This raises a really interesting question. Though it’s essentially impossible to figure out the key for any given wallet… if you download the blockchain and generate private keys as fast as you can, how often do you find one that has a balance? Will there just be some ongoing very low but decidedly nonzero risk of all of your assets vanishing some day if you’re not using multisig?
2^256 is a very large number. If you could build a computer that required a single atom, and could test the balance of a single account in a single nanosecond, and then converted the entirety of the earth into such computers, it would take ~2.8 million years for you to check 0.01% of all accounts.
Brute-forcing modern cryptography isn't something that can happen. The magnitude of 2^256 is close to the count of atoms in the entire observable universe.
This reminds me of a discussion a few years ago where someone was extremely adamant that you'd have to handle the chance of a key collision in a random 256-bit key for the system to be secure :)
"... brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space."
If you check 1 billion addresses a second, and there are 100 million addresses with a balance, then it would take on average roughly (2^256 / 10^8) * 10^-9 seconds, which
is 36717430630808027468154168254911183362909051 billion years.
EDIT: Only 463439129036942 billion years, taking into account that there are effectively only 2^160 addresses.
You could shorten that by recognising the address space is more like 2^160 in BTC, due to the address generation process, more than one private key can spend from a given address, technically.
"""Coincidentally, 2276709 is also the telephone number of a flat in Islington where Arthur once went to a party, met a nice girl, and lost her to a party-crasher. While the flat and telephone have been demolished along with Earth, they are forever linked to the fact that Arthur Dent and Ford Prefect—against all odds—are rescued 29 seconds after being ejected from the Vogon spaceship."""
Not easily, as you need to do an elliptic curve point x scalar multiplication, which takes tons of cycles on a CPU and even tons of gates on an ASIC. Please provide a link to hardware that can do it much faster...
Two or more of whatever you are using to perform the calculations? I mean it won't appreciably shorten the search time but it would double the processing rate.
Hashing hardware capability is typically measured in trillions per second (TH/s) so the math might be better using trillion instead of billion. As I understand it, the rental cost of 1 PH/s (which I think is one-thousand-trillion?) is about $10/hour. From that I think you could work out an actual cost to generate a collision!
Even taking the smaller value of 463439129036942 billion years at 1 billion/second (and therefore 463439129036942000 years at a quadrillion/second), at $10 / hour / PH/s, that’s $4.06e22, or ˜ 480 million years of Earth’s 2020 global nominal GDP.
One thing you can do that's quite lucrative for someone is to generate all the keys corresponding to common dictionary words like "dog" and "cat". The way I know someone is doing this is I was testing some transactions and somehow whatever I was sending was immediately vanishing. So someone out there has taken a dictionary and done this already.
I wonder if you could cut this down by focusing on know implementations and their random number generation. That is trying to figure out if weaker random number generation at any point was prevalent...
>> leads to the "end" page, it's not as I though a "big jump" from some random page... thus I suspect it's simply addresses that are low entropy, at the end of the range.
They're the trivial wallet addresses (close to the beginning and end of the search space). I would expect them to be used for debugging and testing in the early days.
> A private key is basically just a number between 1 and 2^256
It's like saying "I'm gonna pick a random number between 1 and a trillion", and then picking 999,999,999,995. Probably not a smart idea given that you don't want anyone else to be able to guess your number.
But the values are generally generated pseudo randomly by machine. This seems similar to the birthday problem, where the odds of encountering a value in a given range is higher than you'd expect.
The birthday problem means that the number of values you have to choose to have a 50% chance of a collision scales approximately with the square root of the size of the space. [0]
2^(256/2) is way, way bigger than the number of used bitcoin addresses, which is about 33 million according to this csv [1].
1. yes, generally and ideally the private key is generated pseudo randomly. But at the beginning or for testing, people might have manually picked a private key.
2. the birthday problem basically halves the exponent security wise. The rule of thumb: If you have N possible outcomes, then after around sqrt(N) guesses the probability of a collision approaches 0.5. So, for birthdays, it's 365 outcomes, so with 19 or 20 people your risk of collision already approaches a half. For BTC private keys, there are 2^256 possible, so with 2^128 guesses you'd approach a likely collision. Fortunately, that's still 1e38, so if you check 1e10 per second, you'd still need 1e20 years to get there.
ECDSA private keys can be arbitrary strings of random bytes of a certain length (unlike RSA, where we need to find prime factors). The first page is roughly the equivalent of using a low single digit number as your password.
Nah, it goes in an order. Base58check is used to convert byte arrays into the readable bitcoin addresses. So the the first address (5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf) has a byte array, in hex, of: 0000000000000000000000000000000000000000000000000000000000000001
Some people used those early addresses on purpose. Maybe for testing or something or I guess maybe due to a bug or something.
The site doesn’t need people’s luck to find any active wallet, cause it could operate without them. The probability is so small that any reasonable time spent on including a spending routine would be pointless.
Unless the author trusts in luck or has too much free time on their hands.
Edit: or waits for someone to check a page containing their own private key.
