Bitcoin Forum

Full story here: https://bitcoin.stackexchange.com/questions/78813/same-seed-from-electrum-but-generate-different-bitcoin-addresses

TL;DR:

Somehow the private keys and addresses in a Electrum wallet file which I generated using Electrum 3.1.3 Portable version do not match. Whenever I am trying to create a transaction, there is an error indicating that I don't have the relevant private key to sign it.

The wallet file is functioning very well, I can export seed, private keys and adjust gap limit, I can view a list of all available Bitcoin addresses, I can decrypt the wallet file with my password, but I cannot make transaction.

Also, when I import the seed exported from that wallet file to another new wallet, it shows an entirely different list of Bitcoin addresses, and every private keys exported do not match the address as shown.

I can sign the address, but I cannot verify the address with the same Electrum client and same wallet file.

Both master public key exported from seed and wallet file are same.

Being infected is one of the possibilities, but as mention in the post, it is highly unlikely, it might be a bug in the Electrum client.

Hope someone here has experienced the issue and able to solve it.

Thank you.

Have you checked the signature of the file you downloaded?

If you can sign the address then you will be able to export the private keys.
Try updating to that latest version and try it too and see if that fixes the issue in any way or whether it still causes the issue...

Make a backup of the wallet file that stores the actual private keys (is the balance listed correctly on the electrum client also)?

Yes I have validated the signature.


Yes, I can sign and export, but when I reimport the keys to a new wallet, it gives me a different address, also tried that on bitaddress.org


Tried the 3.2.2 version, and also 2.8 just in case.


Made several backup of the files already. The balance listed correctly on the client, I can see the balance and the transaction history.

Thanks for your reply.

I told you to create one post on a community forum and you went and created 3. 2 here and one on reddit. You know the same people frequent all community sites? Making multiple posts doesn't help anyone.

You validated the pgp signature when you originally downloaded electrum and created that wallet? I mean 3.1.3? Do you remember doing that?

Does https://bitcointalk.org/index.php?topic=3383265.0 help for importing private keys?

edit: nvm. i forgot you get the same master public key on both original and restored wallets. might want to add that to the OP. also add the fact that the addresses are p2pkh (1 addresses).

When you export a private key with electrum it'll automatically add the correct script type prefix. Since he's exporting from electrum and importing with electrum he doesn't have to modify the private key in anyway.

Then the keys are at least somewhere in the wallet file... Providing you did definitely verify the signature the wallet was installed iwth.

Tried what on bitaddress.org, I hope it was offline?


What is the balance if you don't mind sharing it?

---

Could you send me one of the signed messages to check it definitely signs from the right addresses (you can do that via pm)?

I have never created any post on Reddit... Bitcointalk forum is the second community sites I have posted, after StackExchange.


I remember using the exact electrum exe file because that file is the only one exist on my computer, and I have created the wallet around May, which isn't that long ago. I have validated the file today.


That is the weird part, I am sure that I have made enough research before downloading the Electrum, and validated the signature today, nothing seems off. Note that I am using portable version so it might not be as safe as normal installer.


Try if the private key match the address with balance, but bitaddress.org told me I am wrong. And yes I downloaded the html and do things offline.


Not much, but still an important fund for me.


I will send one for you, but I have checked several times and conclude that the private keys simply are wrong.

The portable version is safe, I use it because I'm lazy.
You just have to stick to using trusted machines with it otherwise that's where the vulnerability appears.


Not much, but still an important fund for me.


Yes the private keys are definitely wrong.
Without being able to see the wallet file I don't think I can do anything and I don't think it's a good idea for me to get that just in case you have a virus and the virus sends some of the coins to me to make it look like I stole them for example...

Have you encrypted the whole wallet file or added a password to the wallet? If not, then open up the wallet file (it'll probably be in the directory where you launch electrum from in a folder called "electrum_data"). If unencypted it'll list the transactions, addresses and private keys...

If I am sending you a wallet file and left it unencrypted that means my private key is also at risk, so I am not going to do that. But even the file is encrypted, you can still get some idea from it? Also there is no point in giving you free money just to damage your reputation.


I always encrypt the wallet file. I have just created a new wallet with the same seed and leave it unencrypted to check the wallet data, as expected, even after adjusting to 10k addresses limit, none of it has balance in it.

Nah. You wouldn't send it decrypted, I'd get you to decrypt it and then use the encrypt function in your electrum wallet to encrypt the wallet with my bitcoin address assymetrically (then I can use my private key to decrypt it)...

The second bit was my point entirely. If I get access to your wallet, then I can not be held liable to anything that happens to the coins once it is transmitted just in case a hacker does get hold of the stuff from your computer.

