Bitcoin Forum
March 19, 2024, 07:00:00 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 »  All
  Print  
Author Topic: [overview] Recover Bitcoin from any old storage format  (Read 8128 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic. (10 posts by 2+ users deleted.)
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
August 26, 2018, 01:09:32 PM
Last edit: October 30, 2023, 06:28:05 AM by LoyceV
Merited by suchmoon (10), ABCbits (10), dbshck (10), joniboini (10), Coding Enthusiast (10), 1miau (8), mprep (6), hugeblack (6), fillippone (6), vapourminer (5), NeuroticFish (5), DaveF (5), Welsh (5), Jet Cash (5), malevolent (4), spirali (3), Rath_ (2), bob123 (2), cissrawk (2), TheArchaeologist (2), mocacinno (1), BitMaxz (1), HeRetiK (1), pawel7777 (1), A-Bolt (1), o_e_l_e_o (1), bL4nkcode (1), vv181 (1), Maidak (1), noorman0 (1), dragonvslinux (1), Matt9301 (1), Poker Player (1), DaCryptoRaccoon (1), KingZee (1), TechPriest (1), S_Therapist (1)
 #1

[overview] Recover Bitcoin from any old storage format

Background
I've seen many threads like: Recovering weird old wallet, and the answer is often very easy if someone recognizes the format.
Since the number of different formats will only grow, and (in the future) I expect more people to forget what format they used to store their Bitcoin 10 or more years ago, I've decided to create an overview.
The aim of this thread is to give a complete overview for anyone who finds Bitcoins in any storage format.


Work in progress
This thread is work in progress. Please post any missing storage formats or additional identifying data, so I can add it to the OP (and give you credit). I haven't tried all possible wallets by myself, and I won't claim to know all possible formats either. If you find a thread asking about a format not covered yet, please post a link.


Warning: take security precautions
First: make one or more backups (thanks DaveF)! Make sure you're not working on the only copy you have, as you risk losing everything.
Make sure you know what you're doing, before doing it! When in doubt, don't do it.
Ignore or report unsolicited private messages from old or new users. Discuss your needs in public on Bitcointalk, but DO NOT post your private keys, seed phrase words, or wallet files. DO NOT trust "help" you receive by PM, you will get scammed. Be careful which screenshots you upload.
Don't trust anybody with your private keys, unless you're absolutely sure you would trust him with the same amount in cash.
Several websites try to have you download a compromised wallet. Ensure you're using the official website before downloading, and check the installer's signature/checksum (thanks ETFbitcoin).
Use an air gapped offline computer running from a Linux LIVE DVD (for example Ubuntu or Knoppix) without internet connection when necessary.
Don't expost large amounts of Bitcoin to a hot wallet. Assume your system is compromised, and act accordingly. Don't trust your Windows clipboard, malware can change your Bitcoin address to their own, and checking only the first few characters of the address is not enough to prevent this.
If you're using a paper wallet, you should use the entire balance at once. If you use only a small amount, you risk losing the rest of your balance to a change address.


Where to send your Bitcoins
Before attempting to recover your funds, you should already know where to send them after recovery. Setting up a safe wallet is beyond the scope of this thread, I recommend to start your search here: Choose your [Bitcoin] Wallet. Consider whether or not you want to use a SegWit address.
Create one or more secure backups before funding any wallet.


