mk4 (OP)
Legendary
Offline
Activity: 2926
Merit: 3881
📟 t3rminal.xyz
|
|
July 31, 2022, 05:41:32 AM |
|
It seems like he's using a hardware wallet, but his backup wasn't a 12-24 word recovery phrase, but an encrypted file? I don't get it. I need someone that has far more braincells than me to please explain this LOL. Tweet link: https://twitter.com/TheVladCostea/status/1553218817572196356
|
|
|
|
Husna QA
Legendary
Offline
Activity: 2450
Merit: 3041
Payment Gateway Allows Recurring Payments
|
|
July 31, 2022, 06:44:29 AM Last edit: May 16, 2023, 03:21:53 PM by Husna QA |
|
I've experienced something almost similar to Trezor. When connected to Electrum, it asks for a passphrase. But I have never received a notification like the one above. I tried to match the password between Trezor and Electrum, but the wallet is stuck and won't open. If he's using Trezor, try connecting Trezor to the Trezor Suite. In the settings, select the Device tab and disable Passphrase. After that, close Trezor Suite and try to reconnect Trezor to Electrum.
|
|
|
|
witcher_sense
Legendary
Offline
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
|
|
July 31, 2022, 07:03:40 AM Merited by Pmalek (1), mk4 (1) |
|
It seems like he's using a hardware wallet, but his backup wasn't a 12-24 word recovery phrase, but an encrypted file? I don't get it. I need someone that has far more braincells than me to please explain this LOL.
It all sounds like his hardware wallet is used to unlock a normal electrum wallet, meaning that it somehow sends a password to Electrum and unlocks an encrypted file. A very bizarre setup, to put it mildly. Normally, a wallet file created by a hardware wallet won't contain any critical information - only metadata like xpub, addresses, transactions, labels, etc. No private keys or seed phrases. All private keys are always held on a hardware device completely offline. So, unencrypting a wallet file with no private keys gives nothing - you still need a working hardware device to sign transactions. I think that the crux of the matter is that he made a rookie mistake, he should have written down his recovery phrase somewhere, but he obviously didn't do it. If he had his recovery words on hand, he could insert them directly into a new Electrum wallet and get access to his funds.
|
|
|
|
Cricktor
Legendary
Offline
Activity: 938
Merit: 1452
Crypto Swap Exchange
|
|
July 31, 2022, 09:51:45 AM |
|
It seems like he's using a hardware wallet, but his backup wasn't a 12-24 word recovery phrase, but an encrypted file? I don't get it. I need someone that has far more braincells than me to please explain this LOL.
I might have exactly the same setup as the Twitter dude. My hardware wallet is a PiTrezor and for safety reasons using a mnemonic seed passphrase is recommended, because all wallet data and secrets are stored on the microSD card of the Raspi Zero. I'm still evaluating the PiTrezor, therefore I used it only with Testnet Bitcoin wallets so far and I try to replicate a lot of test scenarios. The Electrum Testnet wallet I setup with my PiTrezor is locked by the PiTrezor, so a potential thief should not have access to the funds without the mnemonic seed passphrase and can't open the Electrum wallet either. He wouldn't be able to see my transaction history nor any other details of my wallet. The error message indicates that the mnemonic seed passphrase has been entered wrongly. As every character counts, even trailing spaces, and UTF-8 is internally used the user needs to be careful. I'm not going to look into the Twitter thread if and what exactly is screwed up. All I can say is if you use it properly it works as it should. What I totally don't understand is: doesn't this Twitter dude have the mnemonic seed words and mnemonic seed passphrase as backup. That is all he needs to restore his wallet. In a safe offline environment (e.g. boot TAILS in offline mode) he could recover his wallet with the mnemonic seed words and mnemonic passphrase and check if his public addresses are correct and the wallet recovery worked properly. Then he knows that his mnemonic data is properly documented and a wallet recovery is no issue. I have no idea why this Twitter dude writes that there's no "seed phrase". It could be semantics, whatever he means by "seed phrase". I call the seed words as mnemonic seed words to avoid ambiguity. The optional seed passphrase I call mnemonic seed passphrase, not e.g. 25th word or so as it's not necessarily a single word. I think that the crux of the matter is that he made a rookie mistake, he should have written down his recovery phrase somewhere, but he obviously didn't do it. If he had his recovery words on hand, he could insert them directly into a new Electrum wallet and get access to his funds.
