RIPEMD-160 bitFlyer USA

Generate bitcoin address with numbers in python

I have been trying to get the code to increment (loop) to other numbers like 2,3,4.... But it stops at the default which is 1... import argparse import hashlib from binascii import hexlify, unhexlify from struct import Struct from utils import g, b58encode, b58decode PACKER = Struct('>QQQQ') def count_leading_zeroes(s): count = 0 for c in s: if c == '\0': count += 1 else: break return count def base58_check_encode(prefix, payload, compressed=False):

Add version byte in front of RIPEMD-160 hash (0x00 for Main Network)

s = prefix + payload if compressed: s = prefix + payload + b'\x01'

Add the 4 checksum bytes at the end of extended RIPEMD-160 hash. This is the 25-byte binary Bitcoin Address.

checksum = hashlib.sha256(hashlib.sha256(s).digest()).digest()[0:4] result = s + checksum return '1' * count_leading_zeroes(result) + b58encode(result).decode() def pub_key_to_addr(s): ripemd160 = hashlib.new('ripemd160') hash_sha256 = hashlib.new('SHA256')

Perform SHA-256 hashing on the public key

hash_sha256.update(bytes.fromhex(s))

Perform RIPEMD-160 hashing on the result of SHA-256

ripemd160.update(hash_sha256.digest()) return base58_check_encode(b'\0', ripemd160.digest()) def int_to_address(number): number0 = number >> 192 number1 = (number >> 128) & 0xffffffffffffffff number2 = (number >> 64) & 0xffffffffffffffff number3 = number & 0xffffffffffffffff private_key = hexlify(PACKER.pack(number0, number1, number2, number3)).decode("utf-8") print('Converting from: ' + str(int(private_key, 16))) compressed_key = base58_check_encode(b'\x80', unhexlify(private_key), True) print('Private key: ' + compressed_key)

address

x, y = str(g * int(private_key, 16)).split() len1 = len(x) len2 = len(y) if len1 != 64: z = 64 - len1 x = '0'z + x if len2 != 64: z = 64 - len2 y = '0'z + y compressed_public_key_with_out_prefix = x + y pk_prefix = '02' if not int(compressed_public_key_with_out_prefix[64:], 16) % 2 == 0: pk_prefix = '03' compressed_public_key = pk_prefix + compressed_public_key_with_out_prefix[:64] print('Public key: ' + compressed_public_key) print('Bitcoin address: ' + pub_key_to_addr(compressed_public_key)) def wif_to_key(wif): slicer = 4 if wif[0] in ['K', 'L']: slicer = 5 return hexlify(b58decode(wif)[1:-slicer]).decode('utf-8') def main(): parser = argparse.ArgumentParser(description='Generates private key, public key and wallet address from number') parser.add_argument('number', type=int, nargs='?', default=1, help='A required integer number argument') args = parser.parse_args() int_to_address(args.number)

int_to_address(12345678900987654321)

if name == "main": main()
Please, how do I make it to increment to other numbers.. The full code is on github https://github.com/PaulGregoBitcoin-Keys-Generatoblob/mastegenerators.py
submitted by Far-Onion-4112 to Bitcoin [link] [comments]

Reddcoin (RDD) 02/20 Progress Report - Core Wallet v3.1 Evolution & PoSV v2 - Commits & More Commits to v3.1! (Bitcoin Core 0.10, MacOS Catalina, QT Enhanced Speed and Security and more!)

Reddcoin (RDD) Core Dev Team Informal Progress Report, Feb 2020 - As any blockchain or software expert will confirm, the hardest part of making successful progress in blockchain and crypto is invisible to most users. As developers, the Reddcoin Core team relies on internal experts like John Nash, contributors offering their own code improvements to our repos (which we would love to see more of!) and especially upstream commits from experts working on open source projects like Bitcoin itself. We'd like tothank each and everyone who's hard work has contributed to this progress.
As part of Reddcoin's evolution, and in order to include required security fixes, speed improvements that are long overdue, the team has up to this point incorporated the following code commits since our last v3.0.1 public release. In attempting to solve the relatively minor font display issue with MacOS Catalina, we uncovered a complicated interweaving of updates between Reddcoin Core, QT software, MacOS SDK, Bitcoin Core and related libraries and dependencies that mandated we take a holistic approach to both solve the Catalina display problem, but in doing so, prepare a more streamlined overall build and test system, allowing the team to roll out more frequent and more secure updates in the future. And also to include some badly needed fixes in the current version of Core, which we have tentatively labeled Reddcoin Core Wallet v3.1.
Note: As indicated below, v3.1 is NOT YET AVAILABLE FOR DOWNLOAD BY PUBLIC. We wil advise when it is.
The new v3.1 version should be ready for internal QA and build testing by the end of this week, with luck, and will be turned over to the public shortly thereafter once testing has proven no unexpected issues have been introduced. We know the delay has been a bit extended for our ReddHead MacOS Catalina stakers, and we hope to have them all aboard soon. We have moved with all possible speed while attempting to incorproate all the required work, testing, and ensuring security and safety for our ReddHeads.
Which leads us to: PoSV v2 activation and the supermajority on Mainnet at the time of this writing has reached 5625/9000 blocks or 62.5%. We have progressed quite well and without any reported user issues since release, but we need all of the community to participate! This activation, much like the funding mechanisms currently being debated by BCH and others, and employed by DASH, will mean not only a catalyst for Reddcoin but ensure it's future by providing funding for the dev team. As a personal plea from the team, please help us support the PoSV v2 activation by staking your RDD, no matter how large or small your amount of stake.
Every block and every RDD counts, and if you don't know how, we'll teach you! Live chat is fun as well as providing tech support you can trust from devs and community ReddHead members. Join us today in staking and online and collect some RDD "rain" from users and devs alike!
If you're holding Reddcoin and not staking, or you haven't upgraded your v2.x wallet to v3.0.1 (current release), we need you to help achieve consensus and activate PoSV v2! For details, see the pinned message here or our website or medium channel. Upgrade is simple and takes moments; if you're nervous or unsure, we're here to help live in Telegram or Discord, as well as other chat programs. See our website for links.
Look for more updates shortly as our long-anticipated Reddcoin Payment Gateway and Merchant Services API come online with point-of-sale support, as we announce the cross-crypto-project Aussie firefighter fundraiser program, as well as a comprehensive update to our development roadmap and more.
Work has restarted on ReddID and multiple initiatives are underway to begin educating and sharing information about ReddID, what it is, and how to use it, as we approach a releasable ReddID product. We enthusiastically encourage anyone interested in working to bring these efforts to life, whether writers, UX/UI experts, big data analysts, graphic artists, coders, front-end, back-end, AI, DevOps, the Reddcoin Core dev team is growing, and there's more opportunity and work than ever!
Bring your talents to a community and dev team that truly appreciates it, and share the Reddcoin Love!
And now, lots of commits. As v3.1 is not yet quite ready for public release, these commits have not been pushed publicly, but in the interests of sharing progress transparently, and including our ReddHead community in the process, see below for mind-numbing technical detail of work accomplished.
e5c143404 - - 2014-08-07 - Ross Nicoll - Changed LevelDB cursors to use scoped pointers to ensure destruction when going out of scope. *99a7dba2e - - 2014-08-15 - Cory Fields - tests: fix test-runner for osx. Closes ##4708 *8c667f1be - - 2014-08-15 - Cory Fields - build: add funcs.mk to the list of meta-depends *bcc1b2b2f - - 2014-08-15 - Cory Fields - depends: fix shasum on osx < 10.9 *54dac77d1 - - 2014-08-18 - Cory Fields - build: add option for reducing exports (v2) *6fb9611c0 - - 2014-08-16 - randy-waterhouse - build : fix CPPFLAGS for libbitcoin_cli *9958cc923 - - 2014-08-16 - randy-waterhouse - build: Add --with-utils (bitcoin-cli and bitcoin-tx, default=yes). Help string consistency tweaks. Target sanity check fix. *342aa98ea - - 2014-08-07 - Cory Fields - build: fix automake warnings about the use of INCLUDES *46db8ad51 - - 2020-02-18 - John Nash - build: add build.h to the correct target *a24de1e4c - - 2014-11-26 - Pavel Janík - Use complete path to include bitcoin-config.h. *fd8f506e5 - - 2014-08-04 - Wladimir J. van der Laan - qt: Demote ReportInvalidCertificate message to qDebug *f12aaf3b1 - - 2020-02-17 - John Nash - build: QT5 compiled with fPIC require fPIC to be enabled, fPIE is not enough *7a991b37e - - 2014-08-12 - Wladimir J. van der Laan - build: check for sys/prctl.h in the proper way *2cfa63a48 - - 2014-08-11 - Wladimir J. van der Laan - build: Add mention of --disable-wallet to bdb48 error messages *9aa580f04 - - 2014-07-23 - Cory Fields - depends: add shared dependency builder *8853d4645 - - 2014-08-08 - Philip Kaufmann - [Qt] move SubstituteFonts() above ToolTipToRichTextFilter *0c98e21db - - 2014-08-02 - Ross Nicoll - URLs containing a / after the address no longer cause parsing errors. *7baa77731 - - 2014-08-07 - ntrgn - Fixes ignored qt 4.8 codecs path on windows when configuring with --with-qt-libdir *2a3df4617 - - 2014-08-06 - Cory Fields - qt: fix unicode character display on osx when building with 10.7 sdk *71a36303d - - 2014-08-04 - Cory Fields - build: fix race in 'make deploy' for windows *077295498 - - 2014-08-04 - Cory Fields - build: Fix 'make deploy' when binaries haven't been built yet *ffdcc4d7d - - 2014-08-04 - Cory Fields - build: hook up qt translations for static osx packaging *25a7e9c90 - - 2014-08-04 - Cory Fields - build: add --with-qt-translationdir to configure for use with static qt *11cfcef37 - - 2014-08-04 - Cory Fields - build: teach macdeploy the -translations-dir argument, for use with static qt *4c4ae35b1 - - 2014-07-23 - Cory Fields - build: Find the proper xcb/pcre dependencies *942e77dd2 - - 2014-08-06 - Cory Fields - build: silence mingw fpic warning spew *e73e2b834 - - 2014-06-27 - Huang Le - Use async name resolving to improve net thread responsiveness *c88e76e8e - - 2014-07-23 - Cory Fields - build: don't let libtool insert rpath into binaries *18e14e11c - - 2014-08-05 - ntrgn - build: Fix windows configure when using --with-qt-libdir *bb92d65c4 - - 2014-07-31 - Cory Fields - test: don't let the port number exceed the legal range *62b95290a - - 2014-06-18 - Cory Fields - test: redirect comparison tool output to stdout *cefe447e9 - - 2014-07-22 - Cory Fields - gitian: remove unneeded option after last commit *9347402ca - - 2014-07-21 - Cory Fields - build: fix broken boost chrono check on some platforms *c9ed039cf - - 2014-06-03 - Cory Fields - build: fix whitespace in pkg-config variable *3bcc5ad37 - - 2014-06-03 - Cory Fields - build: allow linux and osx to build against static qt5 *01a44ba90 - - 2014-07-17 - Cory Fields - build: silence false errors during make clean *d1fbf7ba2 - - 2014-07-08 - Cory Fields - build: fix win32 static linking after libtool merge *005ae2fa4 - - 2014-07-08 - Cory Fields - build: re-add AM_LDFLAGS where it's overridden *37043076d - - 2014-07-02 - Wladimir J. van der Laan - Fix the Qt5 build after d95ba75 *f3b4bbf40 - - 2014-07-01 - Wladimir J. van der Laan - qt: Change serious messages from qDebug to qWarning *f4706f753 - - 2014-07-01 - Wladimir J. van der Laan - qt: Log messages with type>QtDebugMsg as non-debug *98e85fa1f - - 2014-06-06 - Pieter Wuille - libsecp256k1 integration *5f1f2e226 - - 2020-02-17 - John Nash - Merge branch 'switch_verification_code' into Build *1f30416c9 - - 2014-02-07 - Pieter Wuille - Also switch the (unused) verification code to low-s instead of even-s. *1c093d55e - - 2014-06-06 - Cory Fields - secp256k1: Add build-side changes for libsecp256k1 *7f3114484 - - 2014-06-06 - Cory Fields - secp256k1: add libtool as a dependency *2531f9299 - - 2020-02-17 - John Nash - Move network-time related functions to timedata.cpp/h *d003e4c57 - - 2020-02-16 - John Nash - build: fix build weirdness after 54372482. *7035f5034 - - 2020-02-16 - John Nash - Add ::OUTPUT_SIZE *2a864c4d8 - - 2014-06-09 - Cory Fields - crypto: create a separate lib for crypto functions *03a4e4c70 - - 2014-06-09 - Cory Fields - crypto: explicitly check for byte read/write functions *a78462a2a - - 2014-06-09 - Cory Fields - build: move bitcoin-config.h to its own directory *a885721c4 - - 2014-05-31 - Pieter Wuille - Extend and move all crypto tests to crypto_tests.cpp *5f308f528 - - 2014-05-03 - Pieter Wuille - Move {Read,Write}{LE,BE}{32,64} to common.h and use builtins if possible *0161cc426 - - 2014-05-01 - Pieter Wuille - Add built-in RIPEMD-160 implementation *deefc27c0 - - 2014-04-28 - Pieter Wuille - Move crypto implementations to src/crypto/ *d6a12182b - - 2014-04-28 - Pieter Wuille - Add built-in SHA-1 implementation. *c3c4f9f2e - - 2014-04-27 - Pieter Wuille - Switch miner.cpp to use sha2 instead of OpenSSL. *b6ed6def9 - - 2014-04-28 - Pieter Wuille - Remove getwork() RPC call *0a09c1c60 - - 2014-04-26 - Pieter Wuille - Switch script.cpp and hash.cpp to use sha2.cpp instead of OpenSSL. *8ed091692 - - 2014-04-20 - Pieter Wuille - Add a built-in SHA256/SHA512 implementation. *0c4c99b3f - - 2014-06-21 - Philip Kaufmann - small cleanup in src/compat .h and .cpp *ab1369745 - - 2014-06-13 - Cory Fields - sanity: hook up sanity checks *f598c67e0 - - 2014-06-13 - Cory Fields - sanity: add libc/stdlib sanity checks *b241b3e13 - - 2014-06-13 - Cory Fields - sanity: autoconf check for sys/select.h *cad980a4f - - 2019-07-03 - John Nash - build: Add a top-level forwarding target for src/ objects *f4533ee1c - - 2019-07-03 - John Nash - build: qt: split locale resources. Fixes non-deterministic distcheck *4a0e46e76 - - 2019-06-29 - John Nash - build: fix version dependency *2f61699d9 - - 2019-06-29 - John Nash - build: quit abusing AMCPPFLAGS *99b60ba49 - - 2019-06-29 - John Nash - build: avoid the use of top and abs_ dir paths *c8f673d5d - - 2019-06-29 - John Nash - build: Tidy up file generation output *5318bce57 - - 2019-06-29 - John Nash - build: nuke Makefile.include from orbit *672a25349 - - 2019-06-29 - John Nash - build: add stub makefiles for easier subdir builds *562b7c5a6 - - 2020-02-08 - John Nash - build: delete old Makefile.am's *066120079 - - 2020-02-08 - John Nash - build: Switch to non-recursive make
Whew! No wonder it's taken the dev team a while! :)
TL;DR: Trying to fix MacOS Catalina font display led to requiring all kinds of work to migrate and evolve the Reddcoin Core software with Apple, Bitcoin and QT components. Lots of work done, v3.1 public release soon. Also other exciting things and ReddID back under active dev effort.
submitted by TechAdept to reddCoin [link] [comments]

