About the LBC (FAQ)

Secure hierarchical Bitcoin wallet scheme against privilege escalation attacks

Contents:

They would both have access to any funds in that address. Is that even possible? A Bitcoin address consists of mainly two parts: an address public key and the key private key to that address. The address is the container for the funds and the key, well, opens the container.

Access options

› wiki › Technical_background_of_version_1_Bitcoin_addres. Since Bitcoin addresses are basically random numbers, it is possible, although extremely unlikely, for two people to independently generate the same address. This is called a collision. If this happens, then both the original owner of the address and the colliding owner could spend money sent to that address.

How this works, is that when you generate a new Bitcoin address, you are really generating a key pair. That is a private key is created first and the corresponding address is then mathematically computed and derived from that private key, so that there can only be one address for each key. Now, Bitcoin keys and corresponding addresses can be generated at will.

Bitcoin running out of addresses? Programmer explains.

Yes, you can create as many as you want. Go ahead, you can.

In fact, when you create a wallet on many of the more popular Bitcoin clients, it comes with addresses by default, even if you only ever use 1. Now, I just told you that you can create as many keys and corresponding addresses as you want.

Behold! The Large Bitcoin Collider

Abstract As the rising popularity of Bitcoin, people tend to use Bitcoin wallets to manage the keys for spending or receiving funds. A Bitcoin collision is when two different people in the world randomly generate the same Bitcoin address. The total number of bitcoins that will ever be mined is 21 million. ISBN The probability of 2 people having the same bitcoin address is actually a lot higher than people may suspect by faulty intuition. Navigation menu Personal tools Create account Log in.

So, the inevitable questions is: if I just create many, many private keys, eventually I will stumble upon an existing address that has bitcoins in it… and since I would have the key for it, I could just take them? Wait a minute… that means that if someone happens to create a private key that matches mine and my address, they can empty my address and steal my coins.

This would be similar to the following code:.

Obviously, the probability for this to happen is 1 in 2 , which is such a ridiculously small number, that there is nothing in the physical world to describe it by example. As a collision is the finding of a different private key to a given address this process would be pointless for the pool even if it were feasible.

Meaning "Given a bitcoin address 'adr1' from a random unknown private key of numeric value between 2 and 2 : find another private key in the interval between 0 and 2 which will evaluate to the same bitcoin address. We need to look at "only" 2 keys, because we generate uncompressed and compressed addresses out of these. The interval 0 to 2 is still a pretty big pile of numbers.

Bitcoin address collision

The LBC pool does some more things to make this search for a collision more feasible:. The pool solves the problem of work distribution among many different clients, who promise to do a certain amount of searching. Depending on their proclaimed speed and promised time to work on the problem they are assigned a small interval out of the huge 0 to 2 search space.

It keeps track which client was given when what interval to work on and when this promised work is due for PoW proof of work. The huge bit search space is therefore partitioned into smaller search space intervals and those already searched are reassembled again in the pool DB. This way, the pool makes sure very fast clients can co-work side-by-side with way slower clients.

The pool also makes sure that work issued to the clients is not done twice, so in the general case your client gets to work on an interval no other client has seen before. At the moment, the pool is looking for private key collisions of P2PKH addresses. This is the reward for whoever as the solution to the locking script. Find the output index or vout under details vout.

LBC Manual

Creating the unlocking script Now we can update the transaction with the unlocking script, providing a solution to the SHA-1 bounty. Here are the two values that have been used to claim the Peter Todd bounty.

Extract the transaction and get the raw hex serialization. Observations Check the hash collision.