Say I have created a paper wallet with one bitcoin address in a vault. What are chances that someone else will find the private key for this wallet?
Related: what are the chances of vanitygen address - private key pair collision?
Asked
Active
Viewed 1.9k times
10
-
related: http://security.stackexchange.com/questions/9688/what-happens-if-two-parties-have-a-same-pair-of-publicprivate-keys – Luca Matteis Feb 04 '14 at 13:18
6 Answers
7
Essentially zero. They would have to find a private key whose public key hash matched yours. The public key hash is 160 bits long. If they had a billion computers, each of which could try a billion keys a second, and they tried for a billion years, they'd have much, much less than a one in a billion chance of getting it.
David Schwartz
- 51,554
- 6
- 106
- 178
-
I understand this if you're trying to match a single public key. But with the entire blockchain freely available and the entire world possibly working on checking each private key, constantly on thousands of different computers, the chances should be slightly different than the model you described. – Luca Matteis Feb 04 '14 at 13:22
-
1I assumed a billion computers, and I gave a billion years. There are only 21 million Bitcoins. So if you figure it's not worth much trouble to steal less than 0.01 Bitcoin, that means at most there are 2 billion keys worth stealing. That doesn't change the numbers much (when you make the number of computers and number of years reasonable). – David Schwartz Feb 04 '14 at 13:24
-
-
2Since there are 21 million Bitcoins, that means at most 2.1 billion keys could hold at least 0.01 Bitcoins. – David Schwartz Feb 04 '14 at 13:27
-
Not wanting to revive this, just adding the actual numbers… 2¹⁶⁰ BTC addresses / 2,100,000,000,000,000 Satoshi = a fraction more than 695,953,160,633,763,294,382,707,063,198,230 addresses per Satochi. – e-sushi Nov 24 '14 at 10:16
6
There are around 1,461,501,637,330,902,918,203,684,832,716,283,019,655,932,542,976 possible bitcoin addresses according to BitcoinTalk.org. This makes it a very small possibility of finding another address that is being used. So the chance is around %0.
-
-
2
-
-
1@nvd To be a bit nitpicky, that would be the probability to find some specific existing address. The probability of finding any extant address is notably larger, but still probabilistically very very small. – Mar 01 '23 at 20:27
1
There is a guy who has been testing this. He has ran a computer which generates addresses and checks the balances. Out of several years, processing millions of addresses per day, to my knowledge, he has found 3 with small balances. So, you can talk theoretical, where the chances are practically zero, but when there is someone who has attained at least 1, then perhaps it's not as unlikely as the math suggests.
-
1You are new here. (1) It's not ok to put your LTC/BTC/ETH... adress in your comments. This will give you a lot of downvotes. The reason of this platform is not earning money. (2) If you tell that someone found 3 private keys of adresses, then prove it (with a link to a website/video for example). I'm pretty sure, it's not possible. – hardfork Dec 27 '17 at 09:17
0
It depends on the sort of computer you use. Current silicon based digital computers are exactly what the elliptic curve signature scheme is designed to beat, so it is highly resistant against an attack with such a computer.
Quantum computers are predicted to be able to implement Shor's algorithm efficiently. If they can be implemented with 4,000 effective Qbits they would be able to find the private key of a wallet with an exposed public key in seconds. In 2017 Aggarwal et al. predicted that it could be completely broken by a quantum computer as early as 2027, by the most optimistic estimates.
Since then research has come on in leaps and bounds, in February-March 2022 81 percent of senior UK executives expect quantum computing to have a significant impact in their industry within seven and a half years, with almost half (48 percent) believing that quantum technology will begin to transform industries as soon as 2025. Andersen Cheng, CEO of London-based cryptography company Post-Quantum says there's been some evidence that it could well be around two years away.
User65535
- 153
- 1
- 5
-3
Unfortunately the chance of finding randomly using private key is great , because wallets uses almost the same algorithm to generate private keys
-
2It is what? Great? No, the chance is approximately zero for all intents. – Claris May 13 '19 at 05:52
-
This is an interesting take. It might be true if wallets used deterministic algorithms (or bad randomness) to generate private keys. However, that would be a bad implementation mistake. Such problems do exist in practice, of course, and people have searched the blockchain for such patterns for a long time (and found/recovered/stolen lots of bitcoins in brainwallets and such). However, any good wallet should use 256 bits of randomness in generating a private key, and then the probability of collision is unimaginably small - 1 / 2^256. – stefanwouldgo May 16 '19 at 08:04
-4
The only true way to defend against this is to avoid large balances with each private key. But if people do that then it will be much easier to find something if adoption happens and active addresses continued to double every 5 years.
Assuming btc is eventually $ 2 million per bitcoin and average person saves say 200k in bitcoin. They would need 2000 keys with 0.00005 to avoid losing more than $100 though a random collision attack.
I guess there should be some kind of insurance against this happening but it goes against this idea consolidating uxtos to save fees is a good idea. It’s another reason why low fees are required for btc to work.
