Offline: Turn off the Internet. Use this page offline for more safety.
Waiting for input...
Instructions: 1. Enter a TXID. 2. If two consecutive inputs share the same R-Value (R-reuse), the Private Key will be recovered. 3. Internet connection is required for API access.
Locate the cryptographic Public Key revealed during spending transactions.
[STATUS] Waiting for address input...
(Note: Public keys are hidden mathematically until the address spends funds. This tool scans the blockchain for revealed scriptSigs or Witnesses).
Instructions: Enter a WIF key where the missing characters are replaced by an asterisk (*).
Instructions: Enter a P2PKH (1...) or P2SH (3...) address and the number of transactions to analyze. This tool checks for repeated ECDSA R-values (nonce reuse) in the latest transactions, which indicates a severe vulnerability.
Instructions: 1. Enter two different TXIDs belonging to the same address. 2. The tool will extract R, S, Z, Public Key from both transactions inputs. 3. If it detects the same R-Value across any input between the two TXIDs, it will calculate the Private Key using the ECDSA formula.
Convert raw Bitcoin script (hex) to P2WSH (bc1q...) and P2SH (3...) addresses.
Instructions: 1. Paste the raw script found during the forensic scan (look for 'Witness / Redeem Script'). 2. This tool will hash the entire script to derive the P2WSH (Bech32) and P2SH addresses. 3. This is how you verify if a multisig address matches its participating public keys.
Instructions: Choose your wallet type, select word count, and enter your recovery phrase. This tool runs completely offline using CryptoJS and SECP256k1 to derive your private key securely?
Instructions: Enter an address. The tool will securely fetch its transaction history from blockchain.info and run a deep structural mathematical analysis on its spending inputs to detect 'OP_CHECKMULTISIG' and deduce the Multi-Sig rules (e.g. 2-of-3) or Single-Sig logic. Internet connection required.
Instructions: Select a wallet.dat file using the 'Choose File' button, then click Process. The tool will parse the Berkeley DB, extract the Master Key Hash (JTR format), and list all encrypted private keys mapping to their Bitcoin addresses.
Instructions: Select a wallet.dat file using the 'Choose File' button, then click Process. The algorithm will deeply analyze the Berkeley DB B-Tree leaf pages, extracting hidden metadata, KDF iteration thresholds, and architectural anomalies to determine if the encryption has weaknesses or if a bypass is theoretically possible.
Instructions: This is an advanced cryptographic exploit tool. If two different addresses (with different private keys) sign transactions using the exact same random nonce 'k' (e.g., due to a broken random number generator), this tool mathematically exploits the failure to instantly calculate BOTH private keys. 1. Enter two suspicious TXIDs. 2. The tool will check for ECDSA signature nonce collision across different addresses. 3. If an identical R-value is detected, the modular inverse algebraic exploit will trigger.
Hardware Wallet Glitch / Memory Fault Private Key Reverse Engineering
Instructions: If a hardware wallet experiences a voltage drop/CPU glitch while signing, it might output a mathematically corrupted signature alongside a valid one for the same message hash. By comparing the 'S' value of the valid signature against the faulted 'S' value, this tool uses differential fault analysis ECDSA formulas to instantaneously deduce the internal secret Private Key.
Mutate ECDSA Signatures to covertly change the TXID of a transaction
Instructions: This exploit takes advantage of the ECDSA mathematical rule where (N - S) produces a completely valid complementary signature. 1. Enter a valid raw transaction hex. 2. The tool will parse the scriptSig, isolate the 'S' value, subtract it from the curve order N, and reconstruct the transaction. 3. The resulting transaction remains 100% valid and will transfer funds, but its main TXID will be entirely different (which historically broke Mt.Gox's tracking systems).
