Search content
Sort by
Showing 12 of 12 results by greenAlien
Is there any way to have this running on macOS natively ? It would be awesome to try the new M processors with it.
I have tried to port your version but some libraries are missing for macOS thats a pity.
I have tried to port your version but some libraries are missing for macOS thats a pity.
kangaroo.cpp
Code:
#include <gmp.h>
#include <gmpxx.h>
#include <chrono>
#include <ctime>
#include <fstream>
#include <iomanip>
#include <iostream>
#include <random>
#include <vector>
#include <array>
#include <set>
#include <sstream>
using namespace std;
typedef array<mpz_class, 2> Point;
const mpz_class modulo("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", 16);
const mpz_class Gx("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", 16);
const mpz_class Gy("483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8", 16);
const Point PG = {Gx, Gy};
const Point Z = {0, 0};
auto starttime = chrono::high_resolution_clock::now();
Point add(const Point& P, const Point& Q, const mpz_class& p = modulo) {
if (P == Z) return Q;
if (Q == Z) return P;
const mpz_class& P0 = P[0];
const mpz_class& P1 = P[1];
const mpz_class& Q0 = Q[0];
const mpz_class& Q1 = Q[1];
mpz_class lmbda, num, denom, inv;
if (P != Q) {
num = Q1 - P1;
denom = Q0 - P0;
} else {
if (P1 == 0) return Z;
num = 3 * P0 * P0;
denom = 2 * P1;
}
mpz_invert(inv.get_mpz_t(), denom.get_mpz_t(), p.get_mpz_t());
lmbda = (num * inv) % p;
mpz_class x = (lmbda * lmbda - P0 - Q0) % p;
if (x < 0) x += p;
mpz_class y = (lmbda * (P0 - x) - P1) % p;
if (y < 0) y += p;
return {x, y};
}
Point mul(const mpz_class& k, const Point& P = PG, const mpz_class& p = modulo) {
Point R = Z;
Point current = P;
mpz_class k_copy = k;
while (k_copy > 0) {
if (k_copy % 2 == 1) {
R = add(R, current, p);
}
current = add(current, current, p);
k_copy >>= 1;
}
return R;
}
mpz_class X2Y(const mpz_class& X, int y_parity, const mpz_class& p = modulo) {
mpz_class X_cubed = (X * X * X) % p;
mpz_class tmp = (X_cubed + mpz_class(7)) % p;
mpz_class Y;
mpz_class exp = (p + mpz_class(1)) / mpz_class(4);
mpz_powm(Y.get_mpz_t(), tmp.get_mpz_t(), exp.get_mpz_t(), p.get_mpz_t());
if ((Y % 2) != y_parity) {
Y = p - Y;
}
return Y;
}
bool comparator(const Point& P, const mpz_class& Pindex, const mpz_class& DP_rarity,
std::vector<Point>& T, std::vector<mpz_class>& t, const std::vector<Point>& W,
const std::vector<mpz_class>& w) {
mpz_class result;
mpz_fdiv_r(result.get_mpz_t(), P[0].get_mpz_t(), DP_rarity.get_mpz_t());
if (result != 0) return false;
T.push_back(P);
t.push_back(Pindex);
// Create a set of Points from T for fast lookup
std::set<Point> T_set(T.begin(), T.end());
// Create a set of Points from W for quick existence check
std::set<Point> W_set(W.begin(), W.end());
// Iterate through W and check if each element is in T
for (const auto& match : W_set) {
if (T_set.find(match) != T_set.end()) {
auto it = find(T.begin(), T.end(), match);
int index = distance(T.begin(), it);
mpz_class tP = t[index];
mpz_class wP = w[distance(W.begin(), find(W.begin(), W.end(), match))];
mpz_class dec = abs(tP - wP);
// Measure time once and reuse it
auto end = chrono::system_clock::now();
time_t end_time = chrono::system_clock::to_time_t(end);
cout << "\n\033[01;33m[+]\033[32m PUZZLE SOLVED: \033[32m" << ctime(&end_time) << "\r";
cout << "\r\033[01;33m[+]\033[32m Private key (dec): \033[32m" << dec << "\033[0m" << endl;
// Open file once, write all data, and close it
static std::ofstream file("KEYFOUNDKEYFOUND.txt", std::ios::app);
file << "\n" << string(140, '-') << endl;
file << "SOLVED " << ctime(&end_time);
file << "Private Key (decimal): " << dec << endl;
file << "Private Key (hex): " << dec.get_str(16) << endl;
file << string(140, '-') << endl;
return true;
}
}
return false;
}
vector<mpz_class> generate_powers_of_two(int hop_modulo) {
vector<mpz_class> powers(hop_modulo);
for (int pw = 0; pw < hop_modulo; ++pw) {
powers[pw] = mpz_class(1) << pw;
}
return powers;
}
string search(const vector<Point>& P, const Point& W0, const mpz_class& DP_rarity, int Nw, int Nt, int hop_modulo,
const mpz_class& upper_range_limit, const mpz_class& lower_range_limit, const vector<mpz_class>&
powers_of_two) {
vector<Point> T(Nt, Z), W(Nw, Z);
vector<mpz_class> t(Nt), w(Nw);
gmp_randclass rand(gmp_randinit_default);
for (int k = 0; k < Nt; ++k) {
t[k] = lower_range_limit + rand.get_z_range(upper_range_limit - lower_range_limit);
T[k] = mul(t[k]);
}
for (int k = 0; k < Nw; ++k) {
w[k] = rand.get_z_range(upper_range_limit - lower_range_limit);
W[k] = add(W0, mul(w[k]));
}
long long Hops = 0, Hops_old = 0;
