A GPU-accelerated ultra-fast private-key cracker for Ethereum addresses generated
by the original johguse/profanity
vanity generator. Given only the target's public key, a single modern GPU
recovers the corresponding private key in seconds to minutes by exploiting the
weak-PRNG vulnerability publicly disclosed by 1inch on 15 September 2022.
The Profanity1 break is not a new finding. 1inch disclosed it on
15 September 2022; Wintermute was drained of ~$160M five days later
by an attacker who weaponized the same bug, and roughly $3.3M more was
siphoned from smaller Profanity-generated wallets in the weeks that followed.
A working public-key-only cracker has been a known-possible threat since the
day of disclosure, and a working PoC (rebryk/profanity-brute-force)
has been on GitHub almost as long.
This particular implementation has been held privately for roughly four
years - late 2022 through early 2026 - for one reason: to give every
holder of a Profanity1 address vast, repeated, public-knowledge warnings to
move their funds. The disclosure was loud, the on-chain incidents were
louder, the safe successor (profanity2) shipped within days, and the fix
is trivial - generate a new wallet, sweep, never reuse the old address.
Four years is enough.
If you have not yet rotated, please do so before reading the rest of this README. Also, be decent. The blockchain remembers.
Profanity1 (the popular 2017 Ethereum vanity-address generator) seeded its random number generator with a 32-bit value. That collapsed the search space from astronomical 2^256 to just 2^32. With a one-time ~64 GiB precompute and only a target's public key, a modern GPU recovers the private key in just a few seconds.
k |
Example pattern | Realistic population | Crack time |
|---|---|---|---|
| 5–6 | 0x00000… |
Trivial deployer addresses | ~1 s |
| 7 | 0x0000000… |
Wintermute-class wallets, MM/router hot wallets | ~1.2 s |
| 8 | 0x00000000… |
Premium market-maker addresses | ~5 s |
| 9 | 0xfffffffff… |
Bragging-rights vanities | ~60 s |
| 10 | High-effort vanities | Rare, often demo/test | ~16 min |
| 11 | Very rare in the wild | - | ~4 hr |
| 12 | Effectively only seen in research | - | ~3 days |
Dependencies:
- OpenCL (NVIDIA, AMD, or Apple)
- libsecp256k1
- A C++17 compiler
Standard Makefile is used.
./devanity --precompute| Resource | Required |
|---|---|
| System RAM | ~48 GiB minimum, ~64 GiB ideal. |
| Peak disk | ~96 GiB |
| Final disk | 64 GiB after cleanup. |
This is research code. The code is optimized only for speed of execution, not for running environment efficiency. I have a very powerful workstation that allowed me to focus on cracking and generating what I needed instead of having to code for "regular" computers.
If your hardware can't run the full precompute phase, use a borrowed workstation and then copy over the 64 GiB of artifacts.
The full run lands in roughly ~3 minutes on an RTX 3090 + 128-thread host. YMMV.
./devanity <128-hex-public-key>| Resource | Required |
|---|---|
| GPU | 24 GiB VRAM. Multi-GPU not implemented. |
| System RAM | ~24 GiB of RAM. |
| Disk | 64 GiB. |
The public key is the uncompressed secp256k1 point X || Y in hex,
without the 04 prefix - 128 hex chars. Any signed transaction from
the target address exposes it.
./devanity 2c5eaa9b275e38b70a26852d4a40e07476e8f557360f54973a1880926db7ab488bedf599d483500df62cbcd4390bb1fecd021bb647177f60fe75f467fd6f7009Recovers 0xfffffffffad17a72c845201da9fe01ce5c891d6a (a nine-leading F hex digit
vanity address), printing the matching private key, the originating mt19937 seed,
the generator round, and the thread id. All within ~1 minute on an RTX 3090.
- Use this only on wallets you own or have explicit, written permission to audit. Cracking someone else's key is theft, full stop.
- If you used Profanity1, move your funds today. "Nobody has tried yet" is not a defense; the cracker has been public-knowledge possible since 2022. Generate a new address with a vetted wallet, sweep, and never reuse the Profanity1 address again - even for receiving.
- The safe successor is
1inch/profanity2. Use it if you still want a vanity address. Do not use the originaljohguse/profanityfor any purpose. - This tool is provided AS IS, for research and defensive use. There is no warranty.
devanity: Rodrigo Madera<madera@acm.org>profanity2: 1inch Network<info@1inch.io>profanity: Johan Gustafsson<profanity@johgu.se>
MIT License. Copyright (c) 2022–2026 Rodrigo Madera. Portions derived from
upstream projects remain subject to their respective copyrights, notices,
and license terms. See LICENSE for the full text.