0

Have anyone got a script on how to find the RSZ value of a bitcoin transaction with witness data, scanned just by inputting the hashes?

Will you please share your code?

Or at least, point me to the right direction...

Thank you...

Roy Nahar
  • 5
  • Hi Roy, we do get a lot of people asking about r, s, and z values of transactions, but I'm wholly confused by the line of inquiry. Could you perhaps enlighten me what that sort of data is useful for or why people might be interested in it? – Murch Sep 07 '22 at 17:36
  • Hi @Murch.. Some of us do work as a Network Penetration Tester. In order for us to deliver the weaknesses, we need to find the RSZ values. Then only people like you can deliver a more secure solutions. Would u be able to help me out on the script? – Roy Nahar Sep 09 '22 at 00:31
  • Thanks, it's not clear to me what sort of weaknesses you're looking for, but I don't think you're onto something if you're spending time trying to break ECDSA. – Murch Sep 09 '22 at 01:19
  • I broke the ECDSA, got the private keys without the witness script before and send the codes to be analyse. Its OK. I'm just wondering whether there are any scripts in the wind right now. Saves me a lot of time. But I guess I will have to code it myself with witness in mind. Cheers. – Roy Nahar Sep 09 '22 at 01:38
  • Do you mean that you managed to extract a private key, because someone reused a nonce with the same key but on different transactions? – Murch Sep 09 '22 at 02:34
  • hey Murch. sorry for the late reply. this method was very well known then. https://hackernoon.com/hacking-a-bitcoin-wallet-642u36sa – Roy Nahar Sep 09 '22 at 10:52
  • The problem is these days, there is this witness input thats part of the whole sigscript. hence, making all penetration testing programs obsolete if they dont factor in the witness data. do email me if u interested to find out more. im only here because i was looking for any scripts that had alrdy been wrote. thanks man. you may clone this program right here to do get the RSZ breakdown..but with witness...this program dont work. https://github.com/iceland2k14/rsz – Roy Nahar Sep 09 '22 at 10:56
  • I mean, of course… Reusing a nonce with the same key but different messages leads to a simple set of equations that can be solved for the private key. https://bitcoin.stackexchange.com/a/110814/5406. That's not "breaking ECDSA" though, that's finding people that improperly use ECDSA and stealing their funds. – Murch Sep 09 '22 at 10:57
  • https://github.com/TheBes3rdsGroup/bitcoinwalletscanner ..here is to check for wallets that has reuse R value. – Roy Nahar Sep 09 '22 at 11:00
  • well yes. thats how some people does it to steal funds. thats my work though. i report this new techniques ..or if i am able to create a new technique, my company shout them out . – Roy Nahar Sep 09 '22 at 11:02
  • Thanks for explaining. I must admit I'd be surprised if you find any cases still. – Murch Sep 09 '22 at 11:06
  • well, im from Singapore. about a month ago we had a case in a neighboring country. someone manage to crack it with witness as part of the whole script. the dude is sure not talking how he did it. hence, why im here and everywhere. nice talking to you Murch. – Roy Nahar Sep 09 '22 at 11:10

0 Answers0