in a double hashed address...
I'm not a mathematician or anything, far from it, I'm just in my 3rd year of cybersecurity engineering. With that said, I studied hashing functions and cryptography for years, and if any of you has magically found a method to reverse sha256 or ecdsa there will be bigger things at stake than a bitcoin puzzle. That's "if", because as far as I can see all of them are spewing actual bullcrap in a last act of desperation. Trying to make sense of randomness is a shot in the dark black hole that won't yield anything but wasted time, energy, sanity, and hope for those who think it's feasible.
I'm not saying randomness is uncrackable, nothing a computer does is truly random. But unless you have an idea of the procedure used to generate the wallets or ran a side-channel attack on the author's machine, there's practically no way to predict it. The reality is painful, and so far the only way to actually crack the puzzle is to simply bruteforce it, and the only breakthroughs that could be made are in optimizing the software used to sweep through all possible keys.
I'm not attacking anyone in particular, but if you genuinely think that this could be magically solved through PROBABILITY and MATHEMATICS where the only mathematics you've used are calculating the average of the keys with wallets that "look like" the target wallet, you need to reconsider what you're doing and genuinely understand the cryptography behind bitcoin, or in general.
I'm not a mathematician or anything, far from it, I'm just in my 3rd year of cybersecurity engineering. With that said, I studied hashing functions and cryptography for years, and if any of you has magically found a method to reverse sha256 or ecdsa there will be bigger things at stake than a bitcoin puzzle. That's "if", because as far as I can see all of them are spewing actual bullcrap in a last act of desperation. Trying to make sense of randomness is a shot in the dark black hole that won't yield anything but wasted time, energy, sanity, and hope for those who think it's feasible.
I'm not saying randomness is uncrackable, nothing a computer does is truly random. But unless you have an idea of the procedure used to generate the wallets or ran a side-channel attack on the author's machine, there's practically no way to predict it. The reality is painful, and so far the only way to actually crack the puzzle is to simply bruteforce it, and the only breakthroughs that could be made are in optimizing the software used to sweep through all possible keys.
I'm not attacking anyone in particular, but if you genuinely think that this could be magically solved through PROBABILITY and MATHEMATICS where the only mathematics you've used are calculating the average of the keys with wallets that "look like" the target wallet, you need to reconsider what you're doing and genuinely understand the cryptography behind bitcoin, or in general.
Re: Bitcoin puzzle transaction ~32 BTC prize to who solves it
But why don't those who understand software use their codes in non-standard mathematical operations?
Why do they always think of formulas like A = B - C (x.y) with ready-made logic?
Even the A - B - C - x - y that is currently being written is mathematics.
Why do they always think of formulas like A = B - C (x.y) with ready-made logic?
Even the A - B - C - x - y that is currently being written is mathematics.
Because illogical thinking cannot manifest itself as working software? At some point a logical contradiction occurs (unless you like software that includes intentional bugs), and it may be spotted even before attempting to touch a keyboard. Otherwise, the lesson is learned the hard way, but with no doubt that moment occurs sooner or later. But what stops you from giving it a shot, if you believe it's not a waste of time (or life); what are your results, besides spreading around your own beliefs, backed by nothing and impossible to prove or test?
Can you be patient a little longer? Because when the time comes to prove it, I will just say that I did it.
My hardware is not very high, so it may take a few weeks.
After that, I will publish the HEX code SHA256 here before transferring it. After that, I will just sit and watch.
I am not telling you to write illogical software, if you know MATHEMATICS. This includes basic statistics, PROBABILITY PERCENTAGE... I can list many reasons.
I can show many examples and proofs for this. Actually, I don't have to, you will understand this when I am done.
You want maths? here's a bit of maths for you. You have N=3(mod 4), tell me what N is. It's math, it's reversible right? I recommend at least reading how hashing functions, Ripemd and sha work before spewing nonsense. Same goes for the brainless guy.
Since it seems that the winner is not here, I will explain this riddle.
1. So we have a signature, we should check for weak K1, use kangaroos of course
What's the range for search? Use a hint from the message, 80bit. Fails, it seems K1 is strong.