Is Crypto Currency truly at risk due to Quantum Computers, and what can you do about it?

Is Crypto Currency truly at risk due to Quantum Computers, and what can you do about it?

There is no denying that the Quantum revolution is coming. Security protocols for the internet, banking, telecommunications, etc... are all at risk, and your Bitcoins (and alt-cryptos) are next!
This article is not really about quantum computers[i], but, rather, how they will affect the future of cryptocurrency, and what steps a smart investor will take. Since this is a complicated subject, my intention is to provide just enough relevant information without being too “techy.”

The Quantum Evolution

In 1982, Nobel winning physicist, Richard Feynman, hypothesized how quantum computers[ii] would be used in modern life.
Just one year later, Apple released the “Apple Lisa”[iii] – a home computer with a 7.89MHz processor and a whopping 5MB hard drive, and, if you enjoy nostalgia, it used 5.25in floppy disks.
Today, we walk around with portable devices that are thousands of times more powerful, and, yet, our modern day computers still work in a simple manner, with simple math, and simple operators[iv]. They now just do it so fast and efficient that we forget what’s happening behind the scenes.
No doubt, the human race is accelerating at a remarkable speed, and we’ve become obsessed with quantifying everything - from the everyday details of life to the entire universe[v]. Not only do we know how to precisely measure elementary particles, we also know how to control their actions!
Yet, even with all this advancement, modern computers cannot “crack” cryptocurrencies without the use of a great deal more computing power, and since it’s more than the planet can currently supply, it could take millions, if not billions, of years.
However, what current computers can’t do, quantum computers can!
So, how can something that was conceptualized in the 1980’s, and, as of yet, has no practical application, compromise cryptocurrencies and take over Bitcoin?
To best answer this question, let’s begin by looking at a bitcoin address.

What exactly is a Bitcoin address?

Well, in layman terms, a Bitcoin address is used to send and receive Bitcoins, and looking a bit closer (excuse the pun), it has two parts:[vi]
A public key that is openly shared with the world to accept payments. A public key that is derived from the private key. The private key is made up of 256 bits of information in a (hopefully) random order. This 256 bit code is 64 characters long (in the range of 0-9/a-f) and further compressed into a 52 character code (using RIPEMD-160).
NOTE: Although many people talk about Bitcoin encryption, Bitcoin does not use Encryption. Instead, Bitcoin uses a hashing algorithm (for more info, please see endnote below[vii]).
Now, back to understanding the private key:
The Bitcoin address “1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm” translates to a private key of “5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf” which further translates to a 256 bit private key of “0000000000000000000000000000000000000000000000000000000000000001” (this should go without saying, but do not use this address/private key because it was compromised long ago.) Although there are a few more calculations that go behind the scenes, these are the most relevant details.
Now, to access a Bitcoin address, you first need the private key, and from this private key, the public key is derived. With current computers, it’s classically impractical to attempt to find a private key based on a public key. Simply put, you need the private key to know the public key.
However, it has already been theorized (and technically proven) that due to private key compression, multiple private keys can be used to access the same public key (aka address). This means that your Bitcoin address has multiple private keys associated with it, and, if someone accidentally discovers or “cracks” any one of those private keys, they have access to all the funds in that specific address.
There is even a pool of a few dedicated people hunting for these potential overlaps[viii], and they are, in fact, getting very efficient at it. The creator of the pool also has a website listing every possible Bitcoin private key/address in existence[ix], and, as of this writing, the pool averages 204 trillion keys per day!
But wait! Before you get scared and start panic selling, the probability of finding a Bitcoin address containing funds (or even being used) is highly unlikely – nevertheless, still possible!
However, the more Bitcoin users, the more likely a “collision” (finding overlapping private/public key pairs)! You see, the security of a Bitcoin address is simply based on large numbers! How large? Well, according to my math, 1.157920892373x1077 potential private keys exist (that number represents over 9,500 digits in length! For some perspective, this entire article contains just over 14,000 characters. Therefore, the total number of Bitcoin addresses is so great that the probability of finding an active address with funds is infinitesimal.

So, how do Quantum Computers present a threat?

At this point, you might be thinking, “How can a quantum computer defeat this overwhelming number of possibilities?” Well, to put it simple; Superposition and Entanglement[x].
Superposition allows a quantum bit (qbit) to be in multiple states at the same time. Entanglement allows an observer to know the measurement of a particle in any location in the universe. If you have ever heard Einstein’s quote, “Spooky Action at a Distance,” he was talking about Entanglement!
To give you an idea of how this works, imagine how efficient you would be if you could make your coffee, drive your car, and walk your dog all at the same time, while also knowing the temperature of your coffee before drinking, the current maintenance requirements for your car, and even what your dog is thinking! In a nutshell, quantum computers have the ability to process and analyze countless bits of information simultaneously – and so fast, and in such a different way, that no human mind can comprehend!
At this stage, it is estimated that the Bitcoin address hash algorithm will be defeated by quantum computers before 2028 (and quite possibly much sooner)! The NSA has even stated that the SHA256 hash algorithm (the same hash algorithm that Bitcoin uses) is no longer considered secure, and, as a result, the NSA has now moved to new hashing techniques, and that was in 2016! Prior to that, in 2014, the NSA also invested a large amount of money in a research program called “Penetrating Hard Targets project”[xi] which was used for further Quantum Computer study and how to break “strong encryption and hashing algorithms.” Does NSA know something they’re not saying or are they just preemptively preparing?
Nonetheless, before long, we will be in a post-quantum cryptography world where quantum computers can crack crypto addresses and take all the funds in any wallet.