auto t0 = chrono::high_resolution_clock::now();
vector<mpz_class> memo(hop_modulo);
for (int pw = 0; pw < hop_modulo; ++pw) {
memo[pw] = powers_of_two[pw];
}
bool solved = false;
while (!solved) {
for (int k = 0; k < (Nt + Nw); ++k) {
++Hops;
if (k < Nt) {
mpz_class pw = T[k][0] % hop_modulo;
solved = comparator(T[k], t[k], DP_rarity, T, t, W, w);
if (solved) break;
t[k] += memo[pw.get_ui()];
T[k] = add(P[pw.get_ui()], T[k], modulo);
} else {
int n = k - Nw;
mpz_class pw = W[n][0] % hop_modulo;
solved = comparator(W[n], w[n], DP_rarity, W, w, T, t);
if (solved) break;
w[n] += memo[pw.get_ui()];
W[n] = add(P[pw.get_ui()], W[n], modulo);
}
}
auto t1 = chrono::high_resolution_clock::now();
double elapsed_seconds = chrono::duration_cast<chrono::duration<double>>(t1 - t0).count();
if (elapsed_seconds > 1.0) {
double hops_per_second = static_cast<double>(Hops - Hops_old) / elapsed_seconds;
auto elapsed_time = chrono::duration_cast<chrono::seconds>(t1 - starttime);
int hours = chrono::duration_cast<chrono::hours>(elapsed_time).count();
int minutes = chrono::duration_cast<chrono::minutes>(elapsed_time % chrono::hours(1)).count();
int seconds = (elapsed_time % chrono::minutes(1)).count();
stringstream elapsed_time_str;
elapsed_time_str << setfill('0') << setw(2) << hours << ":"
<< setfill('0') << setw(2) << minutes << ":"
<< setfill('0') << setw(2) << seconds;
double p_2 = log2(Hops);
cout << "\r[+] [Hops: 2^" << fixed << setprecision(2) << p_2 << " <-> " << fixed << setprecision(0)
<< hops_per_second << " h/s] ["
<< elapsed_time_str.str() << "]" << flush;
t0 = t1;
Hops_old = Hops;
}
}
cout << "\r[+] Hops: " << Hops << endl;
auto end = chrono::high_resolution_clock::now();
double elapsed_seconds = chrono::duration_cast<chrono::duration<double>>(end - starttime).count();
return "\r[+] Solution time: " + to_string(elapsed_seconds) + " sec";
}
int main() {
int puzzle = 50;
string compressed_public_key =
"03f46f41027bbf44fafd6b059091b900dad41e6845b2241dc3254c7cdd3c5a16c6";
int kangaroo_power = 6;
mpz_class lower_range_limit = mpz_class(1) << (puzzle - 1);
mpz_class upper_range_limit = (mpz_class(1) << puzzle) - 1;
mpz_class DP_rarity = mpz_class(1) << ((puzzle - 2 * kangaroo_power) / 2 - 2);
int hop_modulo = ((puzzle - 1) / 2) + kangaroo_power;
int Nt = 1 << kangaroo_power;
int Nw = 1 << kangaroo_power;
vector<mpz_class> powers_of_two = generate_powers_of_two(hop_modulo);
mpz_class X, Y;
if (compressed_public_key.length() == 66) {
X = mpz_class(compressed_public_key.substr(2), 16);
Y = X2Y(X, stoi(compressed_public_key.substr(0, 2)) - 2);
} else {
cout << "[error] pubkey len(66/130) invalid!" << endl;
return 1;
}
Point W0 = {X, Y};
auto starttime = chrono::high_resolution_clock::now();
time_t currentTime = time(nullptr);
cout << "\r\033[01;33m[+]\033[32m KANGAROO: \033[01;33m" << ctime(¤tTime) << "\033[0m" << "\r";
cout << "[+] [Puzzle]: " << puzzle << endl;
cout << "[+] [Lower range limit]: " << lower_range_limit << endl;
cout << "[+] [Upper range limit]: " << upper_range_limit << endl;
cout << "[+] [EC Point Coordinate X]: " << X << endl;
cout << "[+] [EC Point Coordinate Y]: " << Y << endl;
mpz_class expected_hops = 2.2 * sqrt(mpz_class(1) << (puzzle - 1));
double log_expected_hops = log2(expected_hops.get_d());
cout << "[+] [Expected Hops: 2^" << fixed << setprecision(2)
<< log_expected_hops << " (" << expected_hops << ")]" << endl;
vector<Point> P = {PG};
P.reserve(256);
for (int k = 0; k < 255; ++k) {
P.push_back(add(P[k], P[k]));
}
unsigned long seed = static_cast<unsigned long>(time(nullptr));
gmp_randclass rand(gmp_randinit_default);
rand.seed(seed);
search(P, W0, DP_rarity, Nw, Nt, hop_modulo, upper_range_limit, lower_range_limit, powers_of_two);
cout << "\r[+] Average time to solve: " <<
chrono::duration_cast<chrono::seconds>(chrono::high_resolution_clock::now() - starttime).count() << " sec" << endl;
return 0;
}
#include <gmpxx.h>
#include <chrono>
#include <ctime>
#include <fstream>
#include <iomanip>
#include <iostream>
#include <random>
#include <vector>
#include <array>
#include <set>
#include <sstream>
using namespace std;
typedef array<mpz_class, 2> Point;
const mpz_class modulo("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", 16);
const mpz_class Gx("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", 16);
const mpz_class Gy("483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8", 16);
const Point PG = {Gx, Gy};
const Point Z = {0, 0};
auto starttime = chrono::high_resolution_clock::now();
Point add(const Point& P, const Point& Q, const mpz_class& p = modulo) {
if (P == Z) return Q;
if (Q == Z) return P;
const mpz_class& P0 = P[0];
