Publish new brainwallet research

README.md

@@ -10,21 +10,21 @@ See [https://milksad.info](https://milksad.info) and [https://milksad.info/updat
 
 See the [statistics](generate_statistics.sh) script.
 
-#### Last Statistics Snapshot
+#### Recent Statistics Snapshot
 ```
-Number of unique weak PRNG Bitcoin wallet addresses: 264912
+Number of unique weak PRNG Bitcoin wallet addresses: 264934
-Prefix 1: 4317
+Prefix 1: 4318
-Prefix 3: 245179
+Prefix 3: 245200
 Prefix bc1q: 15415
 Prefix bc1p: 1
 
-Number of unique weak brainwallet Bitcoin wallet addresses: 19862
-Prefix 1: 19844
-Prefix 3: 10
-Prefix bc1q: 8
-Prefix bc1p: 0
-
 Number of unique weak PRNG Ethereum wallet addresses: 8938
+
+Number of unique weak brainwallet Bitcoin wallet addresses: 20298
+Prefix 1: 20174
+Prefix 3: 36
+Prefix bc1q: 88
+Prefix bc1p: 0
 ```
 This may be outdated.
 

all_bitcoin_addresses.sh

@@ -1,4 +1,4 @@
 #!/bin/bash
 
 find ./ -iname "victim*addresses*bitcoin*" -exec cat {} \; | sort -u
-find ./ -iname "brainwallet*addresses*bitcoin*" -exec cat {} \; | sort -u
+find ./ -iname "brainwallet*victim*addr*bitcoin*" -exec cat {} \; | sort -u

brainwallet/README.md

@@ -1,5 +1,5 @@
 # Discovered Brainwallets
 
-[Brainwallets](https://en.wikipedia.org/wiki/Cryptocurrency_wallet#Wallets) are cryptocurrency wallets with a private key that is directly generated from a human-chosen passphrase, not on entropy generated from a (potentially weak) random number generator. Additionally, the key derivation method is usually extremely fast, such as a fast hash algorithm operation.
+[Brainwallets](https://en.wikipedia.org/wiki/Cryptocurrency_wallet#Wallets) are cryptocurrency wallets with a private key that is directly derived from a human-chosen passphrase, instead of key entropy generated from a (potentially weak) random number generator. Additionally, the key derivation method is usually extremely fast, such as a single round of a very fast hash algorithm operation.
 
-This makes brainwallets extremely susceptible to offline brute-force attacks, so they're a great way to lose cryptocurrencies to attackers.
+This design makes brainwallets extremely susceptible to offline brute-force attacks, so they're a great way to lose cryptocurrencies to attackers.

brainwallet/direct_sha256_1_iteration/README.md

@@ -0,0 +1,18 @@
+# Single SHA256 Brainwallet
+
+For this type of brainwallets, a passphrase is hashed with one iteration of SHA256, and the resulting output is directly used as a 256 bit private key.
+
+The initial collection of Bitcoin addresses presented here is mostly based on passphrases included in the public [privatekeys.pw](https://privatekeys.pw/brainwallet/bitcoin/1) brainwallet list. (Note that we do not endorse this site or its paid services.)
+We performed some additional searches for well-known passphrases on top of this initial list.
+
+The Bitcoin addresses represent compressed and uncompressed public keys.
+
+Deliberately weak challenge wallets placed by others:
+* [btcleak.com Steal our Bitcoin - round 1](https://web.archive.org/web/20220927230855/https://btcleak.com/2020/06/14/steal-our-bitcoin-a-small-segwit-bounty/), all 10 wallets included
+* [btcleak.com Steal our Bitcoin - round 2](https://web.archive.org/web/20220927230252/https://btcleak.com/2020/06/16/steal-our-bitcoin-again/), most wallets included
+
+More public resources:
+* [Collection of 18.509 found and used Brainwallets](https://bitcointalk.org/index.php?topic=4768828.0)
+* [Brainwallets with wallet addresses as a passphrase](https://bitcointalk.org/index.php?topic=5323694.0)
+
+Due to the nature of brainwallets, the collection is not exhaustive.

brainwallet/direct_sha256_2_iterations/README.md

@@ -0,0 +1,9 @@
+# Double SHA256 Brainwallet
+
+More rare form of brainwallet with secp256k1 key derived by `sha256(sha256(passphrase))`.
+
+We expect that some of the newer `bc1q`-prefix addresses are deliberately placed canary wallets by other researchers to observe attacker behavior. A noticeable characteristic are small transfers with 300, 500, 3000 Satoshis and so on.
+
+The Bitcoin addresses represent compressed and uncompressed public keys.
+
+Due to the nature of brainwallets, the collection is not exhaustive.

brainwallet/direct_sha256_2_iterations/brainwallet_victim_addr_bitcoin_2_sha256_iterations_bloom2025_06_11__direct_key_sorted_collection.txt

