Brainwallet recovery problem

[thoughtfan]

Hiya,

I'm feeling a bit stupid here because I should have tested this with a small amount first!  I'm failing at present to recover funds I have sent to an address generated with the brainwallet.org service.

I'd appreciate suggestions as to where I may have gone wrong.

• Having read up a bit about it including the wiki I typed my secure passphrase into brainwallet.org's generator;
• I could have sworn I double and tripple-checked that it was as I have written it down;
• I may or may not have clicked on the Uncompressed or Compressed buttons;
• I cut and paste the Address into my wallet and sent a chunk of bitcoin to it;
• The wallet happily sent the bitcoin and duly verified the transactions.

Then rather than leaving it there for some months/years I thought I'd try recovering the funds immediately to check it all works using mtgox 'Redeem Private Key' function.

However I'm told I 'may have made a typo'!  Oops  

I can see from the wallet the Bitcoin was sent from what the address was.  If I go back to brainwallet.org and type in the same pasphrase it should generate the same address yes?  This is not happening and I can't think why.  If I simply have one character wrong or something I should be able with enough tries to find it but I wanted to check that's all I need to be doing.  Have you any other suggestions as to how I may have gone wrong and any suggestions please?

[1715688063]

1715688063

[1715688063]

1715688063

[1715688063]

1715688063

[jl2012]

obviously you did not write down the correct passphrase

[notme]

Type your passphrase into brainwallet.org again and use the private key it generates.  Your passphrase won't work on MtGox.

If that's what you're already doing, then I'm afraid you probably did make a typo and there's not much you can do short of trying lots of passphrases with one or two characters different than what you expect.  Luckily it's not too computationally expensive to do that unless your passphrase is exceedingly long or you made more than a very small number of typos.

[abs]

If I were you, I would start checking double letters first, considering you wrote "tripple" instead of "triple" in your OP.

[thoughtfan]

Thanks all for your recommendations.

Do I need to try using the private key it generates every time or is my understanding correct that if I put the passphrase in correctly the same address I paid the bitcoin to will appear?  Also, if I am unsure whether or not I clicked on the Uncompressed/Compressed buttons I'm guessing I need to try both for each variation on the passphrase?

At the moment I'm using string manipulation in Excel to give me all the possible combinations for the 11 most likely errors I made which I will cut and paste one at a time into the brainwallet.org generator.  Any ideas as to how I could speed up this process?


This may well turn out to be a long-term project but with the amount on there if I manage it it will have been worth it!

I know what I did deserves a load of replies calling me a dipstick so I really do appreciate your trying to help me out and recover from this one.

Edit:  Thinking about it, I think the question regarding the address is:  Could the brainwallet.org generator be producing a different publik key (address) associated with the same private key (wallet)?  Because if it can then as I understand it I really do need to test each private key generated and not depend on recognising the address I initially used.  Am I right?

[notme]

Thanks all for your recommendations.

Do I need to try using the private key it generates every time or is my understanding correct that if I put the passphrase in correctly the same address I paid the bitcoin to will appear?  Also, if I am unsure whether or not I clicked on the Uncompressed/Compressed buttons I'm guessing I need to try both for each variation on the passphrase?

At the moment I'm using string manipulation in Excel to give me all the possible combinations for the 11 most likely errors I made which I will cut and paste one at a time into the brainwallet.org generator.  Any ideas as to how I could speed up this process?


This may well turn out to be a long-term project but with the amount on there if I manage it it will have been worth it!

I know what I did deserves a load of replies calling me a dipstick so I really do appreciate your trying to help me out and recover from this one.

Edit:  Thinking about it, I think the question regarding the address is:  Could the brainwallet.org generator be producing a different publik key (address) associated with the same private key (wallet)?  Because if it can then as I understand it I really do need to test each private key generated and not depend on recognising the address I initially used.  Am I right?

You only need to check the address matches.  Compressed/Uncompressed changes the address, so you will need to try both.
If you have even basic programming skills it shouldn't be too hard to hack something together using something like https://github.com/jnicklas/capybara

[ThomasV]

I could have sworn I double and tripple-checked that it was as I have written it down

if that's the case, the problem might be with what you have not written down: the spacing between words.
could you have inserted a double space somewhere? I would try that


Note: I strongly advise against using brainwallet.org.

[notme]

Note: I strongly advise against using brainwallet.org.

I've not used it, but can I ask why?

[ThomasV]

Note: I strongly advise against using brainwallet.org.

I've not used it, but can I ask why?

I suppose it is a very efficient method for collecting private keys

[notme]

Note: I strongly advise against using brainwallet.org.

I've not used it, but can I ask why?

