Exploring a Pi-based crypto address

12 replies 456 views
Posts: 19 · Reputation: 198
#1Oct 23, 2020, 04:43 AM
I was just curious, so I checked out the private key for the first 64 digits of Pi in hex format: 1415926535 8979323846 2643383279 5028841971 6939937510 5820974944 5923 This leads to a P2PKH address: 1CBDsCzfGBNXvTqpiRZQ6EZi2DYF5VQmGU. Surprisingly, I found some transactions from March 2025, which is just a few months back. The transactions are pretty odd. For instance, it received its balance from bc1q5a3ak3vlmsawfptv99pvmxzv4qxvg7aj7re48g, and that address mostly shows payments and change going back to itself. Seems kinda like an old-school way of doing things, right? Is that how it usually works? Anyone else notice anything weird about these addresses? Appreciate any insights!
4 Reply Quote Share
im_lynxHero Member
Posts: 515 · Reputation: 2161
#2Oct 23, 2020, 08:40 AM
Well, it looks like unnecessary address re-use because no proper change address is used. One reason for this could be e.g. if you create a wallet by importing only the private key for address bc1q5a3ak3vlmsawfptv99pvmxzv4qxvg7aj7re48g into an Electrum (and likely other) wallet. When there are no change addresses in an Electrum wallet and there's only one address known to the wallet, Electrum will exactly do this what you observed when you send a partial amount out of such a wallet, using the source address also as change address. There's another key insight from what you observed: never create private keys from publicly know data! The Pi decimals aren't exactly secret, are they! Someone else had the same idea as you and a stealer bot, likely more of them, fought to grab the funds (indicated by the high amount of fees used by the winning transaction. Yet more people who have the private key in their stealer bot databases.
5 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#3Oct 25, 2020, 12:39 AM
I am lazy to try it, but Cricktor gave a good explanation. Lesson Learned: Nerver rely on any memorizable source for randomness. These numbers are simply not random. Fun Time: Randomness (a.k.a entropy) is a very fascinating subject in physics and mathematics. In short, there is no provable random number generator, that's 100% guaranteed to be random. Scientists believe that a good entropy source is to study and observe the atoms, waiting for them to have a spontaneous fission. They claim that this event is the closest to real randomness that we can get. Therefore, you can imagine that using the numbers of Pi, which are known to millions of people around the world, isn't a very good idea.
1 Reply Quote Share
greglaserFull Member
Posts: 180 · Reputation: 542
#4Oct 25, 2020, 05:55 AM
there are tutorials on using radioactive decay using geiger counters for RNG setups. interesting stuff.
4 Reply Quote Share
darkguruHero Member
Posts: 849 · Reputation: 4147
#5Oct 25, 2020, 06:06 AM
A much easier and far more compact route is to use the inherent quantum phase fluctuations present in beams from a laser diode operated just above its lasing threshold. QRNG (quantum random number generator) chips have already been made based on it. ref https://www.mdpi.com/2304-6732/11/5/468 https://opg.optica.org/ol/abstract.cfm?uri=ol-35-3-312 https://ieeexplore.ieee.org/document/10460108
4 Reply Quote Share
im_apeHero Member
Posts: 629 · Reputation: 3824
#6Oct 26, 2020, 07:49 PM
That's not strange, that's just address reuse. You send coins from address A to address B and send the change to same address A instead of to a new address. If you want to see strange look at one of the addresses that received coins from bc1q5a[..]48g which was 1M4r[...]jXz. It receives coins but then in 2 transactions it sends the coins from 1M4r[...]jXz to itself without any other output. I dare say the owner of these coins is performing a weird Spam Attack! Based on these two cases (first being sending coins to weak keys) and cases like this: Coins from bc1q5a[..]48g go to 19L9[...]EpV then they go to 1DWQ[...]UXA then they go to 1E8n[...]Lxs just to end up back in bc1q5a[..]48g!
3 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#7Oct 27, 2020, 02:23 AM
Thanks guys, good information. I am super bad in physics and I can't really understand, but are the two things that you suggest essentially the same thing? Or are they completely different?
5 Reply Quote Share
darkguruHero Member
Posts: 849 · Reputation: 4147
#8Oct 29, 2020, 02:03 PM
While they both are based on completely random processes, they are very different in what is being detected or measured. The Geiger method relies on detecting the timing of particle emission from radioactive elements while the laser method is measuring differences in the phase of light waves being generated by a laser. Not sure how fast the Geiger method can generate random numbers but the laser method can generate them at several hundred MHz to over 1GHz.
0 Reply Quote Share
Posts: 19 · Reputation: 198
#9Oct 29, 2020, 02:47 PM
Thanks to all for both the on topic and off topic answers, very informative.
0 Reply Quote Share
im_sageFull Member
Posts: 139 · Reputation: 484
#10Oct 29, 2020, 08:42 PM
Bruh!!! this is a great reminder that using publicly known data like Pi for key generation is extremly a risky one. As @apogio noted... these numbers are simply not random and coupled with what @Cricktor pointed out about Electrum reuse behavior is on poin!! becaus address reuse and weak entropy is definitely a dangerous combo.... I tested one Pi based key just for fun!! the address already had like 2 txs and still holds some dust in it... It makes you wonderhow many funds have already been lost to weak key experiments like this........
5 Reply Quote Share
sage_moonSenior Member
Posts: 273 · Reputation: 1371
#11Oct 30, 2020, 12:45 AM
Nothing uploaded to the internet or known to humans is immune to bots hunting for vulnerable addresses, ranging from BrainWallets to AI promts. Whichever fragment of any known number you choose, you'll be at risk. Whether it's pi, Euler, or the golden ratio... That's why so many people lost their coins with BrainWallets, I don't think it's something strange, they are just vulnerable.
0 Reply Quote Share
alt21Senior Member
Posts: 398 · Reputation: 1732
#12Oct 30, 2020, 03:28 AM
Surprisingly enough people don’t realise that if they can remember their password, then it’s probably weak. Obviously the longer the better anyway. But if the entropy source is weak, then it can be too easily broken. I enjoyed reading this: https://github.com/demining/History-of-Bitcoin-Wallet-Hacks/blob/main/README.md
4 Reply Quote Share
im_lynxHero Member
Posts: 515 · Reputation: 2161
#13Oct 30, 2020, 04:28 AM
Definitely a gamble to use publicly known data from which to derive a private key. Coming back to irrational number Pi of which according to Google around 100 trillion decimals have been computed and are therefore known. Nobody should use the starting sequence of Pi's digits, that's too obvious and apparently not a good choice (you certainly aren't the first who tried this). I wouldn't want to try, but what if you'd start your number sequence at some random point from few ten billionth or trillionths of Pi's decimals, take a number of digits equal to your age in days up to your last birthday, SHA256 this number sequence and voila, you'd have a pretty hard to guess (or precompute) private key. Again, I don't recommend this procedure in particular, I'm just trying to come up with something more resisting to quick theft. Decent random entropy and private key derived from this are your safer path. Don't loose coins the silly way.
2 Reply Quote Share

Related topics