const mpz_class& P1 = P[1];
const mpz_class& Q0 = Q[0];
const mpz_class& Q1 = Q[1];
mpz_class lmbda, num, denom, inv;
if (P != Q) {
num = Q1 - P1;
denom = Q0 - P0;
} else {
if (P1 == 0) return Z;
num = 3 * P0 * P0;
denom = 2 * P1;
}
mpz_invert(inv.get_mpz_t(), denom.get_mpz_t(), p.get_mpz_t());
lmbda = (num * inv) % p;
mpz_class x = (lmbda * lmbda - P0 - Q0) % p;
if (x < 0) x += p;
mpz_class y = (lmbda * (P0 - x) - P1) % p;
if (y < 0) y += p;
return {x, y};
}
Point mul(const mpz_class& k, const Point& P = PG, const mpz_class& p = modulo) {
Point R = Z;
Point current = P;
mpz_class k_copy = k;
while (k_copy > 0) {
if (k_copy % 2 == 1) {
R = add(R, current, p);
}
current = add(current, current, p);
k_copy >>= 1;
}
return R;
}
mpz_class X2Y(const mpz_class& X, int y_parity, const mpz_class& p = modulo) {
mpz_class X_cubed = (X * X * X) % p;
mpz_class tmp = (X_cubed + mpz_class(7)) % p;
mpz_class Y;
mpz_class exp = (p + mpz_class(1)) / mpz_class(4);
mpz_powm(Y.get_mpz_t(), tmp.get_mpz_t(), exp.get_mpz_t(), p.get_mpz_t());
if ((Y % 2) != y_parity) {
Y = p - Y;
}
return Y;
}
bool comparator(const Point& P, const mpz_class& Pindex, const mpz_class& DP_rarity,
std::vector<Point>& T, std::vector<mpz_class>& t, const std::vector<Point>& W,
const std::vector<mpz_class>& w) {
mpz_class result;
mpz_fdiv_r(result.get_mpz_t(), P[0].get_mpz_t(), DP_rarity.get_mpz_t());
if (result != 0) return false;
T.push_back(P);
t.push_back(Pindex);
// Create a set of Points from T for fast lookup
std::set<Point> T_set(T.begin(), T.end());
// Create a set of Points from W for quick existence check
std::set<Point> W_set(W.begin(), W.end());
// Iterate through W and check if each element is in T
for (const auto& match : W_set) {
if (T_set.find(match) != T_set.end()) {
auto it = find(T.begin(), T.end(), match);
int index = distance(T.begin(), it);
mpz_class tP = t[index];
mpz_class wP = w[distance(W.begin(), find(W.begin(), W.end(), match))];
mpz_class dec = abs(tP - wP);
// Measure time once and reuse it
auto end = chrono::system_clock::now();
time_t end_time = chrono::system_clock::to_time_t(end);
cout << "\n\033[01;33m[+]\033[32m PUZZLE SOLVED: \033[32m" << ctime(&end_time) << "\r";
cout << "\r\033[01;33m[+]\033[32m Private key (dec): \033[32m" << dec << "\033[0m" << endl;
// Open file once, write all data, and close it
static std::ofstream file("KEYFOUNDKEYFOUND.txt", std::ios::app);
file << "\n" << string(140, '-') << endl;
file << "SOLVED " << ctime(&end_time);
file << "Private Key (decimal): " << dec << endl;
file << "Private Key (hex): " << dec.get_str(16) << endl;
file << string(140, '-') << endl;
return true;
}
}
return false;
}
vector<mpz_class> generate_powers_of_two(int hop_modulo) {
vector<mpz_class> powers(hop_modulo);
for (int pw = 0; pw < hop_modulo; ++pw) {
powers[pw] = mpz_class(1) << pw;
}
return powers;
}
string search(const vector<Point>& P, const Point& W0, const mpz_class& DP_rarity, int Nw, int Nt, int hop_modulo,
const mpz_class& upper_range_limit, const mpz_class& lower_range_limit, const vector<mpz_class>&
powers_of_two) {
vector<Point> T(Nt, Z), W(Nw, Z);
vector<mpz_class> t(Nt), w(Nw);
gmp_randclass rand(gmp_randinit_default);
for (int k = 0; k < Nt; ++k) {
t[k] = lower_range_limit + rand.get_z_range(upper_range_limit - lower_range_limit);
T[k] = mul(t[k]);
}
for (int k = 0; k < Nw; ++k) {
w[k] = rand.get_z_range(upper_range_limit - lower_range_limit);
W[k] = add(W0, mul(w[k]));
}
long long Hops = 0, Hops_old = 0;
auto t0 = chrono::high_resolution_clock::now();
vector<mpz_class> memo(hop_modulo);
for (int pw = 0; pw < hop_modulo; ++pw) {
memo[pw] = powers_of_two[pw];
}
bool solved = false;
while (!solved) {
for (int k = 0; k < (Nt + Nw); ++k) {
++Hops;
if (k < Nt) {
mpz_class pw = T[k][0] % hop_modulo;
solved = comparator(T[k], t[k], DP_rarity, T, t, W, w);
if (solved) break;
t[k] += memo[pw.get_ui()];
T[k] = add(P[pw.get_ui()], T[k], modulo);
} else {
int n = k - Nw;
mpz_class pw = W[n][0] % hop_modulo;
solved = comparator(W[n], w[n], DP_rarity, W, w, T, t);
if (solved) break;
w[n] += memo[pw.get_ui()];
W[n] = add(P[pw.get_ui()], W[n], modulo);
}
}
auto t1 = chrono::high_resolution_clock::now();
double elapsed_seconds = chrono::duration_cast<chrono::duration<double>>(t1 - t0).count();
if (elapsed_seconds > 1.0) {
double hops_per_second = static_cast<double>(Hops - Hops_old) / elapsed_seconds;
auto elapsed_time = chrono::duration_cast<chrono::seconds>(t1 - starttime);
int hours = chrono::duration_cast<chrono::hours>(elapsed_time).count();
int minutes = chrono::duration_cast<chrono::minutes>(elapsed_time % chrono::hours(1)).count();
