I have a script[1] that generates a pub+private key and checks against a massive file of addresses with BTC[2]. The list of addresses is loaded in memory as a python `set` so checking is O(1), but I feel like optimisations at increasing the rate are futile, since no matter what you're basically rolling the die and hoping RNG lands on your side in your lifetime and your universe of all possible universes.
1. https://github.com/theden/btc-heist
2. https://bitkeys.work/download.php has a weekly updated CSV of all known addresses with nonzero BTC balance
I’m fully aware behind the math of finding a wallet actually holding anything… but I was fairly weirded out to come across 10 wallets that quickly. Most had their last txn out roughly 2019.
I'd say odds are that the website is wrong, but you can always load those keys in a wallet and see if they give you control over the actual address.
If that works, I'd assume it's the case that some people have used weak keys (for example, a popular Ethereum wallet would actually generate 256 bits of entropy but accidentally truncate it to 32 bits in an operation), and any funds in those wallets will have been snagged long ago.
Point being: generate a private key properly, and no one will ever find it.
EDIT: I realize this is another page then the one I've seen previously, but I think the same idea applies. That one had support for Ethereum, too, and on the final page was an account with a balance.
That or someone is actually using the site to come up with wallet keys.
It is estimated there are 10^80 atoms in the observable universe.
Sooo... what's 4 astronomicals?
You don't need the f.close() here - the context manager does it for you.
It's like being in the world's biggest ever lottery syndicate, except if you pick the winning numbers it gets sent to a specific other person who's website you're on. If someone, eventually, hits the jackpot then the owner of playxo.com is going to be very, very rich.
I mean, I'd assume, cynically.
The chances of anyone hitting a green wallet are still incredibly narrow, but you never know.
>>> import pandas as pd
df = pd.read_csv("btc_balance_sorted.csv")
df['balance'].apply(lambda x: x * 36902.7 / 100e6).describe()
count 3.359206e+07
mean 1.838824e+04
std 2.819739e+06
min 3.690270e-04
25% 2.871768e+00
50% 2.943913e+01
75% 2.652168e+02
max 1.063263e+10df["balance"].mul(36902.7).div(100e6)
See [0] for explanations
%time df['balance'].apply(lambda x: x * 36902.7 / 100e6).describe()
Wall time: 12.6 s
%time df["balance"].mul(36902.7).div(100e6).describe()
Wall time: 2.33 sTop 100 Richest Bitcoin Addresses:
https://bitinfocharts.com/top-100-richest-bitcoin-addresses....
What do you usually call someone who takes a thing from its owner without permission?
I find it rather revealing that so many anti-crypto blog posts offer no novel solutions, they only ramble on about how they know crypto isn't the solution. Seems rather uninspired to say you understand a problem domain but have no suggestions on how to solve the problem other than literally a solution that has already been tried at large scale and failed.
Sure, the gold standard in an alternate reality seems like a great idea, but we live in this reality where central powers were able to quite easily strip society away from this contract with barely any resistance.
There are actual laws in the US that if you find money, you are supposed to report it to the authorities, and if no one reports losing the money in some fixed time (30 days?) then you keep it.
If its scarcity isn't real, then why can't you conjure up an arbitrary number of bitcoins at will?
The whole point of cryptography is nobody could possibly guess these numbers within the lifetime of the universe. If this assumption is somehow proven wrong, we've probably got bigger problems than one person losing money.
Why wouldn't the same logic apply to any property?
You're reading the file in every process, this needs mem x N for N processes.
If you first read in the file, create the set, and then use multiprocessing, you will get forked processes sharing the parent's memory, i.e. only need 1 x N the memory.
Funny thing is even though it's throwaway code, ensuring everything worked as expected felt really high-stake since a bug would mean a found key would be lost!
Edit: Also not sure if shared memory would be slower in python3 (or if it was, whether it would matter in this use-case), but an interesting thing to profile.
multiprocessing also provides a way to access the OS' explicit shared memory usually used as an IPC mechanism.
Miners aren't brute forcing keys to existing wallets and stealing the bitcoin, as that's effectively impossible even for the biggest mining rig (like, a mining rig the size of the sun couldn't do it in a trillion years)
Technically miners could start mining by trying to guess private keys, but there's no reason to because the expected value is so so much worse.
Mining involves guessing a salt which, when added to data for a single block’s with of transactions, makes the hash have a certain sum of zeros.
They are only the same in that they are using randomness to search for some number satisfying a given criteria. But, for example, you couldn’t use mining hardware to search for wallets with open balances. The mining hardware is specially optimized for one thing only.
or more briefly: never
The opposite is true of finding private keys.
