Discussion thread here: <a href="https://bitcointalk.org/index.php?topic=1306983.msg64526037#msg64526037" rel="nofollow">https://bitcointalk.org/index.php?topic=1306983.msg64526037#...</a><p>Bitcoin puzzles are private keys with just a few unknown bits so that anyone can bruteforce them to collect a reward. Puzzle 66 contained 66 unknown bits and had 6.6 BTC deposited into it by the initial puzzle creator. The private key was 0x000000000000000000000000000000000000000000000002832ed74f2b5e35ee or 256 bits with mostly zeroes but 66 random ones.<p>The next Bitcoin puzzle, #67, has 67 unknown bits, and contains 6.7 BTC up for grabs: <a href="https://www.blockchain.com/explorer/addresses/btc/1BY8GQbnueYofwSuFAT3USAhGjPrkxDdW9" rel="nofollow">https://www.blockchain.com/explorer/addresses/btc/1BY8GQbnue...</a><p>The previous puzzle by order of difficulty was #64 (not #65, because see below) and was solved on 9/9/2022, so about 2 years ago. In other words, it took about 2 years of compute time to run the 2^66 bruteforcing task.<p>Puzzles that are multiple of 5 (#65 or #70) are special: they have twice more entropy. So that private key #65 doesn't have 65-bit of entropy but 130-bit of entropy. And the creator of the puzzle intentionally published their public key on the blockchain. When you know the public key, brutetforcing the n-bit private key only requires 2^(n/2) work. So puzzle #65 with a 130-bit key actually require bruteforcing up to only 2^65 keys.
Looks like the coins were stolen by a bot:<p>> <a href="https://bitcointalk.org/index.php?topic=1306983.msg64535839#msg64535839" rel="nofollow">https://bitcointalk.org/index.php?topic=1306983.msg64535839#...</a><p>I'm not super familiar with the concept (and I'm too lazy to look into it TBH), but I think the would-be winner posted the private key before enough (any?) blocks were mined, and the thief posted a transaction with a bigger fee, and the thief's transaction was in the block that got mined.
Interesting: Reading the first page of the bitcointalk forum, the puzzle originated from this wallet, which has an incredible amount of volume going through it. 10,000+ transactions and over a million BTC sent/received.<p><a href="https://www.blockchain.com/explorer/addresses/btc/173ujrhEVGqaZvPHXLqwXiSmPVMo225cqT" rel="nofollow">https://www.blockchain.com/explorer/addresses/btc/173ujrhEVG...</a>
We had fraudsters using modal.com compute to solve this challenge. It's not traditional mining software so it didn't initially get flagged, but we've updated our detection to catch it now[1].<p>1. <a href="https://modal.com/blog/catching-cryptominers" rel="nofollow">https://modal.com/blog/catching-cryptominers</a>
Is there something unique or special about the private keys that are guessed? This seems like an incredibly wasteful allocation of compute (which wouldn’t be surprising given that it’s bitcoin but still)
What I don't understand, hopefully someone is still reading it here: The hint says this:<p>>> First output: take random number from 2^0 upto 2^1-1, use it as private key
>> Second output: take random number from 2^1 upto 2^2-1, use it as private key
>> Third output: take random number from 2^2 upto 2^3-1, use it as private key<p>To me it sounds like that wallet #10 has a range from 2^9 to 2^10 - 1 - so you don't actually need to check previous bits. But somehow it seems like everyone is crawling through the whole range of possible private key. Doesn't make sense, does it? Am I missing something?
Another good resource on these puzzles: <a href="https://privatekeys.pw/puzzles/bitcoin-puzzle-tx" rel="nofollow">https://privatekeys.pw/puzzles/bitcoin-puzzle-tx</a>
Can someone EILI5?<p>I thought cracking anything to steal bitcoin was impossible due to the keys sizes involved? Is this possible because a portion of the key is already available so there is less to crack?<p>Which key is known? The public or private? Another comment said the “now known public” but then also said the private key can now be recovered by cracking it? Two keys need to be cracked?<p>What kind computing power is needed to crack both keys and how long?<p>Thanks. Sorry, I’m an idiot when it comes to bitcoin.
my assumption is the only way you will be able to stop any bot from double spend attack is to multisig the puzzle address when its solved so any transaction there forth would need your main wallets or any wallet that you set up to need its signature or signature(s) if using multiple before any transactions are made but you will need to be quick about it maybe even setting up your own script or bot to do so i find it wild that the solver didn't think that someone could swoop in and take the reward i multisig all my addresses for that very reason and yes i know a lot about mutisig it's impossible to use a double spend attack with that set up
So while this is going on <a href="https://www.youtube.com/watch?v=Vl6VhCAeEfQ" rel="nofollow">https://www.youtube.com/watch?v=Vl6VhCAeEfQ</a> (ted talk)<p>a lot of people created co2 to take part in a btc lottery and the winner was now randomly found.<p>I hate crypto :|