int seconds = (elapsed_time % chrono::minutes(1)).count();
stringstream elapsed_time_str;
elapsed_time_str << setfill('0') << setw(2) << hours << ":"
<< setfill('0') << setw(2) << minutes << ":"
<< setfill('0') << setw(2) << seconds;
double p_2 = log2(Hops);
cout << "\r[+] [Hops: 2^" << fixed << setprecision(2) << p_2 << " <-> " << fixed << setprecision(0)
<< hops_per_second << " h/s] ["
<< elapsed_time_str.str() << "]" << flush;
t0 = t1;
Hops_old = Hops;
}
}
cout << "\r[+] Hops: " << Hops << endl;
auto end = chrono::high_resolution_clock::now();
double elapsed_seconds = chrono::duration_cast<chrono::duration<double>>(end - starttime).count();
return "\r[+] Solution time: " + to_string(elapsed_seconds) + " sec";
}
int main() {
int puzzle = 50;
string compressed_public_key =
"03f46f41027bbf44fafd6b059091b900dad41e6845b2241dc3254c7cdd3c5a16c6";
int kangaroo_power = 6;
mpz_class lower_range_limit = mpz_class(1) << (puzzle - 1);
mpz_class upper_range_limit = (mpz_class(1) << puzzle) - 1;
mpz_class DP_rarity = mpz_class(1) << ((puzzle - 2 * kangaroo_power) / 2 - 2);
int hop_modulo = ((puzzle - 1) / 2) + kangaroo_power;
int Nt = 1 << kangaroo_power;
int Nw = 1 << kangaroo_power;
vector<mpz_class> powers_of_two = generate_powers_of_two(hop_modulo);
mpz_class X, Y;
if (compressed_public_key.length() == 66) {
X = mpz_class(compressed_public_key.substr(2), 16);
Y = X2Y(X, stoi(compressed_public_key.substr(0, 2)) - 2);
} else {
cout << "[error] pubkey len(66/130) invalid!" << endl;
return 1;
}
Point W0 = {X, Y};
auto starttime = chrono::high_resolution_clock::now();
time_t currentTime = time(nullptr);
cout << "\r\033[01;33m[+]\033[32m KANGAROO: \033[01;33m" << ctime(¤tTime) << "\033[0m" << "\r";
cout << "[+] [Puzzle]: " << puzzle << endl;
cout << "[+] [Lower range limit]: " << lower_range_limit << endl;
cout << "[+] [Upper range limit]: " << upper_range_limit << endl;
cout << "[+] [EC Point Coordinate X]: " << X << endl;
cout << "[+] [EC Point Coordinate Y]: " << Y << endl;
mpz_class expected_hops = 2.2 * sqrt(mpz_class(1) << (puzzle - 1));
double log_expected_hops = log2(expected_hops.get_d());
cout << "[+] [Expected Hops: 2^" << fixed << setprecision(2)
<< log_expected_hops << " (" << expected_hops << ")]" << endl;
vector<Point> P = {PG};
P.reserve(256);
for (int k = 0; k < 255; ++k) {
P.push_back(add(P[k], P[k]));
}
unsigned long seed = static_cast<unsigned long>(time(nullptr));
gmp_randclass rand(gmp_randinit_default);
rand.seed(seed);
search(P, W0, DP_rarity, Nw, Nt, hop_modulo, upper_range_limit, lower_range_limit, powers_of_two);
cout << "\r[+] Average time to solve: " <<
chrono::duration_cast<chrono::seconds>(chrono::high_resolution_clock::now() - starttime).count() << " sec" << endl;
return 0;
}
Code:
clang++ -std=c++11 -o kangaroo kangaroo.cpp -m64 -march=native -mtune=native -mssse3 -Wall -Wextra -ftree-vectorize -flto -O3 -funroll-loops -ffast-math -lgmp -lgmpxx
nomachine@iMac Desktop % system_profiler SPSoftwareDataType
Software:
System Software Overview:
System Version: macOS 13.6.1 (22G313)
Kernel Version: Darwin 22.6.0
Boot Volume: macOS
Boot Mode: Normal
User Name: nomachine (nomachine)
Secure Virtual Memory: Enabled
System Integrity Protection: Enabled
Time since boot: 1 day, 14 hours, 11 minutes
nomachine@iMac Desktop % nano kangaroo.cpp
nomachine@iMac Desktop % clang++ -std=c++11 -o kangaroo kangaroo.cpp -m64 -march=native -mtune=native -mssse3 -Wall -Wextra -ftree-vectorize -flto -O3 -funroll-loops -ffast-math -lgmp -lgmpxx
nomachine@iMac Desktop % ./kangaroo
- KANGAROO: Tue Jul 23 08:50:41 2024
- [Puzzle]: 50
- [Lower range limit]: 562949953421312
- [Upper range limit]: 1125899906842623
- [EC Point Coordinate X]: 110560903758971929709743161563183868968201998016819862389797221564458485814982
- [EC Point Coordinate Y]: 106403041512432555215316396882584033752066537554388330180776939978150437217531
- [Expected Hops: 2^25.50 (47453132)]
- [Hops: 2^24.82 <-> 469162 h/s] [00:01:03]
- PUZZLE SOLVED: Tue Jul 23 08:51:44 2024
- Private key (dec): 611140496167764
- Hops: 29560288
- Average time to solve: 63 sec
Is there any way to have this running on macOS natively ? It would be awesome to try the new M processors with it.
I have tried to port your version but some libraries are missing for macOS thats a pity.
I have tried to port your version but some libraries are missing for macOS thats a pity.
I have 205288 hops per second in python on single core my friend......
It will work from 1 - 256 bit . But it is impossible to solve any Puzzle above 50 with this for a lifetime.
It needs to be converted into C++ or Rust so that it can solve problems up to puzzle 120.
