time lock and HODL

Cannot HODL when the market is falling? Here is a solution for you.

time lock and HODL
Hold On for Dear Life.
Easy to say hard to do.

Here is a way to time lock your balances so you can sleep well and hodl when the markets fall.

Let's use cryptography in order to time lock the wallet. Because.. what else..?

Generate yourself a wallet and encrypt its private key

Get the bx tool here https://github.com/libbitcoin/libbitcoin-explorer/releases/tag/v3.2.0
R=$(openssl rand -hex 32); P=$(bx ec-to-public -u $R | bx sha256 | bx ripemd160 | bx address-encode); K=$(bx ec-to-wif -u $R); echo "$P $K" | zip -qeP"$(openssl rand -hex 5)" "$P".zip

openssl rand -hex 5 generates random password for you.
Make sure to adjust the -hex 5 value accordingly:

  • Don't set it too high otherwise you might not live long enough until you get a power enough hardware to crack your wallet's password;
  • Don't set it too low, as you might be tempted to crack it too soon;
  • Adjust your value depending on hashcat speed (see below for more);

I am keeping it low enough to show how to crack it straight away.

Enjoy your new time locked wallet!

-rw-rw-r--  1 user user  319 Jan 12 21:20 1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip

Now use 1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz address for sending whatever amount of bitcoins you planned to hodl.

Crack your time locked wallet

When the right time comes and you have powerful enough hardware, brute-force the wallet's password to obtain your wallet's private key.

Get john (for zip2john) here https://github.com/openwall/john

Get the hash of your wallet:

$ zip2john 1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip | cut -d: -f2 > 1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip.hash
$ cat 1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip.hash
$pkzip2$1*1*2*0*63*57*2ad9e09b*0*33*0*63*2ad9*aa94*ee1a4d0d32473825f5b7b0fbcde20b3997de68ca603a85a24c35c8955ed687fcfaefdd8c252aeb4aed9601aa2d98a328ce1f077ed64bab6155fa774525c3ab37b92b64ad8a6c317bdf0e81775a7d93519c5b89d9a023e64d4f2a0b15602fa831f48f8f*$/pkzip2$

Now, use hashcat to brute-force the password

Get hashcat here https://github.com/hashcat/hashcat
$ hashcat -m 17210 -D 2 -w 1 -a 3 ./1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip.hash -1 ?h ?1?1?1?1?1?1?1?1?1?1
hashcat (v6.1.1) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
* Device #2: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
CUDA API (CUDA 11.0)
====================
* Device #1: GeForce RTX 2070 SUPER, 7237/7979 MB, 40MCU

OpenCL API (OpenCL 1.2 CUDA 11.0.228) - Platform #1 [NVIDIA Corporation]
========================================================================
* Device #2: GeForce RTX 2070 SUPER, skipped

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates

Applicable optimizers applied:
* Not-Iterated
* Single-Hash
* Single-Salt
* Brute-Force

Watchdog: Temperature abort trigger set to 90c

Host memory required for this attack: 766 MB

[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit =>

As you can see, it'd take just 5 minutes to crack 10 characters long hexadecimal password using NVIDIA GeForce RTX 2070 SUPER GPU:

[s]tatus [p]ause [b]ypass [c]heckpoint [q]uit => s

Session..........: hashcat
Status...........: Running
Hash.Name........: PKZIP (Uncompressed)
Hash.Target......: $pkzip2$1*1*2*0*63*57*2ad9e09b*0*33*0*63*2ad9*aa94*...kzip2$
Time.Started.....: Tue Jan 12 21:21:15 2021 (10 secs)
Time.Estimated...: Tue Jan 12 21:26:45 2021 (5 mins, 20 secs)
Guess.Mask.......: ?1?1?1?1?1?1?1?1?1?1 [10]
Guess.Charset....: -1 ?h, -2 Undefined, -3 Undefined, -4 Undefined 
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  3319.7 MH/s (1.24ms) @ Accel:8 Loops:16 Thr:1024 Vec:1
Recovered........: 0/1 (0.00%) Digests
Progress.........: 34115420160/1099511627776 (3.10%)
Rejected.........: 0/34115420160 (0.00%)
Restore.Point....: 8192000/268435456 (3.05%)
Restore.Sub.#1...: Salt:0 Amplifier:1696-1712 Iteration:0-16
Candidates.#1....: 1b2e199dce -> 6d2f5f6689
Hardware.Mon.#1..: Temp: 62c Fan: 30% Util: 93% Core:1950MHz Mem:6801MHz Bus:16

Password recovered: 33c698935d

$pkzip2$1*1*2*0*63*57*2ad9e09b*0*33*0*63*2ad9*aa94*ee1a4d0d32473825f5b7b0fbcde20b3997de68ca603a85a24c35c8955ed687fcfaefdd8c252aeb4aed9601aa2d98a328ce1f077ed64bab6155fa774525c3ab37b92b64ad8a6c317bdf0e81775a7d93519c5b89d9a023e64d4f2a0b15602fa831f48f8f*$/pkzip2$:33c698935d
                                                 
Session..........: hashcat
Status...........: Cracked
Hash.Name........: PKZIP (Uncompressed)
Hash.Target......: $pkzip2$1*1*2*0*63*57*2ad9e09b*0*33*0*63*2ad9*aa94*...kzip2$
Time.Started.....: Tue Jan 12 21:21:15 2021 (5 mins, 6 secs)
Time.Estimated...: Tue Jan 12 21:26:21 2021 (0 secs)
Guess.Mask.......: ?1?1?1?1?1?1?1?1?1?1 [10]
Guess.Charset....: -1 ?h, -2 Undefined, -3 Undefined, -4 Undefined 
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:  3250.6 MH/s (1.23ms) @ Accel:8 Loops:16 Thr:1024 Vec:1
Recovered........: 1/1 (100.00%) Digests
Progress.........: 984927436800/1099511627776 (89.58%)
Rejected.........: 0/984927436800 (0.00%)
Restore.Point....: 240189440/268435456 (89.48%)
Restore.Sub.#1...: Salt:0 Amplifier:3376-3392 Iteration:0-16
Candidates.#1....: 10ae19986e -> 61df5f624d
Hardware.Mon.#1..: Temp: 63c Fan: 28% Util: 92% Core:1950MHz Mem:6801MHz Bus:16

Started: Tue Jan 12 21:21:13 2021
Stopped: Tue Jan 12 21:26:22 2021

Let's unlock the wallet now:

$ unzip -c 1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip 
Archive:  1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip
[1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz.zip] - password: 33c698935d
 extracting: -                       
1Gm7w9Vaf2SCaoiAnYYhesN7FHF3HbCUjz 5JPAYt8grTKUXktdALyG9zdYaE6yd2U6BrFMgJ5RRKKN1tYZGve

The private key is 5JPAYt8grTKUXktdALyG9zdYaE6yd2U6BrFMgJ5RRKKN1tYZGve !

Important note

Make sure you have a good backup of your encrypted (time locked) wallet.
Never share it with anyone.. what if someone has an access to an array of NVIDIA A100 Tensor Core GPU's and able to crack the password much sooner?
You never know.

Alternatives

Bcoin Guide | Time Locked Bitcoin Transactions w/ CLTV
Learn how to make and redeem a time locked transaction using Bitcoinscripts with bcoin. In this guide, we will have a function thatcreates a script that locks a UTXO for a predetermined amount oftime as well as separately learn how to sign these types of specialinputs.

Donations