What are Bitcoin core developers doing about this threat?

Well, as of now, absolutely nothing. Quantum computers are not considered a threat by Bitcoin developers nor by most of the crypto-community. I’m sure when the time comes, Bitcoin core developers will implement a new cryptographic algorithm that all future addresses/transactions will utilize. However, will this happen before post-quantum cryptography[xii]?
Moreover, even after new cryptographic implementation, what about all the old addresses? Well, if your address has been actively used on the network (sending funds), it will be in imminent danger of a quantum attack. Therefore, everyone who is holding funds in an old address will need to send their funds to a new address (using a quantum safe crypto-format). If you think network congestion is a problem now, just wait…
Additionally, there is the potential that the transition to a new hashing algorithm will require a hard fork (a soft fork may also suffice), and this could result in a serious problem because there should not be multiple copies of the same blockchain/ledger. If one fork gets attacked, the address on the other fork is also compromised. As a side-note, the blockchain Nebulas[xiii] will have the ability to modify the base blockchain software without any forks. This includes adding new and more secure hashing algorithms over time! Nebulas is due to be released in 2018.

Who would want to attack Bitcoin?

Bitcoin and cryptocurrency represent a threat to the controlling financial system of our modern economy. Entire countries have outright banned cryptocurrency[xiv] and even arrested people[xv], and while discrediting it, some countries are copying cryptocurrency to use (and control) in their economy[xvi]!
Furthermore, Visa[xvii], Mastercard[xviii], Discover[xix], and most banks act like they want nothing to do with cryptocurrency, all the while seeing the potential of blockchain technology and developing their own[xx]. Just like any disruptive technology, Bitcoin and cryptocurrencies have their fair share of enemies!
As of now, quantum computers are being developed by some of the largest companies in the world, as well as private government agencies.
No doubt, we will see a post-quantum cryptography world sooner than most realize. By that point, who knows how long “3 letter agencies” will have been using quantum technology - and what they’ll be capable of!

What can we do to protect ourselves today?

Of course, the best option is to start looking at how Bitcoin can implement new cryptographic features immediately, but it will take time, and we have seen how slow the process can be just for scaling[xxi].
The other thing we can do is use a Bitcoin address only once for outgoing transactions. When quantum computers attack Bitcoin (and other crypto currencies), their first target will be addresses that have outgoing transactions on the blockchain that contain funds.
This is due to the fact that when computers first attempt to crack a Bitcoin address, the starting point is when a transaction becomes public. In other words, when the transaction is first signed – a signed transaction is a digital signature derived from the private key, and it validates the transaction on the network. Compared to classical computers, quantum computers can exponentially extrapolate this information.
Initially, Bitcoin Core Software might provide some level of protection because it only uses an address once, and then sends the remaining balance (if any) to another address in your keypool. However, third party Bitcoin wallets can and do use an address multiple times for outgoing transactions. For instance, this could be a big problem for users that accept donations (if they don’t update their donation address every time they remove funds). The biggest downside to Bitcoin Core Software is the amount of hard-drive space required, as well as diligently retaining an up-to-date copy of the entire blockchain ledger.
Nonetheless, as quantum computers evolve, they will inevitably render SHA256 vulnerable, and although this will be one of the first hash algorithms cracked by quantum computers, it won’t be the last!

Are any cryptocurrencies planning for the post-quantum cryptography world?

Yes, indeed, there are! Here is a short list of ones you may want to know more about:

Full disclosure:

Although I am in no way associated with any project listed above, I do hold coins in all as well as Bitcoin, Litecoin and many others.
The thoughts above are based on my personal research, but I make no claims to being a quantum scientist or cryptographer. So, don’t take my word for anything. Instead, do your own research and draw your own conclusions. I’ve included many references below, but there are many more to explore.
In conclusion, the intention of this article is not to create fear or panic, nor any other negative effects. It is simply to educate. If you see an error in any of my statements, please, politely, let me know, and I will do my best to update the error.
Thanks for reading!

References

[i] https://www.youtube.com/watch?v=JhHMJCUmq28 – A great video explaining quantum computers.
[ii] https://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol4/spb3/ - A brief history of quantum computing.
[iii] https://en.wikipedia.org/wiki/Apple_Lisa - More than you would ever want to know about the Apple Lisa.
[iv] https://www.youtube.com/watch?v=tpIctyqH29Q&list=PL8dPuuaLjXtNlUrzyH5r6jN9ulIgZBpdo - Want to learn more about computer science? Here is a great crash course for it!
[v] https://www.collinsdictionary.com/dictionary/english/quantify - What does quantify mean?
[vi] https://en.bitcoin.it/wiki/Private_key - More info about Bitcoin private keys.
[vii] https://www.securityinnovationeurope.com/blog/page/whats-the-difference-between-hashing-and-encrypting - A good example of the deference between Hash and Encryption
[viii] https://lbc.cryptoguru.org/stats - The Large Bitcoin Collider.
[ix] http://directory.io/ - A list of every possible Bitcoin private key. This website is a clever way of converting the 64 character uncompressed key to the private key 128 at a time. Since it is impossible to save all this data in a database and search, it is not considered a threat! It’s equated with looking for a single needle on the entire planet.
[x] https://uwaterloo.ca/institute-for-quantum-computing/quantum-computing-101#Superposition-and-entanglement – Brief overview of Superposition and Entanglement.
[xi] https://www.washingtonpost.com/world/national-security/nsa-seeks-to-build-quantum-computer-that-could-crack-most-types-of-encryption/2014/01/02/8fff297e-7195-11e3-8def-a33011492df2_story.html?utm_term=.e05a9dfb6333 – A review of the Penetrating Hard Targets project.
[xii] https://en.wikipedia.org/wiki/Post-quantum_cryptography - Explains post-quantum cryptography.
[xiii] https://www.nebulas.io/ - The nebulas project has some amazing technology planned in their roadmap. They are currently in testnet stage with initial launch expected taking place in a few weeks. If you don’t know about Nebulas, you should check them out. [xiv] https://en.wikipedia.org/wiki/Legality_of_bitcoin_by_country_or_territory - Country’s stance on crypto currencies.
[xv] https://www.cnbc.com/2017/08/30/venezuela-is-one-of-the-worlds-most-dangerous-places-to-mine-bitcoin.html - Don’t be a miner in Venezuela!
[xvi] http://www.newsweek.com/russia-bitcoin-avoid-us-sanctions-cryptocurrency-768742 - Russia’s plan for their own crypto currency.
[xvii] http://www.telegraph.co.uk/technology/2018/01/05/visa-locks-bitcoin-payment-cards-crackdown-card-issue - Recent attack from visa against crypto currency.
[xviii] https://www.ccn.com/non-government-digital-currency-junk-says-mastercard-ceo-rejecting-bitcoin/ - Mastercards position about Bitcoin.
[xix] http://www.livebitcoinnews.com/discover-joins-visa-mastercard-barring-bitcoin-support/ - Discovers position about Bitcoin.
[xx] http://fortune.com/2017/10/20/mastercard-blockchain-bitcoin/ - Mastercard is making their own blockchain.
[xxi] https://bitcoincore.org/en/2015/12/21/capacity-increase/ - News about Bitcoin capacity. Not a lot of news…
[xxii] https://learn.iota.org/faq/what-makes-iota-quantum-secure - IOTA and quantum encryption.
[xxiii] https://eprint.iacr.org/2011/191.pdf - The whitepaper of Winternitz One-Time Signature Scheme
[xxiv] https://cardanoroadmap.com/ - The Cardano project roadmap.
[xxv] https://eprint.iacr.org/2017/490 - More about the BLISS hash system.
[xxvi] https://www.ethereum.org/ - Home of the Ethereum project.
[xxvii] https://en.wikipedia.org/wiki/SHA-3#Security_against_quantum_attacks – SHA3 hash algorithm vs quantum computers.
[xxviii] https://en.wikipedia.org/wiki/Lamport_signature - Lamport signature information.
[xxix] https://theqrl.org/ - Home of the Quantum Resistant Ledger project.
submitted by satoshibytes to CryptoCurrency [link] [comments]

Rough numbers for brute-forcing a wallet

The bitstamp hack got me curious. Presumably it's infeasible, but just wondering if someone had tons of hardware from mining could it be put to use to brute force an address with a large amount of bitcoins?
I presume the answer is that it's nowhere near, just that it would be interesting if there happened to be a number of bitcoins that it would be worth chasing after with raw computing power instead of chasing mining fees.
submitted by justwritecomments to Bitcoin [link] [comments]

Proof of Failure - "I'll get you next time Salty Roger" :-)