EDIT: Only 463439129036942 billion years, taking into account that there are effectively only 2^160 addresses.
"""Coincidentally, 2276709 is also the telephone number of a flat in Islington where Arthur once went to a party, met a nice girl, and lost her to a party-crasher. While the flat and telephone have been demolished along with Earth, they are forever linked to the fact that Arthur Dent and Ford Prefect—against all odds—are rescued 29 seconds after being ejected from the Vogon spaceship."""
2^256 is a very large number. If you could build a computer that required a single atom, and could test the balance of a single account in a single nanosecond, and then converted the entirety of the earth into such computers, it would take ~2.8 million years for you to check 0.01% of all accounts.
Brute-forcing modern cryptography isn't something that can happen. The magnitude of 2^256 is close to the count of atoms in the entire observable universe.
"... brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space."
I've always heard that even 2¹²⁸ is significantly larger than that number (which is closer to 2⁸⁰). This page seems to support that:
https://en.wikipedia.org/wiki/Observable_universe#Matter_con...
https://www.wolframalpha.com/input/?i=2%5E256 > ≈ 0.0012 × the number of atoms in the visible universe (≈ 10^80)
If you transfer the funds out, isn't that just theft? Is "guessing" a private key any different from guessing someone's bank details?
The blockchain has no concept of people/entities owning things, in that universe the ownership of an address is simply having its private key.
(Of course in the real meat-world we have courts, non-code-contracts, and rule of law. It would probably be criminal, in the same way finding a weakness in e.g PayPal and transferring peoples money is criminal)
Anyways, of course you can take those coins as when you're running Bitcoin you're strictly speaking not signing a TOS and nobody ever owned those coins.
What people keep private are signing keys for a transaction output. But if you found the key independently, they should be yours too.
My guess is that the court would recognize the first owner as the “real” owner, especially if they can show that they controlled the address up until some point.
In a similar vain condictio indebiti is a principle in maybe jurisdictions, where a receiver of a wrongful payment is required to return it. Even if the payment is made with crypto, the principle would probably stand if it’s practical to enforce.
2. having a court force someone to give bitcoin to someone else because they "don't own it" is also against what bitcoin stands for: decentralized. the blockchain decides who owns the bitcoin. regardless of how it got there. if some entity decides who should own what amount of bitcoin then the blockchain becomes irrelevant.
3. the blockchain is not irrelevant and is not under anyone's control (is it?). how can a court enforce bitcoin ownership transfer? if I burn the private key out of spite then good luck. you're not made whole, I don't have access to said bitcoin. now what? should I go to jail? what does that solve? it only tells the next guy to not brag about finding private keys left and right.
A judge might easily make a ruling that you "stole" the money. Don't expect the legal system to accept the notion that crypto is outside their jurisdiction, nor expect them to appreciate your complex tech arguments about why it's not really stealing.
States very much care what's going on within its borders, if its via services hosted outside them or not. And in some cases states will even care about what their citizens do outside their borders. For example, engaging in child sex tourism can have legal consequences even if the actual abuse happens in a foreign country.
Decentralization isn't magic. States will enact and enforce laws within their borders and they will have more tangible effects than any so-called "smart" contract.
In the trustless and decentralized system of Bitcoin (and other blockchain implementations), there is no concept of theft. If you misplace your private key you're on your own. There's no central authority to turn to. Similar if someone cracks your private key. That's the entire idea of the technology.
If you use bitcoin for money laundering, you're not gonna get in trouble with any bitcoin nodes. What a nation state will do if they find out is however a very different topic.
So if I were developing such a website as posted here ... I would obviously put an automated code that transfers any funds to my own wallet (if there is a non zero wallet discovered when rendering a page on the fly). Effectively just using the millions of global user's clicks as random seed spread over long time :)
How do they prove they were the previous owner and that it wasn't a legit transaction?
I would expect this website, in the rare event of discovering some positive balance, to try spending it right away...
Unless the author trusts in luck or has too much free time on their hands.
Edit: or waits for someone to check a page containing their own private key.
Hobbies of crypto millionaires?
Some people used those early addresses on purpose. Maybe for testing or something or I guess maybe due to a bug or something.
How is that possible. Same happened to me.
>> leads to the "end" page, it's not as I though a "big jump" from some random page... thus I suspect it's simply addresses that are low entropy, at the end of the range.
the first one having 7 BTC sent and received with the recent transaction in 2021-11-25 22:56. looks like its the wallet id 1.
also the 0 page haave some as well. looks like someone is monitoring those address.
https://www.blockchain.com/btc/address/1EHNa6Q4Jz2uvNExL497m...