This! In the onboarding process when you create a new wallet with your hardware device you usually get the very clear instructions to write down the mnemonic seed words. How and why do people mess this up? Usually you also need to confirm that you documented your mnemonic seed words properly. OK, I'm no rookie with HD-wallets and I fairly know pretty well how they work and what is important. So I might lack the understanding why rookies screw things up.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
The wallet he is talking about is a BitBox2.He also says he can unlock the hardware wallet, but cannot decrypt the Electrum file. When he unlocks the hardware wallet and generates a new Electrum wallet file, he is shown zero balance. This means he either has the wrong passphrase or the wrong derivation path. And yes, he has failed at the most basic task of ensuring he has a working back up.
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
July 31, 2022, 12:45:06 PM |
|
And yes, he has failed at the most basic task of ensuring he has a working back up.
I guess that we will have to insist more and more in telling people to verify the backups / restore options for their hardware wallets. People don't understand what they're doing and make mistakes. I expect to see problems more often, since most people just start using hardware wallets.
This means he either has the wrong passphrase or the wrong derivation path.
My vote goes for bad passphrase. Maybe an enter or space at the end; maybe upper case problem? I hope he can recover his funds.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
I guess that we will have to insist more and more in telling people to verify the backups / restore options for their hardware wallets. People don't understand what they're doing and make mistakes. I expect to see problems more often, since most people just start using hardware wallets. True, but the guy in question here runs a bitcoin podcast and has 11k Twitter followers. He has recently interviewed people like Peter Todd and Pavol Rusnak (co-founder of Trezor). And yet still he seems to have failed in basic bitcoin 101 of making and checking a back up, and has potentially lost his coins. How can we expect newbies to do any better when crypto "influencers" (God I hate that word) who have spent thousands of hours immersed in all things cryptocurrency don't understand the basics and are teaching bad practices. He does seem to be sponsored by a custodial wallet/centralized exchange and an anti-privacy wallet though, so make of that what you will. He is also making questionable statements like this one: Encrypting your wallet with a hardware device as the single point of failure > your boating accident Your hardware device doesn't encrypt your wallet - it is the wallet. All Electrum is doing is interacting with the keys on the hardware device. The Electrum file only contains addresses, labels, and so on. He doesn't seem to understand this. Also, your hardware wallet is only the single point of failure if you fail to make a basic back up, like every hardware wallet tells you to do before you use it. And this one: I tried to change the passphrase, remove it entirely, still the same error message. It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet.
|
|
|
|
n0nce
|
The wallet he is talking about is a BitBox2.He also says he can unlock the hardware wallet, but cannot decrypt the Electrum file. When he unlocks the hardware wallet and generates a new Electrum wallet file, he is shown zero balance. This means he either has the wrong passphrase or the wrong derivation path. And yes, he has failed at the most basic task of ensuring he has a working back up. Yeah; BitBox does offer an 'easy' backup through an encrypted file on a microSD card, but you absolutely should also do a regular seed word backup. It does support it and you can even print the seed offline from that microSD card e.g. if you have a printer that is not internet-connected and which has a USB media-in port. Laminate that paper and you're golden. And this one: I tried to change the passphrase, remove it entirely, still the same error message. It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet. That's kind of sad.. Bitcoin Twitter 'celebrity' (?) but no idea about passphrases.. *sigh*
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
July 31, 2022, 06:56:27 PM |
|
True, but the guy in question here runs a bitcoin podcast and has 11k Twitter followers. He has recently interviewed people like Peter Todd and Pavol Rusnak (co-founder of Trezor). And yet still he seems to have failed in basic bitcoin 101 of making and checking a back up, and has potentially lost his coins. How can we expect newbies to do any better when crypto "influencers" (God I hate that word) who have spent thousands of hours immersed in all things cryptocurrency don't understand the basics and are teaching bad practices. He does seem to be sponsored by a custodial wallet/centralized exchange and an anti-privacy wallet though, so make of that what you will.
So the guy has made a nice business. Very smart of him. Unfortunately, as seen even on this very forum, even high ranked people may have no idea about certain basic topics or may be completely wrong. That's why the first thing people have to learn is to cross-check every "information" they get. (Since I have kids I got to the point I need to do this even with medics!). Your hardware device doesn't encrypt your wallet - it is the wallet. We know this. And I thought it's already clear that this guy has no idea It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet.