2. Remember that I posted another signature, take K2, may be K1==K2? No.
So if we have both strong K1 and K2, what it can be?
Remember that ECDSA Signature is vulnerable not only when K1==K2 but also if we know that
K1 has some relation with K2, for example, K2=K1+1 (the simplest case).
How to check it? Remember that R1=G*K1 and R2=G*K2 and we have these R1 and R2 points in signatures, so we can substract: PntDiff = R1 - R2
(and also try R2 - R1) and check if it's G. It's not G, ok, may be the difference is not 1 but more?
We should try to solve PntDiff (both variants) with kangaroos. What's the range? Same, 80bits. And we can solve it, so now we have delta_K.
3. Now calculate, google or ask chatbot to get the formula:
pk = ((delta_k * s1 * s2) + (z2 * s1) - (z1 * s2)) / (r1 * s2 - r2 * s1) [mod n]
That's all!
1. So we have a signature, we should check for weak K1, use kangaroos of course
What's the range for search? Use a hint from the message, 80bit. Fails, it seems K1 is strong.
2. Remember that I posted another signature, take K2, may be K1==K2? No.
So if we have both strong K1 and K2, what it can be?
Remember that ECDSA Signature is vulnerable not only when K1==K2 but also if we know that
K1 has some relation with K2, for example, K2=K1+1 (the simplest case).
How to check it? Remember that R1=G*K1 and R2=G*K2 and we have these R1 and R2 points in signatures, so we can substract: PntDiff = R1 - R2
(and also try R2 - R1) and check if it's G. It's not G, ok, may be the difference is not 1 but more?
We should try to solve PntDiff (both variants) with kangaroos. What's the range? Same, 80bits. And we can solve it, so now we have delta_K.
3. Now calculate, google or ask chatbot to get the formula:
pk = ((delta_k * s1 * s2) + (z2 * s1) - (z1 * s2)) / (r1 * s2 - r2 * s1) [mod n]
That's all!
Also, I found it quite difficult as a beginner/intermediateto understand the kangaroo method used. Could you make a video or a detailed explanation on how it works and the math behind it, as well as some technicalities? That would be greatly appreciated
Brilliant explanation. I read your implementation of the kangaroo method from your github, but couldn't understand it enough to try it myself in this version.
Pretty fun, will there be puzzles like this going forward?
Pretty fun, will there be puzzles like this going forward?
Well the new onwer already transfered all the assets related to the private key.
But since someone put this minigame to another website, i don't think the owner will came back and explain
where?But since someone put this minigame to another website, i don't think the owner will came back and explain
I've been following the "complex number" lead all day, was it truly a dead end?
All in all it was really fun, I'll be dreaming of elliptic curves for quite a while xd. Too bad puzzles like this don't come out as often.
All in all it was really fun, I'll be dreaming of elliptic curves for quite a while xd. Too bad puzzles like this don't come out as often.
It's already been 24 hours and I'm starting to tweak a bit xd. I'm following a trail which I'm pretty positive would lead to the solution, just don't know how it was exactly implemented on your end or how to approach it without spending another 24 hours to a dead end.