Anybody can throw money and watch which robot will catch it.
Sometimes the addresses are reloaded (anybody can reload them by sending money to them). And usually when they are reloaded somebody grab the coins on the next block. The amount of money are not important ~1 USD.
Anybody that has guessed the private key can grab the money if he is aware that it has been reloaded, and then it has to pick the fees higher than the other so that his transaction get preferentially chosen by the miners.
The following address for example seems to be one of those bread crumbing bot : https://www.blockchain.com/btc/address/bc1q0ct0pus328qv2veln... (Note that the public address begins with (bc1q0ct0pus), (so presumably someone has searched for a private key whose public key has a fitting name for a bitcoin grabbing bot) that has managed to grab a few times recently from 1EHNa6... (the address whose private key is the first possible private key).
Presumably it has found other feeding spots as it has so far collected from different sources over the course of 1 year : 0.01274447BTC
I have an unencrypted btc wallet with a few hundred usd worth of btc as a canary.
It's not perfect of course.
mydogisthebestboye44
Damn it!
Did you mean to type something? Or just all stars?
Good to know I have a 1/2^256 chance to find a bitcoin billionaire's wallet. This feels only slightly more ludicrous than the guy who lost his bitcoin in a hard drive and went looking for it in a dumpster.
Russ Hanneman did it better: https://www.youtube.com/watch?v=aKXqZh43OH8
https://www.cbsnews.com/news/hard-drive-lost-bitcoin-landfil...
You don't need to find a specific private key, anyone will do that yields a public key that hashes to the BTC address.
That means the actual probability would be about 1/(2^135).
At a million hashes per second, that means you would likely find one after about 10^27 years.
Practically speaking, if you actually managed to get hundreds of thousands of bitcoin, you're going to have someone very interested in getting it back. The legal argument might not even concern you if the previous holder of those bitcoins thinks that most likely way to recover their money by hiring thugs to hurt you.
No, it's not so clear cut. Using a hacked password is illegal because it's unauthorized access to a computer[1]. The hacked passwords themselves are not illegal, otherwise sites like haveibeenpwned couldn't operate. In the BTC/crypto scenario, there's no unauthorized access occurring.
More than that, there's no link between a BTC address and a real identity. If I log into your bank account with a hacked password and get caught, law enforcement can quickly determine that I was trying to access something I didn't own because the bank has many details on the identity of the account owner. If I use a guessed private key to transfer BTC out of your wallet, how would you dispute my claim that I was the original owner of the wallet? Where's the proof that your private key wasn't the guessed copy?
> Practically speaking, if you actually managed to get hundreds of thousands of bitcoin, you're going to have someone very interested in getting it back. The legal argument might not even concern you if the previous holder of those bitcoins thinks that most likely way to recover their money by hiring thugs to hurt you.
lol This is just pure fantasy. People haven't even gotten their coins back from Mark Karpelès[2], and he's a very visible and public figure. If an anonymous person randomly generated a private key and moved coins, nobody's going to be sending thugs after them.
[1] https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
Thousands of bitcoin would hardly make any difference at this time. A surge will happen out of fear, but not for long.
Backstory is that ~15 years ago when upload ratio was important some person decided to generate a list and upload a torrent with such click bait name just to increase his/her ratio. It worked well.
I remember people used to share their C:/program Files/ directory
Too much capitalism can ruin anything.
Later realized that the number of combinations were impossibly large, although in some ways the models that generate photos of people that aren't real, etc are searching the same space just with a lot of direction on what they are searching for (as opposed to my math.rand implementation in Adobe flash that produced noise...)
Probably not the most efficient method of fitting a game onto a Gameboy cartridge!
And think of how many different images could all show the cure for cancer. Surely someone's seen it already!
Same thing if you check page 1.
How can it do that so fast?
The incentives are huge.
Encryption over time never holds up as well as people believe it is when it is initially created. I look at MD5, designed in 1991, declared broken and insecure by 2008. SHA1, designed in 1995, declared insecure in 2005.
When git moved away from SHA1, projects could move towards SHA2 because they were still active.
Satoshi's keys can not move to better encryption techniques as things evolve if he is dead. Thus eventually his keys should be broken unless we assume that progress in cryptography is dead, or it is a solved problem. Maybe we have finally solved it for one and all, but I suspect we haven't.