"actus non facit reum nisi mens sit rea"
Just under 7 days ago I posted the following SHA256 hash to both the BSV blockchain and BAB blockchain.
I actually posted at 2019-06-16 20:00:00 but it took some minutes (as you'll see I predicted) to appear in the next block of the aforementioned blockchains, thus remaining a permanent immutable record.
memo.sv post Block Time: 2019-06-16 20:38:22 Block Number: 587160
memo.cash post Block Time: 2019-06-16 20:29:44 Block Number: 587318
This is verifiable proof that I held the plaintext to make this hash on that date. The hash as you can see is which is a SHA256:-
52f42a5a4c073a2a14ed76e5a1d356c4586e6f2dea2a91d9a3dcf5f57799442e
Just after posting to the blockchain this hash, I sent private messages to 3 members of this subreddit with the following text, and thus this is the reason why I am now forced to reveal the hash, as I expect them to take my words seriously.
It doesn't matter in the grand scheme of things (as all I did is cryptographically proven) that I did this, however I wanted to so I would be forced to reveal the plaintext within 7 days. I won't name them, but if they want to confirm that they did indeed receive this message then I'll leave that up to them.
Hi guys. Look I am doing something kinda funny here, but for now needs to be secret. Here is a SHA256 hash, write it down!
"52f42a5a4c073a2a14ed76e5a1d356c4586e6f2dea2a91d9a3dcf5f57799442e"
If I don't reveal what plaintext is the source of this hash within the next 7 days then it means I am a fraud, and I am not to be trusted and I request I am permabanned from the subreddit, and all communications with me should cease.
This hash has been published on both the BSV & BAB blockchains as a memo message, as proof it wasn't created after the time it appears in the blockchains, and proof of immutability of content.
You can see it here (BSV):- https://memo.sv/profile/1gr5whAEV4ffA6df71JTdQ7gSNQWTkgnm Or here (BAB):- https://memo.cash/profile/1gr5whAEV4ffA6df71JTdQ7gSNQWTkgnm
And timestamp will be a few seconds or minutes after timestamp below, as and when message gets confirmed in next block on each respective chain. PoW!
If I happen to be banned from reddit in the meantime don't worry as hash reveal will take place on these memo channels within 7 days.
If this works you're all gonna LOL real hard cause it will cause one big massive social media shitstorm! And we all know the only way to destroy a PoSM shitcoin like BAB is with social media!
Cheers fellas! jim-btc 2019-06-16T20:00:00Z End of message.
I actually sent it to them as an image
This is all those 3 members have seen, and all 3 have confirmed, one with "I'll be watching" another with a "LOL" type response and another with a rather concerned "what's this?" type response. I gave them no further information - so now all reading this post know exactly the same about this all as they do - which is basically nothing, other than this hash 52f42a5a4c073a2a14ed76e5a1d356c4586e6f2dea2a91d9a3dcf5f57799442e must be something interesting.
So what was the plaintext behind this hash? What does it have to do with Salty Roger?
Well I'm gonna take some inspiration from Dr. Craig S. Wright here to add some tension... I still have a few hours to reveal the plain-text, which is in fact a computer program. We shall all see.
UPDATE
OK here it is: https://gofile.io/?c=FsGtJD
Go check that SHA256 hash.
Here's the code:
#!/usbin/env python # bab-destroy.py # Should work in Python2.7 & Python 3.x # Author: jim-btc # If you change any character in this code (including newlines so careful # Windows users - it will fail to reproduce the excercise! # This is BAB Destroy. Some code designed to make Salty Roger Ver, head of # Bitcoin Cash (BAB) look very stupid and get owned by cryptohashes once again. # # The BABies (that's users of said coin) seem to spout the mantra "Code is Law" # so I thought what better way to own them all than by using some code to do # it! # Purpose of this program is to generate a fake (unspendable) Bitcoin address # and to hash various messages. Hash for this program (hence the entire process # in the pwnage of Salty Roger will be published on both the Bitcoin Cash (BAB) # and Bitcoin (BSV) blockchains as "proof-of-LOL" so what I am doing here can # easily be verified as non-illegal and non-fraudulent *after the event* by # simply running this code and verifying all messages/hashes produced - to # replay the sequence of events as it were. # # A non-spendable address is used to demonstrate even if Roger was dumb enough # to send BTC that it is the equivalent of burning money - i.e. nobody can # benefit. Also for any legal eagles reading allow me introduce some Latin: # "actus non facit reum nisi mens sit rea". Interesting case study to be made # perhaps regarding blockchains as immutable evidence. # The idea is the following happens:- # # 1) Hash of this program code is published on BAB & BSV blockchains to proove # timestamp that this effort was started, using memo.cash / memo.sv # # 2) A few community memebers from Bitcoin (BSV) subreddit are sent a hashed # message stating that there is a hash on BAB/BSV blockchain and if I don't # reveal how to make it within 7 days then I am a fraud, a scammer and should # be removed from the community - this is to ensure nobody can claim the # argument "jim-btc was just testing to see if Roger would pay" and to # ensure revealing of this code regardless of the outcome. # # 3) Roger recieves a message from me basically stating "Pay me 1BTC and I will # stop attacking your coin and community and work for you attacking BSV". # # 4) Roger publishes this message on /btc (or /npc as it's better called) # and tries to state that jim-btc is a scammer, and possibly that this is # a scam/community atack by the entire community of BSV. The idea is that # Roger basically publisizes this for maximum effect so when the truth is # revealed his own publicity owns him. An alternative (but very unlikely) is # that Roger sends 1BTC to the address - where I then publish this entire # message chain to prove (once again) that Roger is an idiot and has no # problem employing sockpuppets for nefarious purposes and has just burned 1BTC # for his very silly efforts! Remember if he sends any funds there - I cannot # spend it as you see that the public address has no corresponding private key. # (it's a fake address). # # 5) Bonus LOLpoints will be rewarded if this news makes it to Roger's Twitter # account and/or his news.bitcoin.com website as some sort of proof that # "criminal blackmailers are attempting to destroy BAB" or the now famous # classic quote they use "It's an attack" as they keep needing to invent a # common external enemy like Orwell's 1984 as some way for cohesion in their # destroyed and rotten "community". It is expected that as Salty Roger loves to # play victim he shall play victim to maximum effect. Let's hope so! # # 6) Program code is revealed. Orignal hash on BAB/BSV blockchains is shown as # matching the hash of the program code. Roger looks dumb, all BABies are # awakened as to just how easy it is to attack a PoSM (Proof of Social Media) # shitcoin such as Bitcoin Cash (BAB). The crypto world laughs, lawyers debate # the legality of this all - everyone is confused but most agree Roger has once # again proved he knows nothing about crypto and is easily spoofed. # # People read this program code and these comments and find out just how bad # things are with BABcoin. They sell the idea of "decentralized development" # when in reality Amaury Sachet (ABC node developer) bans Andrew Stone, LEAD # developer of Bitcoin Unlimited from any meetings. It also encourages BABies # to look at the ideas floating around in the dev community - such as spending # funding money on developer get-togethers when clearly the fundraising they # are doing is supposed to be paying for developers to develop. People are # encouraged to look into the transparency of all fundraising and realise that # this is not a sustainable model for a anti-business coin such as BAB. # # Once again I'd ask people to seriously debate the difference and the # narrative:- # # "Satosh added checkpoints to Bitcoins source code - checkpoints are OK" # -- the BAB narrative # # The reality:- # These checkpoints were added days/weeks/months after the blocks were mined # for pretty obvious reasons. # Amaury Sachet (shitlord dictator of ABC) added them within ~10 minutes of # blocks being mined and colluded with exchanges to use this special software # within minutes. That is not fair competition, this is not PoW. That is a PoSM # shitcoin and shall be destroyed - only way to do it is with social media! # # This program is dedicated to unwriter and Craig S. Wright (Satoshi Nakamoto). # # Read unwriters phenomenal message to all devs:- # # https://medium.com/@_unwritethe-resolution-of-the-bitcoin # -cash-experiment-52b86d8cd187 # # OK - let's get started... # # These are the only 3 functions we need to import. from binascii import hexlify from hashlib import sha256 from os import path BASE_58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz' # First let's make a public key based on some text, unless we manage to break # cryptography we will have no way of knowing the private key for this message # thus any coins sent here are effectivley burned (unspendable). # This message will give us fake address 1MCpARZExPsW5EmBMEYj2NoyUxaoWyZt8N BITCOIN_PUBKEY_MESSAGE = b'Roger Ver is an idiot, jim-btc owns him!' MESSAGE_TO_ROGER = '''Hey Roger. You see I am attacking BCH continuously. If you want me to stop (and switch teams and work for you guys attacking BSV) then I will accept the job. I can be paid a salary of 1 BTC to this address to get started:- {} Don\'t try and share this message and slander me cause I will just deny it. I am a lot cleverer than you guys - admit it! Not interested in further communications, except confirmation, and I shall not respond. Payment to the aforementioned address is the acceptance of hiring me - not negotiable. End of message.''' MEMO_SV = 'https://memo.sv/profile/1gr5whAEV4ffA6df71JTdQ7gSNQWTkgnm' MEMO_BAB = 'https://memo.cash/profile/1gr5whAEV4ffA6df71JTdQ7gSNQWTkgnm' MESSAGE_TO_FOLKS = '''Hi guys. Look I am doing something kinda funny here, but for now needs to be secret. Here is a SHA256 hash, write it down! "{}" If I don't reveal what plaintext is the source of this hash within the next 7 days then it means I am a fraud, and I am not to be trusted and I request I am permabanned from the subreddit, and all communications with me should cease. This hash has been published on both the BSV & BAB blockchains as a memo message, as proof it wasn't created after the time it appears in the blockchains, and proof of immutability of content. You can see it here (BSV):- {} Or here (BAB):- {} And timestamp will be a few seconds or minutes after timestamp below, as and when message gets confirmed in next block on each respective chain. PoW! If I happen to be banned from reddit in the meantime don\'t worry as hash reveal will take place on these memo channels within 7 days. If this works you\'re all gonna LOL real hard cause it will cause one big massive social media shitstorm! And we all know the only way to destroy a PoSM shitcoin like BAB is with social media! Cheers fellas! jim-btc 2019-06-16T20:00:00Z End of message.''' SEPERATOR = '*' * 80 WARNING_ADDR = '''WARNING: Hey if you are running this code to prove the hashes, DO NOT SEND ANY BSV/BTC/BAB to the address! I cannot spend it as I don\'t have the private key and it\'s impossible to find it - you will just be burning your crypto!''' def make_bitcoin_address(pubkey_hash): with_network_byte = b'\x00' + pubkey_hash full_checksum = sha256(sha256(with_network_byte).digest()).hexdigest() checksum = full_checksum[:4 * 2] address_hex = hexlify(with_network_byte).decode() + checksum b58_string = '' # Get the number of leading zeros leading_zeros = len(address_hex) - len(address_hex.lstrip('0')) # Convert hex to decimal address_int = int(address_hex, 16) # Append digits to the start of string while address_int > 0: digit = address_int % 58 digit_char = BASE_58_ALPHABET[digit] b58_string = digit_char + b58_string address_int //= 58 # Add '1' for each 2 leading zeros ones = leading_zeros // 2 for one in range(ones): b58_string = '1' + b58_string return b58_string def main(): # We'll use first 160 bits of sha256 of message - doesn't really matter! # as long as we have 160 bits like RIPEMD-160 pubkey_hash = sha256(BITCOIN_PUBKEY_MESSAGE).digest()[:160 // 8] # If you wanna test the function then follow this blog post # https://www.freecodecamp.org/news/how-to-create-a-bitcoin-wallet-address # -from-a-private-key-eca3ddd9c05f/ # and hardcode it as:- # pubkey_hash = b'E23`\n\x968K\xb8\[email protected]\t\x84\x11z\xc8M~\x8b' # and you will get result '17JsmEygbbEUEpvt4PFtYaTeSqfb9ki1F1' as per blog fake_bitcoin_address = make_bitcoin_address(pubkey_hash) source_code = path.abspath(path.realpath(__file__)) hash_of_this_source_code = sha256() # We'll hash this source code. Hashing this is proof of the entire # operation! and allows anybody to see what was done, when, and why. with open(source_code, 'rb') as _: hash_of_this_source_code.update(_.read()) source_hash = hash_of_this_source_code.hexdigest() # We now input the hashes etc... into the messages, print them on screen # for easy copy pasta! message_to_folks_with_hash = MESSAGE_TO_FOLKS.format(source_hash, MEMO_SV, MEMO_BAB) message_to_roger = MESSAGE_TO_ROGER.format(fake_bitcoin_address) print(SEPERATOR) print(message_to_folks_with_hash) print(SEPERATOR) print(message_to_roger) print(SEPERATOR) print(WARNING_ADDR) if __name__ == "__main__": main() 
This is what output looks like if you run it (you'll see it hashes itself but you can do sha256sum on the program file if you want)
******************************************************************************** Hi guys. Look I am doing something kinda funny here, but for now needs to be secret. Here is a SHA256 hash, write it down! "52f42a5a4c073a2a14ed76e5a1d356c4586e6f2dea2a91d9a3dcf5f57799442e" If I don't reveal what plaintext is the source of this hash within the next 7 days then it means I am a fraud, and I am not to be trusted and I request I am permabanned from the subreddit, and all communications with me should cease. This hash has been published on both the BSV & BAB blockchains as a memo message, as proof it wasn't created after the time it appears in the blockchains, and proof of immutability of content. You can see it here (BSV):- https://memo.sv/profile/1gr5whAEV4ffA6df71JTdQ7gSNQWTkgnm Or here (BAB):- https://memo.cash/profile/1gr5whAEV4ffA6df71JTdQ7gSNQWTkgnm And timestamp will be a few seconds or minutes after timestamp below, as and when message gets confirmed in next block on each respective chain. PoW! If I happen to be banned from reddit in the meantime don't worry as hash reveal will take place on these memo channels within 7 days. If this works you're all gonna LOL real hard cause it will cause one big massive social media shitstorm! And we all know the only way to destroy a PoSM shitcoin like BAB is with social media! Cheers fellas! jim-btc 2019-06-16T20:00:00Z End of message. ******************************************************************************** Hey Roger. You see I am attacking BCH continuously. If you want me to stop (and switch teams and work for you guys attacking BSV) then I will accept the job. I can be paid a salary of 1 BTC to this address to get started:- 1MCpARZExPsW5EmBMEYj2NoyUxaoWyZt8N Don't try and share this message and slander me cause I will just deny it. I am a lot cleverer than you guys - admit it! Not interested in further communications, except confirmation, and I shall not respond. Payment to the aforementioned address is the acceptance of hiring me - not negotiable. End of message. ******************************************************************************** WARNING: Hey if you are running this code to prove the hashes, DO NOT SEND ANY BSV/BTC/BAB to the address! I cannot spend it as I don't have the private key and it's impossible to find it - you will just be burning your crypto! 
Any technical questions / comments feel free to ask below.
submitted by jim-btc to bitcoincashSV [link] [comments]