Bitcoin private keys (this section is largely based on data from bitaddress.org)
  • WIF (Wallet Import Format) (51 characters base58, starting with "5").
    Example: 5KMWmYkn5YWkJnUDG4utD9L1HXQv3DBseqqCGsQXmthcEerbA7k
  • WIF Compressed (52 characters base58, starting with "K" or "L").
    Example: L41YPdADy46J9Vh77WGR2bktFwEZ6knza2Xim3Urq9CEWynkkLgn
    Note: both WIF and WIF Compressed are derived from the same private key, but result in different Bitcoin addresses.
  • Private Key Hexadecimal (64 characters [0-9A-F]) (less common).
    Example: CA9A061710B8BC582E1B8BB60D0F3F2751791888AB5C18737620087ABDF74A05
  • Private Key (44 characters base64) (less common).
    Example: ypoGFxC4vFguG4u2DQ8/J1F5GIirXBhzdiAIer33SgU=
  • Mini private key (22, 26 or 30 characters base58, starting with "S", see wiki or this post)
    Example: Sf2i92UoH3kMooYXHdDQ4YQvLTdPrQ
  • BIP38 password encrypted private key (58 characters base58, starting with "6P", see bitaddress.org, click Wallet Details).
    Example: 6PRNqE9p5hTUgNy5cxXnrfVKZPX5Qz8sqB7oNfDT9N3YdCM7rqRxruxkN1
  • Private key missing checksum
    Example: 5KMWmYkn5YWkJnUDG4utD9L1HXQv3DBseqqCGsQXmthcEerbA7k
    The last 7 characters of a private key are a checksum. Blockchain.info backups used to omit the checksum. An easy way to restore it, is importing the private key without checksum into a new wallet at blockchain.info (nowadays blockchain.com), and then exporting it again. Note: I do not recommend exposing a private key to an online wallet, but if it was created by Blockchain.info, it should be considered compromised anyway (source and details; this information may be inaccurate (thanks Coding Enthusiast)).
  • Private key for SegWit addresses
    A private key can be used to create SegWit addresses (starting with "3" or "bc1"). You can import them into Electrum by adding "p2wpkh-p2sh:" or "p2wpkh:" respectively in front of the private key (source and details).
  • Incomplete private key
    If a few characters of a private key are lost, there are still recovery options (missing 5 character on known locations, missing one character on unknown location (I haven't tested this)), but further details would go beyond the scope of this thread.
  • Blockstack
    If you have Bitcoin in a CLI Blockstack node, read this topic and this topic.
  • Coinbase multisig Vault
    If you have Coinbase multisig Vault, read this topic and this post.
If you have the private key, you can choose from many different wallets to import it. Electrum is probably the easiest. If the private key is in the wrong format, you can use bitaddress.org (do this offline!!) to convert it to WIF or WIF Compressed.

Determine wallets based on filenames (note: these are the default filenames, you could have renamed yours)

Seed phrases, Word lists or Mnemonic phrases
Bitcoin wallets can be stored as seed phrases, usually 12 to 24 words long. The used words can be in several languages (thanks HeRetiK).
  • 12 words
    Example: thrive jump wheel calm eyebrow order ankle raven fee narrow diamond adult
    The seed can be extended with one or more custom words.
    Use Electrum, or iancoleman's Mnemonic Code Converter (do this offline!!) to extract all private keys. See here if you want to use an Electrum seed with Iancoleman.
  • 24 words
    Hardware wallets, such as Trezor and Ledger, usually use 24 words.
    Example: party describe tunnel brother explain laugh hello have short wood bird desk liar pole neck push wine tooth young mean grain join cheap aisle
    Use the original hardware wallet, or iancoleman's Mnemonic Code Converter (do this offline!!) to extract all private keys.
    A common mistake is using the words in the wrong order, where the words are written down like this:
    1 2
    3 4
    5 6
    7 8
    But you're trying to recover them like this: 1 3 5 7 ...... 2 4 6 8 ......
  • Another number of words
    If you don't remember how the list was created, you can use iancoleman's Mnemonic Code Converter (do this offline!!) to extract all private keys.
  • Missing or incorrect word(s)
    Try seedrecover.py (I haven't tested this) (do this offline!!) (thanks o_e_l_e_o). Updated link: here.
  • Master private key (111 characters, starting with "xprv" (legacy addresses starting with "1"), "yprv" (backward-compatible SegWit addresses starting with "3") or "zprv" (native SegWit addresses starting with "bc1") (source).
    Example: xprv9xyQEZakyfuyCRGF1moJNatpGDAgMS4hgctAgWU4RNw664qCz6agreZParHx6G24td48SZKnmK8 ppSVMvmyBuTy9L4poDhwgm9aR9GukgQW (source & further reading)
    Use Electrum > create new wallet > enter seed.
  • Armory Root Key: 18 four letter "words".
    Example (from bitkee.com): eoaj gghu ruaf ghwe jnrh ftuu hweu aeun agkg tudt waja gunn oawg jkwh dhei hjdn itar naoj
    Use Armory.
  • Blockchain.info: To recover an old legacy Blockchain.info wallet, read this topic and go here.
  • mSIGNA wallet: This wallet uses a non-standard implementation of 24 seed words. Read this topic for recovery options.

