Been a bit rough trying to recreate the old Hal Finney determenalist wallet key_gen.py blackbox.

You know the one where you picked 6 - 12 words for the mnemonic.

Had to press enter then choose a password.

AES-256 was used on the mnemonic to shrink it to 128 bits.

AES-128 was used on the password to shrink it to 128 bits well.

After that the runner combined both AES values with SHA-256 HMAC with mnemonic as salt for the sanity check that comes later.

Looks like everything from the 2010 - 2011 era was set on fire. I couldn't find it anywhere. Thats why it hasnt been solved yet. 🔥

Have got that far yet. Still stuck grinding on AI the best I can...

Had to ditch my recon buddie Grok4.

Working with ChatGPT on special ops.

Turns out Pycryptodome (pypy) was the culprit. It was throwing us off Base64 in the Python3 hashlib.

Got a funny feeling Base64 has something to do with the 64 bit hex or whatever it was.

AES, SHA, zero bytes, padding, digests, HMAC, PBKDF2, sanity tests, endians & curves. I actually feel like im lost in the matrix. Just about ready to tap out. 🤯

Where's the malware coming from if the desktop PC is a new build with no online capabilities. Everything has been checked for malware before its been put on the machine. Then the broadcasted transaction is done on a new laptop using new phone, sim, internet & hotspot. Its a bit much really it blows my mind how extreme you have to be with safety. Neither machine is going to touch my home network either.

That was nice to read. I totally understand your skeptism re.AI. I was the same & still am but if used correctly it can be used as a digital detective for tasks like this. Plus if you really want you can cross check the results with different AI programs so you are getting multiple points of view. Legder vs Linux who really cares. This post is about recovering whats needed to access the wallet.

Finally we are able to talk to each other as if we are mates. The way I remember it was "us" against "them" not "us" against "each other". I may not have paid BTC much attention over the last 15 years & some of the things ive said sound a bit ridiculous but I am one of you & could say i've been HODL aswell.

The spirit of early crypto was rooted in decentralization, privacy, and rebellion against centralized control. It was about empowering individuals with trustless systems, cutting out middlemen, and creating a financial and technological paradigm where power was distributed, not hoarded. Think cypherpunks, Bitcoin's whitepaper, and the dream of a peer-to-peer world free from government overreach or corporate gatekeepers.

Assume you also read something along those lines & thought OMFG that sounds good. As you are probably aware my experience was slightly different. After some exhaustive research I believe it started with a download. Right now I can only assume it was something like "BTC Wallet Generator Toolbox 2010.zip" which has been hard to confirm.

Any additional merit would be appreciated along the way. Junior member just doesnt cut it for me.

This is where the story begins. 😁

I meant use Electrum offline on desktop. Create & sign a transaction then sweep the BTC to Ledger Flex new address. Copy siged transaction file to new USB. Then use new laptop, new phone, sim, hotspot & internet connection to broadcast transaction via Electrum.

I dont pay attention to the fine details till its required. I apologise for the confusion.

Dont waste your time on here mate. I've have a similar experience re.encyrption. My advice is download & pay the $51 per month for Grok4. Tell it what you know. Ask it to evaluate the hash & give you a breakdown. Hopefully you get a value in bytes or bits you can work with.

Then get it to list all the encrytion methods unrelated to BTC with wordlists cause anything is possible. Ask it to create a script using all the encrytion methods you find, input the hash. It will weave some magic & hopefully spit out what you need.

Personally I have no idea what the hash represents. If AI can't figure it out straight away ask it more questions, search for terms you find familiar & do some more thinking.

I believe in you bro. If it is possible you will get there if you persist. I'd give it a shot for you but ive actually got no idea what the fuck im talking about or whether or not its even possible. I think its best you try it yourself. It will be so much more rewarding plus you might actually learn something.

The replies you get here are to slow & can be inaccurate. AI is instant & can give answers to your questions in great detail.

Goodluck

All im doing is buying the Ledger to sweep the BTC from Electrum to the Ledger using an office computer. Have to sign the off-line transaction using a fresh internet connection which will be a hotspot on a new phone & new sim.