I made my own Blockchain in Java (Part 2) now with Source Code!

Hello all! Same guy that posted about a Java Bitcoin Address Generator. I've completed my blockchain mockup and I couldn't be happier with it. Although it doesn't have persistent state and doesn't use new addresses as Change addresses (since the wallets are not HD, just single-keypair wallets), I learned a lot from doing this.
It really does help to understand the complexity of cryptocurrencies when you try to make it from scratch by yourself. There's a ton of security behind bitcoin, and some of it may seem absurd (SHA-256 hashing into RIPEMD-160 into 2x SHA-256 like Damn... all for a checksum).
If you want to mess around with the program, I've uploaded it to Github (Link here). It's a functioning wallet-type program that has Accounts you can switch between where each account has its own KeyPair that you can then send and receive funds to. There is a block reward for mining new blocks that is distributed from the "coinbase" wallet.
NOTE: This is intended to be for educational purposes and should in no way be considered a real cryptocurrency/blockchain. It only runs for the time you have it open and loses all information when closed. The addresses it generates ARE valid bitcoin addresses that you can use, but do so at your own risk and know what you're doing. There is no seed for the addresses that are generated.
submitted by Septem_151 to Bitcoin [link] [comments]

12-30 21:33 - 'That's not true. The core has more features than electrum- it just requires use of the CLI. Honestly, you shouldn't be using multi-sig in the first place if you can't figure out how to generate an address using the CLI...' by /u/Nycmdthroaway removed from /r/Bitcoin within 43-53min

'''
That's not true. The core has more features than electrum- it just requires use of the CLI. Honestly, you shouldn't be using multi-sig in the first place if you can't figure out how to generate an address using the CLI.
Open up the debug window CLI tab, type `help' and you'll see how much you can do and the information you can ascertain with the core node that you can't with electrum.
Electrum relies on the core node for all of its functionality, save their proprietary mnemonic seed backup algorithm, which is much less secure than BIP33 (which can be generated with the core; electrum literally provides you with the dictionary to carry out an attack on its addresses, and it doesn't use an EC in its cryptographic process, meaning the encryption entropy is low and the nonces are predictable).
I could order some RIPEMD-160 ASIC chips for $2/piece and have a Chinese fabricator design a PCB using some cheap 22nm SHA-256 chips and the RIPEMD chips, replace cgminer or bfgminer's computational sections with the ultra optimized vanitygen algos for brute forcing priv keys, switch out stratum for JTR-style threaded rainbow tables based on a few hundred thousand rounds of mnemonic generation using electrum's suite- along with some open source code analysis, and in a month I could create a machine that could generate and test hundreds of thousands to millions of mnemonics per second.
The only reason this hasn't been an active practice is because destroying bitcoins keypair-cryptography (or at least appearing to have done so) would send the price under a dollar in 24hours. An update would be patched within a few days and it should be a lot of hard work for nothing. But I wouldn't be surprised if this is occurring actively on a small scale, with old addresses presumed to be "lost." Even if an active address was hit, as long as it wasn't overdone, people would shrug it off as a physical compromise of their own network/machine/software, not an epidemic- but considering the frequency of exchanges getting "hacked" and the actual ease by which the attack could be carried out, I think there's an equal possibility that the security is already completely compromised.
Theoretically all mnemonic backups are inherently insecure (as is any password using dictionary words, no matter how long) but at least using ECDHE and a deterministic seed, you're actually getting a password with a strength equal to that of the sum of its characters as ASCI to BASE/56 encoded bits. Without that, you may as well have a 12 character passphrase (with the possible characters equal to the number of words in the abridged electrum dictionary.) So it's {POSSIBLE WORDS}12 for electrum vs. something closer to {(POSSIBLE WORDS60)(POSSIBLE HD-SEEDS)}256 for a BIP33 mnemonic using SecP256k ECDHE algo (assuming average number of letters in a word are 5 and HD seeds are pseudo-random.) But mnemonic seeds are still insecure even with BIP33. Use the core wallet and you get a key with true randomness using entropy from blockchain derived sources, 2 rounds of SHA-256 and a final RIPEMD-160 round with a 256-Bit secret generated in conjunction with with an extremely secure ECDHE curve=trillions upon trillions of possibilities. That not only makes a single key harder to break, it means there is a much less likely chance of someone randomly guessing secrets and testing them to see if they come out to a funded address in the whole scheme of things.
It's like if I tried to break into every Dell server. If many people were using weak passwords, and I could try a password on all of them at the same time- I'd surely crack a bunch, and make Dell look bad as a company, even though the servers were inherently fine. Keeping the network strong means making sure you do your part to save face, after all bitcoin is owned and CONTROLLED by the userbase.
As a side note, RIPEMD was only used in the public scheme along with SHA256 (despite being significantly weaker) because at the time SHA256 was the only widely implemented and highly secure algorithm- meaning it could be as widely adopted and widely mined as possible. So SHA-256 was the logical choice for the main block algorithm. There wasn't another option for the wallet address' scheme that would be secure tunneling enough and still computationally feasible and easy to integrate. So SHA-256 was most secure, but without the round of RIPEMD-160 as the deterministic round, wallets could be brute forced at the same time as mining, with the same hardware.
For the most secure, fool-proof, uncrackable wallet, here's what I do/used to do: Use the Core node to bake Segwit P2SH addresses. I don't use HD wallets period, but HD is secure enough as long as you're using a truly random secret. Remember that the secret in a BIP33 HD wallet is the master privkey, additionally, each address has it's own xpriv, which, considering the combinations possible, saving the individual xprivs makes the most sense anyway. If you plan on spending the coins soon, just secure the wallet .dat file with a strong 16+ character (A-Z,a-z,()$&@#$/?¿%÷,0-9) passphrase (this is just the wallet file pw it has nothing to do with your addresses) then just throw the wallet on a flash drive or better yet an SD card or 2 and call it a day.
For addresses you plan to put on ice for a while, concat your coins into a handful of accounts, don't store more than $1,000/address. Then using the `dumpprivkey' Core CLI command (I think that's the command, it's something like that, type help and you'll see it if I'm wrong), a text encrypting program (for good measure) and a barcode/QR code generator (all offline!), get the private keys for each address, encrypt the text with an easy to remember password (you'll be taking the keys offline, and storing physically, so no need to worry too much about that pass, it's better to just keep them physically safe), and then generate QR codes for each. Paste them all into a word doc with the corresponding (lightly) encrypted numbers you generated the QRs with. Print out a couple copies and then delete the addresses from the wallet.
Put those paper wallets somewhere safe. You could also split the key down the middle and store the 2 parts of the paper wallets in different places instead of encrypting the plaintext xprivs. So you'd need to scan both paper keys and paste the solutions together to access the coins.
That's all a bit extreme... in reality, unless you're super paranoid and storing millions, you'll be fine by keeping your coins in the core node with decent firewall and a good .dat passphrase.
BUT ELECTRUM IS NO GOOD!
'''
Context Link
Go1dfish undelete link
unreddit undelete link
Author: Nycmdthroaway
submitted by removalbot to removalbot [link] [comments]