It will work from 1 - 256 bit . But it is impossible to solve any Puzzle above 50 with this for a lifetime.
Code:
import time
import os
import sys
import random
import gmpy2
if os.name == 'nt':
os.system('cls')
else:
os.system('clear')
t = time.ctime()
sys.stdout.write(f"\033[?25l")
sys.stdout.write(f"\033[01;33m[+] Kangaroo: {t}\n")
sys.stdout.flush()
modulo = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
order = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
Gx = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
Gy = gmpy2.mpz(0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)
# Define Point class
class Point:
def __init__(self, x=0, y=0):
self.x = gmpy2.mpz(x)
self.y = gmpy2.mpz(y)
PG = Point(Gx, Gy)
Z = Point(0, 0) # zero-point, infinite in real x, y - plane
def add(P, Q, p=modulo):
if P == Z:
return Q
elif Q == Z:
return P
elif P.x == Q.x and (P.y != Q.y or P.y == 0):
return Z
elif P.x == Q.x:
m = (3 * P.x * P.x) * gmpy2.invert(2 * P.y, p) % p
else:
m = (Q.y - P.y) * gmpy2.invert(Q.x - P.x, p) % p
x = (m * m - P.x - Q.x) % p
y = (m * (P.x - x) - P.y) % p
return Point(x, y)
def mul2(P, p=modulo):
if P == Z:
return Z
m = gmpy2.f_mod(3 * P.x * P.x * gmpy2.invert(2 * P.y, p), p)
x = gmpy2.f_mod(m * m - 2 * P.x, p)
y = gmpy2.f_mod(m * (P.x - x) - P.y, p)
return Point(x, y)
def mulk(k, P=PG, p=modulo):
if k == 0:
return Z
elif k == 1:
return P
elif k % 2 == 0:
return mulk(k // 2, mul2(P, p), p)
else:
return add(P, mulk((k - 1) // 2, mul2(P, p), p), p)
def X2Y(X, y_parity, p=modulo):
X_cubed = gmpy2.powmod(X, 3, p)
X_squared = gmpy2.powmod(X, 2, p)
tmp = gmpy2.f_mod(X_cubed + 7, p)
Y = gmpy2.powmod(tmp, gmpy2.f_div(gmpy2.add(p, 1), 4), p)
if y_parity == 1:
Y = gmpy2.f_mod(-Y, p)
return Y
def comparator(A, Ak, B, Bk):
result = set(A).intersection(set(B))
if result:
sol_kt = A.index(next(iter(result)))
sol_kw = B.index(next(iter(result)))
HEX = "%064x" % abs(Ak[sol_kt] - Bk[sol_kw])
dec = int(HEX, 16)
total_time = time.time() - starttime
print('\n[+] total time: %.2f sec' % (total_time))
t = time.ctime()
print(f"\033[32m[+] PUZZLE SOLVED: {t} \033[0m")
print(f"\033[32m[+] Private key (dec) : {dec} \033[0m")
with open("KEYFOUNDKEYFOUND.txt", "a") as file:
file.write("\n\nSOLVED " + t)
file.write(f"\nTotal Time: {total_time:.2f} sec")
file.write(f"\nRandom seed: {seed}")
file.write("\nPrivate Key (decimal): " + str(dec))
file.write("\nPrivate Key (hex): " + HEX)
file.write(
"\n-------------------------------------------------------------------------------------------------------------------------------------------\n"
)
file.close()
return True
else:
return False
def check(P, Pindex, DP_rarity, A, Ak, B, Bk):
modulo_val = P.x % DP_rarity
if modulo_val == 0:
A.append(gmpy2.mpz(P.x))
Ak.append(gmpy2.mpz(Pindex))
return comparator(A, Ak, B, Bk)
else:
return False
# Generate a list of powers of two for faster access
def generate_powers_of_two(hop_modulo):
return [gmpy2.mpz(1 << pw) for pw in range(hop_modulo)]
def search(P, W0, DP_rarity, Nw, Nt, hop_modulo, upper_range_limit, lower_range_limit, powers_of_two):
solved = False
t = [gmpy2.mpz(lower_range_limit + gmpy2.mpz(random.randint(0, upper_range_limit - lower_range_limit))) for _ in range(Nt)]
T = [mulk(ti) for ti in t]
dt = [gmpy2.mpz(0) for _ in range(Nt)]
w = [gmpy2.mpz(random.randint(0, upper_range_limit - lower_range_limit)) for _ in range(Nw)]
W = [add(W0, mulk(wk)) for wk in w]
dw = [gmpy2.mpz(0) for _ in range(Nw)]
print('[+] tame and wild herds are prepared')
Hops, Hops_old = 0, 0
t0 = time.time()
# Memoization dictionary
memo = {}
while not solved:
for k in range(Nt):
Hops += 1
pw = T[k].x % hop_modulo
if pw not in memo:
memo[pw] = powers_of_two[pw]
dt[k] = memo[pw]
solved = check(T[k], t[k], DP_rarity, T, t, W, w)
if solved: break
t[k] += dt[k]
T[k] = add(P[int(pw)], T[k])
if solved: break
for k in range(Nw):
Hops += 1
pw = W[k].x % hop_modulo
if pw not in memo:
memo[pw] = powers_of_two[pw]
dw[k] = memo[pw]
solved = check(W[k], w[k], DP_rarity, W, w, T, t)
if solved: break
w[k] += dw[k]
W[k] = add(P[int(pw)], W[k])
if solved: break
t1 = time.time()
if (t1 - t0) > 5:
print('\r[+] Hops: %.0f h/s' % ((Hops - Hops_old) / (t1 - t0)), end='', flush=True)
t0 = t1
Hops_old = Hops
print('[+] Hops:', Hops)
return 'sol. time: %.2f sec' % (time.time() - starttime)
# Configuration for the puzzle
puzzle = 40
compressed_public_key = "03a2efa402fd5268400c77c20e574ba86409ededee7c4020e4b9f0edbee53de0d4"
kangaroo_power = 4
lower_range_limit = 2 ** (puzzle - 1)
upper_range_limit = (2**puzzle) - 1
DP_rarity = 1 << int(((puzzle - 2*kangaroo_power)/2 - 2))
hop_modulo = ((puzzle - 1) // 2) + kangaroo_power
Nt = Nw = 2**kangaroo_power
# Precompute powers of two for faster access
powers_of_two = generate_powers_of_two(hop_modulo)
T, t, dt = [], [], []
W, w, dw = [], [], []
if len(compressed_public_key) == 66:
X = gmpy2.mpz(compressed_public_key[2:66], 16)
Y = X2Y(X, gmpy2.mpz(compressed_public_key[:2]) - 2)
else:
print("[error] pubkey len(66/130) invalid!")
