Has anyone here been able to decode the backup of bitcoin wallet (schildbatch)?

[Forsyth Jones]

Please help me.

This wallet: https://play.google.com/store/apps/details?id=de.schildbach.wallet&hl=pt

I used the command openssl:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-backup-yyyy-mm-dd -out bitcoin-wallet-backup-yyyy-mm-dd-decrypted

I put the password (which I put in the time of exporting the backup) that decodes the backup file and opened with a text editor (notepad ++) the backup decoded and appeared: org.bitcoin.production... And a lot of scrambled characters,I think it's because it's in the protobuf format and researching some topics I discovered that I have to use a tool called: wallet-tool Which causes the tool to dump the private keys from the backup, with the command: "dumpkey" something like that. But I am totally layman in bitcoinj or wallet-tool and I have no idea how to use it to dump the HD seed from the backup.

Why do I want to do this? only to import the private keys from the bitcoin wallet schildbatch to bitcoin core (or bitcoin-qt)

Any light?

[Teubwel]

I would just send the bitcoins over to the new wallet and archive the schildbach-wallet-file.

[Forsyth Jones]

I would just send the bitcoins over to the new wallet and archive the schildbach-wallet-file.

Why?

[jackg]

Please help me.

This wallet: https://play.google.com/store/apps/details?id=de.schildbach.wallet&hl=pt

I used the command openssl:

openssl enc -d -aes-256-cbc -a -in bitcoin-wallet-backup-yyyy-mm-dd -out bitcoin-wallet-backup-yyyy-mm-dd-decrypted

I put the password (which I put in the time of exporting the backup) that decodes the backup file and opened with a text editor (notepad ++) the backup decoded and appeared: org.bitcoin.production... And a lot of scrambled characters,I think it's because it's in the protobuf format and researching some topics I discovered that I have to use a tool called: wallet-tool Which causes the tool to dump the private keys from the backup, with the command: "dumpkey" something like that. But I am totally layman in bitcoinj or wallet-tool and I have no idea how to use it to dump the HD seed from the backup.

Why do I want to do this? only to import the private keys from the bitcoin wallet schildbatch to bitcoin core (or bitcoin-qt)

Any light?

Can you not just transfer the coins instead and pay the fee I think you have to pay it if you import anyway unless there's a separate "sweep" button somewhere?
I tried this a few weeks ago and got no success from it... Could you send me the link to the "wallet-tool" software as I haven't come accross that before?

[HCP]

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0


All your addresses/keys will be displayed at the bottom.



NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!

[jackg]

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0


All your addresses/keys will be displayed at the bottom.



NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!

Thanks HCP. I've also been meaning to do this for a while and will give it a try.
The protobuf format is reached once the format has been decoded from the password isn't it?

EDIT: It worked, even with the encrypted one.
A good thing to note is that you first use the default setting on "BIP32 Derivation Path" to get the regular addresses before the change ones.

[Forsyth Jones]

Many thanks, I got it! 

[tankgrrrl]

Hi, I am a complete noob to the whole thing and have been racking my brain trying to figure this stuff out for a week or so. I got through the part where the first decrypt_bitcoinj_seed  spit out the words and I copied it into an offline copy of the page. However following the instructions I get as many keys at the bottom as I select. If I say to view 20 I get 20 if I say `180 it is 180 I have only used the wallet for a half a dozen transactions. I am not sure what I am doing wrong. I am trying to get the keys so I can get the Bit Coin Cash but so far it looks like it is just going to be stuck there. Can you shed some light on what I might be doing wrong?
 Also- I thought I would mention, none of the public addresses shown match any of the ones I can see in the wallet.

[HCP]

If the addresses do not match, then the "Derivation Path" you are using is most likely incorrect. Double check that you have used:

m/0'/0

and

m/0'/1

The ' (apostrophe) characters are important!

[Forsyth Jones]

Hi, I am a complete noob to the whole thing and have been racking my brain trying to figure this stuff out for a week or so. I got through the part where the first decrypt_bitcoinj_seed  spit out the words and I copied it into an offline copy of the page. However following the instructions I get as many keys at the bottom as I select. If I say to view 20 I get 20 if I say `180 it is 180 I have only used the wallet for a half a dozen transactions. I am not sure what I am doing wrong. I am trying to get the keys so I can get the Bit Coin Cash but so far it looks like it is just going to be stuck there. Can you shed some light on what I might be doing wrong?
 Also- I thought I would mention, none of the public addresses shown match any of the ones I can see in the wallet.

