How i can creating a Bitcoin Core wallet from a mnemonic ?

[hellossy]

I try use this script https://github.com/tekbe/wallet-tools for generate bitcoin core wallet on mnemonic phrase. When i run create_wallet.sh (i use https://iancoleman.io/bip39/ for generate mnemonic and paste in script), i get new wallet in my bitcoin core, when i generate new address and send little bit btc on him.

I am running my electrum app on my PC and i am trying to add a new wallet with a mnemonic phrase from my main bitcoin wallet (from which I previously created a wallet). Balance = 0. There are no previously sent bitcoins. If I dump a wallet, the right key differs from the one shown on the site, what can I do? Has anyone encountered this? How can you get a mnemonic phrase using core.

[BitMaxz]

I never heard about that tool for generating mnemonic seed phrase, I tried to check the tool it seems it's not a well-known script and there's a possibility that this tool has some backdoor, keyloggers or any related that can steal your BTC.

If I were you much better generate mnemonic seed phrase to any well-known wallet than using script that we don't know if it is safe or not.

Anyway, I found someone posted it here on the forum and maybe it can help.

- https://bitcointalk.org/index.php?topic=5139623.0

[pooya87]

the problem with this method is that it is not clearly defined what it does and the problem with the script is its dependency that was not easy to go through (at least not easy for me). so i would never use it.

I am running my electrum app on my PC and i am trying to add a new wallet with a mnemonic phrase from my main bitcoin wallet (from which I previously created a wallet). Balance = 0. There are no previously sent bitcoins. If I dump a wallet, the right key differs from the one shown on the site, what can I do? Has anyone encountered this? How can you get a mnemonic phrase using core.

that's not how this script and bitcoin core work.
Electrum or any other similar tool use the mnemonic to derive all your child keys at any derivation path you like. this script is just a silly way of deriving the BIP-32 master private key (xprv) then only getting its private key part (first 32-byte of HMAC result) then feeding that as the HD seed used in bitcoin core. then core uses that 32-byte entropy to derive keys at its defined derivation path which if i'm not mistaken is at m/0'/0'

try converting your mnemonic to xprv then decode it using something like http://bip32.org/ and copy the "Key" right below "Chain code" (not the "private key WIF" that is lower lower). then use that in your core as entropy, you should get the same result.

note that i haven't tested this and i'm only speculating based on the source code that i saw. i also don't recommend this method or using any of these sites for generating keys at all. it is too risky.

this is where i looked:
https://github.com/libbitcoin/libbitcoin-explorer/blob/55438a45d9cc20790ca834c1621cfea60d6f4a36/src/commands/hd-to-ec.cpp#L53
https://github.com/libbitcoin/libbitcoin-system/blob/84e8d2a0c6ce4e253669f2f14aedbf74d6b83b1f/src/wallet/hd_private.cpp#L208

[hellossy]

the problem with this method is that it is not clearly defined what it does and the problem with the script is its dependency that was not easy to go through (at least not easy for me). so i would never use it.

I am running my electrum app on my PC and i am trying to add a new wallet with a mnemonic phrase from my main bitcoin wallet (from which I previously created a wallet). Balance = 0. There are no previously sent bitcoins. If I dump a wallet, the right key differs from the one shown on the site, what can I do? Has anyone encountered this? How can you get a mnemonic phrase using core.

that's not how this script and bitcoin core work.
Electrum or any other similar tool use the mnemonic to derive all your child keys at any derivation path you like. this script is just a silly way of deriving the BIP-32 master private key (xprv) then only getting its private key part (first 32-byte of HMAC result) then feeding that as the HD seed used in bitcoin core. then core uses that 32-byte entropy to derive keys at its defined derivation path which if i'm not mistaken is at m/0'/0'

try converting your mnemonic to xprv then decode it using something like http://bip32.org/ and copy the "Key" right below "Chain code" (not the "private key WIF" that is lower lower). then use that in your core as entropy, you should get the same result.

note that i haven't tested this and i'm only speculating based on the source code that i saw. i also don't recommend this method or using any of these sites for generating keys at all. it is too risky.