No wallet?
If you can't find your wallet.dat, because it's deleted or renamed, you can try these options (do this offline!!) after you've made a backup of the entire partition.

  • Pywallet can search for private keys on an entire partition, even when the wallet has been deleted.
  • Findwallet can search for a wallet file after it was renamed (but not deleted)

After recovery
If your address was funded early enough, you also own Forkcoins. Read the link, it may be well worth your time.
For future backups, make sure to keep all information needed to recover your funds.


No spam
All my threads are now self-moderated to stop signature spam. I will remove all irrelevant posts. If you quote the entire OP, your entry will be deleted.
Once in a while I'll summarize posts and clean up this thread.


Altcoins
This thread and board are meant for Bitcoin only. But, if something comes up, I'll keep track of methods to restore a damaged private key for altcoins too. For future reference:


Disclaimer
Use this information at your own risk. At all times, think before each action, especially when you're dealing with private keys. When in doubt, don't do it!
I'm human, I make mistakes. If something is incorrect, please let me know.


Donations
1MyMoney4uNt5afXALAZpoovJpqojEMkLP (Balance:
)

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
"There should not be any signed int. If you've found a signed int somewhere, please tell me (within the next 25 years please) and I'll change it to unsigned int." -- Satoshi
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
DaveF
Legendary
*
Offline Offline

Activity: 3416
Merit: 6108


Crypto Swap Exchange


View Profile WWW
August 26, 2018, 01:49:35 PM
Merited by mocacinno (1), o_e_l_e_o (1)
 #2

When recovering the wallet.dat or the default_wallet OR ANY OTHER ACTUAL FILE.
MAKE A BACKUP ON REMOVABLE MEDIA BEFORE DOING ANYTHING.
Hell make several, just in case.
Let me bold that a bit more:
MAKE A BACKUP ON REMOVABLE MEDIA BEFORE DOING ANYTHING.
Don't put it in your Dropbox / google drive / Microsoft one drive. Just keep it local on media you control.
This way if you damage the file for whatever reason, no big deal.

And when you are done, you can destroy the media and know 100% it's gone.

-Dave

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
August 27, 2018, 09:35:17 AM
 #3

MAKE A BACKUP ON REMOVABLE MEDIA BEFORE DOING ANYTHING.
Added. I can't believe I forgot this one Shocked

1. If user had old wallet/seed format, it's strongly recommended to move the Bitcoin to wallet with newest format.
2. If user decide to move their Bitcoin to different address, it's recommended to use SegWit address.
I don't want to recommend using newer formats for reasons of compatibility. It can be a complication on a fork, that's why I'll leave it up to the user to decide.
SegWit has it's benefits, but to me a (paper wallet with a) legacy private key feels as if it will be much easier to recover 20 years from now.
To keep the OP compact, I'll add a link to this post. I was hoping to add another link to a better and easier explanation about SegWit, but I mainly find websitse about it's activation.

