

The WarpWallet Challenge - ok_craig
https://keybase.io/warp?x=0
See bottom of the page.
======
sp332
Is this an underhanded plot, to get people to drain all brainwallets with
8-character passphrases?

~~~
unreal37
Ohhh nice idea.

It doesn't seem difficult to generate all 8 character alphanumeric strings,
but the 30 seconds it takes to generate the scrypt hash is the real challenge
here.

218 trillion combinations. Roughly 69 million years to generate hashes on even
half of that space.

Essentially, you need to find a hole in the algorithm, right?

~~~
sp332
What I mean is, there's no identifying information except that the wallet has
10BTC in it. Even if you could generate all the addresses at once, there's no
way to know which one is the right one!

~~~
thedufer
Except that they gave you the address. The trick is to figure out the private
key.

------
shocks
At 1000 addresses per second (probably wayyy to high) it'd take 6919 average
Gregorian years[1] to check all possible passphrases.

1:
[https://www.wolframalpha.com/input/?i=%28%28%2826%2B26%2B10%...](https://www.wolframalpha.com/input/?i=%28%28%2826%2B26%2B10%29+^+8%29+%2F+1000+%29+seconds)

~~~
unreal37
It looks like it's taking 20-30 seconds to generate one (250,000 turns of
scrypt). You'd have to spin up 20,000+ instances to even get 1000 per second.

~~~
nwh
Hardly, for the earlier challenges I managed to hit ~50 a second with native
code on a core i7. Missed out on winning any of the smaller challenges though
though.

I don't think it's worth my time unless I managed to find enough hardware to
do at least 100k attempts a second. Scrypt is executed on the CPU and the
PBKDF runs on the GPU, then the GPU sits around and waits for the CPU to get
it's job done before XORing the results. I considered making a pool, but
there's no way of knowing if people are being truthful when submitting
solutions.

It's a pity scrypt is designed to be hard to implement on hardware, or I'd
have a crack at it with some FPGAs.

~~~
WizzleKake
How'd you get the crypto_scrypt() call to go so fast?

one call to crypto_scrypt takes about a second on my machine. The pbkdf2 is
the fast part. I'm using the crypto_scrypt from here:
[https://github.com/keybase/triplesec/tree/master/contrib/scr...](https://github.com/keybase/triplesec/tree/master/contrib/scrypt-1.1.6)

~~~
nwh
I just used pieces of John the Ripper and threw together something that
worked.

~~~
WizzleKake
BS alert...

------
nightcracker
Haha, I actually made this, indirectly!

[http://crypto.stackexchange.com/questions/11786/a-key-
deriva...](http://crypto.stackexchange.com/questions/11786/a-key-derivation-
function-that-is-as-strong-as-the-stronger-of-pbkdf2-and-scrypt/11788#11788)

Shoutout to Max Krohn for actually asking though :)

~~~
maxtaco
Thank you for your construction. Cleaner than the one I dreamed up.

------
thomaslutz
Nice, somebody already built a solving tool:
[http://gen.co:4567/](http://gen.co:4567/)

~~~
christiangenco
...how on earth did you find that? I only sent the URL to one other person,
and your name is definitely not Calvin o_O

In any case, that definitely won't work. I'd run out of hard drive space on
the server it's running on before it got close to being solved.