If you can assymetrically encrypt a decrypted version of the wallet file with bc1qdj5v2q8p398rdy6sexc0fapk4hcq0p54xz56ez or 1JRmjyGo3kpdXcQeAeTBmGtgkC1AomHKED then I can take a look at it but make sure you can't decrypt it with the same private key.

If instead you want to decrypt the main wallet file but keep the private keys encrypted (which is honestly what I'd suggest) then still encrypt the wallet file with one of those public keys/addresses...

(the encrypt function is just below the sign function under tools)

Once the wallet file is decrypted, even if the private keys are encrypted, the file should have plain english in it with {} separating individual parts (as far as I can remember).

Not sure what can you see in a decrypted wallet file, for me it is just a bunch of Bitcoin addresses and some keys. If this works, I can simply send you the texts, then only remove the important private key out of the text, no need of encryption.
I am not a pro in this area so forgive me for my ignorance.

Yes you can do that if you want, but then I'm probably quite limited in what I can help with...

Do you have any idea what might be happening from the look of it? I am considering two possibilities:

• Someone somehow was able to put malware on my one month old computer, and somehow intervened the wallet creation process and modified the wallet before I encrypt it.
  
• Electrum has bug.

---

I will be off for the next few hours, and I appreciate all of your inputs.

Maybe the seller put something on it?
Was the computer on offer from a corner shop somewhere that sells computers and electronics...
The bug thing is potentiallly likely.

I just had an idea, can you try going to the concole and type "getmasterprivate" and try importing that into a new electrum wallet. .

Here's (https://www.reddit.com/r/Electrum/comments/9c1zeg/electrum_seed_generates_two_different_bitcoin/) the thread you created there. You've since deleted the contents.

Re your electrum problem then it's likely malware that alters the wallet's contents and adds its own address to your wallet file. An example of an altered file is given here (https://github.com/spesmilo/electrum/issues/4462#issuecomment-401776619).  When you open the original wallet do you get asked for the password at the very start or only when you go to spend from the wallet?

No, it is a custom PC I built, all with brand new components, and using Windows ISO directly downloaded and installed from Microsoft.

Tried to import the master private key instead, but the result is the same as importing seed. It shows me a different list of address.


Just fyi according to some Reddit archive search, the post is made by a user named Na297 and I have been using the same username for year, I am not sure what the content was, but I believe it is only a few sentences with no point unlike my post which describe the details.

Thank you for that GitHub issue, at least someone is experiencing a similar situation as mine, I can't find any on the internet. The only different I can see is, the error code he received is '-1', while mine is '1', not sure if there is any difference.

In his case, the address is gone, and no fund left in the wallet. But I am not, I still have the balance, just unable to sent it. Also, he seems to have the same addresses after restoring it using seed, while I am having a completely different list of addresses.

I get asked for password every time I need to use the wallet, given it on startup or showing seed. The wallet is encrypted since it is created.

---

This is what I got from signature verification, should be fine.

https://i.imgur.com/qcuiYR3.png

---

So far, I can think of two ways to identify the current issue.

• Decrypt the problematic wallet file and see what is wrong with the file, and perhaps found the actual private keys for the address.
• Use the 3.1.2 Electrum to generate a new seed, and import that seed to a 3.2.2 Electrum wallet to see if it is giving a wrong list of addresses.

I have done the second method, nothing seems off, all addresses matched perfectly.
I am not sure how should I decrypt the file safely yet.[/list]

Decrypting the file is very easy. Go to wallet > password and enter your password in the first field only and click save. Then go to file > save copy to save a copy of the file somewhere convenient and then open it up in a  plain text editor like notepad

Thanks for your tip, upon decrypted the file, the content is just what has shown on the Electrum client, with same addresses, same transactions record, but wrong keystore.

Some info:
seed_version: 17
seed_type: standard
Keystore type: bip32

You said before that you get asked the password at the very start when opening the old wallet file. Was this always the case or was it possible in the past for you to open the wallet file and view transactions without having to enter a password? The password would only have been required when sending bitcoins.

Opening a previously opened wallet does not require password, only when I am doing sensitive action, or when opening another wallet from disk, then Electrum will asks me for password.

Just to clarify... there are THREE states for an Electrum wallet with regards to encryption and password:

1. Unencrypted - Wallet file is in Plain Text, private keys are in plain text. No password required for opening or doing "sensitive actions"
2. Password Protected - Wallet file is in Plaint Text, but private keys are encrypted with password. No password is required for opening, but you need the password when doing "sensitive actions"
3. Fully Encrypted - Wallet files is completed encrypted, private keys are also encrypted. Password is required when opening the wallet... and also when doing "sensitive actions".

