vuke 0.9.0

Research tool for studying vulnerable Bitcoin key generation practices
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

# ANALYZE MODULE

Reverse-engineer private key origins by detecting vulnerable generation patterns.

## STRUCTURE

```
analyze/
├── mod.rs           # Analyzer trait, AnalyzerType enum, AnalysisResult
├── key_parser.rs    # Parse hex/WIF/decimal keys, cascade targets
├── output.rs        # Plain text and JSON formatting
├── milksad.rs       # MT19937 brute-force (2^32 seeds) - GPU accelerated
├── mt64.rs          # MT19937-64 brute-force (requires cascade)
├── lcg.rs           # LCG variants brute-force (2^31-32)
├── xorshift.rs      # Xorshift brute-force (requires cascade)
├── sha256_chain.rs  # SHA256 chain brute-force - GPU accelerated
├── multibit.rs      # MultiBit HD mnemonic verification
├── direct.rs        # Pattern detection (ASCII, small seeds)
└── heuristic.rs     # Statistical analysis (entropy, hamming)
```

## WHERE TO LOOK

| Task | Location |
|------|----------|
| Add new analyzer | Create `{name}.rs`, add to `mod.rs`, extend `AnalyzerType` |
| GPU acceleration | Implement `supports_gpu()` + `analyze_gpu()` |
| Masking support | Implement `supports_mask()`, use `config.mask_bits` |
| Cascade filtering | Use `config.cascade_targets` for multi-target verification |
| Result formatting | `output.rs` for text/JSON |

## CONVENTIONS

- **Brute-force**: Use Rayon `par_iter()` for CPU parallelism
- **Progress bar**: Use `indicatif::ProgressBar` for long operations
- **Early termination**: Use `AtomicBool` for found flag across threads
- **Cascade required**: 64-bit seed spaces (mt64, xorshift) MUST use cascade filter
- **Shared logic**: PRNG implementations in `src/{prng}.rs`, reuse here

## ANALYZER TRAIT

```rust
pub trait Analyzer: Send + Sync {
    fn name(&self) -> &'static str;
    fn analyze(&self, key: &Key, config: &AnalysisConfig, progress: Option<&ProgressBar>) -> AnalysisResult;
    fn supports_mask(&self) -> bool { false }
    fn is_brute_force(&self) -> bool { false }
    fn supports_gpu(&self) -> bool { false }
    fn analyze_gpu(&self, ctx: &GpuContext, ...) -> Result<AnalysisResult>;
}
```

## ANALYSIS STATUS

| Status | Symbol | Meaning |
|--------|--------|---------|
| `Confirmed` | `` | Exact seed/origin found |
| `Possible` | `?` | Heuristics suggest vulnerability |
| `NotFound` | `` | Exhaustive search, no match |
| `Unknown` | `?` | Cannot determine |

## CASCADE FILTERING

For large seed spaces (2^64), verify against multiple targets:
```bash
vuke analyze 0x15 --analyzer mt64 --cascade "5:0x15,10:0x202,20:0xd2c55"
```

**Masking formula**: `masked = (full_key & ((1<<N)-1)) | (1<<(N-1))`

## COMPLEXITY HOTSPOTS

| File | Lines | Reason |
|------|-------|--------|
| `sha256_chain.rs` | 843 | Multiple variants, GPU support, cascade |
| `milksad.rs` | 581 | Full 2^32 brute-force with GPU |
| `xorshift.rs` | 511 | Multiple PRNG variants with cascade |

**Refactoring potential**: Extract common brute-force framework (~200 lines per file), shared masking utilities (~50 lines), generic cascade formatting (~30 lines).