Combine mathematical fragments to restore a Master Secret (Lagrange Interpolation)
Instructions: Advanced security models split a private key into 'N' fragments (e.g. 5 fragments), requiring at least 'M' fragments (threshold, e.g. 3) to rebuild it. Paste your fragments (Shares) X,Y coordinates in Hexformat on separate lines as 'X:Y', specify the required threshold, and the tool will use Galois Field Arithmetic to mathematically re-assemble the original Private Key.
Extract hidden ASCII/Hex metadata embedded inside transaction outputs
Instructions: Hackers and data hoarders often use the OP_RETURN opcode (0x6a) to permanently write text, website hashes, or secret messages directly into the Bitcoin blockchain. Paste a raw transaction hex, and this tool will specifically scrape all outputs looking for 0x6a opcodes, extracting and decoding the concealed payload into readable format.
Reverse Engineer the entire HD Wallet Master Key using a single leaked Child Key
Instructions: If a user exposes their 'xpub' (Master Public Key) and an attacker manages to obtain even ONE single non-hardened child private key derived from it, the attacker can use the mathematical properties of HMAC-SHA512 to instantly calculate the Master Private Key (xprv), completely compromising the entire wallet. 1. Enter the Master 'xpub' string. 2. Enter the leaked child Private Key (in Hex or WIF). 3. Enter the exact derivation path of that child key.
Breakdown and extract Public Keys hidden inside a P2SH Multi-Sig script
Instructions: A P2SH Multi-Signature address hides its participants. However, when the coins are spent, the 'Redeem Script' is revealed on the blockchain. 1. Paste the Raw Hex of the Redeem Script. 2. The tool will parse the script mathematically, determine the 'M-of-N' rules, and extract every single participant's Public Key. 3. You can then use these Public Keys to trace individual identities or further target them.
Check balances for multiple Bitcoin addresses at once (P2PKH, P2SH, Bech32)
Instructions: Enter multiple Bitcoin addresses, one per line. Supports up to 5000 addresses.
Deep scan tx history for R-reuse, Bias, and mathematical leaks. Auto-solves Private Keys on detection.
Instructions: This tool performs a persistent mathematical audit on any Bitcoin address. It extracts ALL signature components (R, S, Z) and cross-correlates them looking for R-reuse, Bit-leaks (small nonces), or pattern biases. If a direct algebraic path (R-reuse) is found, the Private Key is calculated INSTANTLY.
Build a network-bypassing child transaction to force unstick a pending transaction (Child-Pays-For-Parent) or replace by fee.
Instructions: Is your transaction stuck with low fees? 1. Paste the raw Hex of the stuck transaction. 2. Enter the Private key of the receiving end. 3. Set an aggressive high fee rate. This math engine will isolate the stuck output, draft a brand new "Child" transaction, re-calculate the SIGHASH_ALL hashes, sign it using ECDSA, and give you a Raw Transaction Hex ready to be broadcasted to trick miners into confirming BOTH transactions instantly?
Generate modern P2TR (bc1p) addresses and mathematically engineer Schnorr aggregated signatures.
Instructions: Taproot uses Schnorr signatures for better privacy and lower fees. 1. Enter your Private Key. 2. The tool calculates the X-only Public Key and applies the required TapTweak. 3. It generates the final Mainnet 'bc1p' address using Bech32m encoding.
Clean up many small balances (dust) into a single address while minimizing network fees.
Instructions: 1. List all Private Keys holding small amounts of BTC. 2. Provide a single target address where you want to pool the funds. 3. Set a low fee rate to save money. The tool will fetch UTXOs for ALL keys and build one optimized transaction.
Detect tracking transactions (Dust) used by hackers to deanonymize your wallet.
This tool scans your transaction history for small outputs (< 546 sats) and identifies patterns of "Dusting" intended to link your addresses to your identity.
Scan tx history to reveal hidden RedeemScripts and Multisig Quorums (M-of-N).
This mathematical tool looks at 'Spending Transactions' to find the original script. It can detect if a Legacy or SegWit address is part of a 2-of-3 or 3-of-5 multisig setup.