It's a game like feeding the birds to see which bird will be able to grab the bread first.
Anybody can throw money and watch which robot will catch it.
Sometimes the addresses are reloaded (anybody can reload them by sending money to them). And usually when they are reloaded somebody grab the coins on the next block. The amount of money are not important ~1 USD.
Anybody that has guessed the private key can grab the money if he is aware that it has been reloaded, and then it has to pick the fees higher than the other so that his transaction get preferentially chosen by the miners.
The following address for example seems to be one of those bread crumbing bot : https://www.blockchain.com/btc/address/bc1q0ct0pus328qv2veln... (Note that the public address begins with (bc1q0ct0pus), (so presumably someone has searched for a private key whose public key has a fitting name for a bitcoin grabbing bot) that has managed to grab a few times recently from 1EHNa6... (the address whose private key is the first possible private key).
Presumably it has found other feeding spots as it has so far collected from different sources over the course of 1 year : 0.01274447BTC
IMHO everyone interested in computer science should try some Borges, at least Ficciones. Many of his stories are so mind-boggingly close to many topics of interest in CS. Beside The Library of Babel, I can come up with at least two other examples:
* Tlon Uqbar Orbis Tertius describes an extreme Idealistic philosophy where things exist only as long as someone (something?) perceives them, which IMHO is an apt description of the digital world.
* Funes describes the life of a man with perfect recall: so perfect, in fact, that he is unable to classify things (e.g., stones, or dogs) due to the infinite amount of details that set every single object apart from every other. And in a way, don't ML algorithms work by teaching a computer to forget about these details?
I think you are missing how this would work. The scammer wouldn't scoop up the proceeds if it was a small account you were looking up, only if it was a whale. This is to prevent someone from figuring out it was a scam with a small account and only gain a few dollars from the scam.
I think you are missing something. If you have a wallet with very little or no money attached to it. And the you check for the correspoinding private key. If you find it - you "know" it works and then _might_ be inclined to try the key for a more serious wallet. But if not, then you know this site doesn't work and would have no inclination to try another key. If you enter important passwords or keys into random websites then this isn't about incentive but mere stupidity.
If you know the private key already, you just need to know which "page" it falls in, which should be documented somewhere as the pages are procedurally generated.
As a youngling I fell for this a couple times in my video games. Then I caught on and played along, seeing it as an in joke. Later I realized doing this provides social proof for the scammer. I still play video games and I call it out when I see it.
I'm curious whether anyone has ever actually stumbled on a wallet containing coins via this method of randomly walking all private keys. The odds are... not in one's favour
Obligatory reminder about the birthday problem - the probability that someone birthday is a particular day is 1/365, but the chances of two people in a group of 30 having the same birthday is very high - because the universe has so many combinations of people to work with.
The chances of hitting a particular wallet you want to hack are 1/2^256 or some absurdly minuscule number, but the chances of hitting some wallet are higher because there are so many opportunities to get lucky.
Yeah, but people seem to have found wallets already. This is more a reminder that the probability is a little different from the naive 1/total possibilities idea.
The birthday paradox speaks to the probability of having a collision, though - in other words, if you randomly try wallets, the probability that you hit one again that you've tried already. That probability is higher than the probability of hitting a non-zero wallet, once you've tried more wallets than there are non-zero wallets.
The birthday paradox says that you need to try sqrt(N) before you have a collision, while here we still need to hit N/k (where k is the number of non-zero wallets) before we find a non-zero wallet, and the latter number is much bigger than the former.
I doubt it actually works correctly. When I get a random number out of 904625697166532776746648320380374280100293470930272690489102837043110636675, it's the probably that it has the same amount of digits is ~1:9 and has at least 3 digits less is ~1:900. But i constantly get way smaller numbers.
It's like passively playing the world's worst lottery in terms of odds, but hundreds of thousands of times every second. It's fun but the odds are astronomically low.
I have a script[1] that generates a pub+private key and checks against a massive file[2]. The list of addresses loaded in memory as a python `set` so checking is O(1), but I feel like any optimisations are futile, you're basically rolling the die and hoping RNG will be on your side in this lifetime and universe of all possible universes.
You're assuming the crypto is flawless and forever hard, even with new computational paradigms.
We've shown time and time again that our undefeatable algorithms aren't.
Would you be comfortable if the Blockchain was frozen in time for a hundred years, after which you could withdrawal your balance? Would it be impervious over that time frame?
I mean...btc will eventually hit the supply limit. Sort of hilarious if all mining hardware was repurposed at that point to work on brute forcing instead
The supply limit is irrelevant in this case. In order to remain secure, the cost to attack Bitcoin must be proportional to the value represented by Bitcoin. Currently, when proof of work is performed, it is funded in large part by increasing a ledger value without a corresponding decrease elsewhere (aka "minting"). In the future, when proof of work is performed, transaction fees will need to increase in order to provide a similar incentive.