Many think that passphrase is an encryption password for the seed. It's a bit confusing, since the word passphrase is also user for multi-word passwords. And since it's clear that this guy took "shortcuts" instead of reading and understanding what he's doing, ... I'm not that much surprised by the confusion (!). Yeah; BitBox does offer an 'easy' backup through an encrypted file on a microSD card, but you absolutely should also do a regular seed word backup. Yep, I've read about that somewhere. But I find it more a confusing feature than a helpful one. As must as we hate Ledger for their mistakes, at least they've kept the things simple so the average Joe cannot make mistakes too easy.
|
|
|
|
jackg
Copper Member
Legendary
Offline
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
|
|
July 31, 2022, 10:10:38 PM |
|
This means he either has the wrong passphrase or the wrong derivation path.
My vote goes for bad passphrase. Maybe an enter or space at the end; maybe upper case problem? I hope he can recover his funds. Electrum doesn't ask for you to confirm your wallet when you try to access it so this seems plausible - I don't make new hardware wallets in electrum for this reason, I access them from it but don't do the original making there because of the chance of making a mistake (trezor gets you to confirm the passphrase on the device now, I'm not sure if other hardware wallets do yet). I tried to change the passphrase, remove it entirely, still the same error message. It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet. This is another good competitor for what they've done - "changed" the password and assumed it "worked"/that was all that was needed.
|
|
|
|
dkbit98
Legendary
Offline
Activity: 2408
Merit: 7561
|
|
July 31, 2022, 10:13:03 PM |
|
It seems like he's using a hardware wallet, but his backup wasn't a 12-24 word recovery phrase, but an encrypted file? I don't get it. I need someone that has far more braincells than me to please explain this LOL.
I think this twitter dude and youtuber Vlad (from Romania) recently registered account to bitcointalk forum, so you can ask him yourself if you want what happened Vlad BTCTKVR: https://bitcointalk.org/index.php?action=profile;u=3493228Maybe there is some issue with his hardware wallet, but he should have backup of seed words and passphrase offline, so I don't understand why he is in panic mode about this. I would try using native application in his place, double check everything and try using different hardware wallet with his words/passphrase. My vote goes for bad passphrase.
There is no such thing as a bad passphrase. it would just create new empty unused wallet with that soil. PIN or password is a different story.
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3850
Merit: 6583
Looking for campaign manager? Contact icopress!
|
|
August 01, 2022, 04:06:44 AM |
|
My vote goes for bad passphrase.
There is no such thing as a bad passphrase. it would just create new empty unused wallet with that soil. PIN or password is a different story. Bad passphrase as not 100% identical passphrase like the one set at the creation of the original wallet. Better? Something that has just occurred to me is that electrum may trim non-printable characters (was the original wallet created with electrum?)
|
|
|
|
NotATether
Legendary
Offline
Activity: 1778
Merit: 7372
Top Crypto Casino
|
|
August 01, 2022, 04:25:38 AM |
|
What is the benefit to such a complex set up anyway? Maybe to tell the Feds: "Sorry, I cannot access these bitcoins" or to confound them during the recovery process?
It certainly looks like a setup optimized for loss-destruction (if you lose any of the pieces of info, access is lost and your wallet is effectively destroyed).
|
|
|
|
witcher_sense
Legendary
Offline
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
|
|
August 01, 2022, 06:10:09 AM |
|
The wallet he is talking about is a BitBox2.He also says he can unlock the hardware wallet, but cannot decrypt the Electrum file. When he unlocks the hardware wallet and generates a new Electrum wallet file, he is shown zero balance. This means he either has the wrong passphrase or the wrong derivation path. And yes, he has failed at the most basic task of ensuring he has a working back up. Thanks for the clarification. He may have created a watch-only wallet (I mean the wallet that doesn't store any private keys) using passphrase X, generated and funded several addresses (he claims he can see balances using a block explorer), and never tried to spend from those addresses. Now he is trying to recover his encrypted Electrum wallet using something different (passphrase Y), and that is why he is seeing an error message in the old wallet and empty addresses in the newly created one. The fact that the hardware wallet shows him there might be something wrong with the passphrase makes me think that it is not a standard BIP39 passphrase (which cannot be "wrong") but some encryption key that scrambles the metadata inside a wallet file. If he is trying to recover a wallet in an incorrect way using this encryption key as a BIP39 passphrase, it is no wonder that he gets a completely different set of keys and addresses.
