Has anyone here been able to decode the backup of bitcoin wallet (schildbatch)?

[btctbots.com]

I've some BTC stuck on this wallet, it's earlier version that is being discussed though - version 2.46.

There is no option to backup the wallet, but there is an option to backup the keys.

I have done that, exported the file and have it on the computer. None of the described methods are working though, they are all falling down at the decryption of the wallet stage (presumably because I do not have a back-up of the wallet but a backup of the keys only).

My file is formatted bitcoin-wallet-keys-YYYY-MM-DD. When opened in a notepad file is just 5 lines of mumbo jumbo. Electrum does not recognise it as anything, so I presume it's encrypted.

Any ideas?!

[HCP]

I believe that is likely to be the same encryption method, just it's private keys instead of the "protobuf" formatted wallet file.

Have you tried using a more recent version of the wallet application (ie. Bitcoin Wallet for Android) and importing the "bitcoin-wallet-keys-YYYY-MM-DD" file?

If that doesn't work, you might be able to decrypt the file using the openssl command with your bitcoin-wallet-keys-YYYY-MM-DD file:

Code:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted

Assuming that works without error, if you open the "decrypted" file in a text editor... do you see the keys listed?

[btctbots.com]

I believe that is likely to be the same encryption method, just it's private keys instead of the "protobuf" formatted wallet file.

Have you tried using a more recent version of the wallet application (ie. Bitcoin Wallet for Android) and importing the "bitcoin-wallet-keys-YYYY-MM-DD" file?

If that doesn't work, you might be able to decrypt the file using the openssl command with your bitcoin-wallet-keys-YYYY-MM-DD file:

Code:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted

Assuming that works without error, if you open the "decrypted" file in a text editor... do you see the keys listed?

Thank you for the reply HCP.

I have tried installing the latest version of the schildbatch wallet as you suggested, and attempted to import the keys using the restore wallet function but unfortunately it just returns the error "Wallet could not be restored - unreadable wallet".

The second one - openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted . Using the Gitbash terminal on Windows, this command just returns nothing. No error, but nothing happens it just sits on the next line and there is no output file created in the directory. Am I doing something wrong here?

[HCP]

The second one - openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted . Using the Gitbash terminal on Windows, this command just returns nothing. No error, but nothing happens it just sits on the next line and there is no output file created in the directory. Am I doing something wrong here?

I am not overly familiar with "git bash", but I don't think you can use "general" Linux commands with it... it seems to be a "git" specific terminal emulator, ie. it's really only designed for working with "git" and not with general unix/linux shell commands.

You'd either need to setup something like Cygwin and use openssl with that, refer: https://www.ssl.com/how-to/install-openssl-on-windows-with-cygwin/
or
Install/Setup the Windows Subsystem for Linux (WSL) and install a linux distro like Ubuntu, refer: https://ubuntu.com/wsl


Also, I downloaded the oldest Bitcoin Wallet APK that I could find from the app github (version v3.11). I installed it on the Bluestacks Android Emulator and then created an encrypted "wallet-keys" export file... after mucking around in Ubuntu (in WSL) trying to decrypt this export with "openssl", I found a stackexchange comment that indicated that "old versions of OpenSSL" used a different hash function when generating the encrypt/decrypt key from the user entered passphrase... essentially, they moved from MD5 to SHA-256 by default:

Why do I get errors when trying to decrypt 1.0.2 data with 1.1.0?

A message digest is used to create the encrypt/decrypt key from a human-entered passphrase. In OpenSSL 1.1.0 we changed from MD5 to SHA-256. We did this as part of an overall change to move away from the now-insecure and broken MD5 algorithm. If you have old files, use the "-md md5" flag to decrypt them.

(NOTE: I suspect this is also why newer versions of the app cannot read older backup files!)


So, by adding the "-md md5" flag to the command, the decrypt (of "old" files) works:

Code:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted -md md5

For reference, here is my "test" data...