If the sum of the block reward and the transaction fees decreases, then that would result in fewer groups willing to perform proof of work calculations, and would be followed by a decrease in the proof of work difficulty in order to maintain ~1 block every ten minutes. That lowered difficulty then results in a lower cost to attack Bitcoin.
So, there must always, always be profit in running proof of work calculations. Not only that, but to maintain the security of the ledger, any increase in Bitcoin valuation must result in a proportional increase in proof of work expenditure across the entire network. It's an absolute disaster of a system.
Astronomical. You could convert every computer into existence into hunting for used private keys, and run them for the lifetime of the universe, and you’d be unlikely to find even one used key.
Well, theoretically, instantly. But that’s kind of like asking what if I had this potion that instantly cured every disease known to man and then some, what would happen. What sort of quantum computer are you talking about? How many qubits?
BTC addresses that have never sent BTC are not vulnerable to quantum computers as the public key is only sent when a transaction is made. The address you send to is a hash of the public key and irreversible even with quantum computers
How do the units work there? The dimensions would be time^(1/2)... That isn't a physical time.
It's it the number of operations which is the square root? (Presumably the different types of computer don't take the same amount of time per operation)
Quantum computers can be used to crack public keys for a bitcoin account yes, but an addresses public keys are only published when a transaction is made
Best practice for secure bitcoin accounts is to always send the entire balance when making a transaction, and have the "change" go back to a new address
They really can't though. Asics are designed to do the SHA2(SHA2()) function over and over again. A private key is any number between 1 and 2^256 power. An ASIC arguably couldn't even perform the operations to query the Bitcoin blockchain and see how many unspent UTXO's the private key's corresponding public key controls.
Mining involves guessing a salt which, when added to data for a single block’s with of transactions, makes the hash have a certain sum of zeros.
They are only the same in that they are using randomness to search for some number satisfying a given criteria. But, for example, you couldn’t use mining hardware to search for wallets with open balances. The mining hardware is specially optimized for one thing only.
Miners aren't brute forcing keys to existing wallets and stealing the bitcoin, as that's effectively impossible even for the biggest mining rig (like, a mining rig the size of the sun couldn't do it in a trillion years)
I mean, I found 10 used wallets not within 1000 pages of the first nor last page of his website in roughly 5 minutes.
I’m fully aware behind the math of finding a wallet actually holding anything… but I was fairly weirded out to come across 10 wallets that quickly. Most had their last txn out roughly 2019.
You didn’t come upon those wallets by chance. Whatever rules the site uses to order wallets isn’t unique and some other (insecure) wallet generator uses the same technique.
That or someone is actually using the site to come up with wallet keys.
I've noticed that there are a few hardcoded ones on the final page, where the account exists and the key is wrong.
I'd say odds are that the website is wrong, but you can always load those keys in a wallet and see if they give you control over the actual address.
If that works, I'd assume it's the case that some people have used weak keys (for example, a popular Ethereum wallet would actually generate 256 bits of entropy but accidentally truncate it to 32 bits in an operation), and any funds in those wallets will have been snagged long ago.
Point being: generate a private key properly, and no one will ever find it.
EDIT: I realize this is another page then the one I've seen previously, but I think the same idea applies. That one had support for Ethereum, too, and on the final page was an account with a balance.
So not random at all, other people had exactly the same idea as you and picked the same numbers. I would have been more surprised to see zero traffic at those addresses to be honest.
By many orders of magnitude, I think. There are only estimated to be 10^24 or so stars, which is a lot less than 2^256, right. Astronomical is not in the same league.
There are an estimated 10^80 fundamental particles (quarks, electrons, photons... mostly photons) in the observable universe, which is pretty close to 2^256 as these things go. "Cosmological" doesn't have quite the same ring to it though.
Even if we measure the widest distance (width of the known universe) by the smallest unit (planck length), we only get to 10^61, which is still 16 orders of magnitude away.
Find the key in no time, but how much time for the information to reach us? If it's a cube close by, then great, but most of them would still be millions of light years away.
Average wallet won't have much in it. On the other hand writing an article with a semi proof of this would affect the bitcoin economy, whether deservedly or not.
As they say "the unstoppable law of unbreakable code". You will become the "rightful" owner of those tokens, unless they happen to belong to one of the Not-The-Owners of that particular blockchain. If they are, they will just fork a blockchain removing your money from your wallet. Vitalik and Co already did this with Ethereum after TheDAO contract execution as designed, because their own funds were affected.
Why a thief? Bitcoin is a silly idea based on scarcity that doesn't exist.
If someone generated the right numbers by chance and had luck, I wouldn't say they'd be doing anything wrong getting whatever is there.
It's not the same as stealing data, and is not the same as hacking into a banking system. It's decentralized, and there isn't the concept of real scarcity. It's not even hacking.
Except that they aren't taking anything from anyone. It's information. They might be copying it. And you might argue things like privacy count, and I'd be willing to hear your reasoning, but this shouldn't be like magic.
Yeah, someone was silly to pay hard earned money in exchange from useless tokens. It was a gamble. If the useless tokens get stolen, I'm sorry to say, but whoever paid for BTC already lost their wealth in the first place when they converted whatever they had before for it.
