←back to thread

Sleeping beauty Bitcoin wallets wake up after 14 years to the tune of $2B

(www.marketwatch.com)
191 points aorloff | 1 comments | 04 Jul 25 18:41 UTC | HN request time: 0.204s | source
Show context
mattlondon ◴[04 Jul 25 19:06 UTC] No.44467062[source]
Maybe that guy who was digging up a landfill to find his old HDD finally found it!

Seriously though, what are the odds that someone has been quietly spending 10s/100s of millions in cloud compute to brute force the keys for old wallets?

replies(12): >>44467081 #>>44467123 #>>44467396 #>>44467750 #>>44469927 #>>44470471 #>>44470497 #>>44470630 #>>44470975 #>>44471691 #>>44471790 #>>44472481 #
throw310822 ◴[04 Jul 25 19:58 UTC] No.44467396[source]
> what are the odds that someone has been quietly spending 10s/100s of millions in cloud compute to brute force the keys for old wallets?

Even if that were possible, you could brute force one wallet. Not eight wallets closely related to each other.

replies(3): >>44468059 #>>44470114 #>>44470834 #
Scoundreller ◴[04 Jul 25 21:38 UTC] No.44468059[source]
Keys created with an RNG that turned out to be a little too predictable?

Or some other flaw found in a wallet’s key generation?

Kinda like what happened here: https://news.ycombinator.com/item?id=6195493

(Or exactly that but nobody tried to attack this again with moar power?)

replies(3): >>44468461 #>>44470272 #>>44470808 #
1. mattlondon ◴[05 Jul 25 07:36 UTC] No.44470808[source]
Yeah - assuming this was not the rightful owner (which it might well be), my gut is that perhaps someone found an implementation flaw/quirk in some old wallet code/keygen/RNG that effectively reduced the keysize down to something more manageable for brute-forcing. In ye olden days Bitcoin was still something of a curio for geeks and nerds and not the industry it is now, so it would not be unreasonable IMO for there to be some slightly-less-than-perfect implementations floating around from hobbyists or open source etc - the stakes were lower then.

If there was say a vulnerability in a specific wallet version it would be quite possible to narrow down search space to only the wallets/addresses around that point in time etc as well, making it easier to target your brute-forcing efforts.

It will be interesting to see if any other dormant wallets from around the same era wake up too.