Using Electrum and Bootable Ubuntu USB to Create a Secure Cold Storage Wallet

Here is a short guide that is hopefully newb friendly for creating a cold-storage wallet with Electrum. All you will need is at least one USB flash drive with at least 2 GB of free space, your PC, and pen & paper.
You will need The Universal USB Installer, as well as the Ubuntu .iso image file. Choose the 32 bit version to be safe. Download both, plug in your USB flash drive, and launch the installer. Select Ubuntu in Step 1 in the installer. Then in Step 2 browse and locate the Ubuntu .iso image file you downloaded. Then in Step 3 select the drive you have inserted, as well as click the box to format the drive and erase contents. Do NOT set a persistence as this will reduce the security. Then click create and wait for it to finish.
Once booted into Ubuntu, make sure to click "try ubuntu". You are only trying it out on the USB, and not installing it onto your main hard drive. The reason for using the bootable drive is everything exists in memory and mostly disappears when you shut down Ubuntu.
(It would be more ideal to install electrum in a complete cold environment, but I have heard that could cause some problems with Electrum at this time and it is best to install it while connected to the internet. But if you want true cold storage you must have zero internet connection at the time of creating the wallet. Since we are disconnecting before Electrum creates the seed, we should be good.)
At this point you are done, just shut down Ubuntu to make sure the evidence of the seed is erased. Then you can send Bitcoins to your cold storage wallet. You have effectively created a very secure cold storage wallet, in my opinion. To restore the cold wallet, just launch electrum and choose "restore wallet" option, type in your seed, and voila you have a hot wallet ready to spend again.
Extra: Using Truecrypt Encryption
Bonus tutorial is if you would prefer to save your seed on another USB or digital device. It is not recommended to do this, unless the seed in encrypted. Even then I would only leave it on a USB and not plug it into any hot device just to be safe. I would recommend Truecrypt although its possible the NSA has hacked Truecrypt, so use at your own risk.
sudo add-apt-repository ppa:stefansundin/truecrypt
sudo apt-get update
sudo apt-get install truecrypt
Hit enter after each command. If it asks permission, press y. Sometimes I had problems getting commands to work in the past. For some reason first installing flash from the software center fixes the problem, but I have no idea why.
Choose a size for the file, probably 5 MB is enough, but by all means choose more if you want to hold more files. Click next and make sure to choose a SECURE password for the file. If you don't pick a good enough password it will be brute forced easily. Use numbers, letters, capitals, lowercase, symbols, and make it long as possible. Try to have it something you can memorize if possible. Then click next. Then format it as FAT, and click next. Move your mouse around for entropy and then click Format, and your truecrypt container has been created.
I think this is a decent easy to follow tutorial. Hopefully this can help some newbies out, if I made any mistakes please feel free to correct me.
Edit: Sorry formatting sucks.
submitted by btcfreedom to Bitcoin [link] [comments]

BIP Number Request: Open Asset | Nicolas Dorier | May 26 2016

Nicolas Dorier on May 26 2016:
Open Asset is a simple and well known colored coin protocol made by Flavien
Charlon, which has been around for more than two years ago.
Open Asset is OP_RETURN to store coin's color. Since then, the only
modification to the protocol has been for allowing OA data to be into any
push into an OP_RETURN.
The protocol is here:
https://github.com/OpenAssets/open-assets-protocol/blob/mastespecification.mediawiki
I asked to Flavien Charlon if he was OK if I submit the protocol to the
mailing list before posting.
Additional BIP number might be required to cover for example the "colored
address" format:
https://github.com/OpenAssets/open-assets-protocol/blob/masteaddress-format.mediawiki
But I will do it in a separate request.
Here is the core of the Open Asset specification:
Title: Open Assets Protocol (OAP/1.0)
Author: Flavien Charlon
Created: 2013-12-12
==Abstract==
This document describes a protocol used for storing and transferring
custom, non-native assets on the Blockchain. Assets are represented by
tokens called colored coins.
An issuer would first issue colored coins and associate them with a
formal or informal promise that he will redeem the coins according to
terms he has defined. Colored coins can then be transferred using
transactions that preserve the quantity of every asset.
==Motivation==
In the current Bitcoin implementation, outputs represent a quantity of
Bitcoin, secured by an output script. With the Open Assets Protocol,
outputs can encapsulate a quantity of a user-defined asset on top of
that Bitcoin amount.
There are many applications:
could then be traded frictionlessly through the Bitcoin
infrastructure.
could withdraw and deposit money in colored coins, and trade those, or
use them to pay for goods and services. The Blockchain becomes a
system allowing to transact not only in Bitcoin, but in any currency.
of colored coins. The door would only open when presented with a
wallet containing that specific coin.
==Protocol Overview==
Outputs using the Open Assets Protocol to store an asset have two new
characteristics:
asset stored on the output.
many units of that asset are stored on the output.
This document describes how the asset ID and asset quantity of an
output are calculated.
Each output in the Blockchain can be either colored or uncolored:
both undefined).
non-null asset ID.
The ID of an asset is the RIPEMD-160 hash of the SHA-256 hash of the
output script referenced by the first input of the transaction that
initially issued that asset (script_hash =
RIPEMD160(SHA256(script))). An issuer can reissue more of an
already existing asset as long as they retain the private key for that
asset ID. Assets on two different outputs can only be mixed together
if they have the same asset ID.
Like addresses, asset IDs can be represented in base 58. They must use
version byte 23 (115 in TestNet3) when represented in base 58. The
base 58 representation of an asset ID therefore starts with the
character 'A' in MainNet.
The process to generate an asset ID and the matching private key is
described in the following example:

The issuer first generates a private key:

18E14A7B6A307F426A94F8114701E7C8E774E7F9A47E2C2035DB29A206321725.

He calculates the corresponding address:

16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM.

Next, he builds the Pay-to-PubKey-Hash script associated to that

address: OP_DUP OP_HASH160
010966776006953D5567439E5E39F86A0D273BEE OP_EQUALVERIFY
OP_CHECKSIG.

The script is hashed: 36e0ea8e93eaa0285d641305f4c81e563aa570a2

Finally, the hash is converted to a base 58 string with checksum

using version byte 23:
ALn3aK1fSuG27N96UGYB1kUYUpGKRhBuBC.
The private key from the first step is required to issue assets
identified by the asset ID
ALn3aK1fSuG27N96UGYB1kUYUpGKRhBuBC. This acts as a
digital signature, and gives the guarantee that nobody else but the
original issuer is able to issue assets identified by this specific
asset ID.
==Open Assets Transactions==
Transactions relevant to the Open Assets Protocol must have a special
output called the marker output. This allows clients to recognize such
transactions. Open Assets transactions can be used to issue new
assets, or transfer ownership of assets.
Transactions that are not recognized as an Open Assets transaction are
considered as having all their outputs uncolored.
===Marker output===
The marker output can have a zero or non-zero value. The marker output
starts with the OP_RETURN opcode, and can be followed by any sequence
of opcodes, but it must contain a PUSHDATA opcode containing a
parsable Open Assets marker payload. If multiple parsable PUSHDATA
opcodes exist in the same output, the first one is used, and the other
ones are ignored.
If multiple valid marker outputs exist in the same transaction, the
first one is used and the other ones are considered as regular
outputs. If no valid marker output exists in the transaction, all
outputs are considered uncolored.
The payload as defined by the Open Assets protocol has the following format:
{|
! Field !! Description !! Size
|-
! OAP Marker || A tag indicating that this transaction is an
Open Assets transaction. It is always 0x4f41. || 2 bytes
|-
! Version number || The major revision number of the Open Assets
Protocol. For this version, it is 1 (0x0100). || 2 bytes
|-
! Asset quantity count || A
[https://en.bitcoin.it/wiki/Protocol_specification#Variable_length_integer
var-integer] representing the number of items in the asset
quantity list field. || 1-9 bytes
|-
! Asset quantity list || A list of zero or more
[http://en.wikipedia.org/wiki/LEB128 LEB128-encoded] unsigned integers
representing the asset quantity of every output in order (excluding
the marker output). || Variable
|-
! Metadata length || The
[https://en.bitcoin.it/wiki/Protocol_specification#Variable_length_integer
var-integer] encoded length of the metadata field. || 1-9
bytes
|-
! Metadata || Arbitrary metadata to be associated with
this transaction. This can be empty. || Variable
|}
Possible formats for the metadata field are outside of
scope of this protocol, and may be described in separate protocol
specifications building on top of this one.
The asset quantity list field is used to determine the
asset quantity of each output. Each integer is encoded using variable
length [http://en.wikipedia.org/wiki/LEB128 LEB128] encoding (also
used in [https://developers.google.com/protocol-buffers/docs/encoding#varints
Google Protocol Buffers]). If the LEB128-encoded asset quantity of any
output exceeds 9 bytes, the marker output is deemed invalid. The
maximum valid asset quantity for an output is 263 - 1
units.
If the marker output is malformed, it is considered non-parsable.
Coinbase transactions and transactions with zero inputs cannot have a
valid marker output, even if it would be otherwise considered valid.
If there are less items in the asset quantity list than
the number of colorable outputs (all the outputs except the marker
output), the outputs in excess receive an asset quantity of zero. If
there are more items in the asset quantity list than the
number of colorable outputs, the marker output is deemed invalid. The
marker output is always uncolored.
After the asset quantity list has been used to assign an
asset quantity to every output, asset IDs are assigned to outputs.
Outputs before the marker output are used for asset issuance, and
outputs after the marker output are used for asset transfer.
====Example====
This example illustrates how a marker output is decoded. Assuming the
marker output is output 1:
Data in the marker output Description ----------------------------- 
0x6a The OP_RETURN opcode. 0x10 The PUSHDATA opcode for a 16 bytes payload. 0x4f 0x41 The Open Assets Protocol tag. 0x01 0x00 Version 1 of the protocol. 0x03 There are 3 items in the asset quantity list. 0xac 0x02 0x00 0xe5 0x8e 0x26 The asset quantity list: - '0xac 0x02' means output 0 has an 
asset quantity of 300.
 - Output 1 is skipped and has an 
asset quantity of 0
 because it is the marker output. - '0x00' means output 2 has an 
asset quantity of 0.
 - '0xe5 0x8e 0x26' means output 3 
has an asset quantity of 624,485.
 - Outputs after output 3 (if any) 
have an asset quantity of 0.
0x04 The metadata is 4 bytes long. 0x12 0x34 0x56 0x78 Some arbitrary metadata. 
===Asset issuance outputs===
All the outputs before the marker output are used for asset issuance.
All outputs preceding the marker output and with a non-zero asset ...[message truncated here by reddit bot]...
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-May/012741.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

[uncensored-r/CryptoCurrency] Is Crypto Currency truly at risk due to Quantum Computers, and what can you do about it?

