Hey everyone.
So my last thread got deleted without any explanation, but I think it might be because I shared my code. I'm gonna try to bring it back, but this time without the code.
I found some interesting research and analysis about calculating k nonce mathematically. I’ll share some articles that cover this. A few are more theoretical, but there’s also practical stuff. Out of roughly 1000 bitcoin signatures, they figured out how to calculate k nonce this way.
From what I gather, for the calculation to work, the components of the rsz signature need to have a specific expression, and you should be able to extract the root.
I gave it a shot, but no luck. Everything seems to check out, but the code is spitting out nonsense and k doesn’t match R from the signatures. Any ideas on where I might be going wrong? If these articles were just theory, I’d brush it off, but since there’s practical evidence showing that about 50% of signatures can successfully calculate k nonce, it makes me curious.
Here are the articles and studies I found:
### **1. SEC 1 Standard Specifications (Certicom, 2000)**
**Source:**
- **Name:** *Standards for Efficient Cryptography (SEC 1)*
- **Author:** Certicom Research
- **Year:** 2000
- **Link:** [SEC 1 v1.0 (2000)](https://www.secg.org/sec1-v2.pdf ) (official PDF from SECG)
- **Sections:**
- Appendix C (pp. 47-50) Mathematical foundations of ECDSA
- Appendix D (pp. 51-54) Derivation of signature equations
**Note:** This document shows how the ECDSA equation can be simplified to a quadratic one.
K Nonce Discussion
0 replies 55 views
?Reply
Sign in to reply to this topic
Related topics
- Looking for 3 examples of r, s, z and nonce data 19
- Testing 64-bit Nonce Collision on the Genesis Block with an Extended Header 2
- Bitcoin Core displaying coins (UTXOs) in a new tab 13
- Are you in favor of BIP-110? Let's get a Bitcoin poll going. 0
- Erlay seems to have some issues here’s a better proposal for a bitcoin protocol without invites 3
- New Optional Hourglass Implementation is Live 3