@@ -0,0 +1,73 @@
+13HJmLyUjxsJ3Vkt4ZfgZmyUMiTRzvj82V
+14kK61fASN8H45LFEgPMTMerBa8ZKLLwkF
+15zoC3Z8Zq6K52JriB3Fbm3HAz3TttJ8do
+17AW72maw48ruT5PTYm4NewxREUecZvTPm
+18aMGf2AxQ3YXyNv9sKxiHYCXcBJeJv9d1
+19ycV8tM1SGSzSnTmSd6Fa1djSfagPihJi
+1C3m5mFx6SjBCpw6qLqzM8izZArVYQ9B5u
+1CMULh6ZTTYKfj7sxsv3DpYiVTPxTz5CPV
+1GpD9cJUjUpubNGkuXvvzFGKiUTmeQoYmV
+1HqC6HfkvV8rXsAiKYaW6bFEoU4U8a17rH
+1J1w8AuQQGJRTTBmzwHvRGeqGKjperYES9
+1LCGKp8zkmU3jBSdsRNfLzqsJH3qSzSxyk
+1NjdcNWcDDQNKMvyQHwYvAUJ5XkjDTcxrM
+1Pdsm5LDWGcMQpCnHLZ4NYL3qU2VFVoYxc
+3F5VdCuD2LFWvp5Uem3no2HF8TViuDVULk
+bc1q0d76yd6ptvytfzvngudyr8f9gdlmjt4l3nf0fr
+bc1q27s3lncf5aqw99t65dzflwvxhmqf5vdtm84g0q
+bc1q34eu85da5z7e0n6awssl72t3fyjdfagypnqjzz
+bc1q36a962y4g7he9s3vsma8e476f2lhvc2wgwva5e
+bc1q3acrsrgp4qcvqsdsfu3husuvevs7tqyu9p30r9
+bc1q3eyv004v4anu79wujcea29pnc5gnewwuhfve5e
+bc1q3peh8vdrjv56tf0k7lxwddjy42hgepfe4gr40l
+bc1q3ujkyu5kxtednw34k0k2mx6aveyl94tq20sqhx
+bc1q40az50s74h5ecww398cauk2gyynd9cr3r7uvyj
+bc1q43fk030cpsd4hsru8a29kkresfnghewvqdj4ga
+bc1q4d9ajunzf95hcp5gkqmn7x9m4vp7x2k9mwzptg
+bc1q4jx2kmy7puxwxk7w85f7etptg3k2ycrr3qt00g
+bc1q5v5ewpzzc4y6vaamav89uxc0euual0qfmmrw38
+bc1q629urus7j8sq2984n720w3trg52lahcslwgyyk
+bc1q6jkws4hl84wtj3089afj6289kwhcdcmt6rp8pc
+bc1q7w9v55lluatnzwsfdz8mcdt2e8ku6me52jg8sp
+bc1q82qxqldrtvrv5yhweyweeap7vjaejmh6peygmx
+bc1q92katjrttn0r32kju6ahwytlak7y2ek3hrpp44
+bc1q9q5ll2fuu4trnqh4cvu8v4y4ls32ymnd46ecpy
+bc1q9uh20xkxfmc8nnacu9gssu27pxydq9dx5ec8a9
+bc1qch5x8jhwyl7wgc6wl5umjmkmueddf9sgvcf4ud
+bc1qcn79wn8p4lewh3em9x8ywnz0c259nh9qexn7cv
+bc1qct609ms9ae0pk99axpmlfaa9lqvsa4xgyqwg2q
+bc1qe3j0zun2tema9t24055s7txgpt66g83cey09k0
+bc1qeq7l6205y9ujj33nczaaarj86llxdned67wyqy
+bc1qey3g7jrpy37z9kc3vh6g5udm6rlgymhxl8q9my
+bc1qfzz9yyxnneyg63aqepgu2hvya8mwpx7a843wll
+bc1qhjwepyp5hvdfsah97shzt0l8fj83xg2mj9d6dt
+bc1qht8vud0w9gmdcp8el9fuhce2v9j8wmehqjf05w
+bc1qj3ktmlxtv5wyfm2utp3zasez2783gctjyln72e
+bc1qjgru6cheqkvexyac6nt5tgujd9qfr39pewwqms
+bc1ql2zneujelgs38cjmrwu5m9t55jn898t3l24nh4
+bc1ql5slxyfz4yfchhzta9kuc92w9kad29wp78cyf2
+bc1qled2tcjchdumqvz2anpt9edn8gzvpwtg69vhuw
+bc1qlpwesuvfc2gpgxqee2spvyevq008q80zpl2nwa
+bc1qlura06l0krkz9yj2we0qsa4easnyhqm7hannrd
+bc1qm3mkre77g0njx7568t8zwcsu5f62296wkt65p2
+bc1qm64mn8h7ta7qmc2prj58gqxjjh2jwzfqjnytdx
+bc1qmcmn287r4dtwuhl0cu83lqqefztuvc8atrzaca
+bc1qnz5xc2jgflxevwh2zqxtk6kvuwt9j2utc8mumw
+bc1qq2pn6nh0h3vdss9pcdfdkkjh7q47kx3vr5xegn
+bc1qq8puk26nxqltw2m9zsv09jv3zwlsahwtfwtn6l
+bc1qq9cwe36kyv5hppgpjh0zhjstehrrc82m2tmmlw
+bc1qqmhdl7tf7fdu9vh8nhspvat776pqgxfw8prp08
+bc1qqp2tcc6n8z9azu2n220kfx4ew2zdre52pgpnht
+bc1qqsfprwv5jl3tht9dl26mrv6e0g4952c4ujzrzl
+bc1qru5nl43wvpw69yg0qan4jcuh5975sejqv3ft09
+bc1qsas0m4rzpmg7e3y22ypyvn300r45vde4y0hfg3
+bc1qtan9zsnf490fmwzf4gsqzje9qlvsfyzuwslxe4
+bc1qtmqjevky5fn3j7hfncthst2dgx2lx0cheqwdz5
+bc1qusamjk6zk6yarq9fluux78m2hln6lka8j5zhpp
+bc1qvxjrjenyzgtlem5an49ku62m3u3egll0s2qnfe
+bc1qw8g62mxwhmtxtt7pnpx925syzh450luauegrpa
+bc1qxepr995rpnphgkcvuuh8k4fxa8np73zvfhx69t
+bc1qxng9ejj9mylqfwqy4wd9dwsjt4yyuawkxtacua
+bc1qxx02vr8jaa8ngrqyx3nukxw8mk3quhkw6vczq7
+bc1qz62nhytv6kdryldh0uavtp5enep2ndd2f7mkjq
+bc1qzf2t5pkl7a3ruq49sere3lxh9zpltruu225lgw