I suppose it is a very efficient method for collecting private keys

Load the page, yank the ethernet cord (or disable wireless), then use it.  Everything is done client side in javascript, and I don't see any network code that could potentially upload it, but disconnecting will make sure.

At that point, as long as write down your passphrase, address, and settings; close the page; and clear the browser cache you should be good to go.  I would probably also save a copy of the html and js (or dig through it better to understand what kind of hashing it uses to turn your passphrase into a private key) just in case the site disappears one day.

[ThomasV]

Load the page, yank the ethernet cord (or disable wireless), then use it.  Everything is done client side in javascript, and I don't see any network code that could potentially upload it, but disconnecting will make sure.

no, it won't. javascript can use cookies or LocalStorage.

[notme]

Load the page, yank the ethernet cord (or disable wireless), then use it.  Everything is done client side in javascript, and I don't see any network code that could potentially upload it, but disconnecting will make sure.

no, it won't. javascript can use cookies or LocalStorage.

I would include that with my "clear the cache" step, but thanks for clarifying for those who don't know such things.

Really, I agree it's not recommended for nontechnical users, but it looks like it can be safely used if you know what you are doing.

[ThomasV]

I would include that with my "clear the cache" step, but thanks for clarifying for those who don't know such things.

since when does clearing the cache also clear cookies?

Really, I agree it's not recommended for nontechnical users, but it looks like it can be safely used if you know what you are doing.

Really, it looks like a scam targeted at nontechnical users.

Especially if you know that the creator of this website has also been "mining" for private keys generated from passphrases, saying that it was morally acceptable to steal coins from users that are dumb enough to use simple passphrases.

[DannyHamilton]

Note: I strongly advise against using brainwallet.org.

I've not used it, but can I ask why?

I suppose it is a very efficient method for collecting private keys

Load the page, yank the ethernet cord . . .

no, it won't. javascript can use cookies or LocalStorage.

. . . it's not recommended for nontechnical users . . .

. . . Really, it looks like a scam targeted at nontechnical users . . .

Great discussion.  Any chance we can get back to assisting the OP with his issue here?

thoughtfan, what type of system are you using (Windows, Linux, Mac OSX Lion)? Perhaps a script could be put together that could accept the target Bitcoin address and the expected Passphrase as parameters.  The script could then quickly try thousands of slight variations on the Passphrase, and compare the resulting Address to the desired address announcing when the correct Passphrase is found.

Or it could take your pre-generated list of possible Passphrases, and quickly calculate all the associated Bitcoin Addresses so you wouldn't have to enter them one by one on the brainwallet.org page.

[cbeast]

Brainwallet is great, but I advise making a hardcopy of the private key and hiding it somewhere nobody will find it, just in case.

[thoughtfan]

Great discussion.

I agree.  And I guess it is not the first time the pros and cons of brainwallet have been discussed here but a precursory search prior to my going ahead and putting real money on it had not yielded the considerations ThomasV and notme are discussing otherwise my decision may have been different.  Maybe some of these points could be added to the brainwallet entry on the wiki to make it easier for those who follow in my path to make a better informed decision?

One suggestion I would like to see added to the wiki page, which is so obvious in retrospect, before sending any money to the generated address, to close, clear caches etc. then go through the same process again to check that the pasphrase you think you've used and memorised actually generates the same address a second time..  This stage would have saved me this trouble.  The other one I didn't think of till I started writing the OP was that I should first have tried it out with token amounts to gain a better understanding.  Live and learn

But getting back to the problem in hand.  Once again I'll thank you all for your suggestions.  Now that I have slept on it my plan of action is as follows:

I will manually try a selection of the most obvious variations, using Excel as I said to at least ensure I'm doing that systematically and without typos.  If I get no success at that I think it's time to accept this is a longer-term problem (there is no rush to access the funds) and rather than spending a lot of time cutting and pasting, instead to learn the skills necessary to try something along the lines of the scripting/capybara options helpfully suggested by notme and DannyHamilton.  If it's not going to be a quick solution I may as well used my time constructively towards learning something than on a repetitive task.  In answer to your question Danny I'm using Win 7.

But the security discussion has brought to my attention if what I did possibly wasn't as secure as I thought it was in the first place, by now with all the copying and pasting, with the public key saying how much is on it, with having loads of variations of the passphrase in a spreadsheet, with having (by broadcasting this here) drawn a big fat arrow pointing at the vulnerability on my computer and with (as ThomasV has pointed out and as is apparent from other threads here) people going by different ethical codes, some of which would say if I don't know exactly what I am doing I deserve to lose my money; maybe the first things to do are things I've been putting off like encrypting my qt wallet (done now just before clicking Post!) making decisions on Truecrypt v. Bitlocker/EFS for file/disk encryption etc. implementing them and then get back to the original problem when my system is less vulnerable to attack.