Contents of my bitcoin-wallet-keys file:

Code: (bitcoin-wallet-keys-2020-11-17)

U2FsdGVkX19z6mv24j7b4xi3wJz77mt7uYVNdyh4OwBTuQ0dESxIAW58AfW+4Ik9asXc3SV1X3lM
6R1uHe/ulIjYv5Bkylv4ZtWPYnM5Jl6TMRWX1Q+7cCFBt3BKMdVLNCV8OcGofEs23XhWLT/j/YoH
C+0PfcS21mNjF0u42PVa9BJYBx4JfHSvwx0R3GjubszONRp+XRZZoJnU0Re7BzT+OELp8VLJfobO
HQ1sfwg=

Can be downloaded here: https://keybase.pub/hcp/bitcoin-wallet-keys-2020-11-17


commandline:

Code:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-2020-11-17 -out bitcoin-wallet-keys-2020-11-17-decrypted -md md5

Contents of the generated "out" file

Code: (bitcoin-wallet-keys-2020-11-17-decrypted)

# KEEP YOUR PRIVATE KEYS SAFE! Anyone who can read this can spend your Bitcoins.
L4oyNUNUhDPx5Vd3eShN8Q3fc7MeMxcGQA4WseU8Ys6Ebs7y8FKx 2020-11-17T05:08:03Z

[btctbots.com]

The second one - openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted . Using the Gitbash terminal on Windows, this command just returns nothing. No error, but nothing happens it just sits on the next line and there is no output file created in the directory. Am I doing something wrong here?

I am not overly familiar with "git bash", but I don't think you can use "general" Linux commands with it... it seems to be a "git" specific terminal emulator, ie. it's really only designed for working with "git" and not with general unix/linux shell commands.

You'd either need to setup something like Cygwin and use openssl with that, refer: https://www.ssl.com/how-to/install-openssl-on-windows-with-cygwin/
or
Install/Setup the Windows Subsystem for Linux (WSL) and install a linux distro like Ubuntu, refer: https://ubuntu.com/wsl


Also, I downloaded the oldest Bitcoin Wallet APK that I could find from the app github (version v3.11). I installed it on the Bluestacks Android Emulator and then created an encrypted "wallet-keys" export file... after mucking around in Ubuntu (in WSL) trying to decrypt this export with "openssl", I found a stackexchange comment that indicated that "old versions of OpenSSL" used a different hash function when generating the encrypt/decrypt key from the user entered passphrase... essentially, they moved from MD5 to SHA-256 by default:

Why do I get errors when trying to decrypt 1.0.2 data with 1.1.0?

A message digest is used to create the encrypt/decrypt key from a human-entered passphrase. In OpenSSL 1.1.0 we changed from MD5 to SHA-256. We did this as part of an overall change to move away from the now-insecure and broken MD5 algorithm. If you have old files, use the "-md md5" flag to decrypt them.

(NOTE: I suspect this is also why newer versions of the app cannot read older backup files!)


So, by adding the "-md md5" flag to the command, the decrypt (of "old" files) works:

Code:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-YYYY-MM-DD -out bitcoin-wallet-keys-YYYY-MM-DD-decrypted -md md5

For reference, here is my "test" data...

Contents of my bitcoin-wallet-keys file:

Code: (bitcoin-wallet-keys-2020-11-17)

U2FsdGVkX19z6mv24j7b4xi3wJz77mt7uYVNdyh4OwBTuQ0dESxIAW58AfW+4Ik9asXc3SV1X3lM
6R1uHe/ulIjYv5Bkylv4ZtWPYnM5Jl6TMRWX1Q+7cCFBt3BKMdVLNCV8OcGofEs23XhWLT/j/YoH
C+0PfcS21mNjF0u42PVa9BJYBx4JfHSvwx0R3GjubszONRp+XRZZoJnU0Re7BzT+OELp8VLJfobO
HQ1sfwg=

Can be downloaded here: https://keybase.pub/hcp/bitcoin-wallet-keys-2020-11-17


commandline:

Code:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-keys-2020-11-17 -out bitcoin-wallet-keys-2020-11-17-decrypted -md md5

Contents of the generated "out" file

Code: (bitcoin-wallet-keys-2020-11-17-decrypted)

# KEEP YOUR PRIVATE KEYS SAFE! Anyone who can read this can spend your Bitcoins.
L4oyNUNUhDPx5Vd3eShN8Q3fc7MeMxcGQA4WseU8Ys6Ebs7y8FKx 2020-11-17T05:08:03Z

Installed Ubuntu on a VirtualBox and followed your instructions down to the letter. It worked.

Thank you so much HCP - you went above and beyond here. Legend.

Really appreciated.

[HCP]

Installed Ubuntu on a VirtualBox and followed your instructions down to the letter. It worked.

Thank you so much HCP - you went above and beyond here. Legend.

Really appreciated.

Awesome, glad you got it sorted...

I wish I had know about this "-md md5" business a couple of years ago when the whole multibit shutting down thing kicked off. There were a lot of people struggling with various multibit backup files and "incorrect password" issues... I now suspect that this might also be the reason why the openssl method did not work for a lot of people back then.