Quote
3. For user with security concern, i recommend to verify installer's signature/checksum
Added.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
HeRetiK
Legendary
*
Offline Offline

Activity: 2870
Merit: 2056



View Profile
August 27, 2018, 11:18:52 AM
 #4

[...]

Seed phrases

[...]

Why not link directly to the BIP39 word list as well? Smiley
https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md

It is also worth noting that 24 word seed phrases are also fairly common (eg. Trezor One, Ledger Nano S)

█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

█          ▄         ▄      ▄▄▄▄▄
█       ▄███      ▄███      █████
█        ████      ████     ▀▀▀▀▀
█         ████      ████
█          ████▄▄▄▄▄▄████▄▄▄▄▄▄▄▄
█           █████████████████████
█            ▀█████▄   ▀█████▄
█              ▀█████▀   ▀█████▀
█                 ▀▀        ▀▀

█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
.....Your private Bitcoin wallet for desktop.....█▀▀▀▀▀▀











█▄▄▄▄▄▄
▀▀▀▀▀▀█











▄▄▄▄▄▄█
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
August 27, 2018, 11:26:25 AM
Last edit: August 28, 2018, 11:07:40 AM by LoyceV
 #5

Why not link directly to the BIP39 word list as well? Smiley
https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md

It is also worth noting that 24 word seed phrases are also fairly common (eg. Trezor One, Ledger Nano S)
The "12 words" is my placeholder for something that's still incomplete Wink
I have no experience with hardware wallets, so I'll have to search when to use how many words.

Update: I've added this section, and added your link. Please post if there's more to add.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
TheArchaeologist
Sr. Member
****
Offline Offline

Activity: 306
Merit: 727


---------> 1231006505


View Profile WWW
August 27, 2018, 01:40:46 PM
 #6

This might sound a bit stupid but in your thread there are a couple of links and the text (offline!!) following those links. At first I thought you meant those links weren't available at the moment. But I realize you mean you should never enter sensitive stuff like seeds or private keys in an online environment. Maybe you could make the warning a bit clearer?

Nice list/start btw Smiley

Sooner or later you're going to realize, just as I did, that there's a difference between knowing the path and walking the path
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
August 27, 2018, 01:54:47 PM
 #7

This might sound a bit stupid but in your thread there are a couple of links and the text (offline!!) following those links. At first I thought you meant those links weren't available at the moment.
The red "offline" links to my big Warning header.

Quote
But I realize you mean you should never enter sensitive stuff like seeds or private keys in an online environment. Maybe you could make the warning a bit clearer?
How about this: "do this offline!!"?

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
TheArchaeologist
Sr. Member
****
Offline Offline

Activity: 306
Merit: 727


---------> 1231006505


View Profile WWW
August 27, 2018, 02:04:08 PM
 #8

How about this: "do this offline!!"?
Sounds great! I know the old one probably would be good enough for most people but somehow you will always run into a few slower ones like me Smiley

Sooner or later you're going to realize, just as I did, that there's a difference between knowing the path and walking the path
Coding Enthusiast
Legendary
*
Offline Offline

Activity: 1039
Merit: 2783


Bitcoin and C♯ Enthusiast


View Profile WWW
August 28, 2018, 04:55:22 AM
 #9

The last 7 characters of a private key are a checksum.

Apart from the fact that that particular key was missing 7 characters do you have any other reason for saying this?
The reason I am asking this is because I can't think of any reason why checksum would be 7 characters! Maybe I am missing some mathematical facts but AFAIK checksum is 4 bytes and 4 bytes encoded with base58encoding will give you between 4 chars to 6 chars. 4 chars being {0, 0, 0, 0} which is equal to 1111 and 6 chars being  {255, 255, 255, 255} which is equal to 7YXq9G.

I also ran some random tests for fun and I didn't get a single 7 char!
Code:
Random rnd = new Random();
byte[] bytes = new byte[4];

for (int i = 0; i < 100000000; i++)
{
   rnd.NextBytes(bytes);

   var b58enc = BtcB58Encoder.Encode(bytes, true);
   if (b58enc.Length == 7)
   {
      string result = b58enc;
   }
}

Also do you have any idea how such keys missing last characters are technically being recovered, apart from the obvious "import it in bc.i"?