The balance of your bank account is similarly “information”. But since everyone places value on that information, it’s valuable.
And these days, they way society is using traditional currency is become less tangible all the time. It’s is 100% possible to live life with never touching physical currency. Get paid via direct deposit, credit cards for your daily expenses, ACH your housing bill and credit card expenses. All just information flowing around.
Crypto is certainly overhyped and overvalued days, but it’s seems that at the core, crypto and modern banking are accomplishing the same thing: managing numbers(information) that people value.
The key difference is that one of these things has the backing and approval of recognized governments who also control law enforcement, while the other is just some guys on the internet. I'm not so sure "finding a pre-existing bitcoin wallet I can claim, and doing so" is really any different than "generating hashes until the blockchain hands me a prize".
That's not an argument. In any case, more and more governments are now recognizing crypto as something real, and are coming onboard. E.g. most recently Dubai.
No. Invalid comparison. If you legitimately discover a cryptocurrency wallet private key by sheet lucky, and such cryptocurrency has no backing = is based in pure thin air, such as the case of Bitcoin, and there are public nodes which doesn't require you to abide by contracts that would forbid you to do so (which is supposedly all nodes), you're good to use that as you wish and it won't be a crime.
It's unethical to steal something tangible. Bitcoin has no tangibility whatsoever. You can't steal it.
Property is legally defined as 'Not only money and other tangible things of value, but also includes any intangible right considered as a source or element of income or wealth.'
That includes protectable ideas, digital files, financial instruments (like stocks and bonds, loans and credits), computer graphics, certain arrangements of words and quite a bit more.
---
What does tangibility mean to you? That allows you steal the examples in the second paragraph without legal reprecussions nor ethical dilemmas?
> Except that they aren't taking anything from anyone. It's information. They might be copying it.
It's true that information is infinitely abundant. However, unlike copyrighted works, private keys are not supposed to be shared. There should never be more than one copy of that number in the entire universe. If people can brute force keys by guessing, we've probably got bigger problems.
Obtaining that number without authorization is already a crime. Accessing computers illegally to exfiltrate data is already a crime. Breaking into a physical safe in order to obtain a paper key is already a crime.
> Obtaining that number without authorization is already a crime. Accessing computers illegally to exfiltrate data is already a crime. Breaking into a physical safe in order to obtain a paper key is already a crime.
Sure thing. Hence, the importance of analyzing each case individually.
If unauthorized computer access is used, sure thing a crime was committed.
If someone created a wallet using a stupid wallet generator which used this website to "create" private keys, and someone else also had this silly idea, and someone deposited Bitcoin on a wallet created by this mean and and someone else took it, then no crime was committed.
You don't even need the website. Cryptographic keys are just numbers. All data is just numbers. You can write simple code to generate all numbers from zero to infinity and it will eventually generate all cryptograhpic keys, all computer files, all copyrighted works, all hate speech, all child abuse material, everything that can possibly be represented as data.
The thing is the search space is so unfathomably large that such a program will never produce useful results. This is central to cryptography. If a private key is copied, it must have been done so illegally or accidentally. Any other option means the cryptography is defective.
This is the complete opposite of copyrighted works whose entire purpose is copying. The data is already known and they're hopelessly trying to regulate access to it.
> If a private key is copied, it must have been done so illegally or accidentally. Any other option means the cryptography is defective.
I agree if you're talking about an evidence such as a high-quality video or even photo with everything leading us to believe it's legit. However, we can not be as confident if we're talking about a BTC token. While extremely unlikely, there might be faulty algorithm implementations, problems with the algorithm, etc., that might lead to this situation.
Very unlikely? Sure, but we've to give the benefit of the doubt.
I think this is an underrated assessment, which I also always feel. The technological genie is out of the bottle, we all wish it was more energy efficient and hope it soon will be. But I think everybody deep down feels like they should have gotten some BTC in 2012 ;)
Tbh, I did get some early but I ordered sushi (thuisbezorgd.nl accepted btc) and raspberry pi stuff from Pi Hut for amounts that make me cry in retrospect. Still, I'm not that 10k BTC pizza guy so there's that.
exactly. Honestly, Bitcoin is very efficient with its energy usage. The economics encourage miners to find untapped energy sources, such as;
methane gas that would otherwise be flared, excess hydro power when flood water demands a dam be open beyond capacity, solar farms during the peak of the day when they generate too much electricity. Hardly anybody plugs into the wall and buys electricity at market rate; it's too expensive
Henrique Vicente (henvic, the person you are replying to) wrote what is basically a 5 page essay on how much he dislikes Bitcoin in 2021: https://henvic.dev/posts/bitcoin/
Basically parroting the same thing other people have been saying for years, absolutely no unique insight. He is so angry he missed the train, he just had to let it all out.
Don't worry Henrique, Bitcoin will go to $0 any day now!