W0 = Point(X,Y)
starttime = oldtime = time.time()
print(f"[+] [Puzzle]: {puzzle}")
print(f"[+] [Lower range limit]: {lower_range_limit}")
print(f"[+] [Upper range limit]: {upper_range_limit}")
#Random seed Config
seed = os.urandom(9).hex()
print(f"[+] [Random seed]: {seed}")
random.seed(seed)
Hops = 0
P = [PG]
for k in range(255): P.append(mul2(P[k]))
print('[+] P-table prepared')
solved = False
search(P, W0, DP_rarity, Nw, Nt, hop_modulo, upper_range_limit, lower_range_limit, powers_of_two)
print('[+] Average time to solve: %.2f sec' % ((time.time()-starttime)))
import os
import sys
import random
import gmpy2
if os.name == 'nt':
os.system('cls')
else:
os.system('clear')
t = time.ctime()
sys.stdout.write(f"\033[?25l")
sys.stdout.write(f"\033[01;33m[+] Kangaroo: {t}\n")
sys.stdout.flush()
modulo = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F)
order = gmpy2.mpz(0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141)
Gx = gmpy2.mpz(0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798)
Gy = gmpy2.mpz(0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)
# Define Point class
class Point:
def __init__(self, x=0, y=0):
self.x = gmpy2.mpz(x)
self.y = gmpy2.mpz(y)
PG = Point(Gx, Gy)
Z = Point(0, 0) # zero-point, infinite in real x, y - plane
def add(P, Q, p=modulo):
if P == Z:
return Q
elif Q == Z:
return P
elif P.x == Q.x and (P.y != Q.y or P.y == 0):
return Z
elif P.x == Q.x:
m = (3 * P.x * P.x) * gmpy2.invert(2 * P.y, p) % p
else:
m = (Q.y - P.y) * gmpy2.invert(Q.x - P.x, p) % p
x = (m * m - P.x - Q.x) % p
y = (m * (P.x - x) - P.y) % p
return Point(x, y)
def mul2(P, p=modulo):
if P == Z:
return Z
m = gmpy2.f_mod(3 * P.x * P.x * gmpy2.invert(2 * P.y, p), p)
x = gmpy2.f_mod(m * m - 2 * P.x, p)
y = gmpy2.f_mod(m * (P.x - x) - P.y, p)
return Point(x, y)
def mulk(k, P=PG, p=modulo):
if k == 0:
return Z
elif k == 1:
return P
elif k % 2 == 0:
return mulk(k // 2, mul2(P, p), p)
else:
return add(P, mulk((k - 1) // 2, mul2(P, p), p), p)
def X2Y(X, y_parity, p=modulo):
X_cubed = gmpy2.powmod(X, 3, p)
X_squared = gmpy2.powmod(X, 2, p)
tmp = gmpy2.f_mod(X_cubed + 7, p)
Y = gmpy2.powmod(tmp, gmpy2.f_div(gmpy2.add(p, 1), 4), p)
if y_parity == 1:
Y = gmpy2.f_mod(-Y, p)
return Y
def comparator(A, Ak, B, Bk):
result = set(A).intersection(set(B))
if result:
sol_kt = A.index(next(iter(result)))
sol_kw = B.index(next(iter(result)))
HEX = "%064x" % abs(Ak[sol_kt] - Bk[sol_kw])
dec = int(HEX, 16)
total_time = time.time() - starttime
print('\n[+] total time: %.2f sec' % (total_time))
t = time.ctime()
print(f"\033[32m[+] PUZZLE SOLVED: {t} \033[0m")
print(f"\033[32m[+] Private key (dec) : {dec} \033[0m")
with open("KEYFOUNDKEYFOUND.txt", "a") as file:
file.write("\n\nSOLVED " + t)
file.write(f"\nTotal Time: {total_time:.2f} sec")
file.write(f"\nRandom seed: {seed}")
file.write("\nPrivate Key (decimal): " + str(dec))
file.write("\nPrivate Key (hex): " + HEX)
file.write(
"\n-------------------------------------------------------------------------------------------------------------------------------------------\n"
)
file.close()
return True
else:
return False
def check(P, Pindex, DP_rarity, A, Ak, B, Bk):
modulo_val = P.x % DP_rarity
if modulo_val == 0:
A.append(gmpy2.mpz(P.x))
Ak.append(gmpy2.mpz(Pindex))
return comparator(A, Ak, B, Bk)
else:
return False
# Generate a list of powers of two for faster access
def generate_powers_of_two(hop_modulo):
return [gmpy2.mpz(1 << pw) for pw in range(hop_modulo)]
def search(P, W0, DP_rarity, Nw, Nt, hop_modulo, upper_range_limit, lower_range_limit, powers_of_two):
solved = False
t = [gmpy2.mpz(lower_range_limit + gmpy2.mpz(random.randint(0, upper_range_limit - lower_range_limit))) for _ in range(Nt)]
T = [mulk(ti) for ti in t]
dt = [gmpy2.mpz(0) for _ in range(Nt)]
w = [gmpy2.mpz(random.randint(0, upper_range_limit - lower_range_limit)) for _ in range(Nw)]
W = [add(W0, mulk(wk)) for wk in w]
dw = [gmpy2.mpz(0) for _ in range(Nw)]
print('[+] tame and wild herds are prepared')
Hops, Hops_old = 0, 0
t0 = time.time()
# Memoization dictionary
memo = {}
while not solved:
for k in range(Nt):
Hops += 1
pw = T[k].x % hop_modulo
if pw not in memo:
memo[pw] = powers_of_two[pw]
dt[k] = memo[pw]
solved = check(T[k], t[k], DP_rarity, T, t, W, w)
if solved: break
t[k] += dt[k]
T[k] = add(P[int(pw)], T[k])
if solved: break
for k in range(Nw):
Hops += 1
pw = W[k].x % hop_modulo
if pw not in memo:
memo[pw] = powers_of_two[pw]