You can also import this bitcoin wallet seed to Electrum, bitcoin wallet is compatible with multibit HD because it has the same bitcoin wallet seed generation scheme. See it:

Code:

https://www.youtube.com/watch?v=E-KcY6KUVnY

[Forsyth Jones]

Hi, I am a complete noob to the whole thing and have been racking my brain trying to figure this stuff out for a week or so. I got through the part where the first decrypt_bitcoinj_seed  spit out the words and I copied it into an offline copy of the page. However following the instructions I get as many keys at the bottom as I select. If I say to view 20 I get 20 if I say `180 it is 180 I have only used the wallet for a half a dozen transactions. I am not sure what I am doing wrong. I am trying to get the keys so I can get the Bit Coin Cash but so far it looks like it is just going to be stuck there. Can you shed some light on what I might be doing wrong?
 Also- I thought I would mention, none of the public addresses shown match any of the ones I can see in the wallet.

You can also import this bitcoin wallet seed to Electrum, bitcoin wallet is compatible with multibit HD because it has the same bitcoin wallet seed generation scheme. See it:

Code:

https://www.youtube.com/watch?v=E-KcY6KUVnY

Are you sure it can be done with electrum?

ThomasV cancelled support in the BIP39 seed types in the most recent version of electrum.

(P.S, if you can't find the previous versions, I have copies of 2.8.3 and 2.6.3 if neccessary but there should be a mirror of the different types somewhere - maybe on their site).

EDIT: Here's the previous releases as a list - you're looking for anything before about 2.9: https://download.electrum.org/

Did you watch the video?

https://www.youtube.com/watch?v=E-KcY6KUVnY

[thiec]

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0


All your addresses/keys will be displayed at the bottom.



NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!

I use multibit to take the private key but this one is also good

[jackg]

I use multibit to take the private key but this one is also good

I'd advise you stop using multibit and start using electrum instead. As multibit is no longer being developed on as the developers gave up on it so it is no longer reieving any fixes.

[thiec]

I use multibit to take the private key but this one is also good

I'd advise you stop using multibit and start using electrum instead. As multibit is no longer being developed on as the developers gave up on it so it is no longer reieving any fixes.

Thanks for advise. Its just an old account and no longer use wallet. I like use it several years ago, when "light" wallet still not many.

[jackg]

I use multibit to take the private key but this one is also good

I'd advise you stop using multibit and start using electrum instead. As multibit is no longer being developed on as the developers gave up on it so it is no longer reieving any fixes.

Thanks for advise. Its just an old account and no longer use wallet. I like use it several years ago, when "light" wallet still not many.

Yes. I don't recall there being many light wallets when i started either (though that wasn't so long ago as it was 2015 when I started). I resorted to using an exchange to store my coins which is also now considered a bad idea (possibly worse than using multibit).

[Juggie0007]

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0
https://i.imgur.com/WuGrlZW.png

All your addresses/keys will be displayed at the bottom.
https://i.imgur.com/uSffCRl.png


NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!
https://i.imgur.com/fC22trW.png

Hi HCP, I was happy to see you create a script so I can claim my BCC, unfortunally I receive the same seed or psw is incorrect (which it is not)

Can you please help me I buy you more than a one beer.

Many thanks in advance!

[WalletPasswordRecovery]

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

@HCP
Unfortunately if the wallet has spending PIN or password (not backup password) decrypt_bitcoinj_seed still wants to enter it
The program first prompt for backup password (or not if the file is decrypted) and then prompts "This wallet's seed is encrypted with a PIN or password, please enter it:"
If I enter the correct password it shows the seed.
Is there a way to recover the seed or private keys from encrypted android wallet??
(well btcrecover can do it but has speed 10 passwords/sec not so efficient)
I am able to dump encrypted seed and private keys with bitcoinj:
./wallet-tool raw-dump --dump-privkeys --password=XXX --wallet=backpassremoved > backpassremoved_dmp

