Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
How I Obtained Satoshi's Treasure Keys 1, 2, and 3 in Minutes

Today (April 16th 2019 at noon) the first major clues to discover key #1 was set to be released in a few cities. A QR code with the words 'orbital' were found at these locations and looked like this: (https://imgur.com/a/6rNmz7T). If you read the QR code with your phone you will be directed to this url: https://satoshistreasure.xyz/k1

At this URL you are prompted to input a passphrase to decrypt the first shard. An obvious first guess was to try the word 'orbital' from the QR code. Not suprisingly this worked! This reveals a congratulations page and presents the first key shard:

ST-0001-a36e904f9431ff6b18079881a20af2b3403b86b4a6bace5f3a6a47e945b95cce937c415bedaad6c86bb86b59f0b1d137442537a8.

Now, we were supposed to wait until April 17th to get clues from the other cities for keys #2 and #3 but that wouldn't stop me from digging around with all the new information we had. All that time "playing" notpron (http://notpron.org/notpron/) years ago was going to help me here.

The first thing I noticed was the k1 in the url and quickly checked to see if k2, k3, and k4 existed. I was excited to see that both k2 and k3 already existed but k4 (and anything higher) did not appear to exist yet.

The next thing I noticed was that k2 and k3 were both exactly the same setup as k1 where it wanted me to input a passphrase to "decrypt the page". I thought this was strange wording as I expected the verification to happen server side. I checked the page source to find that the actual congrats page that reveals the shard was included in the source code (albeit encrypted by the passphrase).

The source code that runs when you submit a passphrase looks like this:

document.getElementById('staticrypt-form').addEventListener('submit', function(e) {
    e.preventDefault();

