Skip to content
This repository has been archived by the owner on Sep 15, 2022. It is now read-only.

Private key safety #61

Open
k06a opened this issue Jan 17, 2022 · 4 comments
Open

Private key safety #61

k06a opened this issue Jan 17, 2022 · 4 comments

Comments

@k06a
Copy link
Contributor

k06a commented Jan 17, 2022
edited
Loading

Hi, could you elaborate on how private keys are being generated and brute forced? It seems like a reliable random number generator std::mt19937_64 is being fully initialized by unsigned int (https://en.cppreference.com/w/cpp/numeric/random/random_device), which could make it less reliable:

profanity/Dispatcher.cpp

Line 111 in 75afbad

std::mt19937_64 eng(rd());

Seems like brute-forcing 2^32 seeds, each for a few seconds on top-notch hardware could expose some keys with 5-6-7 mined symbol.
@ryley-o
Copy link

ryley-o commented Jan 18, 2022

Agree here, should be seeded with 64 bits or else someone may be able to brute force 5-6-7 addrs, especially in the future.

@k06a
Copy link
Contributor Author

k06a commented Jan 20, 2022

It seems that 1 GPU can do 7 symbols for 1 sec, this means 1000 GPUs can brute force all the 7-symbol vanity addresses in 50 days. This could cost a lot, but the reward could be higher. Moreover, the reward could be pre-estimated.

@rhamnett
Copy link

I came here thinking the same thing. This should be a a warning in the README really.

@liamzebedee
Copy link

FUCK

@cryptoDevTrader cryptoDevTrader mentioned this issue Sep 17, 2022
Closed
@BlackTrace BlackTrace mentioned this issue Sep 18, 2022
Open
@psixoz-korvin psixoz-korvin mentioned this issue Oct 12, 2022
Closed
@k06a k06a mentioned this issue Oct 18, 2022
Open
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@liamzebedee @k06a @rhamnett @ryley-o