this is what i've been saying for the last 6 months, based on my experience with proof of work shitcoins and building PoW consensus algorithms (since 2018)
vanity addresses are a fairly robust proof because currently anything from about 8 characters of required npub (and it could just as easily be hex, there is a rough 1:1 between them just that hex is 4 bits and npubs are 5 bits per character), takes weeks to generate
there currently isn't any significant tech to accelerate derivation of public keys, so the bitcoin secp256k1 BIP-340 X-only key derivation function is the current baseline for each bruteforce attempt to find such a key
but i think it's inevitable that soon there will be at least AVX/AVX2/AVX512 parallel derivation libraries, i remember a couple of years ago seeing some early work and a paper about this
it's a big calculation using modNscalar functions but this is something that can definitely be parallelized, and i'd expect modern processors could see the ~10 minutes for 5 (25 bits) npub vanity key mine pushed down to 1-2 minutes (my key has 5 vanity characters currently, took me 4 days with btcd/decred schnorr pubkey derivation library, but now with bitcoin core secp256k1 library only 10 minutes)
unlike the signatures, which is one of the things that we benefit from in relay and client implementations from the simpler Schnorr algorithm (it eliminates a division operation, which is the slowest) the pubkey derivation is identical between ecdsa and schnorr and the only actual difference is you leave out the first (left hand side MSB) out, be it 2 or 3 normally, it is not needed for either the signatures or for the ECDH shared secret computation
so, yeah, what i'm gonna say is that it is going to kick the can down the road another few years maybe, but ultimately there will be parallel key miners using AVX and if it really becomes valuable, someone will make FPGAs to increase the parallelism
you will see, once you understand all of that, why i'm saying that it's a dead end and eventually will be forgotten
to me you all look like proof of work shitcoiners talking about this stuff, circa 5 years ago, before it became obvious that the game theory causes consolidation of proof of work mining power and why we have the zero to one principle of money (and ultimately languages, in the internet era)
mleku / mleku™️
npub1fj…mleku
2024-09-18 13:57:19
in reply to nevent1q…73vf
Author Public Key
npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmlekuPublished at
2024-09-18 13:57:19Event JSON
{
"id": "9f0abfbac510299f6a760da566a3608551b82eea5cf95fc4b35715fa78233af9",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1726660639,
"kind": 1,
"tags": [
[
"p",
"e2ccf7cf20403f3f2a4a55b328f0de3be38558a7d5f33632fdaaefc726c1c8eb",
"wss://relay.utxo.one/",
"utxo the webmaster 🧑💻"
],
[
"e",
"78913932684888ca6a560991b58dd9e64f49d106656e12071f17b441ab82dc28",
"wss://relay.utxo.one/",
"root",
"e2ccf7cf20403f3f2a4a55b328f0de3be38558a7d5f33632fdaaefc726c1c8eb"
]
],
"content": "this is what i've been saying for the last 6 months, based on my experience with proof of work shitcoins and building PoW consensus algorithms (since 2018)\n\nvanity addresses are a fairly robust proof because currently anything from about 8 characters of required npub (and it could just as easily be hex, there is a rough 1:1 between them just that hex is 4 bits and npubs are 5 bits per character), takes weeks to generate\n\nthere currently isn't any significant tech to accelerate derivation of public keys, so the bitcoin secp256k1 BIP-340 X-only key derivation function is the current baseline for each bruteforce attempt to find such a key\n\nbut i think it's inevitable that soon there will be at least AVX/AVX2/AVX512 parallel derivation libraries, i remember a couple of years ago seeing some early work and a paper about this\n\nit's a big calculation using modNscalar functions but this is something that can definitely be parallelized, and i'd expect modern processors could see the ~10 minutes for 5 (25 bits) npub vanity key mine pushed down to 1-2 minutes (my key has 5 vanity characters currently, took me 4 days with btcd/decred schnorr pubkey derivation library, but now with bitcoin core secp256k1 library only 10 minutes)\n\nunlike the signatures, which is one of the things that we benefit from in relay and client implementations from the simpler Schnorr algorithm (it eliminates a division operation, which is the slowest) the pubkey derivation is identical between ecdsa and schnorr and the only actual difference is you leave out the first (left hand side MSB) out, be it 2 or 3 normally, it is not needed for either the signatures or for the ECDH shared secret computation\n\nso, yeah, what i'm gonna say is that it is going to kick the can down the road another few years maybe, but ultimately there will be parallel key miners using AVX and if it really becomes valuable, someone will make FPGAs to increase the parallelism\n\nyou will see, once you understand all of that, why i'm saying that it's a dead end and eventually will be forgotten\n\nto me you all look like proof of work shitcoiners talking about this stuff, circa 5 years ago, before it became obvious that the game theory causes consolidation of proof of work mining power and why we have the zero to one principle of money (and ultimately languages, in the internet era)",
"sig": "ef741df71b443cdb08887ea1d550c7a98f5144b46ccd745a1b620992f7b7fb3ba2d3351d4d72d013ca6e9c9d602d3b2886fcb852027fd59ad4ce9d4c5254bdb6"
}