Private key safety

[k06a]

Hi, could you elaborate on how private keys are being generated and brute forced? It seems like a reliable random number generator std::mt19937_64 is being fully initialized by unsigned int (https://en.cppreference.com/w/cpp/numeric/random/random_device), which could make it less reliable:

profanity/Dispatcher.cpp

Line 111 in 75afbad

std::mt19937_64 eng(rd());

Seems like brute-forcing 2^32 seeds, each for a few seconds on top-notch hardware could expose some keys with 5-6-7 mined symbol.

[ryley-o]

Agree here, should be seeded with 64 bits or else someone may be able to brute force 5-6-7 addrs, especially in the future.

[k06a]

It seems that 1 GPU can do 7 symbols for 1 sec, this means 1000 GPUs can brute force all the 7-symbol vanity addresses in 50 days. This could cost a lot, but the reward could be higher. Moreover, the reward could be pre-estimated.

[rhamnett]

I came here thinking the same thing. This should be a a warning in the README really.

[liamzebedee]

FUCK