Export list of private keys from BitcoinCore

[Mindborg]

I have a HD wallet from BitcoinCore, and I suspect that there are some ways of tapping my wallet. I don't want to sign transactions with BitcoinCore. So I would like to import private keys into Armory and sign transactions offline.

To do that I think I need a list of private keys, one for each address, because I don't think Armory takes the master seed? (And I don't know how to export the master seed either, but as long as I get the private keys for my addresses I don't need that I think.)

Is there a way for me to get the private keys for an address, for example by using the console in Bitcoin?
I would do this on an offline computer of course.
Or if anyone has any other tips to how I can control Bitcoin addresses in another tool than BitcoinCore, I would be happy about that. Or, if I can sign transactions offline and see the FULL content of each transaction before it is pushed to nodes, that would work as well. I don't care if it's Electrum, Armory, BitcoinCore or any other tool, as long as I get to see the full content of what goes out to other nodes.

[1714876674]

1714876674

[1714876674]

1714876674

[Lucius]

Is there a way for me to get the private keys for an address, for example by using the console in Bitcoin?
I would do this on an offline computer of course.

I am not a user of this crypto wallet (although I used it as a beginner), and unless something has changed in the new versions, it should be fairly easy to get private keys using the console.

“To export a private key from your Bitcoin-Qt / Bitcoin Core client:

    Launch your Bitcoin client
    Click on 'help' in the menu bar (top right)
    Click on 'debug window'
    Select the 'console' tab
    If your wallet is protected by a passphrase (i.e. you have to enter a passphrase before you can send) unlock it by typing

    walletpassphrase "your walletpassphrase here" 600
    dumpprivkey [your Bitcoin address here]
    This will return the private key which will start with the number 5

    Once you have your private key if you had to unlock your wallet you can relock it by exiting or typing:

    walletlock”

[Csmiami]

---

You can't import the master seed, because the Bitcoin Core wallet does not use seeds.

For the rest, Lucius has given you the answer: "walletpassphrase<password>"  followed by  "dumpprivkey"

[Mindborg]

I am not a user of this crypto wallet (although I used it as a beginner), and unless something has changed in the new versions, it should be fairly easy to get private keys using the console.

Thank you for your post, it was helpful. I did get the private key for an address. However, Armory didn't like the format. It complained that it was not a valid key.

When I tried importing the key in Electrum, Electrum didn't complain. However, it showed the wrong address; an address starting with 1NJ, while I wanted an address starting with 3Ph.

I then tried in Electrum console to see if the 3Ph address was mine from the private key, but it came back with false. Is there any way to import the 3Ph address into Electrum or another system?

[Csmiami]

I then tried in Electrum console to see if the 3Ph address was mine from seed, but it came back with false. Is there any way to import the 3Ph address into Electrum or another system?

You have to select what type of private key you are importing: Legacy, native segwit or nested segwit.

To import a Legacy address (1...) , p2pkh:<privatekey>
To import a Nested segwit address (3...), p2wpkh-p2sh:<privatekey>
To import a Native segwit address (bc...), p2wpkh:<privatekey>

If your address was 3Ph..., nested segwit is the one you should choose

[HCP]

I have a HD wallet from BitcoinCore, and I suspect that there are some ways of tapping my wallet. I don't want to sign transactions with BitcoinCore. So I would like to import private keys into Armory and sign transactions offline.

I'm not quite sure I understand what your issue is... you're concerned that there might be some sort of "spyware" in Bitcoin Core?

Or, if I can sign transactions offline and see the FULL content of each transaction before it is pushed to nodes, that would work as well. I don't care if it's Electrum, Armory, BitcoinCore or any other tool, as long as I get to see the full content of what goes out to other nodes.

You realise if you use the Bitcoin Core console (or bitcoin-cli) you can manually create and sign transactions without broadcasting them... you'll be able to decode and view the full contents before you send it...

1. createrawtransaction
2. signrawtransactionwithkey or signrawtransactionwithwallet (useful if spending from multiple addresses)
3. decoderawtransaction

Once you're satisfied... you can use:

4. sendrawtransaction

[bob123]

You can't import the master seed, because the Bitcoin Core wallet does not use seeds.

Bitcoin Core is using a master seed. Just like any other HD wallet. That's basically a requirement for a wallet to be called a HD wallet.