    var passphrase = document.getElementById('staticrypt-password').value,
        encryptedMsg = '13ea059e2490f645da28f5f1529ca8095b1832ba95a0f3256b302ae58dca59afU2FsdGVkX1+o0KwER4WtPa8Jng8kW3vx8CpqeQkpOGSQEeNBJY0//LbZuKJXIn4ZXv7na+XWneDBFsVl/lfyd7DXAzEv+ZCWhspgBKOkVUdZcqZqBXViGkO+6UjA6Mj0ZngwfxwdsnWLLAUwTXmU40ttWzEjVzEE5nc41P1WsnYIhtXy+wNsCuHxZWHfy8l2Ga01pBBt04ZzEWffg0Z1nS6COJiflkc43pbNS3oQoW/Av3Fokhbiz+0/BV5H+s4shcqN1TYs/4mg4LvFVWb1CbpSdDncrj0YnGM03Du5IjEelFJqT36lUlLePhcdOyr5+nacK3yRSQLM1MmbIudzwktmwiXDSbQAEU71GYMdGlmfi7hnLnp/G6HyuazrmMi7DQkCe73CVa3ZqZFs6skpU7wkhsQw7WB8B1tQ3IxRfGwe30BGLGbhD7p9vzxacG3+U1foDpkXaE9hzxHhmvO6sBZHthISKcEetBuNwps1S/1iorAu9d3jc7o3O7kZ0GsJ70AdKOfaDomGqYrLoELBbhq+9ZL8kQMPYKNkOn5NHl97ZzoAHyNkecg2Pt0l3Ivzv+akPgq56NfxYU1MgDxozaWJeeqygJYUGAAFkuJdkqvGuhtMF2l9OXwWSNIlxXSaa5gHe0l9LngTDKF9xOIYjZKMn+XAmUGF5zVWuxlxotGLnt5+li3R74lT6HPOc4o+4K8cNOTXkparlKLtRwX0h9u2G5caCYjEMZTvgm0boLvl/wk3YcEzETuuO8yZU/0WofGin8X+OavxScOoxkN4Va6VqYnVS1LMbo4l3ekosl6/DrnFmPAQn6D5GAqVTwN93y8bZe1fqg+U6lkEngUy2zLM60MVwCZUOJcgJXAOjt8sF4tEXGFsDSQ+itCi7DiNi1Tzdp3xO8435SBtIki8jIv7WIJSR0Jk+Hkf/OtXXoc3j0tg/mvHPk9Z4aSYB7OpooX07Ct2Io4+s7LAN7rYyISQ5WryXa96/KtLsxAFUs+h+vohf68IvUHvmEd92f4beQtXHgfg27bBB4bvl2gPQBxfYvhDhmR/zZBW1G8MeeK6EhHJ3ZBonAOMWlxc6Zm32KQfocAy+QGqZ42ZZyvZawqkGR8/+dH6HiKVLthUJ748I+jDmnlj8uysjXhhTI5H8qUDduAo6uSxgXJ82yMirHBgDTMaAGIkNXi9VG13Ml9QqGQt8YJu2oH7hqKpm5bvKBRad4oyB/Qw8+fnXr1nBN81icg/hT6nrJGECp4Z6JNrEMrGn/4lJmeoL81+Sig7+Jg0X42P+scVwJVICr73gciB5NVCgtaUn2wH9nYBMRO41yycB+Bx/TjQ8R0yv0QZq61UC7eOecy/phNkG9Nv9Phy3KIFXzKjaK+rJHmLUl/9+Syn4XhqSwum01ABVuqo/Lpj3WOeKD9LF+hYIVu3EPAPiANgDrfnwP1O51MQONAgPiwZCpS26BmG6/NMs/FhgGAeClLnH3X3muoJv3UzxqLgqRrYXYTaQ1rCV5lOawbO6Hepht34uZ1YfINPvZu3dLXKQMInsw1Xgrb1j5tNx1Ou1QY2UwSL47Xsv7LR8ovRRm31HAtCGr0N1iNIbD4VUt/J5k0yH4nsvVRbZEplW/kwXRFQlXPs9e6qWmDKUmPlIvOTO4K+OWAGQEkYzBIi8E3XDzCvpBNurP8XSfXws/BoWphRFpPoaFB4CdVJm0LAp/OrS9OVd4bi5G2L6KE46VG5z5iw/iWD6A/uMZ9q29otw3OLOcwxeZX3dtEZCVbAlMeBaHYAOJJa2KxuD1DAja1Y2fw9iOCKw3mVOdHyStisbkIhlbmBOnU9kxowEZyNIZQuFXiak9DlcmD53c2FvaUSvihwk53m0lnAtl/lx063KSqUaJ9JOYMzKvAdPqBDCIQ3bzH8hup8CNkUiBAqjKpDa/bC+wFmq2vnLOmdBhtybHtoBW2P9zUNTZMJORP8cY8AyUDnM6oSIqTihEqxGhWEK6elSS5KQ9+231knaiiHJX/NbFGnekWhp9b9L8gq/XojrR91az3dNzf50SH7u5YgOC+TIcC6iWw9it7SsziRvevkN1lysiN19rlTyZ/QlbvERAIStQ4Qn7NEPbQ0gahCz3R5MHWvUhlAEercw0IWitThfrXiov56Rv8nhTya79HmFWP5H206jWaToTETZrWlNLVXzjxcAeTwx6aJtwa9rGeHHGnEwjtPMTPJKp7IwleA6OThen02SKVBBhIo8upB3ecy5m6JsN4P8yEjSL5zTpfX7dNzztfpzB4TKIa/ZmLriJmOm+WZGEbM/Rf7gx/WPM/TGn9QBnHjlR13qm8BvdZ0MW/BC5Yal+9b8qdfOp2cy5KeOxYR2s1S3y/SaNxG+hj7uui56RUF3qimCr7