The chances of hitting a particular wallet you want to hack are 1/2^256 or some absurdly minuscule number, but the chances of hitting some wallet are higher because there are so many opportunities to get lucky.
The birthday paradox says that you need to try sqrt(N) before you have a collision, while here we still need to hit N/k (where k is the number of non-zero wallets) before we find a non-zero wallet, and the latter number is much bigger than the former.
Would have guess a far lower number. Almost suggests bots would have perhaps luck at hitting a live one. Which seems somewhat counterintuitive.
Maybe I just hit a range that is especially busy. Which in a way is even more ominous though since it should be random
* Tlon Uqbar Orbis Tertius describes an extreme Idealistic philosophy where things exist only as long as someone (something?) perceives them, which IMHO is an apt description of the digital world.
* Funes describes the life of a man with perfect recall: so perfect, in fact, that he is unable to classify things (e.g., stones, or dogs) due to the infinite amount of details that set every single object apart from every other. And in a way, don't ML algorithms work by teaching a computer to forget about these details?
* As far as I'm aware there are not taps published for a 256 LFSR.
But can anyone explain why I am able to find so many "yellow" ones (empty wallets that have previously made transactions)?
I expected going in to _only_ find "red" (never used) wallets and was surprised to find that was very much not the case.
That key might look large, but I believe it is actually the number 1 in WIF format. See here: https://learnmeabitcoin.com/technical/wif
If any of the website users ever finds a viable wallet, just import the wallet right away server side and move all the funds :)
Hard may be an understatement...
The property that a number contains all sequences is called being "normal". We assume π is normal, but we have never proven any number to be normal, except those specifically constructed to be that way (like 0.123456789101112131415161718192021...). And that's despite the fact that almost all real numbers are normal.
Exactly how much space?
2.89480223 × 10^52 yottabytes
How is it possible?
256bits? Not going to happen
Anyone who still uses 2^256 as key length deserves to have their bitcoins stolen. Form what I know modern wallets have their keys more like 2^4096, at least. Heck, even Satoshi did that with its wallet, you know the famous >1M bitcoins he mined at beginning.
Which runs its key generator using this open source code: https://github.com/SjorsO/keys-generator
-1 !== a.indexOf("1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm,") && (a = a.replace("1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm,", ""), r("5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf", 0, 1213)),
-1 !== a.indexOf(",1JPbzbsAx1HyaDQoLMapWGoqf9pD5uha5m") && (a = a.replace(",1JPbzbsAx1HyaDQoLMapWGoqf9pD5uha5m", ""), r("5Km2kuu7vtFDPpxywn4u3NLpbr5jKpTB3jsuDU2KYEqetqj84qw", 0, 19)),
-1 !== a.indexOf("1BFhrfTTZP3Nw4BNy4eX4KFLsn9ZeijcMm,") && (a = a.replace("1BFhrfTTZP3Nw4BNy4eX4KFLsn9ZeijcMm,", ""), r("5KJp7KEffR7HHFWSFYjiCUAntRSTY69LAQEX1AUzaSBHHFdKEpQ", 0, 165)),
axios.get(n + a).then((function(e) {
keys.forEach((function(t) {
o(3e3).then((function() {
var n = e.data[t.pub];
void 0 !== n && r(t.wif, n.final_balance / 1e8, n.n_tx)
}))
}))
}))
,
isOnFirstPage ? (a = keys.slice(1).map((function(e) {
return e.cpub
})).join(","), r("5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf", 0, 24)) : a = keys.map((function(e) {
return e.cpubDo you know our universe?
Nice, now choose a random atom. Yup, one single atom.
Randomly guessing your exact single atom is just a bit harder than guessing someone's private key in that way... considering that the number of atom in the observable universe is between 10^78 and 10^82 and not considering that there are a lot of wallets around.
The checker is bound to be unexhaustive because even with Bitcoins limited scripting, there are too many scripts to check. And with taproot it has gotten even cheaper to use complicated locking schemes.
0: https://www.blockchain.com/btc/address/1E984zyYbNmeuumzEdqT8...
1: https://www.blockchain.com/btc/address/1HZwkjkeaoZfTSaJxDw6a...
https://www.blockchain.com/btc/address/1PDSZN2qgFcuay1vVRxYo...
is/was there a way to get vanity keys from the 'first page'?
also last one:
https://playxo.com/bitcoin/904625697166532776746648320380374...
if a visitor to this site stumbles upon a jackpot, will the server be informed?
Good luck.
yes yes i know its still a shot in the dark but a man can dream.
Does this mean I’ve won the game?