The following post by satoshibytes is being replicated because some comments within the post(but not the post itself) have been openly removed.
The original post can be found(in censored form) at this link:
np.reddit.com/ CryptoCurrency/comments/7uvomu
The original post's content was as follows:

Is Crypto Currency truly at risk due to Quantum Computers, and what can you do about it?

There is no denying that the Quantum revolution is coming. Security protocols for the internet, banking, telecommunications, etc... are all at risk, and your Bitcoins (and alt-cryptos) are next!
This article is not really about quantum computers[i], but, rather, how they will affect the future of cryptocurrency, and what steps a smart investor will take. Since this is a complicated subject, my intention is to provide just enough relevant information without being too “techy.”

The Quantum Evolution

In 1982, Nobel winning physicist, Richard Feynman, hypothesized how quantum computers[ii] would be used in modern life.
Just one year later, Apple released the “Apple Lisa”[iii] – a home computer with a 7.89MHz processor and a whopping 5MB hard drive, and, if you enjoy nostalgia, it used 5.25in floppy disks.
Today, we walk around with portable devices that are thousands of times more powerful, and, yet, our modern day computers still work in a simple manner, with simple math, and simple operators[iv]. They now just do it so fast and efficient that we forget what’s happening behind the scenes.
No doubt, the human race is accelerating at a remarkable speed, and we’ve become obsessed with quantifying everything - from the everyday details of life to the entire universe[v]. Not only do we know how to precisely measure elementary particles, we also know how to control their actions!
Yet, even with all this advancement, modern computers cannot “crack” cryptocurrencies without the use of a great deal more computing power, and since it’s more than the planet can currently supply, it could take millions, if not billions, of years.
However, what current computers can’t do, quantum computers can!
So, how can something that was conceptualized in the 1980’s, and, as of yet, has no practical application, compromise cryptocurrencies and take over Bitcoin?
To best answer this question, let’s begin by looking at a bitcoin address.

What exactly is a Bitcoin address?

Well, in layman terms, a Bitcoin address is used to send and receive Bitcoins, and looking a bit closer (excuse the pun), it has two parts:[vi]
A public key that is openly shared with the world to accept payments. A private key that is derived from the public key. The private key is made up of 256 bits of information in a (hopefully) random order. This 256 bit code is 64 characters long (in the range of 0-9/a-f) and further compressed into a 52 character code (using RIPEMD-160).
NOTE: Although many people talk about Bitcoin encryption, Bitcoin does not use Encryption. Instead, Bitcoin uses a hashing algorithm (for more info, please see endnote below[vii]).
Now, back to understanding the private key:
The Bitcoin address “1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm” translates to a private key of “5HpHagT65TZzG1PH3CSu63k8DbpvD8s5ip4nEB3kEsreAnchuDf” which further translates to a 256 bit private key of “0000000000000000000000000000000000000000000000000000000000000001” (this should go without saying, but do not use this address/private key because it was compromised long ago.) Although there are a few more calculations that go behind the scenes, these are the most relevant details.
Now, to access a Bitcoin address, you first need the private key, and from this private key, the public key is derived. With current computers, it’s classically impractical to attempt to find a private key based on a public key. Simply put, you need the private key to know the public key.
However, it has already been theorized (and technically proven) that due to private key compression, multiple private keys can be used to access the same public key (aka address). This means that your Bitcoin address has multiple private keys associated with it, and, if someone accidentally discovers or “cracks” any one of those private keys, they have access to all the funds in that specific address.
There is even a pool of a few dedicated people hunting for these potential overlaps[viii], and they are, in fact, getting very efficient at it. The creator of the pool also has a website listing every possible Bitcoin private key/address in existence[ix], and, as of this writing, the pool averages 204 trillion keys per day!
But wait! Before you get scared and start panic selling, the probability of finding a Bitcoin address containing funds (or even being used) is highly unlikely – nevertheless, still possible!
However, the more Bitcoin users, the more likely a “collision” (finding overlapping private/public key pairs)! You see, the security of a Bitcoin address is simply based on large numbers! How large? Well, according to my math, 1.157920892373x1077 potential private keys exist (that number represents over 9,500 digits in length! For some perspective, this entire article contains just over 14,000 characters. Therefore, the total number of Bitcoin addresses is so great that the probability of finding an active address with funds is infinitesimal.

So, how do Quantum Computers present a threat?

At this point, you might be thinking, “How can a quantum computer defeat this overwhelming number of possibilities?” Well, to put it simple; Superposition and Entanglement[x].
Superposition allows a quantum bit (qbit) to be in multiple states at the same time. Entanglement allows an observer to know the measurement of a particle in any location in the universe. If you have ever heard Einstein’s quote, “Spooky Action at a Distance,” he was talking about Entanglement!
To give you an idea of how this works, imagine how efficient you would be if you could make your coffee, drive your car, and walk your dog all at the same time, while also knowing the temperature of your coffee before drinking, the current maintenance requirements for your car, and even what your dog is thinking! In a nutshell, quantum computers have the ability to process and analyze countless bits of information simultaneously – and so fast, and in such a different way, that no human mind can comprehend!
At this stage, it is estimated that the Bitcoin address hash algorithm will be defeated by quantum computers before 2028 (and quite possibly much sooner)! The NSA has even stated that the SHA256 hash algorithm (the same hash algorithm that Bitcoin uses) is no longer considered secure, and, as a result, the NSA has now moved to new hashing techniques, and that was in 2016! Prior to that, in 2014, the NSA also invested a large amount of money in a research program called “Penetrating Hard Targets project”[xi] which was used for further Quantum Computer study and how to break “strong encryption and hashing algorithms.” Does NSA know something they’re not saying or are they just preemptively preparing?
Nonetheless, before long, we will be in a post-quantum cryptography world where quantum computers can crack crypto addresses and take all the funds in any wallet.

What are Bitcoin core developers doing about this threat?

Well, as of now, absolutely nothing. Quantum computers are not considered a threat by Bitcoin developers nor by most of the crypto-community. I’m sure when the time comes, Bitcoin core developers will implement a new cryptographic algorithm that all future addresses/transactions will utilize. However, will this happen before post-quantum cryptography[xii]?
Moreover, even after new cryptographic implementation, what about all the old addresses? Well, if your address has been actively used on the network (sending funds), it will be in imminent danger of a quantum attack. Therefore, everyone who is holding funds in an old address will need to send their funds to a new address (using a quantum safe crypto-format). If you think network congestion is a problem now, just wait…
Additionally, there is the potential that the transition to a new hashing algorithm will require a hard fork (a soft fork may also suffice), and this could result in a serious problem because there should not be multiple copies of the same blockchain/ledger. If one fork gets attacked, the address on the other fork is also compromised. As a side-note, the blockchain Nebulas[xiii] will have the ability to modify the base blockchain software without any forks. This includes adding new and more secure hashing algorithms over time! Nebulas is due to be released in 2018.

Who would want to attack Bitcoin?

Bitcoin and cryptocurrency represent a threat to the controlling financial system of our modern economy. Entire countries have outright banned cryptocurrency[xiv] and even arrested people[xv], and while discrediting it, some countries are copying cryptocurrency to use (and control) in their economy[xvi]!
Furthermore, Visa[xvii], Mastercard[xviii], Discover[xix], and most banks act like they want nothing to do with cryptocurrency, all the while seeing the potential of blockchain technology and developing their own[xx]. Just like any disruptive technology, Bitcoin and cryptocurrencies have their fair share of enemies!
As of now, quantum computers are being developed by some of the largest companies in the world, as well as private government agencies.
No doubt, we will see a post-quantum cryptography world sooner than most realize. By that point, who knows how long “3 letter agencies” will have been using quantum technology - and what they’ll be capable of!

What can we do to protect ourselves today?

...
submitted by censorship_notifier to noncensored_bitcoin [link] [comments]

Role of the checksum

In my free time I am trying to learn and understand Bitcoin as much as possible.
The generation of the private/public key pair is made through the sec256k1 parameters of the ECDSA elliptical curve. The resulting public key is then sent through a series of hashing (RIP-EMD, SHA-256) as seen here to generate the eventual public Bitcoin address. During the hashing functions, the first 4 bytes of the second SHA-256 hash are taken and added onto the RIPEMD-160 hash and these 4 bytes are what is known as the checksum.
My question is what exactly is the role of the checksum? Based on this page it looks like the checksum is essentially used to verify that the Bitcoin address is indeed associated with a particular private key. Are wallet clients using the checksum to make this verification? Can anyone explain how this works?
thanks!
submitted by bopplegurp to BitcoinBeginners [link] [comments]

Bitcoin Core 0.13.1 released | Wladimir J. van der Laan | Oct 27 2016

Wladimir J. van der Laan on Oct 27 2016:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Bitcoin Core version 0.13.1 is now available from:
https://bitcoin.org/bin/bitcoin-core-0.13.1/
Or through bittorrent:
magnet:?xt=urn:btih:dbe48c446b1113890644bbef03e361269f69c49a&dn;=bitcoin-core-0.13.1&tr;=udp%3A%2F%2Ftracker.openbittorrent.com%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.publicbt.com%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.ccc.de%3A80%2Fannounce&tr;=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr;=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&ws;=https%3A%2F%2Fbitcoin.org%2Fbin%2F
This is a new minor version release, including activation parameters for the
segwit softfork, various bugfixes and performance improvements, as well as
updated translations.
Please report bugs using the issue tracker at github:
https://github.com/bitcoin/bitcoin/issues
To receive security and update notifications, please subscribe to:
https://bitcoincore.org/en/list/announcements/join/
Compatibility