MwA/97VhMiToef1BLB+QGoZjEFu5Ui5JcyqvXlZ7+msVRq2iV458QfqWClXVRBWHNdw4L7LtwpXsLeOV/HziV3+YcGjMTYtcqW3ckNCkB7mY2ZGhpcf/qxC4SEVKz4ibQTEd0GEI7rAET6Qh1vdwAijefsnehSATwu7w2s7AwhNltn0pJbQXNFqce1D6YJk5lxvdn60uZc9hj1lW0lad9k7RopyV4IyCbyl+i0NQhacOxvKs14sskvucMXJPRuqxa8mXUgVFbYpNiTk1Uwiy4KgBRnvJIbGzd6NZFWCIr627S9sK8IQBRZzWtXEnTmWyd5Ex6PRYNuts2g2USNZnPHW9FH6bkLPenk8VBvqBZ70yOf4gJQXUaVXblmbcvfar/K61HPDRftzXN0lDadhKhV1Bk4x94kLr9mQFz4CC34zWIDKI+4pvvzbVW5AXv1VDDuEDEs9G82vob6B0znOxwFHR3G/Ponp+SlqX8Grj/z1bx5XhaEewakMCrnI4gyZ/T/55BGpmb/2ZW3/gOYsK1dJrcU4KLjEg7AZoS0IJ6UcF4LevvwiOwb5VNed9+6VrcBZ6gc0H9VKzsqq3FltKDqwda2x8/H53ynojVSYNKopeYyPq3Ndwxl1mMRyV5xeZdrZivQF/fXVX+jMqbR/P+qbbW3FYS5Q7jrRHqQm4NB1ioh1V0pxoMGtkM98kEMJT6ig92TpG75uno/Im4mU5ns3kj0zMaLvQJyJ1V8Izbyf1CNm5F7IpUpvCVZGIGf6KFETB+89AscTZ6teyK7VfoqlHl779z8gI77Rs81WBA5LSJrZ+4mK/toHg0dvRZjvNJCSc4pCRDOYhA1Y+7oVF2zWcF9Rb9LfS06iCi8Wh4GC8HIVZmTdJbq1ZlfVzJdCH6WrCMcBQI3hbDR6iGGsPBhK5BOpE62NRHpLX7hZSegypd7d+RzmqjgVA5HwjAlzCgRF26YHOeIIG27Y4LNqBLKHlaqz5ie9WSnpxaFme0w4NM7o2mbPj4bbnwCglUrgCJy0eFH77BGf7yeCEyWkDfGW3lGnuLxysmHUv2HE+hfs3TeFcYBKEqfGMR0pBQXEV1xDKkoHO1uLa8N8jAVBDhZthjZiJrEJeg0vdATd4SugrP5kKzwiOZR70VUd6y14s9S8GgyiZMpCiqoY9VGdv+vzDlssJy6XZzTSDnnJvCn38SwTfx1SX5QMs8HsVBADjlCkptVE0xYfi79AKIeXYikgqJVw0Ve+CLzcuEFATuTBdetrfwalWsYFEFBw465pQK12Sh8gHyu1IczOYnsaxjSPYHxS9APTLE3u0pShSrwy6mh8bTVWWuazszVFe2lVkAOGrOjah7kPQxl/Qay2ZqmGJN0RGxD4X5/Ttdtd0LOEvtIqki17/h77bM7bHWc9zPmeJHj0TH5bGthKvTqLQYhO3V/8VmxKJW6S67czcQAQmXayrNUzUke5R859kWl1FciB/byETiDMjUOs5+gGltgIZuFwcVRoCAYFO9yUv6bmWxVbemXH98VgvBOsSehnWLNNUL/ah163WDkxjYl33TKxxxhxegq4tsiuDQe11mksAwSukd2EbS4wK36bWW7J0RyVZ1Et7CU/55iMfaDmQTOwfUS5/8ExmdVGuGBJZakXqFy8A8DOsJ1S4XH5KWpTMznWjERdZVlhpdY91Mos12rAjRy3BPX8k5T7WE7CXviAO4R8uVEuZLi1jGK8oaJDR93H+3875cTaHUxwtGndO8iaFk2xbIMOt8KR9H42hogzKZ5E2Z51eAfvbFfK3oW+UQ9QhN5kLsgIScLI84/s9dRXM2we49vi8fD5tgA4OAmuFOq9+V7xA/GUKomjRqdPibGJk8qk61TyZt6aUCwUJKJuFlKGCyXpkVrhc2rXlkA6yPjce8QJW8PpncbNAACnCyr03ukipAp3rpLKxrbfapNIRuvU+pqrCrHJPPXr/P66ew8CcMra+KBozb/Q4MlWTFsq25gObs+kmGfcoZKZ7BapqkiX1tPx6PoktG72Z64agRSBAn+lRXyHl+OGlbdRY8DqWaI64vDqIwVMeKjZtaQEYxNHp9VDEXwydzuxaNudIt7Y5XwsleXKrqOAOtUqduIz/XNagNch2gXGkhiR6i14VHqMcgt/hrRP+ypsAAgbe7iupIwuDVLGVl2YKEfRYcGz+Z6rLOSbS78tW1pPx/1JSD0ks2bTZtQ9RytPeOizSiTNn35lLGDLo32Hgi8pc9vdwcWjCY6w76jY67exB2CFWzIo9ugu/BuA7/8leg844HrfEeAqmdsuLdzKQcsW/NGLp1O99akyJrBsUQmkdI0qP70ZfaPkRLYP8sTeXPElmLbV2SORo+PF0qJ2JvvANuOXN3+fzuxjz3cuKisHcZthO6P5+3dUrC9BJMrrkXXF4oynHOwiIPOyhJyu4GSK+oO3VGS2odPYlarXnQSTGgZReYLEyYmnLyWJ1rp67DPt+lDX19XQcBzJgs0GZTpBMb0b03o26loOoErBnTBiBEkbgeMzK41RHLu34uoCXwV0ZIHfeVFIWEWVAYeM1w7bmFmIHiHOrCsoS8COjnvJD92U04DJ7N8g2uO4jAqoDqLj3UUog6bS/ZX24wySA8RnyU9NTQYcXlHSx9ETmKeDkpjQycQA7yo5Ls2t0zm78kC7+BkX4yQOUZHMue1QDoU/Tz299/a7V7YQNzDhph596DTCUc/5ikfSK3tX1bMtM2Z0vCo6kVazuAnqtYddBFq+Zpr3IaT4gT5hstCWmlGfPaqLfwcCUgFxfsGwY5xx1M23iw9LZO+rqAb7zCigs9sgarhvc+y84YbTwYrHcc0TW0jbo7DtejTcUTLNJAeYhR2KG4MilC5LgvqGT05qHMRDjPg2kvzs7vLhiYJZwfuT+4tPhJKuCDfduWBjxylTebbN4SwWNPNI5epieSxl1apydaNdyTncXWbH1wwj2MnoMfYiy2cSCk2mhXVQ+i845Q6ZQZI17bWWDWu8NeapFjDKTrGODjHoYYm1bah+gP75d4YGB/FL9wHgkQdq/IHE8I95PLOmKWiyiI2lnX36xJkQCRzIhRCqsfXHXbJcyVUzV/j3OiNntmyPCuA+89I3s/XIcGrgMVnB4q9R8ESPQJbwr6iJCIey5M1khgVA4E+dGoHMPoMrCH6QUeLpLMdjW8hFwZwzgcSt8tKApSS95ebncA9603v4rKgc2VK0/p5HPaHtJqxzkhuAAjbf0fZ51lsHZoJkhI0mu8Gge7zXe6dVl+mC++56NOqFK4wF7Ar1pmLh0MsGU9ePXRulXmxfdtZFsoKHDiCdqWJRFQ2md0CaVFBxthklFgAiOw02IQEMr8F16YQKZtEJCTXp4VF0EhntO/1aBUXiK1alJMmNBXmS4fG13C0EEXEYlASf+UreIOcMytsuJcUyp0tAT7rbosvOIcCmGTRJV/hKRlBf9NKysl6WwNi+E74TLVwPKIQAZDcKC7JSu3dJGi0ERBjsIv7KZI9fnXVPazMnlNxiizgIm1WIAf/sLaN6oV+xmLLBz2yxiVNMLi2vqA07q+k6KwQUEExwskVbaEC5G5auL2AdCPhz2WX4PYTFIsNO9qBl9fCaaQOSSou/QiDGf2u4r4C+aI2gn4ofQGM+5IsJh/re7BjK6hGaPoD2jw5fQ+HfjcTYHCaB8j4zM5foo2cPVRXietkSzEymXigtuR+jyqGoijKc+wjVOS2/D4C9fLyYASIPKsJ2cRAFS200RY0xKbxQqr4FIp9A/cElF1MAwRHCursgcrfQDjmyu2rPavv4dPbIuNUjGi7LBKzFPp0p62LYbTGO9rqm64zOrf4cvACwFmPN6q1xDTQzLv+XE0UUM27QpcXFEuo89kIQgs0VMMfGOfvGhgwznc9ApvXFaRm9r8p7CcjKBNXFMV28WUcsGSQOgNHTUTEop/1XrRtQF1yEbfs9d3PsxRveotW6EXBFmHNoLAdgLQTBxiXNjWu9RQUPofpvyT/J5CHHhU3AhGmArVqYj2x69evb3zyxEFQVfP3ubBpp5Tw5ecjwfoIaV34arkppCX2lc/9KF4WJNwRHrqB8NYLzMMdeCbyGoVNWK/8lZrvtX1Lk3rojnfTnbaDkGmzF3qbA6ZpJ4DBn4pjY+jnuPyg3T2r2f3y1d07iPnCTWkfaiFsgKdBcbxpd0sBkZXb3Fhk3t5MFI7T/GOWi2cC3gDvvjYiE9Uiob40eNIEsdTfMPu9M3lKeTty3B71sbowqAfyC5jyPM0Rh3ohHyqNQt4no04cgUjxsojBS0sV2Bo790jDri1DbJhhw20K9ehLbl8s+NYXfTv9QnU0WjpoN7ltUD6EPDMytlKUREtSUFMIY1KE+dVAHoAVYQ04y4+cu23c72mT+KDtDZWsh7LjzA8k+VBHlDE7EUbHzzVJFmEL4zNpeJegHiga/64X6Kl0mp5J/OS1NJ/CwFInFn6weK5STf3VtJlA7t49/yeGvMWKkDju3L2idc4PBkc/51B9yfiJaz639dpo8KlbOJYlCuku1Jxc+O3z+UMo7MrUjqZ0H2HHwCEDxPCW2nX1tMtXP9fJCBLbtuTx/LVZUJsnJuMxBKjpgrR4t/QjHdYC9+xExlIbU71JYN2t1MSA1WM/YWt0fzabztdqRrW6P5+UtXEYp+7E4NeX9S4BG6LMcexd+fdH2A9j3eezYyCJ4IIvNQmei3hjSyoPWB2j3Nx/gGdHcxpre56H5Nqjksq7RdWZolpV72PuZ/BuhWJSj84dMNfL4TyQAwguYWK+LVw1iP0NzS6/Klubh8CrhSizddfsYxJRLvPwyZIOirfZjFYM3vGrcb1+mOa62keSSiPYD7quTngS/Q6LKl3iD2xhb3TL67Tpm0VXAOIABs=',
        encryptedHMAC = encryptedMsg.substring(0, 64),
        encryptedHTML = encryptedMsg.substring(64),
        decryptedHMAC = CryptoJS.HmacSHA256(encryptedHTML, CryptoJS.SHA256(passphrase).toString()).toString();

