Private key safety
k06a opened this issue · 4 comments
Hi, could you elaborate on how private keys are being generated and brute forced? It seems like a reliable random number generator std::mt19937_64 is being fully initialized by unsigned int (https://en.cppreference.com/w/cpp/numeric/random/random_device), which could make it less reliable:
Line 111 in 75afbad
Seems like brute-forcing 2^32 seeds, each for a few seconds on top-notch hardware could expose some keys with 5-6-7 mined symbol.
Agree here, should be seeded with 64 bits or else someone may be able to brute force 5-6-7 addrs, especially in the future.
It seems that 1 GPU can do 7 symbols for 1 sec, this means 1000 GPUs can brute force all the 7-symbol vanity addresses in 50 days. This could cost a lot, but the reward could be higher. Moreover, the reward could be pre-estimated.
I came here thinking the same thing. This should be a a warning in the README really.
FUCK