Program revealing private keys of Bitcoin P2PKH addresses
Bitcoin

Program revealing private keys of Bitcoin P2PKH addresses

By Isidoro Ghezzi - 10 Mar 2019

Chevron down

When I show the web directory-js page, a program that allows exploring all the private keys of “pubkeyhash” or P2PKH Bitcoin addresses, the first reaction is almost always one of disbelief and scepticism.

screenshot of bitcoin-last-page

Even some “alleged” experts in the field of blockchain have called me an impostor, (even insulting me), accusing me of showing fake data.

But… anyone can verify that the numbers shown are not fake, for example by using privateKeyWifToAddress or other similar services both online and offline.

The second reaction, after verifying that those numbers are true, is one of discouragement and concern about Bitcoin’s security.

But don’t worry, that simple page doesn’t harm Bitcoin’s integrity in any way, on the contrary, it strengthens it.

So what’s the problem? The problem is that the human mind is limited: instinctively, it is not able to quantify how big the number 11579208923731619542357098500868790785283756427907490438260516314151816141494336 is, which is exactly the number of Bitcoin P2PKH addresses.

The security of Bitcoin is intact, merely because that page shows the result sorted by private key, not by Bitcoin address.

Thus, looking for an address with a positive balance on that page is simply impractical.

For example: suppose we want to scan all private keys in search of a positive balance and suppose that each inhabitant of the earth has a scanning speed one billion times higher than twice the current computing power of the Bitcoin network, thus:

  • 10 billion people;
  • multiplied by one billion;
  • multiplied by twice the computing power of Bitcoin, about 100 thousand terahash per second;

we obtain: 1000000000000*1000000000*100000*1000000000000 = 10^10*10^9*10^5*10^12 = 10^36

For simplicity, we rounded down ‘115792089237316195423570985008687907852837564279074904382605163141518161494336’ to 10^77, and we obtained that, if we checked every single private key, in search of a positive balance, it would take 10^77/10^36 = 10^41 seconds, how many years would it be?

Since there are about 31557600 seconds in a year, it corresponds to about 10^41/31557600 = 31^33 years, which is more or less 10^23 times the estimated age of the universe (currently estimated at 13.82 billion years), in short

100 000 000 000 000 000 000 000, i.e. about 100 billion billion times the age of the universe.

Calculating less approximately, through a simple program called calculate-number-of-universal-age.js, we obtain a result of approximately 265 billion billion times the age of the universe.

One might still ask then, how does that simple web page manage to show all the private keys of the Bitcoin P2PKH addresses?

The answer is that it doesn’t show them all, but only the ones that are being viewed. In short, knowing the page number (for example page 18092513943), the client-side program knows that it must display the 64 private keys in succession from (18092513943-1)*64+1 = 1157920892289, so the keys ranging from 1157920892289 to 1157920892352. All calculated on the client side in a few hundredths of a second, without the help of any database.

But be careful:

  • Do not use any private key, which is displayed in any of the 1809251394333065553493296640760748560200586941860545380978205674086221273349 pages available: in fact, if you can view it, so can some malware installed on your computer or mobile phone.
  • Do not try to display on that page any of your private keys: if you can view it, some malware installed on your computer or mobile phone can also do so.

And so, if there is no Bitcoin written, it’s a SCAM

06A1 72EB ED3E 6F59 5233

1984 971E 1F79 80BB 3DEB

Isidoro Ghezzi
Isidoro Ghezzi

Isidoro is a Senior software developer and a Bitcoin Core contributor

We use cookies to make sure you can have the best experience on our site. If you continue to use this site we will assume that you are happy with it.