January 9th - Blockchain "Analysis"

As I have written before I'm not only investing in

Projects (and thus

) I'm also prototyping stuff and sometimes I'm trying to

things.

One thing I've implemented on multiple chains before was a "find" cryptos thing. Basically, I'm trying to guess addresses. With

bitcoin

, there is a total of 2^160 (Source) addresses out of them there is only a really small portion with actual Bitcoin on them. (A typical needle in the haystack.)

But I'm not relying on the pseudo-randomness of some number generator to find an address with a balance greater than 0 on it, I'm relying on the stupidity of people and bugs in

wallet

software. :)

As you might know, many wallets use a 12-word seed phrase to generate the private key. If I remember correctly there was at least one bug in a wallet where the 12 words weren't as random as expected, but I'm going a step lower because the typical wordlist contains 2048 words with 12 needed you also get a pretty high number (not as high as unique bitcoin addresses but similar high).

A few years back I read a

post (sadly I didn't save it back then) about a guy that discovered something on the

ethereum

Blockchain (if I remember correctly). He found out that some "special" addresses had

ETH

laying on them. His conclusion was that somebody was siphoning ETH over to some Ethereum addresses where the

PrivateKey

was easily guessable and moving it from these addresses to another later on. But how would you know a random PrivateKey of an address?

Simply, if the PrivateKey wasn't random and instead driven from another variable inside the Blockchain: The blockhash. So from here on it gets a little bit more technical.

Basically, each Block in a Blockchain has a unique hash, I'm going to use Ethereum as an example again. IF we take a look at Block 13972039 on Etherscan you can see the hash is "0x1b79dcf45b55a0492d482abc9b7eb4e6645b0192f5027ab9f0fe771888911b09". That is basically the hexadecimal representation of a SHA256 hash.

You can use those block hashes relatively easily in

Solidity

(the programming language for Ethereum

SmartContracts

) and thus can easily derivate a PrivateKey from it (they are the same length). So with every new Block, you get at least one new PrivateKey to use (in reality you could even use other parameters of the Block: Block number, Transaction-Hashes, mining time, ...).

So if you have access to a larger Blockchain Smart contract Ecosystem where not all developers are as "good" as you are, you can easily implement something that would siphon money off to such a generated address. The complicated thing is to get it through code and peer reviews.

There is also another thing. People are bad at remembering passwords or passphrases. It would be way easier to remember a block number and every time you need to access your funds you would just need to look up the hash of that block and use it as PrivateKey.

Besides that, it is probably illegal to implement such siphoning codes, I'm not nearly as good at implementing Smart contracts to even try such an "attack". But what I can do is generate addresses from various block variables (hash, transaction hashes, ...) and check if they got money on them.

With the sheer endless amount of addresses, it is almost impossible to find something by accident. The only reason some money could be on some address is that somebody placed it there.

I had this "analysis" running on several blockchains in the past, but it is really resource-intensive and gets boring after a while. Today I set aside a small portion of my time (three or four hours) to implement one of such "finding codes" again. It is only 122 lines of codes (including empty ones) and has been running since 1 pm this afternoon and managed to get to block 13600 already. Analyzing one block (including the check for potential money) takes around one second on average.

So to go through all current blocks it would need around 17 days and I'm running it on a relatively new blockchain (which doesn't have as many blocks as others).

Maybe I'm rich tomorrow? Although I wonder if it is legal to take money if found through a mathematical (?) trick? I will think about that when I find something. :)

Abraham Kim

I actually thought about something related to this. I say related to this because i'm not 100 percent clear i understand your plan.

This was it:

1. find addresses with money on them
2. take one of these addresses
3. try to find the secret seed key phrase

what prevents this

brute force

attack from being possible?

2022-01-11 15:59:49

Philipp Haidenbauer

1. -> would be easy to do. Just look at a block explorer :)
2. -> There isn't a breach (collisions) for the SHA256 Algorithm yet.

So as long as you can't produce the same hash for different input (a

collision

https://en.wikipedia.org/wiki/Collision_attack & https://en.wikipedia.org/wiki/MD5) it would take hundreds of years (or even thousands) to land a match with brute force.

The SHA256 has 2^256 (1.1579209e+77) different combinations so even if you would have 1 million hashes per second it would take 1.1579209e+71 seconds (= 1.3401862e+66 days -> divided by 365 days per year it is still 3.6717431e+63 years) to calculate all combinations.

If you up the hash rate to one billion per second (10^9) you merely change the years: 3.6717431e+60.

currently has a total hash rate (https://www.blockchain.com/charts/hash-rate) of 175076 million. Using that as input for our calculation it would take 2.0972281e+58 years to calculate all hashes in SHA256 :)

So as long nobody is able to find an error inside the algorithm (collision attack) you can't brute force address keys because it would take way more power than

is currently consuming. And if you got similar large power rates as

has, a 51% attack (https://www.coindesk.com/learn/what-is-a-51-attack/) would be "way easier" to perform.

But again, you would need as much power as the whole bitcoin network currently has, and a little bit more.

2022-01-12 05:45:23