Microsoft ended support for Windows XP on April 8th, 2014,
an OS initially released in 2001. This means that not even critical security
updates will be released anymore. Without security updates, using a bitcoin
wallet on a XP machine is irresponsible at least.
In addition to that, with 0.12.x there have been varied reports of Bitcoin Core
randomly crashing on Windows XP. It is not clear
what the source of these crashes is, but it is likely that upstream
libraries such as Qt are no longer being tested on XP.
We do not have time nor resources to provide support for an OS that is
end-of-life. From 0.13.0 on, Windows XP is no longer supported. Users are
suggested to upgrade to a newer version of Windows, or install an alternative OS
that is supported.
No attempt is made to prevent installing or running the software on Windows XP,
you can still do so at your own risk, but do not expect it to work: do not
report issues about Windows XP to the issue tracker.
but severe issues with the libc++ version on 10.7.x keep it from running reliably.
0.13.1 now requires 10.8+, and will communicate that to 10.7 users, rather than crashing unexpectedly.
Notable changes

Segregated witness soft fork
Segregated witness (segwit) is a soft fork that, if activated, will
allow transaction-producing software to separate (segregate) transaction
signatures (witnesses) from the part of the data in a transaction that is
covered by the txid. This provides several immediate benefits:
Activation for the segwit soft fork is being managed using BIP9
versionbits. Segwit's version bit is bit 1, and nodes will begin
tracking which blocks signal support for segwit at the beginning of the
first retarget period after segwit's start date of 15 November 2016. If
95% of blocks within a 2,016-block retarget period (about two weeks)
signal support for segwit, the soft fork will be locked in. After
another 2,016 blocks, segwit will activate.
For more information about segwit, please see...[message truncated here by reddit bot]...
original: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-Octobe013265.html
submitted by dev_list_bot to bitcoin_devlist [link] [comments]

Using the Blockchain for Proof-of-Publication

Blockchains have other uses! You could make great use of the Bitcoin (or DogeCoin!) network without even having any coins. For example, if everyone had a wallet, you could use those private keys to sign messages so that your acquaintances would know those messages are from you (or from someone who hacked into your account, but still).
Today, I wanted to email someone a story I wrote about blockchains; but this amounts to just emailing my raw text to someone else to show around. What if someone somewhere starts taking credit for it or something, hm? You can actually embed proof-of-publication into the blockchain.
First, I made sure my story was perfect, and wouldn't need to be changed. I added my identity and a timestamp to the title. Then I took the entire text (you could use the bytestream of a file, if it was a .doc or such) and used an online tool to SHA-256 hash it thus: aeef82c50dea27dec76351a8499344daf2617144645c12c18c5a1dca73cae692
If any tiny bit of the story changed, or the identity information or the timestamp, that would become an entirely different string. If I ever needed to, I could perform the hash again on my story and get the exact same string, thus proving that this text (with my identity) was used to make that string. Now, Bitcoin and most of the altcoins make addresses by passing that through a RIPEMD-160 hash to shorten it a bit: b0bb2d8d0176bb67aecdc7b84e97e76164b262e8
Much better. I really love DogeCoin, so I used the dogechain.info tools to convert that hash into a DogeCoin address: http://dogechain.info/chain/Dogecoin/q/hashtoaddress/b0bb2d8d0176bb67aecdc7b84e97e76164b262e8
I got the following random address: DMFZhNVXUHGDN1Ek4WRd1nobtcivmqCuNn
So now all I had to do was send some token amount to that address (which I don't control, by the way, so don't send anything there), which you can see here: http://dogechain.info/address/DMFZhNVXUHGDN1Ek4WRd1nobtcivmqCuNn
It would be virtually impossible to make a sensible text file that would turn into that exact address. The fact that the hash of this story has a transaction at that time must mean that the story was finished and encoded at around that time. 2014-01-10 09:52 UTC. The beginning text of my story even states "Completed at 2014-01-10 03:52" (I live at UTC-6).
The blockchain is distributed across thousands of computers, and it would be easier to delete those embarrassing pictures of your mom from 4chan than to modify a value in the blockchain. If something weird happens, I've simply got to show people my file with my identity, let them SHA-256, RIPEMD-160, and Doge-ify it, and then show them that I sent a transaction at the proper timestamp (or at least at an earlier time than anyone else had, because they could do the same later) with an address I control.
Voila. Proof of publication.
The weakest part of this would be if the entire network goes down, which would be a $10,000,000,000 event in the case of Bitcoin.
submitted by DogeMichael to dogecoin [link] [comments]

Does Multi-Sig have weaker crypto than a standard transaction ?

Hello,
I am not versed in cryptography at all but from what I understand, storing funds in a multi-signature "wallet" for the long term, seems less safe than storing them in a standard single-address wallet.
Assuming we have built quantum super-computers and we have broken ECDSA aka we can calculate the private key of any given public key.
TL;DR I understand that multi-sig is essentially pay-to-more-than-one-public-key and not pay-to-more-than-one-public-key-hash.
According to a bitcoin magazine article this was a crypto pitfall that was avoided early on.
Have we taken a step back from that direction ?
submitted by starsRunderground to Bitcoin [link] [comments]

Idea for safely implementing "Opt-In Full-RBF": Make it receiver opt-in rather than sender opt-in.

There are currently a lot of arguments against opt-in RBF about how it could become a usability nightmare and can enable double spends against unwitting people. This stems from the fact that it's opt-in by the sender and this requires a certain amount of knowledge by the receiver to avoid being scammed. But what if it was opt-in by the receiver instead? Then the sender has no way of issuing a RBF transaction against someone who is unwilling to accept a RBF transaction.
Currently there is no way to do this. The Bitcoin network is unaware of anything to do with the receiver of a transaction other than the public key hash or script hash. It can however tell the difference between the two types of keys. Standard public key hashes are prefixed with "1" and script hash keys are prefixed with "3". https://en.bitcoin.it/wiki/List_of_address_prefixes
I'm suggesting a hard fork that adds 2 new prefixes to public addresses. The new prefixes could be anything, but for the sake of this example let's say the the new prefixes are "R" and "r". "R" would become the prefix for public key hash addresses that are willing to accept RBF transactions and "r" for opt-in RBF script hash addresses. Now there is no need for transactions to be declared by the sender as RBF. Nodes and miners will simply reject any double spend attempts unless all outputs of the transaction are prefixed with either "R" or "r". The sender could even choose to opt-out of RBF by using a non-RBF prefixed address as one of the change outputs.
This does create an issue where you can spoof the intent of the receiver by changing the prefix on the address, so the function used to calculate the public address would need to be slightly different. The sender can't be allowed to reverse engineer an "R" address from a "1" address. There are two possible solutions here.
Option 1: Make a small change to the public key hashing algorithm. This could be something as simple as performing the RIPEMD-160 hash twice instead of once when creating a RBF address. This method has the benefit of not adding any cryptographic complexity to the system but the cons are that once you spend from an address and reveal the true public key, anyone can generate both public addresses. You only have the security of receiving non-RBF transactions exclusively as long as you don't reuse the address once you spend from it, or if you generate a new address for each incoming transaction. Also, wallet and block explorer software would need to be updated so that the possibility of two different addresses pointing to the same public key won't break it.
Option 2: Use a different ECDSA curve. This is the cleanest option when it comes to usability and writing code, but at the expense of adding more cryptographic complexity to the system. More points of failure to worry about.
Personally I think option 1 might be better. Address reuse is already discouraged and thanks to the popularity of HD wallets, following that rule is not that big a deal.
submitted by testing1567 to btc [link] [comments]

Bitcoin to Die - its unavoidable. The death of crypto and the blockchain. How to backup Litecoin wallet on linux How to hack bitcoin address! The program for the selection of private keys bitcoin! Hashcat running in Termux (part 1 - testing crack RIPEMD-160 hash) Bitcoin Wallet with 160 BTC Balance

RIPEMD-160 . Ripemd160.java file is used here. RIPEMD-160 generates 20 bytes hash. We will append an extra one byte. byte[] ripeMD = Ripemd160.getHash(s1); //adds 0x00 byte[] ripeMDPadded = new byte[ripeMD.length + 1]; ripeMDPadded[0] = 0; System.arraycopy(ripeMD, 0, ripeMDPadded, 1, 1); Here the total ripeMDPadded size is 21 bytes. Repeat SHA ... # Add the two first bytes of the result as a checksum tailing the RIPEMD-160 hash. addr = vh160 + h [0: 4] # Obtain the Bitcoin address by Base58 encoding the result: addr = b58encode (addr) return addr: def btc_addr_to_hash_160 (btc_addr): """ Calculates the RIPEMD-160 hash from a given Bitcoin address:param btc_addr: Bitcoin address.:type btc ... The wallet key generation process can be split into four steps: creating a public key with ECDSA; encrypting the key with SHA-256 and RIPEMD-160; calculating the checksum with double SHA-256; encoding the key with Base58. Depending on the form of public key (full or compressed), we get different addresses, but both are perfectly valid. RIPEMD-160. Bitcoin uses SHA-256 and RIPEMD-160 cryptographic hashes. There are many aspects of Bitcoin that use hashes and the vast majority of them use a double SHA-256 encryption. However, in a few situations that require hashes (such as e-mail addresses), a singular SHA-256 is used in combination with a singular RIPEMD-160 hash.. These hashes, when calculated on a GPU, make it feasible to ... (I'm new to Bitcoin & it's technology so correct me wherever u can) .Recently I was reading about Bitcoin and it's underlying technologies. I came to know that for generating addresses Bitcoin uses RIPEMD-160(SHA-256). But most of the Bitcoin Addresses are 25 to 34 Bytes(characters) long & starts with 1 or 3. How is this possible?

[index] [8978] [17674] [10384] [8368] [29808] [8039] [19362] [22071] [22278] [3263]

Bitcoin to Die - its unavoidable. The death of crypto and the blockchain.

On the use of RIPEMD-160 in creating Bitcoin addresses - Duration: 3:20. Thinklair 57 views. 3:20. Cryptanalytic Attacks (CISSP Free by Skillset.com) - Duration: 5:48. Elliptic curves, SHA256, and RIPEMD160, oh my. Dr. Darren Tapp presents the fundamental mathematics needed for Bitcoin to work as intended, prepared so that people of many levels can get something ... The program does not require an Internet connection, since the generation of bitcoin addresses with private keys occurs, SHA 256, RIPEMD-160 , base58 are already built into the program The server ... Bitcoin Wallet with 160 BTC Balance (to now). Last received : 2020-02-08 09:54 Private Key is READY ! Just Trust and Make it Rain :) (Wallet.dat file uploaded too, but maybe not working) Category People & Blogs; Song Unity; Artist Bondan Prakoso & Fade2black; Licensed to YouTube by SME (on behalf of Sony BMG Music Entertainment); Sony ATV Publishing, Progressive Records (Music ...

#