Libbitcoin seeding wouldn’t contribute to an increased likelihood of finding a hash collision. For example, a poor seeding algorithm, such as one that less-than-randomly duplicates values, would only make finding a collision *less* likely. The best approach for collision finding may be to just increment from zero (ie avoiding duplicates).
Unfortunately it’s impossible to verify this claim, so I’d take it with a bit of salt. On the other hand hash collisions do happen. It’s just a matter of probability.
e
> On Mar 29, 2019, at 05:43, Neill Miller <neillm@???> wrote:
>
> Hello Mike,
>
> Interesting find!
>
> It's true that the "bx seed" command provides psuedo-random numbers
> provided by the OS. The intent of all libbitcoin commands is to never
> generate randomness internally where necessary (and to rather accept
> randomness as an input where needed), but "bx seed" is an exception,
> mostly for example purposes. To be clear, we don't recommend using it
> for strong cryptographic purposes (of which generating Bitcoin private
> keys is one such example).
>
> It is quite possible that's a reason for the collision, or at least
> that's my best guess at the moment.
>
> That said, I have run similar sorts of programs (more optimized than
> what's shown) for extended periods of time in the past out of
> curiosity and also to 'convince' myself of the same thing you were
> thinking about, and never produced a result like yours. I know we're
> not the only ones who have tried this as well :-)
>
> -Neill.
>
>> On Thu, Mar 28, 2019 at 05:32:27PM -0400, Mike Miller wrote:
>> Approximately 18 months ago I became fascinated with the magic of extremely
>> large numbers and that this is basically what's protecting my bitcoin.
>>
>> e.g. https://learnbtc.tech/PowerOfLargeNumber.jpg
>>
>> In an effort to somewhat "prove" this to myself, I whipped up a script to
>> run an endless loop generating random public/private keypairs (using the
>> libbitcoin library) and checking the received "balance" at each address,
>> and to email me if anything was found. Naturally this script never seemed
>> to "find" any bitcoin. This was comforting to me, as it meant that my
>> bitcoin was relatively safe from others doing the same thing.
>>
>> The meat of the loop is:
>>
>> $bx = '/usr/local/bin/bx'
>> $private_key = `$bx seed | $bx ec-new|$bx ec-to-wif`
>> $public_key = `$bx wif-to-public $private_key`
>> $address = `$bx ec-to-address $public_key`
>> $balance = `$bx fetch-balance $address`
>>
>> I completely forgot about this script, but it's been running all this time
>> (~18 months), just running in an infinite loop on my desktop linux box.
>> This morning I woke up to a surprise email that something had been found.
>>
>> balance
>> {
>> address 1CeuzQcb5pmM1PmyoDgV5rfPsJDkAY8ScR
>> received 1965000
>> spent 0
>> }
>>
>>
>> I used electrum to "import" the associated private key to verify this
>> amount was accessible. But I didn't move it -- of course I don't want to
>> steal the poor guy's BTC.
>>
>> I'm a little bit blown away here. I thought the known universe would hit
>> end of life before finding anything. If I can get this lucky finding a
>> needle in a haystack with few lines of Perl code, I don't feel quite as
>> safe about my bitcoin.
>>
>> Or might this mean that, despite the fact that it took 18 months to produce
>> a collision, there might be something nonrandom about the seeding mechanism?
>>
>> It says mine is Version: 4.0.0, which was the latest version at that time.
>>
>> Thoughts?
>>
>> -Mike
>
>> _______________________________________________
>> Libbitcoin mailing list
>> Libbitcoin@???
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/libbitcoin
>
> _______________________________________________
> Libbitcoin mailing list
> Libbitcoin@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/libbitcoin
::
Re: [Libbitcoin] address collision?