Bitcoin has a hard cap on how many will ever be in existence. If that's not the definition of real scarcity, then what is? Your implication that bitcoin is easily divided somehows means it isn't finite is simply wrong. Firstly it's not infinitely divisible, secondly things that _are_ infinitely divisible do not just become inflated simply because this property exists.
I find it rather revealing that so many anti-crypto blog posts offer no novel solutions, they only ramble on about how they know crypto isn't the solution. Seems rather uninspired to say you understand a problem domain but have no suggestions on how to solve the problem other than literally a solution that has already been tried at large scale and failed.
Sure, the gold standard in an alternate reality seems like a great idea, but we live in this reality where central powers were able to quite easily strip society away from this contract with barely any resistance.
Show me a single node operator or developer that has stated they would consider ever raising the hard cap on bitcoin. Until then you're just making up FUD for the sake of being argumentative.
My father always said, if you find something, and it isn't yours, it belongs to someone else.
There are actual laws in the US that if you find money, you are supposed to report it to the authorities, and if no one reports losing the money in some fixed time (30 days?) then you keep it.
Get real. You're not getting anyone's property if you discover a private key by accident that that a distributed blockchain with no owner accepts to transfer a token in a virtual wallet like that. We're talking about something non-fungible and not scarce.
Bitcoin's supposedly scarcity is a joke that doesn't make any sense whatsoever.
> If someone generated the right numbers by chance and had luck
The whole point of cryptography is nobody could possibly guess these numbers within the lifetime of the universe. If this assumption is somehow proven wrong, we've probably got bigger problems than one person losing money.
While I don't agree with this like of reasoning I think a potential counter argument would be that in crypto currency ownership is determined by access to private keys and not other traditional means (essentially this argument says its not stealing because ownership is determined by access).
Ignoring the prospects, this is a neat case to explain sharing memory in multiprocessing.
You're reading the file in every process, this needs mem x N for N processes.
If you first read in the file, create the set, and then use multiprocessing, you will get forked processes sharing the parent's memory, i.e. only need 1 x N the memory.
Funny thing is even though it's throwaway code, ensuring everything worked as expected felt really high-stake since a bug would mean a found key would be lost!
Edit: Also not sure if shared memory would be slower in python3 (or if it was, whether it would matter in this use-case), but an interesting thing to profile.
multiprocessing relies on the OS' fork() to share the memory transparently to the child(ren). The pages containing the memory will refer back to the same physical page until they're written to. This is what grandparent meant by "sharing memory".
multiprocessing also provides a way to access the OS' explicit shared memory usually used as an IPC mechanism.
multiprocessing's "shared memory" facility is for writable memory.
What I described is extremely handy as you simply move the parsing code up in the script, before your function definition, and "magically" gain memory efficiency.
I agree with your comment, just FYI you could avoid apply on a pandas Series since it loops over every row in Python space. It's much faster to use vectorized operations directly e.g.:
It's like being in the world's biggest ever lottery syndicate, except if you pick the winning numbers it gets sent to a specific other person who's website you're on. If someone, eventually, hits the jackpot then the owner of playxo.com is going to be very, very rich.
I mean, I'd assume, cynically.
The chances of anyone hitting a green wallet are still incredibly narrow, but you never know.
It get sent to your own private key which everyone else would also have trouble finding. Playxo.com wouldn't get anything out of it, anyone and everyone can have all the private keys of everyone else, playxo's operator or server wouldn't know which private key things are going to, and neither would any other human.
but anyone can do that. you don't need an API to tell you if the address has a balance if you have the private key, you just check your own copy of the blockchain.... just like they are doing...
When you visit a page, they generate all the private keys on the page and check for balances. If you happen upon a key that actually has a balance, they will clean it out before you can.
I kind of doubt it, the browser makes a request to blockchain.info to check the balances. If they wanted to do what you are saying they'd make that request somewhere one the backend.
they check balance by JS in blockchain, i no see in JS code they got info about result. If someone find btc wallet of Satoshi im sure what he got in donate (link exist :) ) enough for him ;)
i personally like this idea. free lotto :)
Have you explored the space of "poorly generated keys"? I assume someone has screwed up their key generation at some point in a predictable way, and that's a much smaller space than every possible way.
I always wanted to make a lottery which randomly bruteforces against Satoshis initially mined coins. Therefore you won't harm a financial institution on the way to win.
The property that a number contains all sequences is called being "normal". We assume p is normal, but we have never proven any number to be normal, except those specifically constructed to be that way (like 0.123456789101112131415161718192021...). And that's despite the fact that almost all real numbers are normal.
Couple years ago there was a similar site with the same idea about listing all private keys. If you "found" an active address it was immediately emptied. (I am not sure if it had a search bar or you had to edit the URL)
I found this a while back, but even though the public addresses can receive ETH, I believe they can't be claimed due to something like the private keys being invalid for transaction signing purposes.
So, after a few minutes on the site, I found a half-dozen private keys with several transactions, but zero balance. Is the key-space so densely populated that this is expected?
Edit: Never mind, I'd misclicked on the "last page" button, which has a page with a fair few transactions showing.