this is example empty wallet, I get this:
...
key {
  type: DETERMINISTIC_MNEMONIC
  creation_timestamp: 1506101580000
  encrypted_data {
    initialisation_vector: "|A\274\361c\214\2121\220\203%\3247\r}\357"
    encrypted_private_key: "K\264=\256D\255\"\235\340\336\001R\310A\276\377\203 -\017?\353\251\353Y\340\310\356Y5(
\217<\221\243\253\326\370\376\026lr1D\006\203\300k\v\004q\356\313\377\243\361>\037hI\b\365\213w\326\340\320\344[\2
04\021\314\275\242\222\333I\332S"
  }
  encrypted_deterministic_seed {
    initialisation_vector: "\210\365\345\004J\357\323\376\243\344\227G\323\243\220K"
    encrypted_private_key: "\222\256N\365P8Nk\2750\n\377 \215\366\fO1dzP\221\274S\377m]R\021Qa\262\201{\004\024[uO
]\"\034\300x\201I\343\017m\fQ\214l\030\274\262\371\335\314\334*\242\034}\350\336\023\356\t\340\336q(\027\256\320a\
275\226"
  }
}
key {
  type: DETERMINISTIC_KEY
  public_key: "\003gN6\'\353\322\347\034\320\026\032\217+^\275\034\242\233\234t\022\"\277\227\356\335\030\353\377\
270\374\356"
  creation_timestamp: 1506101580000
  encrypted_data {
    initialisation_vector: "\022\223{\312@q\350\217wy\373\246\331q\316\363"
    encrypted_private_key: "y\367,\361i\223m\315\364\360\225^\362\v7G\032A\262\250i(\005je)\250\2630p\347\346`\241
t\000\272\256\210u\212?\377\304\313\201@\360"
  }
...
and so on...
is there a way to covert it for John The Ripper or hashcat readable hash format???

[cryptoqwerty]

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data!
...

I have decrypted the wallet backup file from the android app (same as the one mentioned in first post) using this command

Code:

openssl enc -d -aes-256-cbc -a -in bcw -out bcw_decrypted

I have found my 12 word Mnemonic, I put it in the tool with suggested settings. I have received addresses, four that I recognize, however my first ever used address is not listed. Note that it is a very old address since 2013, maybe some configuration has changed?

See in the screenshot my first address 1JunK8dbYKp1pJEeTqmdWq3aburcHuRgAT and also my current generated address that matches the second screenshot from the tool. Any advice would be appreciated. Thanks!

http://soubori.qry.me/cryptowallet_1.png
http://soubori.qry.me/cryptowallet_2.jpg

[Inciting]

I tried using your programme, but I get an error saying "hardly not in wordlist, did you mean barely?" I clearly don't mean "barely" - is "hardly" a word you can add to your list? Thanks!

I've written some python scripts that were meant for MultiBit HD that also creates bitcoinj wallets in protobuf format... It didn't extract the keys and just dumped out the raw protobuf. What was interesting to note was that the 12 word HD seed is actually available in plaintext in the dumped out data! So, I fired up gurnec's: decrypt_bitcoinj_seed and sure enough, it output the recovery seed!

You can then put the recovery seed into an offline copy of: https://iancoleman.github.io/bip39/
There are instructions at the bottom of the page for downloading etc

Put the seed into the "BIP39 Mnemonic" section at the top. Then click "BIP32" under Derivation Path, set "Client" to "Custom Derivation Path" and set the "BIP32 Derivation Path" to: m/0'/0
https://i.imgur.com/WuGrlZW.png

All your addresses/keys will be displayed at the bottom.
https://i.imgur.com/uSffCRl.png


NOTE: You may need to click "show more" to see all your addresses if you have used more than 20 receive addresses... and you'll also need to set the "BIP32 Derivation Path" to: m/0'/1 to get access to your change addresses!
https://i.imgur.com/fC22trW.png

[HCP]

I tried using your programme, but I get an error saying "hardly not in wordlist, did you mean barely?" I clearly don't mean "barely" - is "hardly" a word you can add to your list? Thanks!

No. The full wordlist is here: https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

As you can see, hardly is not there... "hard" is... maybe try that. If it doesn't work, you'll probably need to try the "seed recovery" script included as part of "btcrecover" to try and figure out what the correct word is supposed to be: https://github.com/gurnec/btcrecover/blob/master/docs/Seedrecover_Quick_Start_Guide.md