Ninjastic
Search content
Sort by
Showing 3 of 3 results by f86m48458
Post
Topic
Board Development & Technical Discussion
Re: P2PKH Address Pairs with Reused Nonce k
by
f86m48458
on 23/03/2025, 22:13:27 UTC
Quote from: peakyclin77 on Today at 10:00:37 PM
Ok, so how can I retrieve the keys of addresses that share a nonce with a compromised address? I want to check if they follow a specific pattern to identify the ones that interest me in this case.

I can help you if there are addresses that have been compromised before and share the same K value with the target address you want to calculate the private key for. All you need is a compromised address and the same K value between the two addresses. This is the only condition that must be met, a compromised address and the target address must share a K value.
Post
Topic
Board Development & Technical Discussion
Re: P2PKH Address Pairs with Reused Nonce k
by
f86m48458
on 23/03/2025, 20:44:20 UTC
Quote from: peakyclin77 on Today at 06:46:55 PM
Yes, the r value was reused. One of the compromised addresses is a P2PKH address holding a bit over 2 BTC, which ACCIDENTALLY shared the same R with two other addresses due to a cloned VM. This particular address has a total of 7 spends with a biased k.

I compared all r values above; for example, the comparison between r2 and r5:

    Number of fixed (frequent) bits: 140/256

    Fixed bits ratio: 0.5469

The 7 r values mentioned come from the same key. Here, r2 and r5 have 140 fixed bits in total.

Is there a way to brute-force the nonce?

It is only possible to calculate the private key of an address if it used a K value in a signature that was previously used by a compromised address. This way, the private key can be calculated because the private key of the compromised address is enough to calculate the value of the K that both addresses used. In short, if we have the K value, then the private key of any address that has ever used the same value can be calculated. The lattice attack will not work, you should not look for matching bits in the value r, but in the value K.
Post
Topic
Board Development & Technical Discussion
Re: P2PKH Address Pairs with Reused Nonce k
by
f86m48458
on 18/03/2025, 17:44:49 UTC
Quote from: peakyclin77 on Today at 05:23:09 PM
In the scenario I mentioned earlier in the thread, where the same nonce 𝑟 is reused between different public keys, I have noticed that sometimes we observe two instances of reuse between two keys, or even three instances of reuse among three different keys. Given this situation, is there a way to recover the private keys associated with these compromised addresses through a nonce reuse attack or any other method?

Since we have two equations and three unknowns in this case, it seems like it might be possible to solve for the private keys. I am aware that there are approximately 4 BTC at stake in this situation.

Any insights on how to approach this attack, or if there are existing tools or techniques to recover the private keys, would be highly appreciated.

Thanks!

Could you please send me a DM? I have a few ideas that might help find mathematical connections and possibly answer your question, but I need to know more details first.