    if (decryptedHMAC !== encryptedHMAC) {
        alert('Bad passphrase!');
        return;
    }

    var plainHTML = CryptoJS.AES.decrypt(encryptedHTML, passphrase).toString(CryptoJS.enc.Utf8);

    document.write(plainHTML);
    document.close();
});

Let me break this down for you:

document.getElementById('staticrypt-form').addEventListener('submit', function(e) {});

This line is setting up the event listener for when the decryption form is submitted. This means when the form is submitted, whatever code is defined inside of function(e){} will run.

e.preventDefault();

This line isn't important but just prevents the browser from performing the default action when a form is submitted. If this wasn't included the page would likely refresh and not continue to run the code below.

var passphrase = document.getElementById('staticrypt-password').value;

This line reads the value you typed into the password box into a variable called passphrase. In our case this would hold the string "orbital" (assuming that is what you typed in).

encryptedMsg = '13ea059e2490f645da28f5f1529ca...'

I truncated this because it's a really long string but you can see the full string above. This is storing the fully encrypted passphrase and HTML of the congrats page.

encryptedHMAC = encryptedMsg.substring(0, 64);

This tells us that the first 64 characters of the encryptedMsg above represent the encrypted passphrase. This will be used to check if our passphrase is correct.

encryptedHTML = encryptedMsg.substring(64);

This tells us that the rest of the encrypted message is the actual HTML for the congrats page that contains the shard!

decryptedHMAC = CryptoJS.HmacSHA256(encryptedHTML, CryptoJS.SHA256(passphrase).toString()).toString();

Here we see that what I've been calling the "encrypted passphrase" is really the HMACSHA256 digest of the encrypted html using the sha256(passphrase). Essentially, if our passphrase is correct then the decryptedHMAC will equal the encryptedHMAC.

if (decryptedHMAC !== encryptedHMAC) {
  alert('Bad passphrase!');
  return;
}

Here we can see the check if the passphrase you provided was able to generate the encryptedHMAC. If the passphrase is not correct then the page will show you the error "Bad passphrase!"

var plainHTML = CryptoJS.AES.decrypt(encryptedHTML, passphrase).toString(CryptoJS.enc.Utf8);
document.write(plainHTML);
document.close();

If the passphrase is correct then it uses it to decrypt the encryptedHTML and then overwrites the page with the new HTML so you can see the congrats page!