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
August 01, 2022, 09:29:54 AM |
|
What is the benefit to such a complex set up anyway? Maybe to tell the Feds: "Sorry, I cannot access these bitcoins" or to confound them during the recovery process? Which doesn't really make sense. Something doesn't need to be complex in order to forget it. Simply saying "I've forgotten my PIN and have no seed phrase" is probably more believable than "I've created a needlessly complex system I don't really understand and now can't figure it out". The fact that the hardware wallet shows him there might be something wrong with the passphrase makes me think that it is not a standard BIP39 passphrase (which cannot be "wrong") but some encryption key that scrambles the metadata inside a wallet file. I think it is still a BIP39 passphrase. If you have already created an Electrum wallet paired to a hardware wallet which has a BIP39 passphrase, and then try to open that Electrum wallet file with the hardware wallet attached but with a different passphrase enabled, then you get this error. You can reproduce this on Ledger and Trezor devices too. It's just Electrum's error message of saying whatever wallet is open on the hardware wallet does not match the Electrum wallet file, and therefore it cannot be decrypted. This would also fit with the fact that he said he tried a different passphrase or no passphrase at all and received the same error when trying to open the existing Electrum wallet file, and also that he could create a new Electrum wallet file paired with his hardware wallet but it was showing a bunch of empty unused addresses.
|
|
|
|
Cricktor
Legendary
Offline
Activity: 938
Merit: 1452
Crypto Swap Exchange
|
|
August 01, 2022, 10:04:45 AM Last edit: August 01, 2022, 10:25:25 AM by Cricktor |
|
When he creates an Electrum wallet based on a hardware device like Trezor or Bitbox02, then the Electrum wallet is something like a watch-only wallet, except that it allows to sign and transfer funds with the hardware wallet device acting as signing device. The Electrum wallet stores the Extended Public Key to derive addresses according to the derivation path in use. It should conform to BIP39 and as far as my experience goes, the hardware device communicates relevant details to Electrum. There's not much to tweak here, when you setup such a wallet. A user needs to understand some basic HD wallet and hardware wallet device details. The hardware wallet device can be unlocked by a PIN or Password/Passphrase. For convenience and ease of entry usually a PIN is used. You're usually allowed to enter only a few tries for PIN entry before the device resets itself. I consider this safe enough as long as you use no stupid PIN (I'd recommend at least 6 digits and no trivial numbers like 123456 or similar brain-dead combos). The HD wallet is determined by its Seed, represented in safely human readable form as Mnemonic Words, maybe an optional Mnemonic Passphrase (any unique Mnemonic Passphrase derives an unique HD wallet) and Derivation Path. With these details you can usually recover the HD wallet and every user should safely check if this works. This isn't very easy if you care about proper safety but it's no rocket science either. You can choose to have the Electrum wallet be encrypted by the hardware wallet device. I don't see how this is a recipe for coin destruction unless a user fails to safely and redundantly store the basic HD wallet details needed for proper recovery of the HD wallet, in particular the Mnemonic Words, an optional Mnemonic Passphrase and conveniently the Derivation Path. This is basic HD wallet 101 or should be... The fact that the hardware wallet shows him there might be something wrong with the passphrase makes me think that it is not a standard BIP39 passphrase (which cannot be "wrong") but some encryption key that scrambles the metadata inside a wallet file. If he is trying to recover a wallet in an incorrect way using this encryption key as a BIP39 passphrase, it is no wonder that he gets a completely different set of keys and addresses.
It's not the hardware wallet device that shows the error this Twitter dude sees, it's Electrum. I have no idea what you mean by "not a standard BIP39 passphrase". How exactly Electrum derives the wallet file encryption key from the hardware wallet device is something which might need to be checked with Electrum devs or by simply inspecting the Electrum wallet code for those capable of reading and understanding the code. I have such a Testnet Electrum wallet encrypted by my PiTrezor. The Electrum wallet file looks like any fully encrypted Electrum wallet file. The Electrum wallet encryption key was never shown or exposed to me. The PiTrezor "wallet" is BIP39 of course by default and I use a Mnemonic Passphrase for safety reasons as the PiTrezor can't protect secret wallet data due to its data storage concept on unencrypted microSD card. When I want to open the Electrum wallet, I have to connect the PiTrezor, unlock it with the PIN and then I'm asked to enter the Mnemonic Passphrase and confirm it on the PiTrezor. Provided no input errors have been made which I could've spotted at the confirmation step the Electrum wallet gets unlocked and opened. I'd assume it's the same with a Bitbox02. As far as I remember, I tested that I can reset the PiTrezor, recover the HD wallet with saved Mnemonic Words and Mnemonic Passphrase and the PiTrezor still be able to unlock my PiTrezor encrypted Electrum wallet. But even if that wouldn't work because some specific serial no. of the particular hardware wallet device is mangled into the Electrum wallet encryption key (which is never exposed to the user in such a setup): no problem, no coins lost as you can create a new Electrum wallet file based on your hardware wallet device and the saved HD wallet details in it. (You might loose transaction comments/labels and active LN channels are an issue, so you may loose some Sats due to LN channel recovery/closing).
