Help Unable to export private key

[yinyihai]

The export of the private key failed and this prompt appears

“Only legacy wallets are supported by this command (code -4)”

[BlackHatCoiner]

You cannot export a single private key from descriptor wallets. You can export sufficient information by running listdescriptors true. It will tell you what your master private key is, what your derivation path is etc.

Here's an explanation from the expert:

Descriptor wallets do not allow dumpprivkey because the fundamental principle behind descriptor wallets is that private keys are not enough information to transport a wallet. Private keys lack derivation information and lack information about what kind of scripts to create. They also do not work for wallets that have anything more complicated than just single key scripts. Thus allowing a RPC that only outputs private keys would be working against the point of having descriptors.

Instead of dumpprivkey, descriptor wallets have listdescriptors. This will output all of the descriptors stored in the wallet, which means that it will include information about derivation paths and scripts to create. Descriptors are a full backup of the key and script information stored in the wallet. With 23.0, listdescriptors will also be able to optionally output descriptors containing private keys.

[DubemIfedigbo001]

I guess you're using Bitcoin core which it's recent version doesn't support legacy formats, that's possibly the origin of such error. Starting from Core v24.0, descriptor wallets are the default and you might not be able to export private keys using dumpprivkey.

I think the simplest way to go around this is to import your seed phrases in a wallet that supports exporting private keys such as Electrum wallet. That's a faster and easier way to get your private keys.

[DireWolfM14]

I think the simplest way to go around this is to import your seed phrases in a wallet that supports exporting private keys such as Electrum wallet.

It's a bitcoin core wallet, there's no seed phrase.

[NotATether]

Although the private keys are available in a descriptor wallet that uses "xprv" descriptors, I wonder what the timeline is for support for exporting such kind of wallets to be added into Bitcoin Core.

You cannot export a single private key from descriptor wallets. You can export sufficient information by running listdescriptors true. It will tell you what your master private key is, what your derivation path is etc.

Here's an explanation from the expert:

Descriptor wallets do not allow dumpprivkey because the fundamental principle behind descriptor wallets is that private keys are not enough information to transport a wallet. Private keys lack derivation information and lack information about what kind of scripts to create. They also do not work for wallets that have anything more complicated than just single key scripts. Thus allowing a RPC that only outputs private keys would be working against the point of having descriptors.

Instead of dumpprivkey, descriptor wallets have listdescriptors. This will output all of the descriptors stored in the wallet, which means that it will include information about derivation paths and scripts to create. Descriptors are a full backup of the key and script information stored in the wallet. With 23.0, listdescriptors will also be able to optionally output descriptors containing private keys.

Considering that information, a new RPC call can be added for descriptor wallets to check if the descriptor contains an extended private key, and if found, export that. Or perhaps the first N private keys in case addition derivation paths are used.

[mcdouglasx]

The export of the private key failed and this prompt appears

“Only legacy wallets are supported by this command (code -4)”

It's because it's a descriptor wallet which you should extract the master private key(xpriv) using "listdescriptors true" and from there derive the addresses. I'll give you a script that does it, but it's missing the taproot addresses which this script doesn't derive.

Code:

import hashlib
import base58
import bip32utils
import ecdsa

def sha256(data):
    return hashlib.sha256(data).digest()

def ripemd160(data):
    h = hashlib.new('ripemd160')
    h.update(data)
    return h.digest()

def bch32_plmd(vals):
    gen = [0x3b6a57b2, 0x26508e6d, 0x1ea119fa, 0x3d4233dd, 0x2a1462b3]
    chk = 1
    for v in vals:
        b = (chk >> 25)
        chk = (chk & 0x1ffffff) << 5 ^ v
        for i in range(5):
            chk ^= gen[i] if ((b >> i) & 1) else 0
    return chk

def bch32_expd(hrp):
    return [ord(x) >> 5 for x in hrp] + [0] + [ord(x) & 31 for x in hrp]

def bch32_chksm(hrp, data):
    vals = bch32_expd(hrp) + data
    plmd = bch32_plmd(vals + [0, 0, 0, 0, 0, 0]) ^ 1
    return [(plmd >> 5 * (5 - i)) & 31 for i in range(6)]

def bch32_enc(hrp, data):
    comb = data + bch32_chksm(hrp, data)
    BECH_CHRS = 'qpzry9x8gf2tvdw0s3jn54khce6mua7l'
    return hrp + '1' + ''.join([BECH_CHRS[d] for d in comb])