After I saw this source code I realized because the check for whether or not the passphrase was correct was done locally I could brute force this using a dictionary attack. I also assumed the passphrases for k2 and k3 would be english words.

I quickly googled for a downloadable dictionary english word list and opened a new ruby script. A few minutes later I had this script:

require 'openssl'
require 'digest'

K1_encryptedHTML = "..."
K2_encryptedHTML = "..."
K3_encryptedHTML = "..."

K1_encryptedHMAC = "13ea059e2490f645da28f5f1529ca8095b1832ba95a0f3256b302ae58dca59af"
K2_encryptedHMAC = "2c5d8ae979d4dee1f33e7b3b11a8f57101e4c77e444d273dfc156f3f52a43934"
K3_encryptedHMAC = "e24b9cd8ba500e388252827e72f37b23e4c5eab209c36ce66bc3b71de45fdc4c"


File.foreach('words.txt') do | passphrase | 
  sha256Passphrase = Digest::SHA256.hexdigest(passphrase.strip.downcase)
  K1_decryptedHMAC = OpenSSL::HMAC.hexdigest('SHA256', sha256Passphrase, K1_encryptedHTML)
  K2_decryptedHMAC = OpenSSL::HMAC.hexdigest('SHA256', sha256Passphrase, K2_encryptedHTML)
  K3_decryptedHMAC = OpenSSL::HMAC.hexdigest('SHA256', sha256Passphrase, K3_encryptedHTML)
  
  if K1_decryptedHMAC.eql?(K1_encryptedHMAC)
    puts "Passphrase for K1 is #{passphrase}"
  end
  
  if K2_decryptedHMAC.eql?(K2_encryptedHMAC)
    puts "Passphrase for K2 is #{passphrase}"
  end
  
  if K3_decryptedHMAC.eql?(K3_encryptedHMAC)
    puts "Passphrase for K2 is #{passphrase}"
  end

end

Let me break it down section by section for you:

require 'openssl'
require 'digest'

Here we are just including ruby libraries that are useful working with crypto. They provide the ability to compute SHA256 and HMACSHA256 which we need for this problem.

K1_encryptedHTML = "..."
K2_encryptedHTML = "..."
K3_encryptedHTML = "..."

K1_encryptedHMAC = "13ea059e2490f645da28f5f1529ca8095b1832ba95a0f3256b302ae58dca59af"
K2_encryptedHMAC = "2c5d8ae979d4dee1f33e7b3b11a8f57101e4c77e444d273dfc156f3f52a43934"
K3_encryptedHMAC = "e24b9cd8ba500e388252827e72f37b23e4c5eab209c36ce66bc3b71de45fdc4c"

These are just storing the encrypted HTML and HMAC from each of the satoshistreasure.xyz decrypt pages source code.

File.foreach('words.txt') do | passphrase | 

This will loop over each word in my words.txt dictionary and assign each word to passphrase one at a time.

sha256Passphrase = Digest::SHA256.hexdigest(passphrase.strip.downcase)
K1_decryptedHMAC = OpenSSL::HMAC.hexdigest('SHA256', sha256Passphrase, K1_encryptedHTML)
K2_decryptedHMAC = OpenSSL::HMAC.hexdigest('SHA256', sha256Passphrase, K2_encryptedHTML)
K3_decryptedHMAC = OpenSSL::HMAC.hexdigest('SHA256', sha256Passphrase, K3_encryptedHTML)

This calculated the decrypted HMAC for all three puzzles from the current passphrase.

if K1_decryptedHMAC.eql?(K1_encryptedHMAC)
  puts "Passphrase for K1 is #{passphrase}"
end
  
if K2_decryptedHMAC.eql?(K2_encryptedHMAC)
  puts "Passphrase for K2 is #{passphrase}"
end
  
if K3_decryptedHMAC.eql?(K3_encryptedHMAC)
  puts "Passphrase for K3 is #{passphrase}"
end  

This did a quick check to see if the decrypted HMAC was equal to the encrypted HMAC. If this is true then we know the passphrase is the solution to the problem!

When I ran this scrypt in a few seconds it output:

Passphrase for K3 is blackhole
Passphrase for K2 is cosmos
Passphrase for K1 is orbital

I was shocked! That was easy :) . I checked each passphrase on the k2 and k3 decrypt pages to make sure they were correct. They were!