It is a far lower number. Are you checking random pages or browsing from the beginning? If you check random pages you're unlikely to even find a single page with a tx.
Just re-checked...the answer is a lot less mundane than theorized.
I wasn't clicking on next button I was repeatedly hitting last page button...and last page for whatever stats reason has does indeed have a freakishly high high number of used addresses
Reminds me pretty popular torrent from old times named something similar to "List of all IPv4 addresses - every hacker must have". Sadly I am not able to remember exact name and find it anymore.
Backstory is that ~15 years ago when upload ratio was important some person decided to generate a list and upload a torrent with such click bait name just to increase his/her ratio. It worked well.
i loved using kazaa or hotline because you could browse other peoples directories, sometimes with random odd or forgotten files . It was a unique kind of communication / learning from other people's file organization habits
If you actually did stumble upon a key with a balance, would you steal it? I think I would and I wouldn't even feel bad about it even though logically I know it's a horrible thing to do.
This website contains all Bitcoin private keys in the same sense that a Turing complete computer can solve any programming problem, or the way that a suficient quantity of certain chemicals in the right environment will eventually evolve into all possible life-forms that will ever exist in the universe.
If you guess someone’s bank details and steal their money, in many jurisdictions the account owner would have some recourse against the bank and is likely to be made whole (not an easy or enjoyable process I’ll admit) - so I guess that’s one key difference.
Yeah, it's the bank you would be stealing from, through fraud (impersonation, I guess). But Bitcoin is decentralized, so you wouldn't be stealing from anyone?
Not if the bank scenario holds. There is no legal persona associated with bitcoin nor the block chain. There's also no money there. Someone else took it already.
No. You're not stealing from anyone. It's decentralized and bits have no owner.
If you say 'hey, here is my Bitcoin transaction' and others accept, and you just had luck to find a valid address, it is not the same as stealing. Bitcoin has no value.
That isn't true, although you might like the philosophical debate around that, a judge is still going to make you pay the person back and/or give you a prison sentence if it's proven that you are the original owner of the keys. He's going to laugh at your digital philosophy as he slams his hammer down upon judgement.
If you steal someone's BTC coins in this way - don't expect to be able to talk about it publicly.
A judge might easily make a ruling that you "stole" the money. Don't expect the legal system to accept the notion that crypto is outside their jurisdiction, nor expect them to appreciate your complex tech arguments about why it's not really stealing.
Wait, do you also think international companies are above the law?
States very much care what's going on within its borders, if its via services hosted outside them or not. And in some cases states will even care about what their citizens do outside their borders. For example, engaging in child sex tourism can have legal consequences even if the actual abuse happens in a foreign country.
Decentralization isn't magic. States will enact and enforce laws within their borders and they will have more tangible effects than any so-called "smart" contract.
In the trustless and decentralized system of Bitcoin (and other blockchain implementations), there is no concept of theft. If you misplace your private key you're on your own. There's no central authority to turn to. Similar if someone cracks your private key. That's the entire idea of the technology.
If you use bitcoin for money laundering, you're not gonna get in trouble with any bitcoin nodes. What a nation state will do if they find out is however a very different topic.
If you go by the whole “code is law” approach talked about by some crypto people, then I guess it wouldn’t be theft?
The blockchain has no concept of people/entities owning things, in that universe the ownership of an address is simply having its private key.
(Of course in the real meat-world we have courts, non-code-contracts, and rule of law. It would probably be criminal, in the same way finding a weakness in e.g PayPal and transferring peoples money is criminal)
I don't know if "code is law" has to be invoked here. Isn't that a HN-specific strawman argument?
Anyways, of course you can take those coins as when you're running Bitcoin you're strictly speaking not signing a TOS and nobody ever owned those coins.
What people keep private are signing keys for a transaction output. But if you found the key independently, they should be yours too.
Of course it depends on jurisdiction, but it would be really interesting to see what would happen if someone got their hands on keys of some commercial organizations’ wallet and then publicly announced (according to the premise that they are the rightful owner). E.g by using a PRNG-weakness in some HSM or something, i.e no entry into their networks etc.
My guess is that the court would recognize the first owner as the “real” owner, especially if they can show that they controlled the address up until some point.
In a similar vain condictio indebiti is a principle in maybe jurisdictions, where a receiver of a wrongful payment is required to return it. Even if the payment is made with crypto, the principle would probably stand if it’s practical to enforce.
Does a court even have a mandate over something that it cannot enforce anyways? What's the point of a court deciding something about Bitcoin ownership? I'd just embarass itself, wouldn't it?
I think my point is that Bitcoin isn’t different (in some aspects) compared to other asset.
If a company accidentally sent a bundle of cash via registered mail to the wrong person, the recipient (if known) would probably have to return that cash after a court ruling.
If Coinbase made an erroneous transfer of BTC to one of their customers (whose identities they know), the recipient would probably have to return the bitcoins after a court ruling.
If the recipient of the mailed cash is unknown, or the person associated with the receiving wallet is unknown, then the court could obviously do nothing. But that inability is a function of the knowledge about the parties involved, not of the underlying technologies.