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.19.1)Ann-git
Denovo(0.7.0)Ann-git
Bitcoin.Net(0.26.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.2.1)Ann-git
SharpPusher(0.12.0)Ann-git
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
August 30, 2018, 09:50:47 AM
 #10

The last 7 characters of a private key are a checksum.
Apart from the fact that that particular key was missing 7 characters do you have any other reason for saying this?
No, not really. Back when I was dealing with this case, I couldn't find any other way to restore the checksum for the private key.

Quote
The reason I am asking this is because I can't think of any reason why checksum would be 7 characters! Maybe I am missing some mathematical facts but AFAIK checksum is 4 bytes and 4 bytes encoded with base58encoding will give you between 4 chars to 6 chars. 4 chars being {0, 0, 0, 0} which is equal to 1111 and 6 chars being  {255, 255, 255, 255} which is equal to 7YXq9G.
You could be right, I can't really tell at this point.

Quote
Also do you have any idea how such keys missing last characters are technically being recovered, apart from the obvious "import it in bc.i"?
I don't know, that's why I was happy to use that option.

It gets weirder: if I import this into blockchain.info's wallet as a test, without the last 7 characters:
Example: 5KMWmYkn5YWkJnUDG4utD9L1HXQv3DBseqqCGsQXmthcEerbA7k
I get a different bitcoin address than bitaddress.org gives me.
If I try to import the complete private key, blockchain's wallet doesn't accept it.
If I import the compressed version of the same private key, blockchain.info's wallet gives the right address:
WIF Compressed (52 characters base58, starting with "K" or "L".
Example: L41YPdADy46J9Vh77WGR2bktFwEZ6knza2Xim3Urq9CEWynkkLgn

I'll add a link to this post to the OP, as it's unclear what this information is worth at this moment.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
HeRetiK
Legendary
*
Offline Offline

Activity: 2870
Merit: 2056



View Profile
August 30, 2018, 11:08:58 AM
Merited by Welsh (3), joniboini (3), malevolent (1)
 #11

Encoding the whole private key + checksum in Base58 is not the same as encoding both separately and then concatenating the result.


For example let's use the (hashed) private key from the Bitcoin wiki [1] and encode it in Base58 [2]:

Private key + checksum in hex:
Code:
800c28fca386c7a227600b2fe50b7cae11ec86d3bf1fbe471be89827e19d72aa1d507a5b8d

Private key + checksum in Base58:
Code:
5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ


Private key without checksum in hex:
Code:
800c28fca386c7a227600b2fe50b7cae11ec86d3bf1fbe471be89827e19d72aa1d

Private key without checksum in Base58:
Code:
f3D1ajXzk1biCdNP195jhLiN1jbZzpUigRkeJUqt2tTvC


Checksum only in hex:
Code:
507a5b8d

Checksum only in Base58:
Code:
34K7GG


You see the difference?


In hex 2 characters equal 1 byte (e.g. 0xFF = 0b11111111, i.e. 8 bits). In Base58 2 characters equal something like 1.375 byte (e.g. ZZ = 0x0760 = 0b11101100000, ie. 11 bits but then again not really). Hence when trying to remove the checksum by truncating the string of a Base58 encoded private key you lose a few more (or less) bits than intended.