Detects shared mathematical factors (GCD) or linear relations in nonces across multiple signatures.
Detect and exploit nonces generated via Linear/Polynomial patterns (LLL Lattice Reduction).
Instructions: If the random number generator (RNG) used for 'k' is weak (e.g., LCG or increments), signatures become linked. 1. Enter RSZ lines from multiple transactions of the same address. 2. The tool will check for linear relations and generate a high-performance LLL exploit script.
Scan signatures for significantly small R-values or leading-zero biases (Hidden Number Problem).
Instructions: A 'Short Nonce' is a value of 'k' that is much smaller than the curve order (e.g., < 128 bits). This tool analyzes the 'R' value (which is a projection of k) to find statistical leakage that can be exploited by Lattice reduction.
Deep Mathematical Recovery for Double/Triple Corrupted ECDSA Signatures
Instructions:
Traditional DFA requires 1 valid and 1 faulted signature. This advanced tool uses statistical Lattice relations to solve for the Private Key when ALL signatures are faulted.
1. Use the same Z and R (common in hardware glitch scenarios).
2. Provide at least 2 or 3 faulted S-values.
3. The engine will calculate the shortest vector in the fault-lattice to deduce 'd'.
Exploit Nonces Related by Linear Algebra (Works even if R-Values are different)
Instructions:
Enter multiple R:S:Z lines from the same address. The tool will mathematically analyze EVERY possible pair attempt to solve the Linear Relation.
1. Paste your list (one R:S:Z per line).
2. Define the expected relationship (a, b).
3. The solver will run modular derivation across the entire matrix.
Recover Private Key from Inversion-Bug Nonce Vulnerability (Bulk Support)
Biased Signature Attack: Uses LLL Algorithm to solve the Hidden Number Problem (HNP).
Scan Bulk Signatures for Rotational Nonce Secretary
Reconstruct Private Keys from Fragmented Shards or Shamir Shares
Recover passwords using PBKDF2 Master Key fragments via Dictionary or Brute-Force.
Awaiting instructions...
Create a custom Master Key fragment from a password to test the cracker's accuracy.
Payload will appear here...
Direct Algebraic Key Extraction: Recovers d via R-collision analysis (k-reuse vulnerability).
Decode Base64/Hex PSBT strings to extract hidden metadata, input scripts, and signing progress.
Instructions: 1. Paste a Partially Signed Bitcoin Transaction (PSBT). 2. The analyzer will parse the binary structure to reveal UTXO details, script types, and missing signatures.
Check if an address was generated using a Vanity tool and analyze its entropy weaknesses.
Instructions: This tool checks for repeating patterns, human-readable strings, and known vanity prefixes that might indicate the use of weak random number generators during creation.
Batch scan an address or TXID for constant-Z (Value 1) vulnerabilities and automated key extraction.
Instructions:
Enter an address to scan its history (Limit default: 10).
The engine will look for SIGHASH_SINGLE signatures where index >= output count, triggering z=1.
If multiple vulnerable inputs are found, mathematical logic will attempt instant key recovery.
Recover Private Key from systems that fail to validate if points are on the secp256k1 curve (Direct CRT Logic).
Instructions:
This tool uses the Chinese Remainder Theorem (CRT) to reconstruct the private key 'd'.
1. Perform small-order discrete log attacks on invalid curves (e.g., using points on E' with small group orders q1, q2...).
2. Enter the recovered remainders (d mod q) in the format 'remainder:modulus'.
3. The engine will combine these results to solve for the full 256-bit Private Key.
Reconstruct Master Private Key from Mathematical Fragments (Lagrange Interpolation Logic).
Instructions: Enter the required number of MPC fragments (index and hex shard) to calculate the original 256-bit Private Key.
Bitcoin private keys follow a mathematical parity rule. This tool tells you if a key is Even or Odd based on the last hexadecimal digit.
[STATUS] Waiting for private key input...