Web3 Beginner Series: Want to Get Rich by Luck? Let’s Talk About Blockchain “Credential Striking”

So here’s the question: Can I write a program to generate random addresses like crazy, and maybe I’ll stumble upon a rich address?

What is “address collision”?

Plain explanation

Imagine this:

• There are 10^48 lockers in the world (this is 1 followed by 48 zeros).
• There are approximately 100 million lockers containing money.
• You now need to randomly guess a cabinet number to see if you can win a prize.

This is the “address collision” in blockchain—randomly generating addresses in the hope of colliding with an address that has a balance.

How are blockchain addresses generated?

Simplified process:

1. Generate a random number (private key)

2. Calculate the public key using mathematical formulas.

3. Hash the public key to obtain the address.

It’s that simple! An address is generated instantly.

Try it yourself: Generate a wallet address in 10 lines of code

Step 1: Installation 道具s

Step 2: Writing code

Create a new file named “create-wallet.js”:

Step 3: Run

The output is similar to:

That’s it! You’ve generated a wallet address. 🎊

Can I generate addresses like crazy and try my luck?

“Address collision” program example

Of course you can try! Write a loop:

Of course, the first thing we need to do is register a ZAN account, activate the node service, and obtain the rpcUrl (https://docs.zan.top/docs/quick-start-ガイド).

Execution results

Just how difficult is it? Let’s do the math.

Basic data

What is the concept of 10^-40?

Let’s understand this in a more down-to-earth way:

1. Buy lottery tickets 🎫

In other words, if the difficulty of winning the lottery is “to randomly find someone in all of China who happens to be you”, then the difficulty of address collision is “to randomly select one atom from all the atoms in the universe and get it right 40 times in a row”.

2. Gacha game 🎴

Suppose you are playing a game:

• SSR shipment rate: 0.6% (0.6%)
• It seems like it’ll be hard to smoke now, right?

Now let’s calculate address collisions:

• This is equivalent to drawing 18 SSRs consecutively (assuming a probability of 0.6%).
• Or rather, all 18 shots were golden.

Do you think it’s possible? 😂

3. Everyday Life Scenarios 🌍

Why is it so difficult? Mathematical principles.

The vastness of the address space

An Ethereum address looks like this:

If you remove “0x”, there are 40 hexadecimal characters, which is 160 bits .

Number of possible combinations:

The pronunciation would be something like: “One thousand four hundred and sixty-one incredible five thousand…” (which is beyond the scope of Chinese numeral naming conventions).

Real-world examples

Has anyone succeeded? 🤔

From the birth of Bitcoin in 2009 to the present (16 years):

• ✅ Zero successful collisions: No one has ever successfully matched another person’s wallet using a randomly generated address.
• ✅ Zero-case private key cracking: No one has ever cracked the private key through brute force computation.

What happened to those stolen wallets?

All the “wallet theft” incidents you’ve heard of have the same cause:

Key point: All the thefts were due to human error , not because the math was cracked.

Do I still need to worry about safety?

Mathematically: Absolutely safe ✅

if only:

• Your private key is truly randomly generated (not using a sequence like “1234567890”).
• You didn’t reveal your private key to anyone.

Mathematically , no one can crack your wallet.

Actually: Pay attention to these ⚠️

Although credential stuffing is unlikely to succeed, you should still be careful:

❌ Things you should never do

✅ The correct approach

Quick Summary

Key points

1. Generating addresses is super easy: 10 lines of code can generate countless addresses.
2. Address matching is extremely difficult: 10^32 times harder than winning the lottery.
3. Mathematics is safe: No one has successfully collided with it since 2009.
4. Humans are the biggest vulnerability: all thefts are due to the leakage of private keys, not the cracking of mathematical methods.

In short

Instead of wasting time searching for addresses, go buy a lottery ticket; instead of buying a lottery ticket, work hard. 😄

For those who want to try address collision

If you really want to try:

Appendix: Complete Address Collision Simulator

Want to experience what it feels like to “never get a result”? Here’s the full version:

The very last

Remember these three sentences:

1. Generating the address is very simple ; it only takes a few lines of code.
2. Address matching is impossible; it’s infinitely more difficult than winning the lottery.
3. Protect your private key ; it’s the only security vulnerability.

⚠️ Important Reminder ⚠️

Never use the mnemonic phrase and private key from online sample code!

Never tell anyone your private key!

Never tell anyone your private key!

Never tell anyone your private key!

(I’ll say it three times because it’s important)

This article was written by KenLee of ZAN Team (X account ザンチーム ).

この記事はインターネットから得たものです。 Web3 Beginner Series: Want to Get Rich by Luck? Let’s Talk About Blockchain “Credential Striking”Recommended Articles

Related: Three major Asian exchanges boycott cryptocurrency treasury companies

Original translation: Joe Zhou, Foresight News Hong Kong Exchanges and Clearing Limited (HKEX) has questioned at least five companies planning to transform into DATs (digital asset treasury companies), saying current regulations prohibit firms from hoarding excessive liquidity. Resistance to DATs has also emerged in India and Australia, where local exchange operators have similar concerns, potentially stalling the plans of many cryptocurrency treasury companies. In the Asia-Pacific region, Japan is a special case. Local listing rules are relatively relaxed for digital asset treasury companies, giving them considerable latitude. Even there, however, signs of friction are beginning to emerge—for example, MSCI has proposed removing large cryptocurrency treasury companies from its global indexes. The three major stock exchanges in the Asia-Pacific region are boycotting companies that masquerade as listed companies but whose primary…