[1] https://en.bitcoin.it/wiki/Wallet_import_format
[2] https://incoherency.co.uk/base58/

█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

█          ▄         ▄      ▄▄▄▄▄
█       ▄███      ▄███      █████
█        ████      ████     ▀▀▀▀▀
█         ████      ████
█          ████▄▄▄▄▄▄████▄▄▄▄▄▄▄▄
█           █████████████████████
█            ▀█████▄   ▀█████▄
█              ▀█████▀   ▀█████▀
█                 ▀▀        ▀▀

█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
.....Your private Bitcoin wallet for desktop.....█▀▀▀▀▀▀











█▄▄▄▄▄▄
▀▀▀▀▀▀█











▄▄▄▄▄▄█
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
September 05, 2018, 12:05:27 PM
 #12

I stumbled upon this post:
There is a relatively simple python script floating around that bruteforces a 1 char mistake in a matter of seconds.

Refer: https://www.reddit.com/r/Bitcoin/comments/2s1y84/reward_wrote_down_my_private_key_wrong/cnlelwg

It should be fairly trivial to modify it to find a 2 char mistake... But as pointed out the time to execute would increase quite significantly.
I haven't tested or verified it. I'm quoting the script to ensure it's availablility:
Code:
from pycoin.encoding import a2b_hashed_base58
import sys

BASE58_ALPHABET = b'123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
key="5KgbGQiriNxxwMKgdpwmu5ZsYyXBuBaCg7es9z5xznAnCEHzy51"

def check_key(key):
  try:
    a2b_hashed_base58(key)
    return True
  except:
    return False


for c in range(1, len(key)):
  print c
  for t in BASE58_ALPHABET:
    k = key[0:c] + t + key[c+1:]
    valid = check_key(k)
    if valid:
      print k + ": " + str(valid)
I invite anyone who's tested this to share the results.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
September 05, 2018, 12:12:44 PM
 #13

If you made a mistake writing down your seed phrase, and one or more words are missing, you may still be able to brute-force it:
That means you'll have to brute-force it. I haven't tried this myself, but I assume there's software out there to do this.
There is indeed. Take a look at: https://github.com/gurnec/btcrecover/blob/master/docs/Seedrecover_Quick_Start_Guide.md
I haven't tested or verified it. I invite anyone who's tested this to share the results.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2856
Merit: 3071


https://bit.ly/387FXHi lightning theory


View Profile
September 05, 2018, 12:13:58 PM
 #14

Hey Loyce,

Didn't multibit use wallet.dat(s) too?

Also the two libraries on that python script above look like they're not default ones (so you have to download them)...

EDIT: The andreas shildbach wallet backups were files without an extension and by default had the name Bitcoin-Wallet-Backup-Date
LoyceV (OP)
Legendary
*
Online Online

Activity: 3248
Merit: 16270


Thick-Skinned Gang Leader and Golden Feather 2021


View Profile WWW
September 05, 2018, 12:19:55 PM
 #15

Didn't multibit use wallet.dat(s) too?
I'm not sure. I've tested multibit in the past, but didn't like it and don't remember it's file format.

Quote
Also the two libraries on that python script above look like they're not default ones (so you have to download them)...
If you can help me out with a link, that would be much appreciated!

Quote
EDIT: The andreas shildbach wallet backups were files without an extension and by default had the name Bitcoin-Wallet-Backup-Date
I have this one listed already.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2856
Merit: 3071


https://bit.ly/387FXHi lightning theory


View Profile
September 05, 2018, 12:30:33 PM
 #16

Didn't multibit use wallet.dat(s) too?
I'm not sure. I've tested multibit in the past, but didn't like it and don't remember it's file format.
Probably best to wait for HCP to confirm that one.


Quote
Also the two libraries on that python script above look like they're not default ones (so you have to download them)...
If you can help me out with a link, that would be much appreciated!
https://github.com/richardkiss/pycoin at a guess I'd say it's this, I don't like the idea of installing custom modules on my python though...


I think electrum had an MPK before the seed (master private key) and since it was before the creation of the seed, they look really odd (someone sent me one ofter they'd cleared the funds but that was about 2 years ago so I'll have no look in trying to find it, I think they were in hexadecimal format instead so they didn't have the xprv/xpub stuff but I'm not entirely sure as it was so long ago that they wre used...
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
September 05, 2018, 12:48:57 PM
 #17

I don't like the idea of installing custom modules on my python though...