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18746
|
|
August 01, 2022, 10:38:01 AM |
|
The hardware wallet device can be unlocked by a PIN or Password/Passphrase. Slight pet peeve, but I think it's better not to use the word passphrase when discussing the hardware wallet's local unlock mechanism, and keep the word passphrase for reference to the seed phrase extension. Some of the issues that newbies have similar to this one is because they don't understand what a seed phrase passphrase is or does and confuse it with a PIN/password for unlocking their device. I don't see how this is a recipe for coin destruction unless a user fails to safely and redundantly store the basic HD wallet details needed for proper recovery of the HD wallet, in particular the Mnemonic Words, an optional Mnemonic Passphrase and conveniently the Derivation Path. It isn't a recipe for destruction at all. As you point out, the Electrum wallet is simply a watch only wallet. It is encrypted with the hardware wallet only for privacy reasons and to stop other people viewing your addresses, not for any security purposes and not because it contains any critical information. Even if you completely lose the Electrum wallet file, then you can just create a new one with the same addresses by using the same hardware wallet with the same passphrase enabled.
|
|
|
|
Cricktor
Legendary
Offline
Activity: 938
Merit: 1452
Crypto Swap Exchange
|
|
August 01, 2022, 11:28:39 AM Last edit: August 01, 2022, 11:47:56 AM by Cricktor |
|
I try to be consistent and accurate as follows: Seed = huge integer, usually 2256 bits, upto ~1.15*1077 as decimal, 32 hexadecimal digits Mnemonic (Seed) Words = BIP39 representation of Seed for better documentation by humans Mnemonic (Seed) Passphrase = optional passphrase as defined by BIP32
I concur to better not say passphrase in the context of the unlocking secret for a hardware wallet device. Unlocking secrets can be changed without affecting the HD wallet.
I don't like very much to speculate, especially when the affected user is not participating in this thread here but maybe this is what this Twitter "celeb" messes up, the distinction between wallet file encryption password, hardware wallet device PIN/password and Mnemonic Seed Passphrase. The first two don't affect the HD wallet, the latter does!
|
|
|
|
witcher_sense
Legendary
Offline
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
|
|
August 01, 2022, 12:24:53 PM |
|
I try to be consistent and accurate as follows: Seed = huge integer, usually 2256 bits, upto ~1.15*1077 as decimal, 32 hexadecimal digits You are confusing seed with something else called "a private key", which is an 256 (not 2 256) bits long integer used to calculate a corresponding public key (point on an elliptic curve) by multiplying the generator point (G) private key times. 2 256 or 1.15*10 77 is the number of possible (valid) private keys (integers). Mnemonic (Seed) Words = BIP39 representation of Seed for better documentation by humans If by seed you mean entropy+checksum then yes, mnemonic words represent this number and make it more human-friendly. But usually, the seed is produced from mnemonic words (not the other way around) by means of a key stretching function called PBKDF2. This function produces a 512-bit number - the seed.
|
|
|
|
PawGo
Legendary
Offline
Activity: 952
Merit: 1385
|
|
August 01, 2022, 01:56:10 PM |
|
I try to be consistent and accurate as follows: Seed = huge integer, usually 2256 bits, upto ~1.15*1077 as decimal, 32 hexadecimal digits You are confusing seed with something else called "a private key", which is an 256 (not 2 256) bits long integer used to calculate a corresponding public key (point on an elliptic curve) by multiplying the generator point (G) private key times. 2 256 or 1.15*10 77 is the number of possible (valid) private keys (integers). In fact it is a slightly different. First at all, you have entropy, which could be 128... 256 bits. Entropy could be converted into mnemonic phrase, taking into account that it requires a one extra step - calculation of checksum, which part is appended into bits from entropy. Checksum is needed to "discover" the last word, as each word from dictionary requires 11 bits known. That way for example 128 bits of entropy gives 11 words * 11 bits = 121bits, + 12th word is composed from 7 bits from entropy + 4 bits from checksum build from 128 known bits. 256 bits gives: 23 * 11 = 253 bits, so we have 23 "hard" words + 24th word created from 3 entropy bits + 8 checksum bits. Then, mnemonic phrase "word1 word2 ... word12" is converted into seed using PBKDF2 (sha512) etc. At this moment extra words are used. Then seed is converted into master priv key, which is used to obtain child keys. That's why having master priv key, you cannot find mnemonic phrase!
|
|
|
|
|