Just found on Reddit: BTC White Hat Bounty \ stacker news ~bitcoin

pull down to refresh

Just found on Reddit: BTC White Hat Bounty

3198 sats \ 8 comments \ @Bitman 7 Sep 2023 bitcoin

I can't vouch for the authenticity of this post on Reddit, but if you've got the time, knowledge and inclination - maybe give it a go.

××××

https://www.reddit.com/r/Bitcoin/comments/16bz3t5/btc_white_hat_bounty/

I have created a new 12-word seed phrase on TAILS and added a passphrase to it. Afterward, I deposited a non-trivial amount of bitcoin (0.22290898 BTC) into the first address associated with that key.

bc1qwuj3kkxnznaj956tx990vtl47rxgt3ezrn8zgu

To encrypt the seed phrase, I used the following command:

gpg --symmetric --cipher-algo AES256 --armor -o input.txt.gpg input.txt

It's important to note that the passphrase is not encrypted with the seed phrase.

The encryption password is an alphanumeric string. The encrypted output from this operation is as follows:

-----BEGIN PGP MESSAGE-----

jA0ECQMCD4Mh2lo1wGr80q0B8atDhcx/euP9+CkkkPm3p3+cGGE9I+lJVBuyZTD4 8EPDMEj77IuMZgGcJJJ1jUqku1fJdQLsC+VyKhjkj28omj8mlP0Lo6TvLdERX1mt 63fB7igkUf5UTZ4/H5pQmMCygmwCU9JvCqdiwbvKn3KRGRb8vC636x4gkowTJm03 JUi87QdvoImyN5UzWuDr3Kyfw4euLWiOFAL0jWcvW2518X5oXrBO2xV+aw+I1A== =K4z1

-----END PGP MESSAGE-----

I believe that my coins are SAFU, but I am extending an invitation to anyone who wants to try to decrypt the encryption and passphrase by brute force to claim the coins. If successful, congratulations, and you can have them with my compliments.

You may wonder why I am offering this challenge. Well, that's for me to know.

×××××××

In the comments, the user was questioned about the password being alphanumeric:

The encryption password is an alphanumeric string

OP you promise this is true and there are no special characters like @! ect?

Upper case & lower case and numbers only?

OP answered:

That is correct, alphanumeric.

view all related items

718 sats \ 4 replies \ @Reachableceo 7 Sep 2023

My guess on this is that $WESTERN_INTELLIGENCE_AGENCY_BOOGYMAN thinks with high confidence that some kind of gpg 0 day exists . Or , I should say, is being actively exploited/used. 0 days existing in the gpg codebase is almost certainly 100% lol.

Put some cash up that’s probably less than the daily coffee budget and see who bites.

Or alternatively, they want to find a particular collection of compute that they can’t otherwise locate, and whatever methods used for factoring the key / passphrase has a signature.

Yes, I am completely guessing. I have no idea.

54 sats \ 1 reply \ @netstatic 7 Sep 2023

I think it's more plausible that someone is trying to prove their stack is secure.

0 sats \ 0 replies \ @Bitman OP 7 Sep 2023

You may wonder why I am offering this challenge. Well, that's for me to know.

... and you to find out

I like it, as you say - OP is proving a point - they've got a really nice, long password. Maybe coming back in a year or so to write an article to make their point.

10 sats \ 0 replies \ @rijndael 7 Sep 2023

when you hear hoofbeats, it's usually horses.

It's more likely that his stack is protected this way (or he's thinking of protecting his stack that way) and this bounty is his canary-in-the-coalmine

0 sats \ 0 replies \ @Bitman OP 7 Sep 2023

Who knows, you might be right. That's some pretty smart thinking (by them and you)!

10 sats \ 0 replies \ @netstatic 7 Sep 2023

OP you promise this is true and there are no special characters like @! ect?

As if that matters LOL. It's a fools errand to try and crack this unless someone is confident they can find a bug in gpg. Even if they were able to discover the seedphrase, brute-forcing the passphrase would be a challenge on its own far exceeding the .2 BTC stored on there.

0 sats \ 0 replies \ @2bithits 7 Sep 2023

I think it might be almost impossible.

0 sats \ 0 replies \ @Bitman OP 7 Sep 2023

BTW: I've checked Bitcoin address, and it does have 0.22290898 BTC.