I will keep this thread updated even if it gets really old and needs a necro-bump!  Let's hope if and when there is eventually news it is that I have recovered the key, not that it has been hacked by another and that the funds are no longer there!

[notme]

I would include that with my "clear the cache" step, but thanks for clarifying for those who don't know such things.

since when does clearing the cache also clear cookies?

Really, I agree it's not recommended for nontechnical users, but it looks like it can be safely used if you know what you are doing.

Really, it looks like a scam targeted at nontechnical users.

Especially if you know that the creator of this website has also been "mining" for private keys generated from passphrases, saying that it was morally acceptable to steal coins from users that are dumb enough to use simple passphrases.

I did not know that, but at a cursory glance it looks pretty harmless.  I will pull it apart better when I get the time and see if there is any validity to what appears as paranoia to me.  Don't get me wrong, I know a healthy dose of skepticism is warranted around here, but unless he's particularly good at obfuscating JavaScript the script is safe.  We'll see how it holds up when I dig deeper in a few days (after the holiday at least, maybe not until the new year).

[cedivad]

Load the page, yank the ethernet cord (or disable wireless), then use it.  Everything is done client side in javascript, and I don't see any network code that could potentially upload it, but disconnecting will make sure.

no, it won't. javascript can use cookies or LocalStorage.

I would include that with my "clear the cache" step, but thanks for clarifying for those who don't know such things.

Really, I agree it's not recommended for nontechnical users, but it looks like it can be safely used if you know what you are doing.

You will not clear your Flash Player cache with that step.

Oooopppsssss!

[notme]

Load the page, yank the ethernet cord (or disable wireless), then use it.  Everything is done client side in javascript, and I don't see any network code that could potentially upload it, but disconnecting will make sure.

no, it won't. javascript can use cookies or LocalStorage.

I would include that with my "clear the cache" step, but thanks for clarifying for those who don't know such things.

Really, I agree it's not recommended for nontechnical users, but it looks like it can be safely used if you know what you are doing.

You will not clear your Flash Player cache with that step.

Oooopppsssss!

Sure, do that too if you're not using something like no script or flash blocker....

If you want to be fool proof, save the html and js to a flash drive and then use it on a computer that will never again be connected to the internet, only after you have copied the files to the local disk and removed the flash drive.

However, there is no flash on that page.

[sunnankar]

If you want to be fool proof, save the html and js to a flash drive and then use it on a computer that will never again be connected to the internet, only after you have copied the files to the local disk and removed the flash drive.

The brainwallet is really just like a fancy calculator; A*B=C. So, the source code is actually pretty simple and any transferring of data should be easy to spot and test for.

Anyone see any potential holes with this protocol.

1. You can actually save the source code for both bitaddress.org and brainwallet.org.
2. Put it on a USB along with TrueCrypt.
3. Then create a new profile on your computer (a completely cold computer would be even better).
4. Turn off wireless (or even turn off your router).
5. Then login to the new profile.
6. Open either of them from the USB.
7. Save pictures/screenshots (not text) of the private keys generated.
8. Save the text of the public keys.
9. Put the screenshot and text of public keys in the TrueCrypt volume.
8. Optional: Save the text of the private keys in a hidden volume.
9. Dismount the TrueCrypt volume.
10. Copy the TrueCrypt volume to the USB.
11. Upload the TrueCrypt volume to the cloud (Google Drive, Dropbox, servers, etc.)

Should be a pretty solid 'cold wallet' without having to get a new computer and be able to use this 'in the cloud'.

12. Use the brainwallet.org source code to create transactions. Then broadcast them via blockchain.info/pushtx (access via TOR).

I have dug into the source code for both bitaddress.org and brainwallet.org and so far found nothing that would transmit. Plus, I have monitored outgoing traffic.

Anyone have some source code for this that would decrypt PGP?

[notme]

Correct.  The only networking code sends the public address to google to generate a QR code.  That is, unless something is hidden in the jquery file, but it should be easy to compare that against an official version.  Move along tinfoil hat committee.

[ErebusBat]

I have to say that is the beauty of open source, you can verify this.

There is actually at least one part of the code that does need a network connection (raw txs, get unspent outputs).

That being said if you do not understand 100% the pros and cons of a password based wallet then you should not use it.   It sounds like there might be some bad blood between ThomasV and brainwallet.

In my mind brainwallets serve a very specific purpose and should not probably be used as an everyday wallet.