Signature parsing:
Signature length: 65 bytes
Raw signature (hex): 20838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc288da41a03e78 a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
Message hash calculation:
Message: Anything one man can imagine, other men can make real
Prefix: 18426974636f696e205369676e6564204d6573736167653a0a
Message length: 53
First hash: 9da32d658cb47aa5cc319124c5ec371d8ba0409601d7ab4f05a211cc7017cdfb
Final hash: 9233d997d01ccf4b46187b215819354f107e76d9c27968bc460e4463334ee7c3
Initial values:
r: 838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc
s: 288da41a03e78a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
z: 9233d997d01ccf4b46187b215819354f107e76d9c27968bc460e4463334ee7c3
rzs values of the last transaction of 130:
Input #1
Signature: 304402201b6ab2549e885f738c89d8d57536e1a73cbeb9378630bb78e216b9b67f870eed022051c 726a81cb1eef5396652f2d20187ca7be319d712501ba145a7ad6c0abdc4a901
Signature R: 12400963492795392609031341807807154052760050202284245305715860805371845611245
Signature S: 36989210099789635796490701234231128519696772485070775735202446327584128877737
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
Input #2
Signature: 3044022072eb5d544fffa7db8bb197e0325c04ae275aa59f3698356ec259bb2efc5a2b3002203c2 a50a80b05550a0af8f5b61006dea217630123b61ce3bfc391ef29286904ed01
Signature R: 51979517934185901849206199432340111907050158889583335884026970420978141244208
Signature S: 27213535161856087512477033219129420417229300877918670259420027749344513426669
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
Input #3
Signature: 304402201a4f32a50802cf0d934af5fb73d96f097f39370124672c2fdea465ed99950b8402202a0 b1ae7ec8b1f570c174c03a3fb90282583b52463954cc3da6633de142693f501
Signature R: 11900064517834611874804658129846530803853420224485460010867370709356878564228
Signature S: 19016760656273379684391398396725025995624320131971786756459942660729832117237
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
Input #4
Signature: 304402205ad3dea7329c9c3b1af267d4f2ef9cbd7806e31b2a67c733659ece873d4281030220597 007c96a01d437054d33432b40e7c8000508dd1b883b68fdeccf523ac4804a01
Signature R: 41082497798492335280966935563959884126225476228116080597459676273135856025859
Signature S: 40453784137503450550606654749659246286277897343701030255267246155381839528010
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
but trying to find a way to solve
Signature length: 65 bytes
Raw signature (hex): 20838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc288da41a03e78 a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
Message hash calculation:
Message: Anything one man can imagine, other men can make real
Prefix: 18426974636f696e205369676e6564204d6573736167653a0a
Message length: 53
First hash: 9da32d658cb47aa5cc319124c5ec371d8ba0409601d7ab4f05a211cc7017cdfb
Final hash: 9233d997d01ccf4b46187b215819354f107e76d9c27968bc460e4463334ee7c3
Initial values:
r: 838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc
s: 288da41a03e78a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
z: 9233d997d01ccf4b46187b215819354f107e76d9c27968bc460e4463334ee7c3
rzs values of the last transaction of 130:
Input #1
Signature: 304402201b6ab2549e885f738c89d8d57536e1a73cbeb9378630bb78e216b9b67f870eed022051c 726a81cb1eef5396652f2d20187ca7be319d712501ba145a7ad6c0abdc4a901
Signature R: 12400963492795392609031341807807154052760050202284245305715860805371845611245
Signature S: 36989210099789635796490701234231128519696772485070775735202446327584128877737
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
Input #2
Signature: 3044022072eb5d544fffa7db8bb197e0325c04ae275aa59f3698356ec259bb2efc5a2b3002203c2 a50a80b05550a0af8f5b61006dea217630123b61ce3bfc391ef29286904ed01
Signature R: 51979517934185901849206199432340111907050158889583335884026970420978141244208
Signature S: 27213535161856087512477033219129420417229300877918670259420027749344513426669
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
Input #3
Signature: 304402201a4f32a50802cf0d934af5fb73d96f097f39370124672c2fdea465ed99950b8402202a0 b1ae7ec8b1f570c174c03a3fb90282583b52463954cc3da6633de142693f501
Signature R: 11900064517834611874804658129846530803853420224485460010867370709356878564228
Signature S: 19016760656273379684391398396725025995624320131971786756459942660729832117237
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
Input #4
Signature: 304402205ad3dea7329c9c3b1af267d4f2ef9cbd7806e31b2a67c733659ece873d4281030220597 007c96a01d437054d33432b40e7c8000508dd1b883b68fdeccf523ac4804a01
Signature R: 41082497798492335280966935563959884126225476228116080597459676273135856025859
Signature S: 40453784137503450550606654749659246286277897343701030255267246155381839528010
Z value: 34486381796216883593372188881094541378252208837497351442272209263146674329520
Public Key: 03633cbe3ec02b9401c5effa144c5b4d22f87940259634858fc7e59b1c09937852
Public Key Hash: a24922852051a9002ebf4c864a55acb75bb4cf75
but trying to find a way to solve
we all are xd
Yes, you should have some understanding of ECDSA signature vulnerabilities.
