Bitcoin Forum
May 06, 2024, 10:47:53 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Bitcoin Technical Support / "Broken" private key. on: November 16, 2022, 07:36:24 PM
A friend had Bitcoin stored on an old iPhone (back from 2012), in an app called «Bitwallet» (by Sollico software).

But when they tried to transfer it out, it complained about the key being "neither a compressed or uncompressed key".

No software would take the private key in (tried a dozen), and trying a WiF decoder showed it's invalid (even though it "looks" right, starts with 5K, right length, etc).

So I decoded it using a small nodejs script, and what I found is a key where 15 of the bytes are FF.

Something like :

80 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff etc... <15 real bytes, kept secret, presumably valid> <checksum>

So my guess here would be that somehow the flash on the iphone got corrupted, and half the key is missing.

Does that make sense, or am I missing something, and a key with half of it being ffff makes sense in some way I couldn't find?

We also have the public key/address. So what we have (if I get this right) is the public address, half the private key, and the checksum.

Any reasonable way to get to the coins with this?

This is like around 128bits of entropy, which doesn't sound like it can be cracked, but could the checksum and public address help in some way?

Any other ideas of what to do? There's 3 BTC on there.

Thanks in advance for any ideas.
2  Bitcoin / Bitcoin Discussion / [Treasure hunt] Help with a mysterious series of 60 words from 2012. on: July 28, 2022, 07:03:10 PM
I'm helping a friend with a Bitcoin mystery he's been trying to figure out for a year or so.

He discovered a list of 85 words on a sheet of paper, and he remembers little about it, except that:

* Some of the 85 words lead to Bitcoin (and the others are camouflage)
* The words are in order (order was preserved when jumbling)
* The words might not be consecutive (words might have been inserted between the words of the original sentence)
* He set up and provisioned the wallet end of July of 2012

We first suspected that he might have used https://www.bitaddress.org to convert a series of words into a private key (and address), and then "hid" his series of words in the larger list.

So I coded a tool to bruteforce this. All HTML/Js so he could run it easily on an air-gapped computer:



It generates sentences of increasing lengths from samples of the 85 words of increasing size, testing all combinations.

It tests the generated public keys against all public addresses of July and August 2012 (as well as all addresses with around the same amount as his wallet is supposed to have), and displays a match if it's found (this was tested with a dummy 07-2022 wallet with some sats in it, with the seed/sentence jumbled in the same way, and it found it).

But running this against his 85 words, nothing is found.

And recently, we discovered (from archive.org) that BitAddress only added the ability to generate keys based on specified strings of characters in August 2012 (so at least a week after his wallet was created). Before that it only did random keys, so there wouldn't have been a list of words.

Both the bruteforce's failure and this discovery should disqualify BitAddress, we **think**.

So if not BitAddress, then what?

Some people on Reddit suggested Blockchain.info (now blockchain.com)

He contacted blockchain.info, and they don't have any of his email addresses (some of which the host of died anyway) on record, so no go there.

Back in July 2012, they had an option to create "brain wallets", and when you created such a wallet, they would give you a "seed" (a phrase) like we have.
That phrase was a "password recovery" phrase: You could use it to get your password back (not from them, with math). Later in 2013 they made it so this recovered the username also, but our phrase is from earlier than that.

So even if we find the password by bruteforcing, aren't we just stuck if we don't have the username?
That's where something special about the 85 words comes in:

All 85 words are english words (and part of the "v3" list in blockchain.com's source code we found on archive.org for July 2012), **except for two of them**.

Two words are different, special, they are the same length, and they have random characters, including special characters. They look like passwords, or maybe usernames.

So, our guess (and only hope really) is that one of these two words are the username (and some of the rest of the 85 words can be used to recover the associated password.

So I wrote another bruteforce tool:



It's pretty straightforward, it does the same kind of combination brute forcing to find sequences of words in order but not necessarily adjacent (though it also tests that possibility).

It tests them against the code from blockchain.info, checking if the checksum matches, and if it does, it shows the password. I created a "dummy" seed to test it against, and it does find the password (and a few false positives, the checksum isn't very strict).

My friend hasn't been able to run this one tool yet due to technical issues on their end, but it should happen soon.

Question.

I'm coming to this community for help: I found two possibilities for where these words could come from: bitaddress and blockchain.info.

Are there other possibilities you know of for that time?

Do you have any comments on what I have done so far? Anything I could have missed? Any idea of where to look and what to do?

Maybe a tutorial popular on the net or this forum they might have followed at that time? Anything.

Any help would be extremely appreciated (and if we do find coins, though the wallet isn't supposed to contain much, we'd still reward anyone who would have helped along the way).

Thanks to you all for your time!
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!