dw[k] = memo[pw]
solved = check(W[k], w[k], DP_rarity, W, w, T, t)
if solved: break
w[k] += dw[k]
W[k] = add(P[int(pw)], W[k])
if solved: break
t1 = time.time()
if (t1 - t0) > 5:
print('\r[+] Hops: %.0f h/s' % ((Hops - Hops_old) / (t1 - t0)), end='', flush=True)
t0 = t1
Hops_old = Hops
print('[+] Hops:', Hops)
return 'sol. time: %.2f sec' % (time.time() - starttime)
# Configuration for the puzzle
puzzle = 40
compressed_public_key = "03a2efa402fd5268400c77c20e574ba86409ededee7c4020e4b9f0edbee53de0d4"
kangaroo_power = 4
lower_range_limit = 2 ** (puzzle - 1)
upper_range_limit = (2**puzzle) - 1
DP_rarity = 1 << int(((puzzle - 2*kangaroo_power)/2 - 2))
hop_modulo = ((puzzle - 1) // 2) + kangaroo_power
Nt = Nw = 2**kangaroo_power
# Precompute powers of two for faster access
powers_of_two = generate_powers_of_two(hop_modulo)
T, t, dt = [], [], []
W, w, dw = [], [], []
if len(compressed_public_key) == 66:
X = gmpy2.mpz(compressed_public_key[2:66], 16)
Y = X2Y(X, gmpy2.mpz(compressed_public_key[:2]) - 2)
else:
print("[error] pubkey len(66/130) invalid!")
W0 = Point(X,Y)
starttime = oldtime = time.time()
print(f"[+] [Puzzle]: {puzzle}")
print(f"[+] [Lower range limit]: {lower_range_limit}")
print(f"[+] [Upper range limit]: {upper_range_limit}")
#Random seed Config
seed = os.urandom(9).hex()
print(f"[+] [Random seed]: {seed}")
random.seed(seed)
Hops = 0
P = [PG]
for k in range(255): P.append(mul2(P[k]))
print('[+] P-table prepared')
solved = False
search(P, W0, DP_rarity, Nw, Nt, hop_modulo, upper_range_limit, lower_range_limit, powers_of_two)
print('[+] Average time to solve: %.2f sec' % ((time.time()-starttime)))
- Kangaroo: Thu May 16 13:33:48 2024
- [Puzzle]: 40
- [Lower range limit]: 549755813888
- [Upper range limit]: 1099511627775
- [Random seed]: 9b76a9623bd76fb8cc
- P-table prepared
- tame and wild herds are prepared
- Hops: 205288 h/s
- total time: 6.92 sec
- PUZZLE SOLVED: Thu May 16 13:33:55 2024
- Private key (dec) : 1003651412950
- Hops: 1416585
- Average time to solve: 6.92 sec
It needs to be converted into C++ or Rust so that it can solve problems up to puzzle 120.
not a bad working code! Are you thinking on implementing multi threading? I know this is not comparable with GPU but its not bad at all
Congrats! Re: I have 26 out of 24 mnemonic words. Am I able to brute force still?
Do you know ANY right position of the words? that would reduce the number of possibilities. Otherwise... As the rest of the people have told you, you need many lifetimes to solve it...
I fully understand the code and how this program works. All aspects.
115 was solved with a little more than 300GB of, wait, checks notes, “files”.
That was your first rant, exabytes lol.
I hope no SSDs were lost solving 110 and 115 with this program. RIP SSDs and all of your exabytes that you stored. 😁
Cool, but can you also tell me how many jumps were actually stored in those 300 GB?115 was solved with a little more than 300GB of, wait, checks notes, “files”.
That was your first rant, exabytes lol.
I hope no SSDs were lost solving 110 and 115 with this program. RIP SSDs and all of your exabytes that you stored. 😁
Was it completed before the expected number of kangaroos of each type filled each set, to reach even a probabilistic 50%? Without such details, the best I have was estimates, and the estimates derive from the number of operations.
So if you tell me the data storage was 100 kB after 2**58 operations, anything is possible, but that would just mean not a lot of DPs were found, not that the estimates were wrong.
Does the required storage per entry scale linearly when you increase the DP? Because logically, a higher DP under a higher keyspace requires way more jumps to find all DPs, which means the travelled average distance of any kangaroo increases in size, which means your storage also increases in size because you have to store longer distances.
Also, the jumps (each jump) aren't stored. All the kangaroos are jumping via jumps but only those that land on a DP (leading 0s with this program) are stored.
I think for 115, it took a total of 2^58.36 total jumps and the workfile(s) contained 2^33.36 DPs (DP 25); and it took right around 13 days to solve. 130 at DP 32 would contain a little more than 115 at DP 25; but even if you doubled it, you are looking at 600+GB, triple it 1TB, quadrupled it 1.4 TB, etc. it is still no where close to 1 exabyte of storage required.
