[solved] Bitcoin WIF misses 7 characters: how to restore checksum offline?

[LoyceV]

I'm trying to help out BitcoinBazaar.net, who sent me his blockchain.info private key. He needs to sign a message to prove ownership of his hacked account.

The WIF private key misses 7 characters. His address is read only, but he can use this private key to make a transaction from blockchain.info. My best guess is that blockchain.info left out the checksum for some reason.
Complication: The address may still receive funds in the future (despite my warning to consider the key compromised).

My question: how can I restore the missing checksum offline? An hour search online didn't produce anything I can use (and understand).

[SopaXT]

Blockchain.info has been known to have this bug for a long time.
It doesn't check the checksums and lengths of the WIF keys entered and that's quite a big problem.

The bug is hard to reproduce outside of BCI, so my suggestion would be creating a new wallet (remember the usual security precautions, and since that key has already seen BCI, it can be considered compromised), importing the troubled WIF key and exporting it back (I've tried that with an intentionally-corrupted key and it appears to work).

[jackg]

Are you sure it's the entire key he sent you, has he tried to redownload the private key? Can you get him to download the entire wallet data and try to pull the private key from there. (Only if no one else knows how to do the checksum). You might want to contact blockchain they can get the encrypted wallet file to you in its entirety.

Have you tried inputting it into a wallet so see if that'll add the checksum?

We could always try to dig through an old electrum source code to see how the checksum is generated/checked.

[LoyceV]

my suggestion would be creating a new wallet (remember the usual security precautions, and since that key has already seen BCI, it can be considered compromised), importing the troubled WIF key and exporting it back (I've tried that with an intentionally-corrupted key and it appears to work).

I'll try this now. Update: it worked, thanks you very much!

Are you sure it's the entire key he sent you, has he tried to redownload the private key?

He sent me the full string:

Code:

{"addr":" .................. created_device_version":"1.0"},

So there's no way he forgot a part.

Can you get him to download the entire wallet data and try to pull the private key from there. (Only if no one else knows how to do the checksum). You might want to contact blockchain they can get the encrypted wallet file to you in its entirety.

He did contact blockchain.info, but isn't expecting an answer any time soon.

Have you tried inputting it into a wallet so see if that'll add the checksum?

Electrum doesn't accept it.