this is where i looked:
https://github.com/libbitcoin/libbitcoin-explorer/blob/55438a45d9cc20790ca834c1621cfea60d6f4a36/src/commands/hd-to-ec.cpp#L53
https://github.com/libbitcoin/libbitcoin-system/blob/84e8d2a0c6ce4e253669f2f14aedbf74d6b83b1f/src/wallet/hd_private.cpp#L208

Thank you. i will not use this script. I try use electrum with bitcoin core node and install it on my server

[HCP]

The script you are using is not using a "standard" mnemonic to seed system... If we look at the script command we see:

Code:

HDSEED=$(echo $MNEMONIC | bx mnemonic-to-seed -p "$SEEDPW" | bx hd-new | bx hd-to-ec | bx ec-to-wif)

So, it takes your mnemonic, passes that to the "mnemonic-to-seed" command, passes the output of that to "hd-new", passes the output of that to "hd-to-ec" and then passes the output of that to "ec-to-wif"...

This is because Bitcoin Core uses a "WIF" private key as the input to the sethdseed command. If we then investigate what those individual "bx" (libbitcoin explorer) commands do... we find:

"mnemonic-to-seed":

Convert a mnemonic seed (BIP39) to its numeric representation.

Basically, it converts the BIP39 mnemonic to a 256bit hex number.

"hd-new":

Create a new HD (BIP32) private key from entropy.

This is creating an xprv... a Master Private Key... from the 256bits of Entropy that is encoded by the mnemonic.


"hd-to-ec"

Convert a HD (BIP32) public or private key to the equivalent EC public or private key.

This converts our xpriv... to a "standard" single private key (ie. a single bitcoin private key in hex)


Finally, "ec-to-wif":

Convert an EC private key to a WIF private key.

This essentially encodes the hex private key to WIF format, ready for use by Bitcoin Core as the "hdseed".

So, we can see that it's not just the standard system used by a normal BIP39 compatible wallet. Consequently, it might actually be quite difficult to restore a Bitcoin Core wallet generated in this way into another wallet, as while you are using a BIP39 compatible seed mnemonic to start with, it isn't used in the same way to derive the actual seed the wallet is derived from.

Further investigation is also needed to see if there are any "derivation path" differences as well.

Thank you. i will not use this script. I try use electrum with bitcoin core node and install it on my server

You cannot connect Electrum directly to a Bitcoin Core node, as Electrum has it's own messaging protocol. Instead, it requires an Electrum server of some description (ElectrumX, Electrum Personal Server, or electrs etc)

The Electrum server takes care of receiving requests from an Electrum client and forwarding those requests to a Bitcoin Core node and then returning the responses from the Bitcoin Core node back to the Electrum client.

[coinableS]

Bitcoin core wallet has absolutely no ability to import a mnemonic.

Bitcoin core wallet only allows import of single keys (importprivkey), or multiple keys (importmulti).

Bitcoin core also has the ability to turn off the HD wallet with --usehd=0 and just use non-deterministic key pairs.

HD wallets have long been plagued with lack of a standard and lead to people thinking that all they need is their seed words. Unfortunately this causes a false sense of security and users that don't know what they are doing. You need to understand how HD wallets work and which derivation path you are using, not just seed words. From there you can figure out which address have funds, and then you can import those specific key pairs.

[bob123]

HD wallets have long been plagued with lack of a standard and lead to people thinking that all they need is their seed words.

It is standardized. The corresponding BIP is BIP 32.
But you are mistaking the concept of HD wallets (BIP 32) with mnemonic codes (BIP 39), a concept to encode a seed into words.

You need to understand how HD wallets work and which derivation path you are using, not just seed words.

The derivation path is also standardized (BIP 44).

While it is true that you need to know the derivation path, when creating a wallet using some known and reputable software the derivation path will not be some random one you need to write down.

[HCP]

Probably a poor choice of words from coinableS, but I would agree that while there are "standards" like BIP32, BIP44, BIP39... the implementation has been a bit haphazard...