What you (probably) meant is, that bitcoin core does not encode the seed into a mnemonic code (12/18/24) words.
However, this is just a representation for the master seed for more convenient backups. Core does still use a master seed to derive all private keys.

[Csmiami]

---

So seeds and master private keys are the same, but represented in a different way? (mnemonic phrase // private key format)

Thanks for the clarification!

[HCP]

So seeds and master private keys are the same, but represented in a different way? (mnemonic phrase // private key format)

No. They're not the same (other than the fact that they're generally really big numbers).

There seems to be some confusion here surrounding terminology...

A "seed" is just a really big, random number. It's the "starting point" for deriving everything in an HD wallet.
A "seed mnemonic" is a way to store this really big random number as a series of plain (usually english) words (aka BIP39)
A "Master Private Key" is a another really big number derived from the seed. (aka BIP32)



FUN fact... have a look in your dumpwallet output for the "hdseed=1" record. The 'WIF' record you see there is the 'seed' for your wallet. It can be used with the createwallet (need to set argument 'blank'=true) and sethdseed commands to set the seed in a Bitcoin Core wallet to recreate a wallet. This is NOT a recommended backup system.

[bob123]

So seeds and master private keys are the same, but represented in a different way? (mnemonic phrase // private key format)

A mnemonic code (also called seedphrase, and also wrongly called seed) is a representation of the seed using 12/24 words.
A seed is a 256/512 bit number used to derive the master private key.
The master private key is used to derive child private keys (the "standard" private keys you use to sign transactions).

When creating a wallet, it works like that:
1. Get big random number (= Seed)
2. Convert Seed to mnemonic code for simplified backup
3. Use the Seed to generate the master private key
4. Use the master private key to generate private keys
5. Use private keys to generate the public keys
6. Use public keys to generate addresses

Bitcoin core simply just skips step 2. It does not create a mnemonic code out of the seed. The wallet file (or master private key) is the backup.

[Abdussamad]

I have a HD wallet from BitcoinCore, and I suspect that there are some ways of tapping my wallet. I don't want to sign transactions with BitcoinCore. So I would like to import private keys into Armory and sign transactions offline.

What do you mean tapping your wallet? Are you afraid someone is going to steal your coins? If so then they can do that as soon as you enter your wallet password which you will have to do to dump your private keys.

I think your fears are irrational.

[Mindborg]

To import a Legacy address (1...) , p2pkh:<privatekey>
To import a Nested segwit address (3...), p2wpkh-p2sh:<privatekey>
To import a Native segwit address (bc...), p2wpkh:<privatekey>

This was very helpful. I was able to import the correct addresses this way into Electrum. Thank you.

I'm not quite sure I understand what your issue is... you're concerned that there might be some sort of "spyware" in Bitcoin Core?

Yes, that or some nefarious software on my operating system. Big transactions were signed that I don't have knowledge of. I have to do forensic investigation to try to find out the culprit, but for now I'm not using Core. The transactions went first to one address, and after 6 confirmations it went to a mixer. The outgoing transactions were hidden in the GUI. Incoming transactions were also hidden, so it looked like the balance was smaller than what it really was. This way, the sudden drop in the wallet balance would not be visible.

You realise if you use the Bitcoin Core console (or bitcoin-cli) you can manually create and sign transactions without broadcasting them... you'll be able to decode and view the full contents before you send it...

1. createrawtransaction
2. signrawtransactionwithkey or signrawtransactionwithwallet (useful if spending from multiple addresses)
3. decoderawtransaction

Once you're satisfied... you can use:

4. sendrawtransaction

I didn't know that. I used Electrum instead, and started with small transactions. It was probably a lot more work, but at least I got it working.

I have a HD wallet from BitcoinCore, and I suspect that there are some ways of tapping my wallet. I don't want to sign transactions with BitcoinCore. So I would like to import private keys into Armory and sign transactions offline.

What do you mean tapping your wallet? Are you afraid someone is going to steal your coins? If so then they can do that as soon as you enter your wallet password which you will have to do to dump your private keys.

I think your fears are irrational.

I lost quite a bit, so I don't think my fear was misguided. I do think someone had my private keys, and they got some scheme going that is quite significant. If they clean out my wallet instantly, it's too obvious, and the scheme stops. But if they just tap wallets slowly over years, it can go undiscovered for a long time.
Could it be a keylogger? Could it be that I downloaded a bad version of Core? Maybe, I've been sloppy and not done checksum after each download.
Could it be a bad random number generator? I don't know.

