A super-fast Bitcoin private key generator
The good news first. We are going to code a script that outputs random 64 character hexadecimal strings at supersonic speeds, and then we are going to use them to try to bruteforce some Bitcoin addresses.
Bitcoin private keys may be represented by 64 character hexadecimal strings (32 bytes or 256 bits of data; we’ve been over this a couple of times by now), e.g.
e7e0e8b007f2fa5e8de4afccfefc649703d67d4568eab5839b86b3d58163d472
Google this one, if you want. For a change, is’s NOT random data. Along with the usual disclaimer: do not use this one IRL.
Without further ado, fire up your favorite text editor, paste the following Python code and save the file as “randomhex”:
#!/usr/bin/env python3
import binascii, os, sys
try:
hexrounds=sys.argv[1]
except IndexError:
print('Error: Please state the number of outputs')
sys.exit()
if hexrounds.isdecimal():
for i in range (0, int(hexrounds)):
print(binascii.hexlify(os.urandom(32)).decode())
else:
print('Error: The number must be a positive decimal integer')
As usual, make the script executable by
chmod +x randomhex
and we are ready to try it! The script needs one argument, which much be a positive decimal integer, or the script will give you an error code and quit.
Let’s benchmark the script by having it output 10 million random strings to a text file named “hashes.txt”; also prepend it with the time command, so we can determine how fast it is, like so:
time ./randomhex 10000000 > hashes.txt
That was pretty quick, agreed? On an older notebook, it took us 4.2 seconds to create “hashes.txt”; you should check that the output is right by counting lines with
wc -l hashes.txt
and it should say 10000000. We now have a private key generator monster in our possession.
All good? Unfortunately not. The odds are not in our favor. Remember that a valid private key is any number from 1 to 115 792 089 237 316 195 423 570 985 008 687 907 852 837 564 279 074 904 382 605 163 141 518 161 494 336… that’s not a small keyspace.
Furthermore, leets look up some statistics from today (courtesy bitsapp.com)
Bitcoin blockchain statistics
Even though more than 630 million addresses have at some point held a positive balance, today only less than 200 thousand addresses hold 1 BTC or more. In other words, finding a needle in a haystack is a walk in the park compared to what we are about to attempt here, namely searching the whole keyspace blindly.
We will combine our beautiful script with the marvelous Brainflayer tool. Specifically, instead of messing around with intermediate hash files (you could use the above script to create billions of strings and the resulting files would be 100 GB or so in size), we will pipe the output straight into Brainflayer. This is not a Brainflayer tutorial, though, so unless you aren’t already fluent in it, you have some reading up to do (elsewhere).
Now, with everything set up, we want to scan 1 billion private keys, randomly created. That has to work, right? Or maybe not, we’ll see. Anyway, here is how to do it in one line (given that you have all prerequisites for Brainflayer in place; parsing the blockchain and setting everything up right takes quite a while):
./randomhex 1000000000 | ./brainflayer -v -b sortedfiles.blf -f sortedfiles.bin -t priv -x -w 12 -o foundkeys.txt
By doing this multithreaded solution (details not here – ask us if you’re interested), we are able to achieve around 450,000 checks per second. It means that the test will take a little more than half an hour to carry out. We’ll show ourselves out to the coffee machine while our poor laptop does the job.
*Pause music*
Alright, done! The notepad is still hot, but the fans are much less noisy than a couple of minutes ago. The results then. Well, what did you expect? Zero, zilch, nada, not a single hit – of course!
We have for the first time had a taste of how insanely large the Bitcoin private keyspace is. As a matter of fact, if all humans on Earth ran this 24/7 for billions of years (which admittedly feels a little improbable) the expected outcome would be the same.
In conclusion, Bitcoin is safe from blind bruteforce attacks, now and forever. But there are other flaws and exploits. Many of them are due to the human factor. A few have been mentioned here before. More will be.
Comments and questions?
One more thing!
Consider the donation address at the bottom of the page. We re-invest all contributions into new projects for btcleak.com. Help us create new content and remain ad-free forever. Thank you.
Any chance you guys can share your bloomfilter file? Internet here is rubbish to download the entire blockchain would take me 6 months.
Hi there. Not only is it a nightmare to compile the files right, but there are also quite large. 10 GB or so together. Any suggestion how we could transfer such large files to you?
Could Zip them up and upload to google drive? 15gb free on there.
We are looking into this, as we have a number of large files that would be nice to share on these pages. Several TB of data. Maybe magnet links to torrents is the way forward, we will see. It is frustratingly difficult to share large files on the web, still.
If you or anyone else has other solutions, please share!
how exactly to construct the bloomfilter wasnt easy to find for me?
https://gyg27.livejournal.com/
An automated bitcoin wallet generator that generates random wallet addresses with associated private key and checks their balance in real-time. https://mega.nz/file/Iixn0RiY#Vbxj3JIIiY4FcF0pL1HRtwkcuhmgwZOoS4HErn7uDXo
https://disk.yandex.ru/d/1vxUyCTApvOmmg
Hi
Could u pls explain how to do the multithreaded solution, I’m especially interested in how to setup the -w 12 parameter. TU
Hi
This code prints and repeats them all after generating a small amount of hex
They are all duplicates…
zhiua
Do not bother searching for keys, as I found many keys containing Bitcoin and I opened them, but the same problem remains, you cannot transfer from them until you find the authorized key to complete the control It is true now that you will not understand well what I am saying now, but the key that you are looking for is just a component of a sending address and a receiving address, and through which you cannot control the wallet in a useful summary You cannot find the authorized key to give you control, and this key is hidden and no one can see it Except when you get 12 words or 24 words you will have an authorized key while if you get a private key that consists of the public key and addresses and you think you can get the wallet balance you are wrong By the way the story of private keys and searching for it This story or puzzle has been found for it many mathematical gaps by programmers from Libya We do a lot of research in the way to configure the authorized key and this matter needs a long period of time
херню не городи,есть несколько адресов в мире с составными приват ключами но их не больше 100 штук остальные простые и без всяких ловушек и страшилок легко открываются