Bitcoin list leaked by mistakes
However, I have not linked those to this one particular collection address yet. In the end, I found a total of four different 'discoverable' private key methods being used.
I made sure my database was filled with every block hash, merkle root, transaction id and Sha public address for private keys and let my bot run. Transactions for all four types were showing up, again for tiny amounts which I ignored.
By this time, I was watching BTC getting taken in small amounts regularly. Sometimes, I saw as many as 6 transactions fly by in one day. On Nov 12, my program saw 9 BTC transferred into an address that my database had the private key for.
I had searched for that address too to see if anyone was claiming ownership but I didn't see anything. Shortly after, I became aware of fitwear's reddit post claiming theft after someone noticed the prize amount had been topped off and linked the two events together. I contacted fitwear privately and returned their coins minus the small amount I sent to the puzzle address. Together, we contacted blockchain.
Their security team investigated but found no evidence it was their system that was at fault. I suppose it's possible his system was somehow compromised back in August and managed to import a key into blockchain.
Or someone else logged into his account, imported the key, then waited. You wouldn't need to use Sha address or block hash or txid or merkleroot if you were malware or an unauthorized login. You would at least salt or obscure the key with some bit of knowledge only you know so that only you could derive the private key as mentioned earlier. The fact that information from the blockchain itself is being used indicates it may be some transaction processing logic. Also, fitwear took extreme precautions you can read his reddit post for details.
The origin of these poison destination addresses remains a mystery. If it's the case that some wallet generation code is doing this, then it may be the case that we're seeing 'change' transactions. When you create a wallet, there maybe 20 addresses generated. They are all supposed to be random keys. If this rogue code creates one of them in this manner based on the public address string of an earlier one , then at some point, your 'change' will get put back into it as the wallet 'round-robins' through the list.
We may never know. See below for the complete list of other Sha based addresses that suffer from the same issue. I believe this is happening for others. It's likely, that the small amounts usually taken are going unnoticed by the owners.
What does this mean for bitcoin? I believe the bitcoin network itself to be secure. The bitcoin network itself may be 'trustless', but anything humans touch around its peripheries is certainly not. So even with bitcoin, it still boils down to trust. To be fair to blockchain. The other 3 methods I described above could be completely unrelated.
And they could all possibly be a really weird software bug. Most of these came from a scan I did of old transactions, not while my bot was running. Also, the list of addresses I"m providing are only the subset that have already had some BTC transacted through them. There are likely hundreds more lying dormant inside people's wallets that have not been used yet.
My bot moved coins from the last two addresses only. No one has claimed ownership from 16nX. All other transfers were the result of other people who either figured this out or are the ones who planted the bad addresses themselves since And these are some recent examples of private keys that are based on other information from the blockchain itself as stated, may be completely unrelated but still happening on a regular basis.
I think this information should be made public so that other backend systems plugged into crypto networks can guard against this sort of 'hide in plain sight' attack.
As stated earlier, I honestly set out to look for buried treasure and stumbled upon someone else's exploit.
I am a robot. I just upvoted you! I found similar content that readers might be interested in: Bitcoin Exploit - Blockchain Exploit? Are they going down? Some Background I've been following bitcoin since I first heard of it in The Experiments What follows is a description of my experiments and what led me to discover what I believe is either a scam or really bad coding error.
Experiment 1 My first experiment was to see if anyone used a block hash as a private key. Experiment 2 Similar to my first experiment, I then searched for addresses that were generated from the merkle root used as a private key. Experiment 3 I wondered at this point if anyone might have used repeated Sha on words. Here are a few: Experiment 4 My last experiment is the one that led me to believe someone was siphoning bitcoin from some service on a regular basis and has been since Take a look at this private key: However, these bytes are actually sha of this public address!
I asked myself, "Why would someone do this? Here are some more complete list at end of this doc: A Scam or a mistake? This is the address: Dinuka Samarasinghe , investment professional. Fred Ehrsam , co-founder, Coinbase. Michael Moro , director at SecondMarket. Jacoby , lawyer at WilmerHale. Marshals to do so. The auction will take place on June 27 and the results announced on June Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement.
In particular, you should try to stick to your normal routine and behaviour. If you are a high-risk source and the computer you prepared your submission on, or uploaded it from, could subsequently be audited in an investigation, we recommend that you format and dispose of the computer hard drive and any other storage media you used.
In particular, hard drives retain data after formatting which may be visible to a digital forensics team and flash media USB sticks, memory cards and SSD drives retain data even after a secure erasure. If you used flash media to store sensitive data, it is important to destroy the media. If you do this and are a high-risk source you should make sure there are no traces of the clean-up, since such traces themselves may draw suspicion.
If a legal action is brought against you as a result of your submission, there are organisations that may help you. The Courage Foundation is an international organisation dedicated to the protection of journalistic sources. You can find more details at https: WikiLeaks publishes documents of political or historical importance that are censored or otherwise suppressed. We specialise in strategic global publishing and large archives.
The following is the address of our secure site where you can anonymously upload your documents to WikiLeaks editors. You can only access this submissions system through Tor. See our Tor tab for more information. We also advise you to read our tips for sources before submitting. If you cannot use Tor, or your submission is very large, or you have specific requirements, WikiLeaks provides several alternative methods.