These is on a WALLET level... so different wallets can have different levels of password protection/encryption.

I am not sure what is the type of my wallet, when creating wallet, I simply input the password following the Electrum instruction, so I am thinking it should be password protected.
When I open Electrum application, it sometimes pop out an install wizard, telling me to provide password for a wallet I previously opened.
Not sure if my understanding is correct or not, afaik, opening wallet in a single session does not require password, but if I restart my computer, it will starts asking me for password.
If I open the wallet file in plain text, it shows random characters and numbers, not plain addresses or private key.

Well you have malware on that PC. It modified the wallet file and replaced the addresses with the malware author's. Your bitcoins are gone and nothing can be done to get them back. The only thing you can do now is to format the hard drive and reinstall the operating system. This is the only way to ensure that the malware doesn't cause you problems in future.

Sorry for your loss.

If you don't see ANY plain text when you open the wallet file in a text editor... and it's all just random chars, you have full encryption.

However, reading through all the symptoms, I think Abdussamad is correct. If the wallet file is using the same seed etc, but showing different addresses, then it would appear that the wallet file was tampered with somehow :(

Yeah I have accepted the fact that the wallet file has been tampered, and understand that there is close to zero chance for it to be recovered, just not sure how that happened.

When I am creating wallet, I am very careful with the process, and that wallet is not my first time so I am fully aware of the process. So it's either my computer has been compromised or simply human error.

Before showing the white flag, can you tell us some (non-sensitive) information regarding the wallet,
For more efficient deductions:

• Where did you downloaded that portable Electrum?
• Do the original wallet's bitcoin addresses starts with "3", "1" or "bc1"?
• Do the newly restored wallet's addresses start with the same character?

Also, double check on any blockexplorer if the addresses with balance reflect the same transactions as your "inbound" transactions.

---

I'm currently downloading Electrum Portable v3.1.3 to try to reproduce this.
-edit-
Works just fine, definitely not a bug of Electrum Version 3.1.3 Portable.

From electrum.org, double checked from my browsing history.

It starts with 1

Yes, all of the addresses start with 1

I have only used the address for receiving fund, never tried to send before. Also the address with fund is the only address I used from that wallet.
There is no weird transaction as far as I am concern.

If there was such a big issue with that version of client it would have already known by many, but I am thinking there might be some specific condition of my computer which triggered this problem.
I have verified the exe I downloaded, so it is basically impossible for me to use an infected client, it is also hard to interpret wallet creation process.

Well, that's not completely true..

There are several possibilities how an malicious actor can modify your electrum wallet even tho you have verified the signature before and the .exe itself being the correct one.

These techniques include (and are not limited to) malware which is nested into your system and waits for you to open electrum.
Once electrum is opened, it hooks itself into the process and injects dll's to maliciously modify the creation process of your wallet.

This is just one example on how someone COULD foist one an 'infected client' without the client itself being infected.


I am not saying that this has happened. But it is definitely not impossible. And also definitely more probable on a windows machine than on Linux/macOS.

Thank you, I agree with you, that's definitely a possibility.

But I can't find any information regarding Electrum wallet modification malware exists on the internet. If there is, someone should try to improve Electrum and prevent this from happening again.

I never said that it does exist.. but it would be a possibility.

In case it would exist, it probably wouldn't be that known. A single developer / group of developers could try to spread the malware themselves.
This wouldn't attract attention until a lot of users face that problem/malware.




This scenario is not that easy to circumvent.
You'd need to built electrum to NOT trust the system it is installed on.

And if you can't trust the system you are trying to install the software on, .. you shouldn't keep any private-/sensitive- information or cryptocurrencies on that machine at all..

Preventing injection is definitely possible, but not that necessary.
It is way easier for an attacker to simply gain access to the private keys once you open electrum. Injecting dll's into electrum just to counterfeit the wallet creation process seems to be a bit of an overkill to me.


And as i have already mentioned.. this is just ONE approach to modify the address you see. There are way more.
If electrum should be secured against each of these.. Thomas would need a few more developers who only focus on the security. This isn't feasible (and unnecessary since you have to trust the host machine when storing private keys, no need to try to defend against each possible attack when your own machine is compromised..).

---

Edit:
To clarify potential misconceptions regarding the safety/security of electrum:

What i have mentioned above is applicable to EVERY software. This is nothing specific to electrum (or any other specific application).

The branch which probably suffers the most from injections is the gaming industry.
They have teams of engineers and developers only working on anti-cheat mechanisms. There is no solution or technology which prevents this happening.
This is a cat-and-mouse game.