def cnvrt_bits(data, fbits, tbits, pad=True):
    acc = 0
    bits = 0
    ret = []
    maxv = (1 << tbits) - 1
    for val in data:
        if val < 0 or val >> fbits:
            raise ValueError("Invalid value")
        acc = (acc << fbits) | val
        bits += fbits
        while bits >= tbits:
            bits -= tbits
            ret.append((acc >> bits) & maxv)
    if pad:
        if bits:
            ret.append((acc << (tbits - bits)) & maxv)
        elif bits >= fbits or ((acc << (tbits - bits)) & maxv):
            raise ValueError("Invalid bits")
    return ret

def bch_addr(pubk):
    sha256_r = sha256(pubk)
    rmd = ripemd160(sha256_r)
    data = cnvrt_bits(rmd, 8, 5)
    data = [0] + data
    hrp = 'bc'
    addr = bch32_enc(hrp, data)
    return addr

def p2sh_p2wpkh_addr(pubk):
    sha256_r = sha256(pubk)
    rmd = ripemd160(sha256_r)
    scr_sig = b'\x00\x14' + rmd
    scr_hash = ripemd160(sha256(scr_sig))
    return base58.b58encode_check(b'\x05' + scr_hash).decode()

def derive_addresses(xprv, drv):
    bip32_root_key_obj = bip32utils.BIP32Key.fromExtendedKey(xprv)
    result_text = ""
    
    result_text += "Bech32 Addresses (BIP84):\n"
    for i in range(int(drv)):
        # Receiving Address (index 0)
        drv_key_b84_recv = bip32_root_key_obj.ChildKey(84 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0).ChildKey(i)
        priv_key_b84_recv = drv_key_b84_recv.WalletImportFormat()
        pubkey_b84_recv = drv_key_b84_recv.PublicKey().hex()
        pubk_bytes_b84_recv = bytes.fromhex(pubkey_b84_recv)
        bch32_addr_recv = bch_addr(pubk_bytes_b84_recv)
        result_text += f"Receiving Address {i}:\nPrivate Key: {priv_key_b84_recv}\nPublic Key: {pubkey_b84_recv}\nSegWit Address (Bech32): {bch32_addr_recv}\n\n"
        
        # Change Address (index 1)
        drv_key_b84_change = bip32_root_key_obj.ChildKey(84 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(1).ChildKey(i)
        priv_key_b84_change = drv_key_b84_change.WalletImportFormat()
        pubkey_b84_change = drv_key_b84_change.PublicKey().hex()
        pubk_bytes_b84_change = bytes.fromhex(pubkey_b84_change)
        bch32_addr_change = bch_addr(pubk_bytes_b84_change)
        result_text += f"Change Address {i}:\nPrivate Key: {priv_key_b84_change}\nPublic Key: {pubkey_b84_change}\nSegWit Address (Bech32): {bch32_addr_change}\n\n"
    
    result_text += "Legacy Addresses (BIP44):\n"
    for i in range(int(drv)):
        # Receiving Address (index 0)
        drv_key_b44_recv = bip32_root_key_obj.ChildKey(44 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0).ChildKey(i)
        priv_key_b44_recv = drv_key_b44_recv.WalletImportFormat()
        pubkey_b44_recv = drv_key_b44_recv.PublicKey().hex()
        result_text += f"Receiving Address {i}:\nPrivate Key: {priv_key_b44_recv}\nPublic Key: {pubkey_b44_recv}\nLegacy Address (BIP44): {drv_key_b44_recv.Address()}\n\n"
        
        # Change Address (index 1)
        drv_key_b44_change = bip32_root_key_obj.ChildKey(44 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(1).ChildKey(i)
        priv_key_b44_change = drv_key_b44_change.WalletImportFormat()
        pubkey_b44_change = drv_key_b44_change.PublicKey().hex()
        result_text += f"Change Address {i}:\nPrivate Key: {priv_key_b44_change}\nPublic Key: {pubkey_b44_change}\nLegacy Address (BIP44): {drv_key_b44_change.Address()}\n\n"
    
    result_text += "P2SH Addresses (BIP49):\n"
    for i in range(int(drv)):
        # Receiving Address (index 0)
        drv_key_b49_recv = bip32_root_key_obj.ChildKey(49 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0).ChildKey(i)
        priv_key_b49_recv = drv_key_b49_recv.WalletImportFormat()
        pubkey_b49_recv = drv_key_b49_recv.PublicKey().hex()
        pubk_bytes_b49_recv = bytes.fromhex(pubkey_b49_recv)
        p2sh_addr_recv = p2sh_p2wpkh_addr(pubk_bytes_b49_recv)
        result_text += f"Receiving Address {i}:\nPrivate Key: {priv_key_b49_recv}\nPublic Key: {pubkey_b49_recv}\nP2SH Address (BIP49): {p2sh_addr_recv}\n\n"
        
