How to Safely Claim Your Bitcoin Puzzle Reward (Without Losing It to Bots)

So you found a private key in Bitcoin Puzzle. What now?

Take a deep breath. Don't panic, don't get carried away with excitement. If you follow this guide carefully, step by step, you'll be able to claim your reward safely — without losing it to front-running bots.

We'll use a real private key and address throughout this guide to make things more concrete:

Private Key (Hex):
e7751904351bce5e4b99705d0f73f49ad46a0bfcfe6ad3329b2815cff5e51c65

Bitcoin Address:
1HFEcnxP2J1WMT8PF1LkSkcYs2LsKWMBCH

Step 1 — Store your private key somewhere safe

Write the hex key down on paper or store it in a secure, encrypted location. If it makes you feel safer, you can disconnect from the internet at this point.

Step 2 — Download Electrum 4.3.4

This is one of the last versions that allows you to disable RBF (Replace-By-Fee). Do not use a newer version.

https://download.electrum.org/4.3.4/

If the installer prompts you to update, decline and continue with the current version.

Step 3 — Convert your key to WIF format

Electrum requires the private key in WIF (Wallet Import Format). You have three options:

Option A: Use our tool offline: https://btcpuzzle.info/tools/hex-to-wif

Option B: Run the following Python script yourself:

import base58
import hashlib

def hex_to_wif(hex_private_key):
    extended_key = '80' + hex_private_key
    first_hash = hashlib.sha256(bytes.fromhex(extended_key)).digest()
    second_hash = hashlib.sha256(first_hash).digest()
    checksum = second_hash[:4]
    extended_key += checksum.hex()
    wif = base58.b58encode(bytes.fromhex(extended_key)).decode()
    return wif

wif = hex_to_wif("e7751904351bce5e4b99705d0f73f49ad46a0bfcfe6ad3329b2815cff5e51c65")
print("WIF:", wif)

Option C: You can use any other method you trust. We do not recommend any website for this purpose (including btcpuzzle.info). You can easily do this on your own computer with your own simple code.

Step 4 — Open Electrum and import your key

Click through the setup until you reach the wallet type screen. Select "Import Bitcoin addresses or private keys". Paste your WIF-formatted key into the field. You can skip setting a password if you prefer.

Step 5 — Disable RBF

Go to Tools → Preferences. Turn off "Use Replace-By-Fee". On the same screen, enable "Advanced Preview". This step is critical — if RBF is left on, bots can replace your transaction with a higher-fee one and steal your funds.

Step 6 — Set up the send screen

Go to the Send tab. Enter your own wallet address as the destination. Use the "Max" button to fill in the amount. Sending the full balance is essential — if any amount is left behind, bots can sweep it.

Step 7 — Set the fee rate

In the advanced preview window, confirm that RBF is shown as disabled in the top right. Then update the "Target fee" field at the bottom using the minimum fee rate listed on: https://slipstream.mara.com

You can go higher than the minimum if you want faster confirmation.

Step 8 — Finalize, but do NOT broadcast

Click "Finalize". Double-check the destination address and the amount. Do not click "Broadcast" — that would push the transaction directly to the mempool, where bots are watching.

Step 9 — Sign and export to file

Click "Sign". Then use "Export → Export to file" in the bottom left to save the signed transaction file. Close Electrum.

Step 10 — Submit via Slipstream

Open the exported file with a text editor. Copy the long hex string starting with 020... (it may start differently in some cases). Go to https://slipstream.mara.com, paste the value into the input field, and click "Activate Slipstream".

If you see "Transaction submitted" — you're done.

With this method, your transaction never enters the public mempool. It goes directly to MARA Pool miners and gets confirmed in the next block. All you have to do now is wait.

This is the most reliable way to protect yourself against front-running bots.

Good luck 🍀 to all

Thanks for the guide, I sincerely recommend this guide in case you are the winner

i want to correct one thing that even if RBF is disabled still trasaction can be replaced by high fee check this replaced Tx of 66-bit puzzle that attacker replaced even though RBF was disabled

66-bit puzzle Replaced Tx Link:- https://www.blockchain.com/explorer/transactions/btc/8c8ec6b3511c62500ea9b3a1c30ca937e15d251b55d30290a2a6da2f1124f3fb

Hello,

The main point here isn’t RBF itself—disabling RBF is just an extra precaution. The real focus is preventing the transaction from entering the mempool and protecting against bots. With this method, a pre-signed transaction is included in a block by Marapool. As far as I know, this is the first and only known method.

Yes, there are rumors that Puzzle 66 was taken by bots because it was executed as a standard transaction. That’s why it’s very important to include the transaction in a block without it ever entering the mempool.

yeah but i am just saying that even if RBF is disabled still* tx can replaced by paying higher fee which very weird thing itself.

Hello again,

Even without RBF enabled, you still have a few options to unstick a transaction:

1. CPFP (Child Pays for Parent) — best option

If you have a change output from the stuck transaction, create a new transaction spending that output with a very high fee. Miners see the combined fee of both transactions and are incentivized to confirm them together. This works whether you're the sender (change output) or the recipient (spending the received output).

2. Full-RBF (if your node supports it)

Since mid-2023, most Bitcoin Core nodes run Full-RBF by default, meaning even transactions that weren't flagged as replaceable can technically be replaced — as long as you hold the private keys. Support isn't universal but propagation is likely on modern nodes.

3. Mining pool accelerator

If you have no spendable output for CPFP and can't use RBF, paid accelerators from pools like ViaBTC or F2Pool are a last resort. They prioritize your transaction out-of-band.

4. Manual double-spend

Broadcast a new transaction using the same inputs with a higher fee. Bitcoin Core's abandontransaction RPC can help here. Note: propagation isn't guaranteed since nodes may see it as a double-spend attempt.

Even with RBF disabled, your transaction can still be replaced — because Full-RBF is now the default on most nodes. The RBF flag was never really a lock, just a signal.

how RBF signaling differ from lock?

I would like to add an element for the key conversion, from private to WIF, you can also simply go to the site: " https://bitaddress.org " offline, enter the key in the appropriate box, so you will have everything: address, -u & -c, WIF is also the pubkey (offline)

@anonymous456

how RBF signaling differ from lock?

The RBF flag was just a mempool policy. Nodes voluntarily chose not to relay replacements for non-RBF transactions. It was never a protocol-level rule. Full-RBF removed that courtesy, so now any unconfirmed tx can be replaced regardless of the flag. A true lock would be consensus-enforced, like a confirmed transaction.

I think that beyond the puzzles, there are people also interested in the so-called "sleeping wallet" from 2010 to 2020, in case these people find the private key, I recommend the same procedure recommended by our friend "ilkerc" as they too are exposed to bot attacks. Good luck to everyone.

Hi Ilker,
Could you please pin this topic to top?
It includes valuable instructions and useful for rookies as me :)

Hello,

Is it the same for puzzle 135 or not?

Brgds,