[bob123]

Big transactions were signed that I don't have knowledge of.

There are basically two possibilities:
1) You downloaded a malicious version of core (less probable)
2) Your system is compromised (more probable)

I wouldn't store any sensitive information on your system until this is sorted out.
If you suspect your system might be infected, backup important data and format your drive / reinstall your OS.

[Mindborg]

Big transactions were signed that I don't have knowledge of.

There are basically two possibilities:
1) You downloaded a malicious version of core (less probable)
2) Your system is compromised (more probable)

I wouldn't store any sensitive information on your system until this is sorted out.
If you suspect your system might be infected, backup important data and format your drive / reinstall your OS.

Yes, I cleaned out the wallets and put everything to offline keys. Sloppy of me, I know, I should have done it a long time ago.

[HCP]

I'm not quite sure I understand what your issue is... you're concerned that there might be some sort of "spyware" in Bitcoin Core?

Yes, that or some nefarious software on my operating system. Big transactions were signed that I don't have knowledge of. I have to do forensic investigation to try to find out the culprit, but for now I'm not using Core. The transactions went first to one address, and after 6 confirmations it went to a mixer. The outgoing transactions were hidden in the GUI. Incoming transactions were also hidden, so it looked like the balance was smaller than what it really was. This way, the sudden drop in the wallet balance would not be visible.
...
I lost quite a bit, so I don't think my fear was misguided. I do think someone had my private keys, and they got some scheme going that is quite significant. If they clean out my wallet instantly, it's too obvious, and the scheme stops. But if they just tap wallets slowly over years, it can go undiscovered for a long time.
Could it be a keylogger? Could it be that I downloaded a bad version of Core? Maybe, I've been sloppy and not done checksum after each download.
Could it be a bad random number generator? I don't know.

Sorry to hear that... but I'm fairly sure that it's not issues in Bitcoin Core... There are Bitcoin Core wallets out there with quite substantial amounts of BTC in them... if it was an, as yet, unpublished vulnerability within Bitcoin Core, then I'm sure there would be more instances of people being milked.

As Bob said, most likely something on your system got compromised.

In any case, it sounds like you've taken steps to prevent it from happening again!

[4EverMaAT]

How to do this in 2024?  I'm using BC 26.0.0 and the console window gives this error that only legacy wallets are supported by this command.

Code:

walletpassphrase(…)

null

dumpwallet Test

Only legacy wallets are supported by this command (code -4)

And no indication is given as to how to do it for "newer" or non-legacy wallets.  So in addition to backing up wallet.dat, how do I export the private keys?

[nc50lc]

How to do this in 2024?  I'm using BC 26.0.0 and the console window gives this error that only legacy wallets are supported by this command.
-snip-
And no indication is given as to how to do it for "newer" or non-legacy wallets.  So in addition to backing up wallet.dat, how do I export the private keys?

You can either export the master private key or the descriptors from listdescriptors true command.

Exporting individual private key isn't safe with the current derivation method used in the new wallet type which doesn't use "hardened derivation" at address_index.
If you really need the private keys of one of your address, you can manually derive it from the master private key with the derivation path indicated in its parent descriptor using any reputable tool/client.

[satscraper]

How to do this in 2024?  I'm using BC 26.0.0 and the console window gives this error that only legacy wallets are supported by this command.

Code:

walletpassphrase(…)

null

dumpwallet Test

Only legacy wallets are supported by this command (code -4)

And no indication is given as to how to do it for "newer" or non-legacy wallets.  So in addition to backing up wallet.dat, how do I export the private keys?

Legacy refer to wallets based on the key-based architecture. As to BC 26.0.0 it creates wallets  the skeleton of which is descriptor based. That is why you got that "code -4 " message when run dumpwallet command. To get list of private keys  run

Code:

listdescriptors true
where true is boolean value for ( private ) argument  of this function.

The output will show you "Array of descriptor objects (sorted by descriptor string representation)"

Each listed descriptor from this array will contain a field relevant to private key.

Setting "true" is  mandatory  value for ( private )  argument as on default it equals to  "false" which results in descriptor for public keys rather than private one.

listdescriptors (26.0.0 RPC): https://bitcoincore.org/en/doc/26.0.0/rpc/wallet/listdescriptors/