2 most common vulnerabilities are repetitions of K for the same private key and weak KWe have only 2 signed messages and their signature r does not match, only the weak K remains.
I checked 02/03838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc in the 80-bit range it is not there.
sha256 from the message also does not reveal r, as well as double hashing.
The rabbit hole is too deep. I'm tired))
6 signatures in total, not only 2, you find another 4 on the blockchain
LLL ?!7
Enlighten us please, 2 been here on the forum, another 4 can be extracted from the withdrawal tx, which is he 7th?!
there is a 5th transaction, rtx4 = 0x9fca00d29192007648f7e4b525f15a00a5180833617a604ec6701833eb26e580
stx4 = 0x1f5ff38219a72080f77534b735badbcf57f503a33e91935ee7a859387abf5483
but tbh, i don't think these are leading anywhere
I think I see what you're pointing to, I'm just trying to make sense of how it could be implemented in such context 
Same K or weak K would be too easy
This riddle is just one step more complex.
This riddle is just one step more complex.
Guys, I'm bored today again, so let's have some fun: a mini-puzzle for puzzle #130.
As you requested, this time it's a bit more challenging
Message: Anything one man can imagine, other men can make real
Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o=
There is about 700$ in BCH there, so hurry up!
And thanks to creator of original puzzles (Satoshi??) for a lot of fun!
PS. No BS here please, I will remove it.
PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896
As you requested, this time it's a bit more challenging
Message: Anything one man can imagine, other men can make real
Signature: IIONt3uYHbMh+vUnqDBGHP2gGu1Q2Fw0WnsKj05eT9P8KI2kGgPniiPirCd5IeLRnRdxeiehDxxsyn/VujUaX8o=
There is about 700$ in BCH there, so hurry up!
And thanks to creator of original puzzles (Satoshi??) for a lot of fun!
PS. No BS here please, I will remove it.
PPS. For history, previous mini-puzzle is here: https://bitcointalk.org/index.php?topic=5518896
Now yes, I liked it, a difficult puzzle lol, don't give any more tips to this bunch of parasitic worms, no @
RetiredCoder
Based on your post history, you seem to be very passionate about calling people worms and straight up insulting them in general. You know it costs nothing to be positive?
The main vulnerability of signatures is the use of the same value of K, which gives the same value of r.
for the first message the values of r and s were:
r 0xde97092bfb7c02148a827b4f8b62db1e189a739c77815799df5e6fb35ae88a1f
s 0x3f4fa38bcbb17615446fabc6fbebceefbb7d052eca9ce136b3a4a67b7f0d4f42
for the second message the values of r and s were:
r 0x838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc
s 0x288da41a03e78a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
I don't see the same r values here, maybe I'm being stupid.
for the first message the values of r and s were:
r 0xde97092bfb7c02148a827b4f8b62db1e189a739c77815799df5e6fb35ae88a1f
s 0x3f4fa38bcbb17615446fabc6fbebceefbb7d052eca9ce136b3a4a67b7f0d4f42
for the second message the values of r and s were:
r 0x838db77b981db321faf527a830461cfda01aed50d85c345a7b0a8f4e5e4fd3fc
s 0x288da41a03e78a23e2ac277921e2d19d17717a27a10f1c6cca7fd5ba351a5fca
I don't see the same r values here, maybe I'm being stupid.
@Etar where did the first r and s come from? I didn't find the same values
Hi @Retired coder. Am new to this forum and just went through this bitcoin forum.Thanks for the puzzle and the hint given. I tried my luck for the first time found public key, private key and address of two wallets which seems odd to me after digging chat gpt rabbit hole. But tried the two wallets imported into electron cash wallet but found no or 0 $ BCH. Can you please confirm whether the puzzle is solved.
The public is is already exposed, and if you're sure you've found the private key (which would be obvious because is has 126 0 at the end) you would've probably cached out by now $ BCH. Can you please confirm whether the puzzle is solved. the length of the signature is also 65 bytes instead of 64. Is there a hint on the manipulation done on the signature before getting encoded (or is it in the message again xd)
The signature's hex representation starts with 20 while every other signature I checked started with 30. Did the signature get processed through some function before being encoded to b64?