Hope this helps you understand how I was able to obtain three of the key shards in a few minutes. Please follow me on twitter @johncantrell97 for future #sastoshistreasure tips.

@RumPyrat
Copy link

RumPyrat commented Apr 19, 2019

What a great read! Thanks so much for taking the time. I'm going to be following you on Twitter for sure. Is there any advice you can give to a guy who doesn't know how to code? How to get into this type of coding game? this stuff absolutely fascinates me.

@leckylao
Copy link

leckylao commented Apr 19, 2019

Hi @davendrabear, can I ask how did you find the ssss URL? That looks useful

@Vuksan
Copy link

Vuksan commented Apr 20, 2019

Really nice documentation of the process.

@marcuskm
Copy link

marcuskm commented Apr 20, 2019

Hi, i wanna try doing the thing myself to learn how it is done, where should i start? How do i input the code i have written?

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 22, 2019

https://satoshistreasure.xyz/ssss is no longer available.
Key four has a different proccess to achieve. It was found few hours ago: I am posting the key here now, tomorrow I will detail something about.

ST-0004-9eeb558b5502a826d67b0bddb25f06fe4014d97aff40a5674e35b9dcc4e696b9a720e25f2ad8ae5b9b63b993dcf826258e65ae5b
They user Key 1 to achieve that ( the Gif animation of the rabbit has the clue embedded into the filé).

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 22, 2019

I am back.
Leporine Key:

The link for Key 4 solution is:
https://www.magellan.world/post/key-004-leporine-key-will-be-released-soon

The link for Key 4 ( is not /k4) os:
https://satoshistreasure.xyz/6WskbAMc8U6m3B68DdHL2QQ822odpPG

The pass frase is:
a dim light illuminated the darkness, casting shadows on the walls and revealing a single key hanging from a thread in the middle of the vault

@yavwa
Copy link

yavwa commented Apr 22, 2019

anyone with the second key? The Bismuth Key. please share if you dot mind

@mguomanila
Copy link

mguomanila commented Apr 22, 2019

you are a rockstar! bravo!!!

@suhailvs
Copy link

suhailvs commented Apr 22, 2019

@M4N0V3Y It is sad that they removed https://satoshistreasure.xyz/ssss url.
did any body copy the contents in url https://satoshistreasure.xyz/ssss.
So I created a github page with solutions, so that if something removed urls this will helpful in future.

@marcuskm
Copy link

marcuskm commented Apr 22, 2019

I have a copy of the content.
https://github.com/marcuskm/ssss/blob/master/Sathoshis%20Treasure%20ssss
Hope it works out

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 22, 2019

Thank you @marcuskm, @suhailvs, thank you guys! Let's wait next clue (key).
I think that, for while, this key combination will not help too much. But we can extract some tips:

  1. The key prefix - ST-0XXX- is part of syntax for key combination
  2. it works offline

Sending again all four keys, it's clues and passwords:
@yavwa
K1 - The Jade Key
ST-0001-a36e904f9431ff6b18079881a20af2b3403b86b4a6bace5f3a6a47e945b95cce937c415bedaad6c86bb86b59f0b1d137442537a8
password: orbital
k2 - The Bismuth Key
ST-0002-708e558bec86c4222185c944e92b15d1c83298a7e0697682b8904371b506eae7216be45c662ce73710cf5247f4381b2971cf9014
password: cosmos
k3 -
Mamoru's Key
ST-0003-310c8cf65504794702b5d29f74aa8f5d7a2a68448d57732b8bc2278a8c6526ebb2820d41a9f809a56e8b542ec029ff20ff3f0d08
password: blackhole
k4 The Leporine Key
ST-0004-
9eeb558b5502a826d67b0bddb25f06fe4014d97aff40a5674e35b9dcc4e696b9a720e25f2ad8ae5b9b63b993dcf826258e65ae5b

passfrase: a dim light illuminated the darkness, casting shadows on the walls and revealing a single key hanging from a thread in the middle of the vault

I think now all we are in the same page. Now I have to go, I have work to do. Wen drop's some news please place here!
Bye,

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 22, 2019

I am wondering... if they release ONE KEY per week, It will spend seven years to accomplish the hunt. It will be a quest!
So, I think it will evolve and some people will drop the stick along the road.
Well, this hunt can become a quest of about seven years. If yes, how long you think you can stand for that?