I still think we're in a better position with HD wallets than the old "random collection of random keys" system tho

[pooya87]

It is standardized. The corresponding BIP ~

BIPs are not standards, they are "proposals". that's also what the 'P' stands for which is why different wallets don't use the same BIPs and some don't even use BIPs at all (eg. Electrum's implementation of mnemonics, or the versioned WIFs). and that includes all of them, for example there is nothing stopping a wallet from using a better version of BIP32 for its deterministic key derivation.

P.S. we can only call consensus related BIPs standards (eg. BIP16, 143)

[bob123]

BIPs are not standards, they are "proposals". that's also what the 'P' stands for [...]

I am indeed aware that these are Proposals.
But they are nonetheless standards which either are or aren't implemented in wallets.

There is no centralized authority which decides what is going to be implemented. It is a standard achieved by consensus.

BIP 39 simply is a standard on how to generate a mnemonic code. Developers can either decide to implement it (like ~95% of all wallets), or they don't (e.g. electrum).

[Timelord2067]

Are the funds still in the wallet addresses that you sent test transactions to?  Or, as @BitMaxz has suggested there is a back door and the funds have been moved elsewhere?

[pooya87]

Are the funds still in the wallet addresses that you sent test transactions to?  Or, as @BitMaxz has suggested there is a back door and the funds have been moved elsewhere?

he didn't suggest there definitely is a backdoor that you claim with certainty that there is and the funds are lost. he said due to lack of popularity of the project there is a good chance that it may have backdoors.

a bigger problem with this tool which i forgot to mention before is the lack of tests. even if the code weren't malicious, something like this has to be thoroughly tested which it currently isn't.

[Timelord2067]

Or, as @BitMaxz has suggested there is a back door ...

he didn't suggest there definitely is a backdoor that you claim with certainty that there is and the funds are lost.

Um... ok...

I never heard about that tool for generating mnemonic seed phrase, I tried to check the tool it seems it's not a well-known script and there's a possibility that this tool has some backdoor, keyloggers or any related that can steal your BTC.

If I were you much better generate mnemonic seed phrase to any well-known wallet than using script that we don't know if it is safe or not.

Anyway, I found someone posted it here on the forum and maybe it can help.

- https://bitcointalk.org/index.php?topic=5139623.0

I must be reading a different thread from you.

[bob123]

Or, as @BitMaxz has suggested there is a back door ...

he didn't suggest there definitely is a backdoor that you claim with certainty that there is and the funds are lost.

Um... ok...

I never heard about that tool for generating mnemonic seed phrase, I tried to check the tool it seems it's not a well-known script and there's a possibility that this tool has some backdoor, keyloggers or any related that can steal your BTC.

If I were you much better generate mnemonic seed phrase to any well-known wallet than using script that we don't know if it is safe or not.

Anyway, I found someone posted it here on the forum and maybe it can help.

- https://bitcointalk.org/index.php?topic=5139623.0

I must be reading a different thread from you.

It seems like you are indeed misunderstanding something.

The fact that the possibility - that a backdoor is included - exists, does not mean that there indeed is a backdoor included.

Possibly malicious is not the same as proven to be malicious.


Nowhere did he claim that it indeed contains some kind of malware. All he said was that there is a possibility (which is completely true).

[MrFreeDragon]

I try use this script https://github.com/tekbe/wallet-tools for generate bitcoin core wallet on mnemonic phrase. When i run create_wallet.sh (i use https://iancoleman.io/bip39/ for generate mnemonic and paste in script), i get new wallet in my bitcoin core, when i generate new address and send little bit btc on him.
-snip-

Most likely, the script you use does not follow the BIP39 standard. BIP39 standard means adding mnemonic word as a salt and concatenate it with the seed. After that the whole seed together with added word "mnemonic" is hashed 2048 times with HMAC-SHA512 and you receive the 512 bit number consisted from master private key and chain code (256bit each) as left and right sides).



So, you should be sure that the script you use follows the BIP39 standards. It seems it is not. For example, for BIP32 standard you need to use HMAC-SHA512 with the key Bitcoin seed.

Have a read this topic, probably it will help you as well: https://bitcoin.stackexchange.com/questions/84116/get-master-private-key-from-bip39-seed