Bitcoin obviously makes it much easier to be unknown to the judicial system. But in my view, for it to be completely not-theft, the recipient should be able to announce publicly what he has done without fear of repercussions.
Similar to how e.g digging up historical artifacts in some jurisdictions is a legal way to gain ownership of something that previously had a different owner.
yeah but re-generating a private key as a secondary owner isn't akin to any ownership concept in the real world and so I doubt that the law already has a playbook on how to handle such a situation.
Re-generating a private key for outputs that have spendable Bitcoins isn't like sending letters to the wrong person.
They might depending on how they loaded the money into said wallet. Considering most $ to bitcoin exchanges seem to log everything they likely would be a good way to prove that it is [your] $. Of course that assumes [you] haven't put it through anything like a tumbler.
They probably could by transactions linked to the public key that matches the private key and can be verified by law enforcement and witnesses that know the actual owner.
1. isn't bitcoin essentially worth $0 at that point? the technology is provably not safe and everyone will (should?) dump. getting it back is pointless. If I drag it out for a week or two it might not even make it to small claims.
2. having a court force someone to give bitcoin to someone else because they "don't own it" is also against what bitcoin stands for: decentralized. the blockchain decides who owns the bitcoin. regardless of how it got there. if some entity decides who should own what amount of bitcoin then the blockchain becomes irrelevant.
3. the blockchain is not irrelevant and is not under anyone's control (is it?). how can a court enforce bitcoin ownership transfer? if I burn the private key out of spite then good luck. you're not made whole, I don't have access to said bitcoin. now what? should I go to jail? what does that solve? it only tells the next guy to not brag about finding private keys left and right.
I am interested on the simple technical answer for this. Is it possible to simply take funds out if you stmble across or happen to randomly generate a valid private key?
So if I were developing such a website as posted here ... I would obviously put an automated code that transfers any funds to my own wallet (if there is a non zero wallet discovered when rendering a page on the fly). Effectively just using the millions of global user's clicks as random seed spread over long time :)
you can do that now, and without a website, obviously. You probably need to do it more than trillions of years, but go ahead. You might be lucky (though it's more likely that you crash in a plane, or, for that matter, that a plane crashes on your house, in the meantime).
but that's the point of this website. all the computation is done on the thousands of clients generating these keys. its only a matter of time (and some luck) until a green wallet is hit. if the site owner is malicious then it will actually empty the wallet in the background and show it red in the front.
> Finding an active wallet is hard, but not impossible. Every time you open a random page, you have a chance of finding someone else's fortune.
Good to know I have a 1/2^256 chance to find a bitcoin billionaire's wallet. This feels only slightly more ludicrous than the guy who lost his bitcoin in a hard drive and went looking for it in a dumpster.
I think he's in the same category as those startups that try to make a technology that has been repeatedly proven to be nonviable, like wireless power transmission or ducted windmills. His plans don't make sense. The government has made it clear that there will be no excavation. But that doesn't seem to matter, it's such an attractive story and there's such a mania for bitcoin that he can find backing anyway.
I have had a crappy life, abused sexually and physically when a child, but trust me whenever I re-hear about that guy losing his hard drive with BTC in it, I am like, yikes.
I've had both, and I'd promptly forget about the bitcoins for the ability to have lived an un-fucked life (which would pay for itself more readily too).
What do you mean by "regenerate"? A wallet (if not used to referring to the software to manage one) is just "the funds under control of this private key".
Word of advice: don't go looking for your private keys. If someone was malicious they could log all fetched pages and scan those for keys with funds attached. The act of looking up a specific key is revealing information.
Let's play a game just to visualize how unlikely this is.
Do you know our universe?
Nice, now choose a random atom. Yup, one single atom.
Randomly guessing your exact single atom is just a bit harder than guessing someone's private key in that way... considering that the number of atom in the observable universe is between 10^78 and 10^82 and not considering that there are a lot of wallets around.
Just curious. Legally speaking. If someone was to "guess" the private key to an account with hundreds or thousands of bitcoin, could they legally move the bitcoin and take control of it? Or is it just as much an act of theft as guessing someone's car door code and driving off with the car? I can't imagine there is any legal precedent for such a thing.
Legally stealing you still committed theft. Just because you have the technical ability to pick a lock doesn't give you the right to enter a room and take someone else's stuff. And there is a lot of legal precedent that hacking weak passwords is still hacking (also an illegal act even if you don't steal anything) and the theft of digital goods is still theft.
Practically speaking, if you actually managed to get hundreds of thousands of bitcoin, you're going to have someone very interested in getting it back. The legal argument might not even concern you if the previous holder of those bitcoins thinks that most likely way to recover their money by hiring thugs to hurt you.
> Legally stealing you still committed theft. Just because you have the technical ability to pick a lock doesn't give you the right to enter a room and take someone else's stuff. And there is a lot of legal precedent that hacking weak passwords is still hacking (also an illegal act even if you don't steal anything) and the theft of digital goods is still theft.