brainwallet/direct_sha256_other_iterations/brainwallet_victim_addr_bitcoin_1000_sha256_iterations_bloom2025_06_11_direct_key_sorted_collection.txt

@@ -0,0 +1 @@
+1Kn26WySW9bFVku8JuvKTzvCUuPHTPvyNp

brainwallet/direct_sha256_other_iterations/brainwallet_victim_addr_bitcoin_4_sha256_iterations_bloom2025_06_11_direct_key_sorted_collection.txt

@@ -0,0 +1 @@
+17UZ4iVkmNvKF9K2GWrGyMykX2iuAYbe1X

brainwallet/single_sha256_direct/README.md

@@ -1,10 +0,0 @@
-# Single SHA256 Brainwallet
-
-For this type of brainwallets, a passphrase is hashed with one iteration of SHA256, and the resulting output is directly used as a 256 bit private key.
-
-The collection of Bitcoin addresses presented here is mostly based on passphrases included in the public [privatekeys.pw](https://privatekeys.pw/brainwallet/bitcoin/1) brainwallet list. (Note that we do not endorse this site or its paid services.)
-We performed some additional searches for well-known passphrases on top of this initial list.
-
-The Bitcoin addresses represent compressed and uncompressed public keys.
-
-Due to the nature of brainwallets, the collection is not exhaustive.

generate_statistics.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 bitcoin_address_list_rng=$(find ./ -iname "victim*addresses*bitcoin*" -exec cat {} \; | sort -u)
-bitcoin_address_list_brainwallet=$(find ./ -iname "brainwallet*addresses*bitcoin*" -exec cat {} \; | sort -u)
+bitcoin_address_list_brainwallet=$(find ./ -iname "brainwallet*victim*addr*bitcoin*" -exec cat {} \; | sort -u)
 
 echo -n "Number of unique weak PRNG Bitcoin wallet addresses: "
 echo "${bitcoin_address_list_rng}" | wc -l
@@ -13,6 +13,11 @@ done
 
 echo ""
 
+echo -n "Number of unique weak PRNG Ethereum wallet addresses: "
+find ./ -iname "victim*addresses*ethereum*" -exec cat {} \; | sort -u | wc -l
+
+echo ""
+
 echo -n "Number of unique weak brainwallet Bitcoin wallet addresses: "
 echo "${bitcoin_address_list_brainwallet}" | wc -l
 for prefix in "1" "3" "bc1q" "bc1p"
@@ -20,7 +25,3 @@ for prefix in "1" "3" "bc1q" "bc1p"
     echo -n "Prefix ${prefix}: "
     echo "${bitcoin_address_list_brainwallet}" | grep -Poh "^${prefix}" | wc -l
 done
-echo ""
-
-echo -n "Number of unique weak PRNG Ethereum wallet addresses: "
-find ./ -iname "victim*addresses*ethereum*" -exec cat {} \; | sort -u | wc -l

other/README.md

@@ -0,0 +1,5 @@
+# Other Known Weak Private Keys
+
+## Vanitygen
+
+* The `1BoatSLRHtKNngkdXEeobR76b53LETtpyT` example on https://en.bitcoin.it/wiki/Vanitygen