I have an odd situation and am looking for some guidance that may save me an absolutely mindblowing amount of work.

I have a bitcoin wallet which has stored a ton of addresses. Many customers and clients pay to their own address, and there is an automated system that wathces those payments and acts on them.

The flash drive that contained the passphrase has been, lets just say it's been irrevocably damaged. (which may or may not have involved our asshole dog). I have it being looked at by a friend who knows about data recovery and electronics, so maybe irrevocable isnt the best term, but, my hopes are not high.

So here's the special circumstance. We lost the passphrase. However, the wallet right now IS OPEN AND UNLOCKED.

Question one: Before we have a power issue or my machine decides to reboot, is it possible to extract the passphrase from memory? It has to be in there somewhere to keep it open. Anyone know how and where to look and with what tool? I used to have a tool back in my video gaming days that would scan the memory of your PC and look for data (42,528gp) and then you change that data (spend some gp) and have it search for the new value. Once it found it, it could edit the data in memory and suddenly you have 999,999gp.

Is anything like that possible with bitcoin?

Second question, not sure if this is harder or easier: We also have a backup of the original wallet BEFORE we added the encryption key. Only a few addresses are in it - so we cant use that (we'd lose over 200 customer private keys). But given we have a wallet with a UNENCRYPTED private key, and the same exact key that IS encrypted, could there be a tool that knowing the before and after, could more easily brute force/figure out the passphrase?

Now before the replies with other alternatives come in, we've already considered them. We cannot just send the balance out to a new address - it's the loss of the current private keys. Issuing each customer a new address and updating all records and the database will be a massive pain in the ass.

Someone else suggested a better option: Export all the private keys, and then re-import them into a new wallet. A better option than above, as we retain all addresses, but it's still a huge amount of work to do by hand (or to hire someone to write the scripts to do it).

That is the option we will go with if we have no other choice. The biggest reason I'm asking here instead of just getting right in on exporting the keys is that we used that passphrase on our LTC wallet also, which is NOT open. The balance in there is not huge - about 81 LTC or so, which is just about 1.2 BTC or so - we could live with losing that, but obviously would rather not, if we could possibly recover the current key.

Is something like this feasiable? Any insight or help would be appreceiated. Thanks in advance.

elbandi had a good solution, just do it right away - I would recommend starting with the largest balances first too in order to save as much as possible so that if you have a power failure, crash, passphrase timeout etc like you mentioned, you'll lose less.

And finally, as my cousin always asks her husband: "Now what have you learned from this?"     

You could probably do elbandi's solution just using a text file if you don't want do code it (and it probably would be faster):
1. dump the address list/dump the wallet
2. Copy the results and open in a text file.
3. Insert dumpprivkey in front of each line using your text editors commands to do it for every line.  In Unix it is pretty easy and in many other editors too.
4. Copy and paste results into the console, and I would think it would execute each line - I haven't tried and am not in front of it to try it.
5. Copy the results of the dumpprivkey list.
6. Edit as needed to reimport into a new wallet.

Then you would not have to do each one individually.  If pasting into console doesn't work, you could always try sending each via RPC automatically with a script.

I do not believe that the password is stored in memory after the wallet is unlocked.  I thought I read this during the heartbleed bug discussion, but have not verified it.


You want to do it while you still can.  ;-)

You want the dumpwallet rpc.

Your computer doesn't know the passphrase.

Are you sure it was the dog and instead you didn't happen to hack some poor person's system  and find their wallet encrypted but unlocked and forget that you have a moral obligation to report the issue and not steal from them? Just checking…

Then you should have stated instead that you already exported the keys, since in your post you wrote that it was too big of a hassle to do that.

Firstly, you're hopefully aware if your wallet is unlocked, you can export all the keys at once (unencrypted) with dumpwallet (which can then be imported all at once into a new wallet with importwallet)?

Regarding your password, sorry to be the bearer of bad news, but it is not stored anywhere in memory and cannot be retrieved. When the wallet is unlocked, the password is used to generate a decryption key which is then used to decrypt your Master Key, and then the password is removed from memory (it is securely overwritten). The decrypted Master Key (which is simply 32 random bytes) alone is stored in memory while the wallet is unlocked, and it is used to decrypt individual private keys on demand. When the wallet becomes locked, the decrypted Master Key is securely overwritten.

So to get your LTC back, I imagine your only options would be recovering your password, restoring your LTC wallet from a backup should you have one, or brute-forcing your LTC wallet if the password is short enough and/or you remember some portion of it...

Poop. Thanks for the insight. Makes sense they'd do it that way. And I posted this on reddit as well and found out that knowing the decrypted private key wont help either.

Guess I have a lot of work ahead of me. Grr. Thanks for the helpful answers guys. I was really hoping to be able to get the LTC back and not have to do as much manual work.

If the wallet has no password it also has no master_key.  The master_key is not randomly generated until the user initially encrypts the wallet.  The decrypted master_key is never stored on disk.


This sentence is unclear.

To initially encrypt the master_key, the client asks the user for a new password.  The password_derived_key is created from the passphrase.  The master_key is encrypted with the password_derived_key.  The password & password_derived_key is removed from memory.

To "unlock" the wallet the client prompts the user for the password.  The password_derived_key is created from the passphrase.  The encrypted_master_key is decrypted with the password_derived_key.  The master_key is stored in memory.  The password & password_derived_key is removed from memory.

The "lock" the wallet, the client deletes the master_key from memory.


I am not sure I understand the question.  If you find the (decrypted) master_key you can use it to decrypt the individual private keys.  No brute force is required, you have the decryption key.

The reason for not encrypting the individual_private_key with the password_derived_key is if the user changes the password then you would need to decrypt and re-encrypt every single private_key.  By using a random "master_key" if the user changes the password you just need to decrypt and re-encrypt the master_key.  


Cryptography done right is pretty amazing.  With Bitcoin we are only at the beginning.

The LTC might be a lost cause, assuming you don't remember anything about the password, but why is there a lot of manual work for your BTC? It should just be a single dumpwallet, rename the wallet.dat file, and then a single importwallet, correct?