@suhailvs
Copy link

suhailvs commented Apr 23, 2019

@marcuskm thanks. It worked. Here is the link

@marcuskm
Copy link

marcuskm commented Apr 23, 2019

@M4N0V3Y maybe it will take seven years, but my guess is that there will be released more keys per hint, just like first time where there were released 3 keys.

@marcuskm
Copy link

marcuskm commented Apr 23, 2019

Or realese keys with a hint till the next keys.

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 23, 2019

Yeap. I think this First are the warming up for the hunt.

@julian05060506
Copy link

julian05060506 commented Apr 24, 2019

Maybe this is just a game, in order to attract more attention to the game sponsor or bitcoin, 7 years, no one knows whether bitcoin will still have value

@marcuskm
Copy link

marcuskm commented Apr 24, 2019

Maybe this hunt is for creating attention, if it is, we will probably experience a higher pace of clues being given, a seven year race does not attract a lot of attention, at least not in the first 5 years. I dont know what intention the creators had when they created this, but my guess is that they would have loved this adventure in their own life, and now, they have the money and power, they have chosen to create it for the next generation.

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 24, 2019

So, @marcuskm, seems that we will have a journey togeter ( for win or for play and have Fun) ;)

@marcuskm
Copy link

marcuskm commented Apr 24, 2019

For the journey, for the things we are gonna learn, for fun and if we win i wont complain. For the hunt.

@yavwa
Copy link

yavwa commented Apr 24, 2019

DISCLAIMER: JUST MY THINKING, PLEASE DON'T HOLD ME ACCOUNTABLE HOW YOU INTERPRET IT.

Nobody will reward the winner. what if we already have all that's needed from the 4keys already out there?
**

K1 - The Jade Key, k2 - The Bismuth Key, k3 - Mamoru's Key & k4 - The Leporine Key

**
whats the relation between this four keys? age hierarchy or just randomly picked ?

@yavwa
Copy link

yavwa commented Apr 24, 2019

DISCLAIMER: JUST MY THINKING, PLEASE DON'T HOLD ME ACCOUNTABLE HOW YOU INTERPRET IT.

Nobody will reward the winner. what if we already have all that's needed from the 4keys already out there?
**

K1 - The Jade Key, k2 - The Bismuth Key, k3 - Mamoru's Key & k4 - The Leporine Key

**
whats the relation between this four keys? age hierarchy or just randomly picked ?

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 24, 2019

@yavwa they are surely related to build the whole passphrase for the chest of treasure! (LOL) ... but I catch your thoughts, buddy.
If they can be combined to lead us to next clues... well, I can't bound Jade, Bismuth, Mamoru and Leporine yet for raise next clues by now. Maybe you are starting to walk through conspiracy theory about those keys (LOL) or maybe they are related and it's relation shall provide clue for other keys... hum, I think if worth to spend time wondering about if they are bound or not ( for generate new clues )... by now... Is it worth? too soon to tell.
Let's wait next key to be released, let's break it and try to feel if they are bound or not (for generate clue for other keys ).

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 26, 2019

Next key - The Hunted Key ( coming soon).

@M4N0V3Y
Copy link

M4N0V3Y commented Apr 27, 2019

Guys. The main page changed. Now they are saying "... CLUES HERE FREQUENTLY,..." instead " ... CLUES HERE EVERY SUNDAY NOOM PST...". So, they may start publish more times than once a week from now on. I think they are reading stuff we post around in the web.... Let's see. The hunt is become more funny than before!

@amingilani
Copy link

amingilani commented Apr 29, 2019

Hey guys, please install the Wayback Machine or Achive.org's add-on and keep archiving the clue pages as you run into them. They keep removing stuff.

Also, the Hunter Key is out.

@amingilani
Copy link

amingilani commented Apr 29, 2019

Hey guys, please install the Wayback Machine or Achive.org's add-on and keep archiving the clue pages as you run into them. They keep removing stuff.

Also, the Hunter Key is out.

@marcuskm
Copy link

marcuskm commented Apr 29, 2019

Yes, and the first person has been located.

@suhailvs
Copy link

suhailvs commented Apr 30, 2019

Agent 1

https://www.facebook.com/jeffery.durand
Location: France, ask him for address
Book: stories of ibis (Japanese version)

@suhailvs
Copy link

suhailvs commented May 26, 2019

i updated my page with clues: https://suhailvs.github.io/treasure

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment