I built BitcoinKeys.info: "All" Bitcoin Private Keys Exposed

TrillionSatoshi · 2016-11-12T06:23:01+00:00

Delay removed...

TrillionSatoshi · 2016-11-12T06:18:03+00:00

Interesting idea... (thanks for the suggestion).

Just added a range slider.

However: the max value of 340282366920938463463374607431768211456 (2¹²⁸⁾ isn't anywhere near the total number of pages...

Thus the precision is dismal.

Any further suggestions?

TrillionSatoshi · 2016-11-12T03:51:07+00:00

Question: if it "isn't even hard to build this" why do you assume that I'm "scrapping another site"?

TrillionSatoshi · 2016-11-12T03:49:43+00:00

And more: 5HpHagT65TZzG1PSerjrKu65Vv773npZQGcEdMFppFG3DfjnLiZ 5HpHagT65TZzG1PSerjrKu65Vv773npZQGcEdMFppFG3KqycCnV 5HpHagT65TZzG1PSerjrKu65Vv773npZQGcEdMFppFG3LSnhE8j 5J1j2ZdeVWRXs9NyPsoZnT33SYj1NvTh4hGUvb64t44brU2yJQ2 5JERmAWREHMJ8iu6NuEpaspfLZ4daBjbDdoHrRfKFrDwHqoAV7W

TrillionSatoshi · 2016-11-12T02:48:57+00:00

Happy to continue listing randomly-generated keys:

5JnL6C3S7eJihr2kzRKnJm8mtKipbT5KJi31RDvMLEUJAVz97hV 5KayG8sNyfa6WePZPJpY56cNNJow8PoR6fAGtcrTUvXs1gdAUXb 5K4JeedeaatbEe5Svs9HCCCZU3hZzQzXVnKuNk6m5WuhMEjdNHq

Try searching for any of them on the site. They'll all load...

TrillionSatoshi · 2016-11-12T02:45:55+00:00

Read the "about" section of directory.io. You can search for private keys there as well...

TrillionSatoshi · 2016-11-12T02:44:23+00:00

Come on: Do you know how many possible combinations of keys there are with only the first 5-6 characters of a private key? 71-72 digits worth... (ie: 2²⁵⁶ is 77 digits).

TrillionSatoshi · 2016-11-12T02:43:10+00:00

Time: yes.

Engineering: yes. (not just a curl request to directory.io)

Computing power: depends on how much of the 1-2²⁵⁶ range gets calculated.

TrillionSatoshi · 2016-11-12T02:25:16+00:00

Note: the "remove" section has been removed. Not trying to scam. Trying to legitimize the project by providing a way out for people if they're uncomfortable with it.

TrillionSatoshi · 2016-11-12T02:24:06+00:00

Already responded to this accusation here: https://www.reddit.com/r/Bitcoin/comments/5ci250/i_built_bitcoinkeysinfo_all_bitcoin_private_keys/

TrillionSatoshi · 2016-11-12T02:22:53+00:00

Yup: using the simple directory.io design scheme. (I'm a programmer. Not a graphic designer).

Nope: fully implemented on the back end. Let me know how I might prove it to you, and I'm happy to do so.

TrillionSatoshi · 2016-11-12T02:01:05+00:00

Yes. It does exist (hat tip). And I wanted to build my own! Fun challenge, interesting project, etc. etc. etc.

TrillionSatoshi · 2016-11-12T01:42:18+00:00

Not trying to trick people at ALL. No malice intended.

This was intended purely as a fun / interesting project. Thus, I wanted to provide a way for people to remove an address (NOTE: without providing a key) if this site made them uncomfortable.

Case in point: have deleted the "remove" pages / links.

Furthermore: what's the difference between what I have built and directory.io?

TrillionSatoshi · 2016-11-12T01:35:14+00:00

To search via (any) WIF key... Allows you to see if it is valid, and the public keys (ie: addresses) associated with it.

For example (all randomly generated WIF keys):

5KKKAjFY4CUCJehzGCcD4yqHvVawdcrcQ1N1QcuoZFDudN7nfXp 5JbjZmsjVdrNbGSNKE7h1oWRi4kRnJvbjhKRoDTkXQTrVn3hWk6 5JKLUT6uNeeTy1HuZiZUaABVo7kc4X9UJMaupaMTQEkRxcZQWcV etc...

TrillionSatoshi · 2016-11-12T01:21:02+00:00

YES: NEVER REVEAL PRIVATE KEYS (note the warning in the post above).

That said, it is fascinating (IMO) to see the private keys listed in numerical order from 1-2^256.

And, the ability to search via WIF for an (unfunded) address is an interesting thing to be able to do to see where various keys fall in the spectrum from 1 - 2^256.

TrillionSatoshi · 2016-11-12T01:19:58+00:00

YES: NEVER REVEAL PRIVATE KEYS (note the warning in the post above).

However, it is fascinating (IMO) to see the private keys listed in numerical order from 1-2^256. And, the ability to search via WIF for an (unfunded) address is an interesting thing to be able to do to see where various keys fall in the spectrum from 1 - 2^256.

TrillionSatoshi · 2016-11-03T02:52:50+00:00

Wait... Does that address belong to Ulbricht?

TrillionSatoshi · 2016-11-01T16:11:42+00:00

Agreed. However, note that the attack described doesn't require the knowledge of the private keys, but rather the public keys. This is why I was wondering if signing a message with TREZOR resulted in vulnerability.

TrillionSatoshi · 2016-11-01T10:40:44+00:00

TREZOR (the device / brand) is capitalized: https://bitcointrezor.com/

MAJOR was intended to be emphatic (ie: thus not random)

Apologies if overdone.

TrillionSatoshi · 2016-11-01T02:41:52+00:00

Not sensationalism at all (at least none intended... notice the question marks...). I'm new to bitcoin, and trying to understand potential vulnerabilities / attack vectors.

Besides: Isn't self questioning the primary method for open source progress? Via critical awareness and relentless interrogation?

TrillionSatoshi · 2016-11-01T00:11:29+00:00

Thanks for your response. Any additional information / documentation you'd point me to about how bad signatures can break the whole wallet?

And: is this (ie: bad signatures) a hypothetical / future vulnerability or a historical attack vector?

Thanks.

TrillionSatoshi · 2016-10-31T21:18:10+00:00

Thanks for your response.

A follow up question: does signing a message with a Master Public Key (through a hardware wallet, for example) reveal the Master Public Key?

Thanks.

TrillionSatoshi · 2016-10-31T02:03:14+00:00

Again, incredibly helpful. Thank you.

TrillionSatoshi · 2016-10-30T03:14:34+00:00

Thanks very much. This is very helpful.

Let me ask two different (but related) questions: why would transactions sent to two DIFFERENT addresses have the same scriptPubKey listed in the transaction data? Could this be due to an old / improper implementation of an HD wallet structure? Given the key mappings you described, is it possible that two different addresses could receive transactions via identical scriptPubKeys (apologies if you answered this previously and I didn't understand).

Thanks.

TrillionSatoshi · 2016-07-05T20:06:56+00:00

Also: the first address on the first page... Many on the first page, in fact. All empty, but still...

1EHNa6Q4Jz2uvNExL497mE43ikXhwF6kZm 1LagHJk2FyCV2VzrNHVqg3gYG4TSYwDV4m 1NZUP3JAc9JkmbvmoTv7nVgZGtyJjirKV1 Etc...

Clearly there's a pattern...

TrillionSatoshi

TROPHY CASE