Before Quantum GPU-Boosted Weak Key Recovery
Website: https://b4q.io
Technical Research: https://b4q.io/research
What's this all about?
Before Quantum is a distributed GPU project designed to hunt for Bitcoin private keys that came from weak entropy sources between 2009 and 2012. Back in the early days of Bitcoin, wallet software relied on some pretty predictable random number generators:
- Timestamp-seeded LCGs using glibc and MSVC srand(time(NULL)) + rand(), leading to only around 62.8 million possible seeds.
- Debian OpenSSL bug (CVE-2008-0166) this cut down the entropy to just the PID, making it only 65,536 possible keys.
- Randstorm (V8 MWC1616) where BitcoinJS web wallets used Chrome’s weak Math.random(), resulting in about 4.1 trillion keys.
- Brain wallets which are essentially SHA256 of sequential numbers, short ASCII strings, phone numbers, and timestamps.
- Java LCG (BitcoinJ) these were the early Android wallets that used System.currentTimeMillis() as a seed.
- PHP mt_rand() which was auto-seeded with time*pid and used in early PHP-based web wallets.
We're testing 23 different weak key generation methods against roughly 2,845 known funded addresses that are thought to have been created with these faulty algorithms.
How does it work?
The whole thing runs in one CUDA C++ file with around 3,400 lines of code. Each GPU thread runs the full process independently:
- We test both compressed and uncompressed public key formats. An RTX 3090 can run about 135 million keys per second against around 3,000 targets.
As for distributed verification:
- Workers never send private keys to the server only hash160 and the key offset.
- The server regenerates the key from (mode, offset) and checks the entire crypto chain.
- Canary targets (honeypot hashes) help spot workers that skip verification.
Before Quantum Distributed GPU search for Bitcoin wallets created with weak entropy
4 replies 226 views
I briefly checked your website, but it seems the software is closed source. So i have major skepticism about it and believe my old warning is relevant for this thread.
paul.stakeHero Member
Posts: 651 · Reputation: 3798
#3Jul 26, 2017, 05:45 PM
check the website and joined had extra gpu power laying around but still spictical
And the fact that the wallets belong to someone else does not bother you? That is called THEFT.
In many ways I do hope that the OP's software does clear out the wallets of folks using it. Would serve them right.
Makes no Sense your project. Some of the Wallets you are targeting are cold wallets of exchanges. Good Luck getting away with that loot
Related topics
- bitcoin-qt sync issues and slow speeds 6
- Recovering a Bitcoin wallet and address 8
- Creating a list of non-zero wallets and their balances using Python 4
- Affordable quiet mini PC for running a Bitcoin node and blockchain explorer 19
- Restoring wallets from pre-fork days 7
- Using two different Bitcoin versions without messing up blockchain data 3