January 9th - Blockchain "Analysis"
This Blog Post was originally published on adagia.org.
As I have written before I'm not only investing in Blockchain Projects (and thus cryptocurriencies) I'm also prototyping stuff and sometimes I'm trying to implement things.
One thing I've implemented on multiple chains before was a "find" cryptos thing. Basically, I'm trying to guess addresses. With bitcoin, there is a total of 2^160 (Source) addresses out of them there is only a really small portion with actual Bitcoin on them. (A typical needle in the haystack.)
But I'm not relying on the pseudo-randomness of some number generator to find an address with a balance greater than 0 on it, I'm relying on the stupidity of people and bugs in wallet software. :)
As you might know, many wallets use a 12-word seed phrase to generate the private key. If I remember correctly there was at least one bug in a wallet where the 12 words weren't as random as expected, but I'm going a step lower because the typical wordlist contains 2048 words with 12 needed you also get a pretty high number (not as high as unique bitcoin addresses but similar high).
A few years back I read a reddit post (sadly I didn't save it back then) about a guy that discovered something on the ethereum Blockchain (if I remember correctly). He found out that some "special" addresses had ETH laying on them. His conclusion was that somebody was siphoning ETH over to some Ethereum addresses where the PrivateKey was easily guessable and moving it from these addresses to another later on. But how would you know a random PrivateKey of an address?
Simply, if the PrivateKey wasn't random and instead driven from another variable inside the Blockchain: The blockhash. So from here on it gets a little bit more technical.
Basically, each Block in a Blockchain has a unique hash, I'm going to use Ethereum as an example again. IF we take a look at Block 13972039 on Etherscan you can see the hash is "0x1b79dcf45b55a0492d482abc9b7eb4e6645b0192f5027ab9f0fe771888911b09". That is basically the hexadecimal representation of a SHA256 hash.
You can use those block hashes relatively easily in Solidity (the programming language for Ethereum SmartContracts) and thus can easily derivate a PrivateKey from it (they are the same length). So with every new Block, you get at least one new PrivateKey to use (in reality you could even use other parameters of the Block: Block number, Transaction-Hashes, mining time, ...).
So if you have access to a larger Blockchain Smart contract Ecosystem where not all developers are as "good" as you are, you can easily implement something that would siphon money off to such a generated address. The complicated thing is to get it through code and peer reviews.
There is also another thing. People are bad at remembering passwords or passphrases. It would be way easier to remember a block number and every time you need to access your funds you would just need to look up the hash of that block and use it as PrivateKey.
Besides that, it is probably illegal to implement such siphoning codes, I'm not nearly as good at implementing Smart contracts to even try such an "attack". But what I can do is generate addresses from various block variables (hash, transaction hashes, ...) and check if they got money on them.
With the sheer endless amount of addresses, it is almost impossible to find something by accident. The only reason some money could be on some address is that somebody placed it there.
I had this "analysis" running on several blockchains in the past, but it is really resource-intensive and gets boring after a while. Today I set aside a small portion of my time (three or four hours) to implement one of such "finding codes" again. It is only 122 lines of codes (including empty ones) and has been running since 1 pm this afternoon and managed to get to block 13600 already. Analyzing one block (including the check for potential money) takes around one second on average.
So to go through all current blocks it would need around 17 days and I'm running it on a relatively new blockchain (which doesn't have as many blocks as others).
Maybe I'm rich tomorrow? Although I wonder if it is legal to take money if found through a mathematical (?) trick? I will think about that when I find something. :)