When you post a transaction, the public key is in the transaction (inside the field "sigscript") .
With the public key known you only need 2^(66/2) checks (instead of 2^66), which can be done really fast.
So some bot watched the address, obtained the public key, computed the private key from it, and front-ran the original submitter probably with a deal from a mining pool to make sure his transaction is enforced.
It is based on the fact that the upper range limit of the private key used in the puzzle is known. A securely generated private key would not be vulnerable even if its public key is known.
The second post on this thread[0] has a helpful chart that makes it easier to understand.
> When you post a transaction, the public key is in the transaction (inside the field "sigscript")
Is that true for every single Bitcoin transaction?
> With the public key known you only need 2^(66/2) checks (instead of 2^66), which can be done really fast.
Then how comes not all Bitcoin transactions are front-ran like that and Bitcoin is not worth zero already? 2^33 is indeed nothing: 8 billion (so I understand this can be easily cracked).
Ah gotcha, that's what I missed. Thanks for your explanation. For a regular address, even with the public key, if there are 256 unknown bits it'd be 2^128, which is statistically unlikely to be solvable.
When you post a transaction, the public key is in the transaction (inside the field "sigscript") . With the public key known you only need 2^(66/2) checks (instead of 2^66), which can be done really fast.
So some bot watched the address, obtained the public key, computed the private key from it, and front-ran the original submitter probably with a deal from a mining pool to make sure his transaction is enforced.