.%0A>%20%0A>%20Unfortunately%20it%E2%80%99s%20impossible%20to%20verify%20this%20claim,%20so%20I%E2%80%99d%20take%20it%20with%20a%20bit%20of%20salt.%20On%20the%20other%20hand%20hash%20collisions%20do%20happen.%20It%E2%80%99s%20just%20a%20matter%20of%20probability.%0A>%20%0A>%20e%0A>%20%0A>%20>%20On%20Mar%2029,%202019,%20at%2005:43,%20Neill%20Miller%20<neillm@???>%20wrote:%0A>%20>%20%0A>%20>%20Hello%20Mike,%0A>%20>%20%0A>%20>%20Interesting%20find!%0A>%20>%20%0A>%20>%20It's%20true%20that%20the%20%22bx%20seed%22%20command%20provides%20psuedo-random%20numbers%0A>%20>%20provided%20by%20the%20OS.%20%20The%20intent%20of%20all%20libbitcoin%20commands%20is%20to%20never%0A>%20>%20generate%20randomness%20internally%20where%20necessary%20(and%20to%20rather%20accept%0A>%20>%20randomness%20as%20an%20input%20where%20needed),%20but%20%22bx%20seed%22%20is%20an%20exception,%0A>%20>%20mostly%20for%20example%20purposes.%20%20To%20be%20clear,%20we%20don't%20recommend%20using%20it%0A>%20>%20for%20strong%20cryptographic%20purposes%20(of%20which%20generating%20Bitcoin%20private%0A>%20>%20keys%20is%20one%20such%20example).%0A>%20>%20%0A>%20>%20It%20is%20quite%20possible%20that's%20a%20reason%20for%20the%20collision,%20or%20at%20least%0A>%20>%20that's%20my%20best%20guess%20at%20the%20moment.%0A>%20>%20%0A>%20>%20That%20said,%20I%20have%20run%20similar%20sorts%20of%20programs%20(more%20optimized%20than%0A>%20>%20what's%20shown)%20for%20extended%20periods%20of%20time%20in%20the%20past%20out%20of%0A>%20>%20curiosity%20and%20also%20to%20'convince'%20myself%20of%20the%20same%20thing%20you%20were%0A>%20>%20thinking%20about,%20and%20never%20produced%20a%20result%20like%20yours.%20%20I%20know%20we're%0A>%20>%20not%20the%20only%20ones%20who%20have%20tried%20this%20as%20well%20:-)%0A>%20>%20%0A>%20>%20-Neill.%0A>%20>%20%0A>%20>>%20On%20Thu,%20Mar%2028,%202019%20at%2005:32:27PM%20-0400,%20Mike%20Miller%20wrote:%0A>%20>>%20Approximately%2018%20months%20ago%20I%20became%20fascinated%20with%20the%20magic%20of%20extremely%0A>%20>>%20large%20numbers%20and%20that%20this%20is%20basically%20what's%20protecting%20my%20bitcoin.%0A>%20>>%20%0A>%20>>%20e.g.%20%20https://learnbtc.tech/PowerOfLargeNumber.jpg%0A>%20>>%20%0A>%20>>%20In%20an%20effort%20to%20somewhat%20%22prove%22%20this%20to%20myself,%20I%20whipped%20up%20a%20script%20to%0A>%20>>%20run%20an%20endless%20loop%20generating%20random%20public/private%20keypairs%20(using%20the%0A>%20>>%20libbitcoin%20library)%20and%20checking%20the%20received%20%22balance%22%20at%20each%20address,%0A>%20>>%20and%20to%20email%20me%20if%20anything%20was%20found.%20Naturally%20this%20script%20never%20seemed%0A>%20>>%20to%20%22find%22%20any%20bitcoin.%20%20This%20was%20comforting%20to%20me,%20as%20it%20meant%20that%20my%0A>%20>>%20bitcoin%20was%20relatively%20safe%20from%20others%20doing%20the%20same%20thing.%0A>%20>>%20%0A>%20>>%20The%20meat%20of%20the%20loop%20is:%0A>%20>>%20%0A>%20>>%20%24bx%20=%20'/usr/local/bin/bx'%0A>%20>>%20%24private_key%20=%20%60%24bx%20seed%20%7C%20%24bx%20ec-new%7C%24bx%20ec-to-wif%60%0A>%20>>%20%24public_key%20=%20%60%24bx%20wif-to-public%20%24private_key%60%0A>%20>>%20%24address%20=%20%60%24bx%20ec-to-address%20%24public_key%60%0A>%20>>%20%24balance%20=%20%60%24bx%20fetch-balance%20%24address%60%0A>%20>>%20%0A>%20>>%20I%20completely%20forgot%20about%20this%20script,%20but%20it's%20been%20running%20all%20this%20time%0A>%20>>%20(~18%20months),%20just%20running%20in%20an%20infinite%20loop%20on%20my%20desktop%20linux%20box.%0A>%20>>%20This%20morning%20I%20woke%20up%20to%20a%20surprise%20email%20that%20something%20had%20been%20found.%0A>%20>>%20%0A>%20>>%20%0A>%20>>%20%0A>%20>>%20I%20used%20electrum%20to%20%22import%22%20the%20associated%20private%20key%20to%20verify%20this%0A>%20>>%20amount%20was%20accessible.%20%20But%20I%20didn't%20move%20it%20--%20of%20course%20I%20don't%20want%20to%0A>%20>>%20steal%20the%20poor%20guy's%20BTC.%0A>%20>>%20%0A>%20>>%20I'm%20a%20little%20bit%20blown%20away%20here.%20I%20thought%20the%20known%20universe%20would%20hit%0A>%20>>%20end%20of%20life%20before%20finding%20anything.%20%20If%20I%20can%20get%20this%20lucky%20finding%20a%0A>%20>>%20needle%20in%20a%20haystack%20with%20few%20lines%20of%20Perl%20code,%20I%20don't%20feel%20quite%20as%0A>%20>>%20safe%20about%20my%20bitcoin.%0A>%20>>%20%0A>%20>>%20Or%20might%20this%20mean%20that,%20despite%20the%20fact%20that%20it%20took%2018%20months%20to%20produce%0A>%20>>%20a%20collision,%20there%20might%20be%20something%20nonrandom%20about%20the%20seeding%20mechanism?%0A>%20>>%20%0A>%20>>%20It%20says%20mine%20is%20Version:%204.0.0,%20which%20was%20the%20latest%20version%20at%20that%20time.%0A>%20>>%20%0A>%20>>%20Thoughts?%0A>%20>>%20%0A>%20>>%20-Mike%0A>%20>%20%0A>%20>>%20_______________________________________________%0A>%20>>%20Libbitcoin%20mailing%20list%0A>%20>>%20Libbitcoin@???%0A>%20>>%20https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/libbitcoin%0A>%20>%20%0A>%20>%20_______________________________________________%0A>%20>%20Libbitcoin%20mailing%20list%0A>%20>%20Libbitcoin@???%0A>%20>%20https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/libbitcoin%0A>%20 "Reply to this message")