Distances do not really increase in size, in the same range/group. They are spread out randomly at program start and then, for say 115, they have average jump size of somewhere around 2^57ish; so each jump is about 2^57, but inside a 2^114 range, so in order to really increase, each kangaroo would have to make more than 2^57 jumps (which would take a lifetime).
But yes, a larger range would have more hex characters stored for the distance (which would take up more storage space), compared to a smaller range, but the points (DPs) would all be the same size/length, regardless of the range. So 130 compared to 115 range would equal around 3-4 more hex characters per distance.
Nice conversation between you two.
Considering those calculations and the comparison with 115#, what would be the neccessary requirements to at least "try" to solve 130# with let's say DP 27 in matter of storage and GPU power ?
I don't understand so deeply how kangaroo works but @Etar has created one distributed kangaroo.
Here are the links:
- https://github.com/Etayson/Server-Client-apps-for-Etarkangaroo
- https://github.com/Etayson/Etarkangaroo
If someone has the resources needed to run a 130# puzzle operation we can try to gather some gpu power.
Regarding what @WanderingPhilospher is asking to @kTimesG we can try to run this tool for 115# and see how long it takes and how many resources do we need/use.
If so just PM me here.
Here are the links:
- https://github.com/Etayson/Server-Client-apps-for-Etarkangaroo
- https://github.com/Etayson/Etarkangaroo
If someone has the resources needed to run a 130# puzzle operation we can try to gather some gpu power.
Regarding what @WanderingPhilospher is asking to @kTimesG we can try to run this tool for 115# and see how long it takes and how many resources do we need/use.
If so just PM me here.
I believe citb0in is asking where to download the PureBasic compiler itself, not Etar's PureBasic source code file(s). I haven't searched myself, but it shouldn't be rocket science to find the needed version of the PureBasic compiler for Linux with the help of internet search engines and/or Linux package search sites.
That was my question, absolutely. The source code is available but I wasn't able to found a working and usable PureBasic installation source.
Really, none of y’all could find it?
https://www.purebasic.com/pricing.php
Yes, you have to pay for it. Once you pay for it, you can download any new or legacy versions, windows and/or Linux. You will need the one that Etar mentions in his PB code.
Exactly, you can buy it or...you can just search in the internet...
Does anyone have any clue regarding the no output when running the binaries after linux compilation? The binaries just close itself
I successfully compiled it for Linux, but the program just closes without an error. Has anyone been able to solve this?
Code:
# ./onlygen1_9_6File -t 256 -b 96 -p 506 -w 30 -htsz 29
Number of GPU threads set to #256
Number of GPU blocks set to #96
Number of pparam set to #506
Items number set to 2^30=1073741824
HT size set to 2^29
initHTsize #1
APP VERSION: 1.9.6File-onlygen0
**********************************************************************************
This version [1.9.6File-onlygen0] may content various bugs,
Don`t use this version for serious task.
It is needed to test the possibility of using the -w parameter greater than 30
if you accept this press ENTER to continue or close the program otherwise.
**********************************************************************************
Number of GPU threads set to #256
Number of GPU blocks set to #96
Number of pparam set to #506
Items number set to 2^30=1073741824
HT size set to 2^29
initHTsize #1
APP VERSION: 1.9.6File-onlygen0
**********************************************************************************
This version [1.9.6File-onlygen0] may content various bugs,
Don`t use this version for serious task.
It is needed to test the possibility of using the -w parameter greater than 30
if you accept this press ENTER to continue or close the program otherwise.
**********************************************************************************
I have dedicated some time to compile the BSGS, the onlyGen file and BSGS-fractions in Linux with your instructions. The compilation was successfully for all of them however, when running the files they display the initial text but after that it closes without any output.
What are we missing here ?
This is and example of the execution, don't take the arguments seriously since it was just to test:
Code:
vboxuser@ubuntupurebasic:~/purebasic/compilers$ ./generateHT -t 256 -b 96 -p 506 -w 30 -pk 8000000000000000 -pke ffffffffffffffff -pb 03100611c54dfef604163b8358f7b7fac13ce478e02cb224ae16d45526b25d9d4d -htsz 28
Number of GPU threads set to #256
Number of GPU blocks set to #96
Number of pparam set to #506
Items number set to 2^30=1073741824
Range begin: 0x8000000000000000
Range end: 0xffffffffffffffff
Pubkey set to 03100611c54dfef604163b8358f7b7fac13ce478e02cb224ae16d45526b25d9d4d
HT size set to 2^28
initHTsize #1
APP VERSION: 1.9.6File-onlygen0
**********************************************************************************
This version [1.9.6File-onlygen0] may content various bugs,
Don`t use this version for serious task.
It is needed to test the possibility of using the -w parameter greater than 30
if you accept this press ENTER to continue or close the program otherwise.
**********************************************************************************
Same behavior for the bsgs and the bsgs-fractions. Maybe @etar can help us here ? Number of GPU threads set to #256
Number of GPU blocks set to #96
Number of pparam set to #506
Items number set to 2^30=1073741824
Range begin: 0x8000000000000000
Range end: 0xffffffffffffffff
Pubkey set to 03100611c54dfef604163b8358f7b7fac13ce478e02cb224ae16d45526b25d9d4d
HT size set to 2^28
initHTsize #1
APP VERSION: 1.9.6File-onlygen0
**********************************************************************************
This version [1.9.6File-onlygen0] may content various bugs,
Don`t use this version for serious task.
It is needed to test the possibility of using the -w parameter greater than 30
if you accept this press ENTER to continue or close the program otherwise.
**********************************************************************************
Congrats for your software @etar
It would be nice to have this program for Linux or at least the binary to create the HT so we can rent a Linux server with big amount of RAM to make the HT and download it to our computers.
It would be nice to have this program for Linux or at least the binary to create the HT so we can rent a Linux server with big amount of RAM to make the HT and download it to our computers.