Anything is better that I've got right now so going to follow the advice I've been given which was supportive & helpful. Granted the advice is AI generated so it may not be best practice but the steps are easy to follow & they will work. Never have been a fanboy of Linux or Apple products so lets not go there.

Get the feeling you think you know everything Cricktor but lets face you don't. My guess is you weren't there around in 2010 so there might be something you can learn from me. Better yet what I've got to say may even rewrite the history of wallet generation & fill in all the gaps that have been lost.

I apologise for the tone but reading some of the replies I've received on this forum have been super frustrating. I have been doing the best I can to solve this puzzle, I promised myself nearly two years ago id get this done not just for my own personal benefit but for everyone else who has ever lost a wallet. By the time I'm finished this may just ge the most important recovery post ever.

Just give me a bit more time & I'll be happy to explain.

Yeah I get it now. Had to ask AI a billion questions. New PC for key generation. New Ledger Flex with Billfodl for seed backup. New phone & sim for signing then broadcasting BTC sweep transaction. Probably new laptop aswell. Then none of that on the current network in future. Seems a bit extreme but if i'm going to attempt to pull this shit off might aswell do it right.

And then going to go sit in the middle of nowhere outside the range of WIFI, microwaves, CIA devices that test your CPU fan speed & fuck knows what else to do whatever necessary to complete the transaction. 😂😂😂

Thanks bro. Main concern now is safety. Bit paraniod to say the least. After everything I've been through. I have to assume all devices are compromised & start fresh. I have downloaded files that are possibly suspect. If I dont & something goes wrong losing coins a second time would be worse that not finding them. FML.

I dont want to jump the gun on this but think I've got this fuckery figured out. Had to relearn everything from start to finish & re engineer the processes using terms from the original post.

Even if I dont access my coins I've been able to piece together how I created the three wallets what programs were used & the order of the processes.

If there is anyone else out there that may have had a remotely similar experience & can't access their wallet id love to hear from you.

My first post reads reasonabliby true. Granted its a mess but there was enough there to work with but some important details were missed to complete the story.

Without the full story using Grok4 would never have got this done even though some of the advice I received here got me close. Just needed the original program I used, the right script & an AI detective.

Its been a tough road over many months but I confident Im nearly there. Will post the method for all three wallets once I've got custody of the coins. Its a piece of history that should not be forgotten.

I might be considered a newbie on this forum but been here since the beginning. Some of you did point me in the right direction & for that I thank you.

Ok so technically speaking it may have been possible to base58 the passphrase get a result then sha256 that result with a password (or am I missing something).

Love to know where the guide I followed to get this done in the first place. Whoever wrote the guide factored in a "salt" which makes cracking a brainwallet alot more difficult.

If this wasn't possible on a classic wallet website then some program must have been used. Nothing epse makes much sense.

Its so confusing cause three different wallts were created using the same passphrase & 8 words. Brainwallet, the paperwallet & loaded into a program that encrypted everything.

I get a "public bitcoin address" & a "private key WIF" using the 8 words. No text box for adding a salt which just doesnt seem right. Assuming a a space, then a backslash, then another space, then the password after the 8 words will give me a "salted passphase/password combination" but thats definitley not how remember it.

Getting one letter wrong changes everything. Adding a backslash into the mix seems a bit ridiculous.

Highly likely this bitcoinpaperwallet.com site was used to make the printed copy of the wallet but fairly certain the original brainwallet site must have been used to generate the address. Not 100% certain but the way I remember it there was a text box for passphrase then in the next step a text box for password.

Is there a download on Github for the old brain wallet site. I'm trying to find it now.

Came across that generator yesterday. Downloaded it to my phone, unzipped & ran the program to see what happens. It seemed to load ok but couldn't find the fields to insert password & passphrase. Will try opening again on the offline computer tomorrow to see if I can get it to work.

1. I've added further detail to my last post. The whole point of a brainwallet is so you dont have to worry about saving the wallet.dat file so lets move on.