A bit off-topic, but i hope that's fine because this is worth to note and might be helpful:

Python allows to create virtual environments. This allows to install custom modules to be used by a single application instead of installing them system-wide.
Your 'standard' (system- and user- wide) python installation will remain untouched.

jackg
Copper Member
Legendary
*
Offline Offline

Activity: 2856
Merit: 3071


https://bit.ly/387FXHi lightning theory


View Profile
September 05, 2018, 01:00:05 PM
 #18

I did
Code:
python -m pip install pycoin
and it installed the module (if it's good enough for them, it's good enough for me, also I don't actually have any funds/private keys or anything on this computer)...

It returned this, I'm not entirely sure why
Code:
1
2
5KfbGQiriNxxwMKgdpwmu5ZsYyXBuBaCg7es9z5xznAnCEHzy51: True
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

The private key has had a history but I guess it's that reddit users'
TheArchaeologist
Sr. Member
****
Offline Offline

Activity: 306
Merit: 727


---------> 1231006505


View Profile WWW
September 05, 2018, 02:23:09 PM
 #19

It returned this, I'm not entirely sure why
Code:
1
2
5KfbGQiriNxxwMKgdpwmu5ZsYyXBuBaCg7es9z5xznAnCEHzy51: True
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Looking at the code: it uses an invalid wif(5KgbGQiriNxxwMKgdpwmu5ZsYyXBuBaCg7es9z5xznAnCEHzy51) and then replaces a character with every possible value. So every time this leads to a different wif to check. The result you see counting from 1..50 is the position where it tries the different possible values. A success was found by replacing the third character from a "g" to "f" leading to a valid wif.

Incorrect wif at start:
5KgbGQiriNxxwMKgdpwmu5ZsYyXBuBaCg7es9z5xznAnCEHzy51
Corrected to:
5KfbGQiriNxxwMKgdpwmu5ZsYyXBuBaCg7es9z5xznAnCEHzy51

All the other substitutions didn't lead to a valid wif, that's why you see the counter go up to 50 without any other success messages.

Disclaimer: I'm not the author of the code just explaining the code Smiley

Sooner or later you're going to realize, just as I did, that there's a difference between knowing the path and walking the path
Coding Enthusiast
Legendary
*
Offline Offline

Activity: 1039
Merit: 2783


Bitcoin and C♯ Enthusiast


View Profile WWW
September 06, 2018, 04:54:19 AM
 #20

Code:
    a2b_hashed_base58(key)

If using it for missing 1 char, it doesn't matter but FWIW there seems to be a couple of bottlenecks in this function that will slow things down drastically.

First is the fact that each time an invalid key is passed to this function it raises an exception. I have 0 experience in Python but in C♯ throwing exceptions is "expensive" apparently it is not so different in python either[1]. This can be changed to simply returning false if the key is invalid. This will probably make things faster at least 10 times (not benchmarked)

Second thing I could notice is that it is converting the input back to a bignum (or what we call BigInteger) and then converts it back to a byte array and starts performing hashes (for checksum) on it. This step is slow and unnecessary. Converting the base58 input directly to base256 (byte array) made it 6 times faster (I did benchmark this!)

[1] https://stackoverflow.com/questions/2522005/cost-of-exception-handlers-in-python

Projects List+Suggestion box
Donate: 1Q9s or bc1q
|
|
|
FinderOuter(0.19.1)Ann-git
Denovo(0.7.0)Ann-git
Bitcoin.Net(0.26.0)Ann-git
|
|
|
BitcoinTransactionTool(0.11.0)Ann-git
WatchOnlyBitcoinWallet(3.2.1)Ann-git
SharpPusher(0.12.0)Ann-git
Pages: [1] 2 3 4 5 6 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!