No, it's not so clear cut. Using a hacked password is illegal because it's unauthorized access to a computer[1]. The hacked passwords themselves are not illegal, otherwise sites like haveibeenpwned couldn't operate. In the BTC/crypto scenario, there's no unauthorized access occurring.
More than that, there's no link between a BTC address and a real identity. If I log into your bank account with a hacked password and get caught, law enforcement can quickly determine that I was trying to access something I didn't own because the bank has many details on the identity of the account owner. If I use a guessed private key to transfer BTC out of your wallet, how would you dispute my claim that I was the original owner of the wallet? Where's the proof that your private key wasn't the guessed copy?
> Practically speaking, if you actually managed to get hundreds of thousands of bitcoin, you're going to have someone very interested in getting it back. The legal argument might not even concern you if the previous holder of those bitcoins thinks that most likely way to recover their money by hiring thugs to hurt you.
lol This is just pure fantasy. People haven't even gotten their coins back from Mark Karpelès[2], and he's a very visible and public figure. If an anonymous person randomly generated a private key and moved coins, nobody's going to be sending thugs after them.
The reason why I think it will be eventually cracked is that technology moves forward and old encryption techniques need to be upgraded, but if Satoshi is dead, he will never upgrade his key. This means that eventually it will be crackable.
Encryption over time never holds up as well as people believe it is when it is initially created. I look at MD5, designed in 1991, declared broken and insecure by 2008. SHA1, designed in 1995, declared insecure in 2005.
When git moved away from SHA1, projects could move towards SHA2 because they were still active.
Satoshi's keys can not move to better encryption techniques as things evolve if he is dead. Thus eventually his keys should be broken unless we assume that progress in cryptography is dead, or it is a solved problem. Maybe we have finally solved it for one and all, but I suspect we haven't.
There is nothing to crack. You "just" need to guess it. It is impossible for the foreseeable future with technology as we understand it today, and if it becomes possible, then a lot of other things have to change. In other words, if it ever happens, by that time BTC will have become irrelevant.
This is like when you learned programming 20 years ago and realized that if you randomly generated a 300x300 pixel image you could get a nude picture. Exciting until you learned how to calculate the odds…
At what point does brute forcing wallet private keys become more lucrative for miners than mining? Presumably you can use almost identical hardware too.
I was fascinated by a similar idea as a child, generating images of everything that has been, could be, or will be by exhaustively going through the possible combinations of pixels for some fixed size of image.
Later realized that the number of combinations were impossibly large, although in some ways the models that generate photos of people that aren't real, etc are searching the same space just with a lot of direction on what they are searching for (as opposed to my math.rand implementation in Adobe flash that produced noise...)
Wow, I had this same idea as a kid too! I daydreamed about all the cool images you could generate. For example, you could create an image that describes the cure for cancer, because that's just another image, right?
I remember being very young and theorizing that video games worked by having every possible frame that could exist for the game loaded onto them, and as you pressed buttons the game would show you the appropriate frames for your scenario. I guess because I had something of an understanding of how movies worked, I just assumed video games would be exactly the same.
Probably not the most efficient method of fitting a game onto a Gameboy cartridge!
This actually caused me some grief as I began to learn more about computers. As soon as I realised everything was finite, I began to think about exhausting that space. Still today I don't like to think of all the computers everywhere generating billions of sha1 hashes every second. It makes me uneasy. I believe this comes from a natural tendency to seek sustainability which, sadly, most people don't seem to have.
What if my utxo is a taproot output? The page only shows base52 addresses. What if they are additionally locked with hash like Lightning channels are?
The checker is bound to be unexhaustive because even with Bitcoins limited scripting, there are too many scripts to check. And with taproot it has gotten even cheaper to use complicated locking schemes.
Quote: "A private key is basically just a number between 1 and 2^256"
Anyone who still uses 2^256 as key length deserves to have their bitcoins stolen. Form what I know modern wallets have their keys more like 2^4096, at least. Heck, even Satoshi did that with its wallet, you know the famous >1M bitcoins he mined at beginning.
Thanks. So each of these potential private keys that show up on a page would only have one corresponding public key? I guess I forgot how basic private/public key encryption works (again).
As far as I have found, the yellow ones appear on the first pages and last pages. The first key listed is this: 5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf
Somewhat related: Every once in a while someone sends BTC to the wallet you get when you generate a private key based on hashes of the word "bitcoin"[0] and the empty string[1].
I predicted/realized something like this was possible, years ago, back when I first read the Bitcoin paper. The trick is that its a gigantically gigantic range of numbers
“When it was proclaimed that the Library contained all books, the first impression was one of extravagant happiness. All men felt themselves to be the masters of an intact and secret treasure. There was no personal or world problem whose eloquent solution did not exist in some hexagon. The universe was justified, the universe suddenly usurped the unlimited dimensions of hope.” — Jorge Luis Borges
second column, there is keys. you can import them without problem.
no, server not will be informed, they check balance by javascript on blockchain.com, not on server side.
reply