2. When the wallet was created there was no reason not to use the brainwallet method.

3. Appears the orginal paperwallet & brainwallet websites that may have been used are no longer active.

4. My understanding is there were only 4 orginal wallet genteration sites with the other two being warpwallet & bitaddress.org.

Gave the whole wallet/btc quest a rest for a few months. Its back on the news again here in Australia so which is annoying.

Found this post the other day which describes the process I used to generate the wallet. Definitley skipped a "randomness generator" but no recollection of using a / then password. No mention of 8 words either (which may have just been the minimum in the guide I was following).

My guess is the bitcoinbrainwallet website that was shutdown may have been used.

https://bitcointalk.org/index.php?topic=1719563.0

Will post more of what I found when I get sometime.

---------- EDIT ----------

Used the two programs that were sent to me using 8 words & a password. Tried multiple configurations of the 8 words & also the password then checked address on q blockchain explorer but the whole time something just didn't seem right.

https://ibb.co/kVMcHG5h

https://ibb.co/7JqsGx6n


Investigated brainwallets further till I came across this site. Decided to test a random series of 8 words plus password in the two programs & the website to see if I could get an address match which was a fail.

For the test I used...

Password - Password12345???
Passphrase - the long lost quest for bitcoin continues fml

https://brainwallet.io/

https://ibb.co/cST4kjxv


That particular website generated a "private address" & more importantly a "secret key" which to me seems very interesting. That might be the 64 bit hexidecimal I was banging on about in my orginal post.


I decided to go deeper down the orginal post rabbit focusung on "base58" & sure enough found evidence that brainwallets were created early on using base58 & sort sort of checksum. Also found an old guide to creating bitcoin addresses (will post that when I find it again).

https://bitcointalk.org/index.php?topic=258678.0


Also another post where someone successfully regenerated a BIP38 brainwallet using similar methodology.

https://bitcointalk.org/index.php?topic=5497667.0;all


Longstory short BTC has doubled, tax on BTC in Australia may change very soon & I still have no fucking idea what im doing. 😂😂😂

Can someone tell me how to post a screenshot. 🤦

OP's trying to live his best life & trying to solve this riddle sametime.

Got another programmer mate helping me out now & making some progress. Anywhoo special thanks to those who have been putting up with my nonsense. I'm a man of my word & you will be compensated.

Now for the latest new folks. Has to go on the forum...

What you're doing is using a password-based KDF (key derivation function) to generate a 256-bit number (which is ultimately all a Bitcoin private key really is: just a 256-bit number [1]), and then
using that number to generate a Bitcoin address.

The thing to be aware of with a process like this is that there are lots of degrees of freedom:

(*) The capitalization and spacing of your 8 words (and, obviously, the spelling and the order).

(*) The choice of KDF algorithm (PBKDF2, scrypt, etc.)

(*) The KDF's iteration count.

(*) The KDF's salt (which you're using for your password).

(*) The KDF's other parameters (PBKDF2's PRF choice, scrypt's "cost factor", etc.)

If any of the above is slightly off, even in some small way that you wouldn't be able to tell just from looking at the user interface (like whether or not the salt is being used directly, or is being hashed before use), then you'll land on the wrong private key.

For example, using Python interactively:

Code:
>>> import hashlib
>>> hashlib.pbkdf2_hmac('sha256', b'word1 word2 word3 word4 word5 word6 word7 word8', salt=b'password', iterations=10000).hex()
'fbd68e537134cf6c5010bdb735b47f5c225691b2edeb60a429187863268b3959'


But, maybe the tool you used back in ~2010 had an iteration count of 20000 instead of 10000, leading to a completely different private key:

Code:
>>> import hashlib
>>> hashlib.pbkdf2_hmac('sha256', b'word1 word2 word3 word4 word5 word6 word7 word8', salt=b'password', iterations=20000).hex()
'1a119eddcf2cdb9e436e52610b0d9859f883fd8868300d1653063b6e34a66820'


Or maybe it used an iteration count of 10000 but with HMAC-SHA-512 instead of HMAC-SHA-256 as its PRF:

Code:
>>> import hashlib
>>> hashlib.pbkdf2_hmac('sha512', b'word1 word2 word3 word4 word5 word6 word7 word8', salt=b'password', iterations=10000)[:32].hex()
'd20930a0feccd38b09899706017f08e3d2b651156a0f7c75b3dd05204f3648f0'


Actually, working through these examples, maybe the tool you used wasn't making use of any KDF at all, and instead just used HMAC-SHA-256 directly (eliminating the need to have to specify an iteration count):

Code:
>>> import hmac
>>> hmac.digest(b'password', b'word1 word2 word3 word4 word5 word6 word7 word8', 'sha256').hex()
'9f8d5306645d444619ec124f89c2b34c8596b21614c18b3fac72362687fbe0d0'


Anyway, you get the idea.

And, even if you do manage to find the set of choices that lands you on the right private key, if you then mess up the Bitcoin address derivation part, like by generating the wrong kind of Bitcoin address, you'll incorrectly conclude that the private key leads to no balance.

So, your best bet, IMO, is to either find exactly the same tool that you originally used (even if it's now defunct, I can probably reconstruct it for you if there are enough surviving details on the Internet archive), or to follow my advice and set up Tails so that you're in a position to safely execute any scripts that I send you (for example, I could write you a script that would do basically what you're trying to do on your own, but in a more exhaustive/reliable way: take your 8 words + password and then try multiple derivation techniques to produce a set of Bitcoin addresses that you could then check for balance).

[1] More or less, anyway. Technically, it should be an integer greater than 0 and smaller than 115792089237316195423570985008687907852837564279074904382605163141518161494337 (which means that there are 256-bit numbers which don't make valid Bitcoin private keys, but that's not a detail worth worrying about: the chance of a random 256-bit integer not being within that range is something like 1 in ~2.7e+38).

---‐‐----------------------------------------------------------------------------------------------

Unfortunately I don't have the knowledge to smash that out but my "quest buddie" does & I couldn't have said it better myself. If i could explain it that way i would but i cant so i didnt but it fits the key information given in the first post perfectly.

GPG4WIN/Kleopatra/PGP(otato) keys exempt. 😂😂😂

Finally Breva & Potato mate i'd love to hear your thoughts on this if you don't mind.

I'm still confused but I do know there are multiple P2PKH, PDKDF1 & PDKDF2 options to consider. Just need everyone to agree on the right option then send me a link or program so i can try it & see what happens when attempting to get to the address above starting with a 1. 😂😂😂

This is the latest advice from a mate but  ot so sure it want to use some dodgy internet program. 🫤

________________________________________

https://www.freecodeformat.com/pbkdf2.php

I had a look at the forum  when I got some time.  Got side tracked when my kid smashed a window when I was typing this. Anyway...open up Firefox and open a new tab so you have two open. Open one up to https://www.freecodeformat.com/pbkdf2.php

And the other one bitaddress.org
In this tab
Click on wallet and now go offline.  

Go back to the first tab
 
Put in your words. Set it to 256. Your password as salt and set iterations to 1(doesn’t matter) that should generate the master key hex thing.  This will generate one either way. So will have to check it.  With bitaddress The site will try and generate a new account so just go through it until it’s done. But on the wallet screen you’ve got a spot to put the private key.  Put the hex you got from the other site and paste it in.    This should create the public and private keys for that hex.  Then check the btc address if it is the same as the one you think is yours.

Its a easy process so it sounds more complicated than it is.

_________________________________________

🫤🫤🫤

Looking at WarpWallet GitHub repository[1], the first commit happened on late 2013. But if you're looking for something like that which use password, check bitaddress.org[2].

[1] https://github.com/keybase/warpwallet
[2] https://github.com/pointbiz/bitaddress.org
[/quote]

Thanks for that information. I'll have a look & see what I find. 😎

---

I'll check it out. My sentiments exactly re. "fascinating"... used that exact word when describing the quest to a mate just a couple of days ago. Worth looking into a bit more that's for sure. 🍻