        # Change Address (index 1)
        drv_key_b49_change = bip32_root_key_obj.ChildKey(49 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(0 + 0x80000000).ChildKey(1).ChildKey(i)
        priv_key_b49_change = drv_key_b49_change.WalletImportFormat()
        pubkey_b49_change = drv_key_b49_change.PublicKey().hex()
        pubk_bytes_b49_change = bytes.fromhex(pubkey_b49_change)
        p2sh_addr_change = p2sh_p2wpkh_addr(pubk_bytes_b49_change)
        result_text += f"Change Address {i}:\nPrivate Key: {priv_key_b49_change}\nPublic Key: {pubkey_b49_change}\nP2SH Address (BIP49): {p2sh_addr_change}\n\n"
    
    return result_text

xprv = "Your-Xpriv"

drv =10

result = derive_addresses(xprv, drv)

print(result)

Code:

xprv = "Your-Xpriv"

drv =Number of addresses to generate

[nc50lc]

The export of the private key failed and this prompt appears

First of all, what will you do with the private key once you exported it?
Because depending on the use-case, it may not be necessary.
e.g.: if you don't want to sync Bitcoin core or needs immediate access to your bitcoins: You just have to export the correct (private) descriptor and import that to a wallet that supports descriptors like Sparrow.

If you really need to export individual private key for some reason, you can follow these instructions:

Here's the procedure (requires https://github.com/iancoleman/bip39):

• Start Bitcoin Core, preferably on an offline machine and enter the command getaddressinfo "bc1address" and take note of the address' "parent_desc" and "ischange" values.
• Next, enter the command listdescriptors true and find the (private) descriptor with the matching script type
  of your address' parent descriptor. (your address' should be "wpkh")
  But there'll be at least two desc with that script type, so based from your address' "ischange" value of 'true' or 'false', pick the descriptor with "internal" of the same value.
• From the correct descriptor, copy it's master private key which is the long "xprv" key. Do not include the script type and '(' before and '/' after it.
• Now open your iancoleman's BIP39 tool in an offline machine and paste your xprv key in "BIP32 Root Key".
• Scroll down a bit and select the correct script type: BIP44 for legacy, BIP49 for Nested-SegWit and BIP84 for Native Segwit.
• The default should be already correct for receiving addresses (internal: false), else, change the internal/external path from '0' to '1'.
• Scroll-down to the derived addresses and it should be there along with its private key.
• If your address' "address_index" is more than 20, you should derive more addresses in BIP39 tool by using the button: "Show ___ more rows" below the address list for it to show.

Regarding the external and internal index, that refers if you want to find your receiving or change addresses.

Take note that this isn't something that you should be doing on an online machine,
Because if any of those private key is compromised, your entire wallet's funds could be compromised as well.

[mr.mister]

One option is, if you're having trouble exporting the private key(s), is to just send all of  your btc to another wallet that uses a mnemonic phrase, and allows for keys to be exported. Problem solved.

[nc50lc]

One option is, if you're having trouble exporting the private key(s), is to just send all of  your btc to another wallet that uses a mnemonic phrase, and allows for keys to be exported. Problem solved.

It works in some cases but it's not what OP is asking.
In case OP needs that specific private key for verification purposes or just don't want to sync Bitcoin Core and import it elsewhere to spend, he can't do that.

This is why I also asked him on what he want to do with the private key so everyone can provide him a better option,
But sadly, he never replied.

[NotATether]

One option is, if you're having trouble exporting the private key(s), is to just send all of  your btc to another wallet that uses a mnemonic phrase, and allows for keys to be exported. Problem solved.

It works in some cases but it's not what OP is asking.
In case OP needs that specific private key for verification purposes or just don't want to sync Bitcoin Core and import it elsewhere to spend, he can't do that.

This is why I also asked him on what he want to do with the private key so everyone can provide him a better option,
But sadly, he never replied.

It's such a simple solution if that's what you want, but if I recall correctly, the descriptor itself in some cases contains an extended private key - if not, then it's a watch-only wallet - and in such cases, you can simply use another software to calculate the derivation path in accordance to the descriptor wallet, which will then yield the private keys.

[nc50lc]

but if I recall correctly, the descriptor itself in some cases contains an extended private key - if not, then it's a watch-only wallet - and in such cases, you can simply use another software to calculate the derivation path in accordance to the descriptor wallet, which will then yield the private keys.

There's a reply three post above yours that shows how's it done.
New Bitcoin Core wallets contain descriptors with the master private key, the only cases it isn't is if the blank/watch-only wallet is specifically imported with descriptors with extended public key or single key descriptors.