Forgot my seed, need help please!

[user2015]

I recently reinstalled my windows (still got the old user files from previous windows). Found the old default_wallet file, and tryed to replace it with the new one from the freshh installed portable client. First i thought its done because i could see my btc balance, but when i tryed to send the btc to another wallet i got password incorrect error... I tryed both, the old password and the new one... and both didnt match.Then i runed another portable version' and pasted the file there. And now i cant see the balance on both clients...
I guess the default_wallet changed itself when i ran the client, and i dont have the original file anymore by mistake... When i tried to manipulate with the file i made a copy of the encripted seed code to a txt file. It looks like this :
seed_password = 'a'
seed = 'hGt+sQGFlt7Dhgb3a1kHetNJmlxrMQrZ3D8mheYgVr79ZEGOZK1btAzv44QMwGQ2K+1a/1ct10abxrX56OtvFA=='

So the question is... Is it possible to get the seed back,by knowing the code above? Some help would be realy appreciated! Thanks!

[1715487633]

1715487633

[1715487633]

1715487633

[1715487633]

1715487633

[1715487633]

1715487633

[1715487633]

1715487633

[btchris]

seed_password = 'a'
seed = 'hGt+sQGFlt7Dhgb3a1kHetNJmlxrMQrZ3D8mheYgVr79ZEGOZK1btAzv44QMwGQ2K+1a/1ct10abxrX56OtvFA=='

So the question is... Is it possible to get the seed back,by knowing the code above? Some help would be realy appreciated! Thanks!

First thing: if you think that is your seed and your password, it's a really bad idea to be posting it on the Internet. Luckily for you, it seems it's not.

I don't really understand the chain of events you described, but the "seed" you posted above is definitely not an Electrum 1.x seed (and it's too short for a normal Electrum 2.x seed).

It can be decrypted with the seed_password you posted using Electrum's kdf and cipher, and the result is "This is just a test for AES decryption!", but as an Electrum seed it's meaningless, so I couldn't say where it came from.

[user2015]

Thank you for the reply! Iv'e just posted this seed as an example. I found it somewhere on the internet. Ofcourse i wouldnt put the real one, to make it visible to everyone Iv'e been looking for the Electrum kdf, but i couldnt find it... Could you explain how to use these tools, and where can i download them ? Thanks!

[btchris]

Thank you for the reply! Iv'e just posted this seed as an example. I found it somewhere on the internet. Ofcourse i wouldnt put the real one, to make it visible to everyone Iv'e been looking for the Electrum kdf, but i couldnt find it... Could you explain how to use these tools, and where can i download them ? Thanks!

Sure, just follow the instructions here: https://github.com/gurnec/decrypt_electrum_seed

If you don't have an Electrum wallet to use the script on, you can create a minimalist one containing this (it's just a JSON text file):

Code:

{"seed": "hGt+sQGFlt7Dhgb3a1kHetNJmlxrMQrZ3D8mheYgVr79ZEGOZK1btAzv44QMwGQ2K+1a/1ct10abxrX56OtvFA==", "use_encryption": true}

If you do need to create your own, the Python script will spit out a bunch of warnings which you can mostly ignore.

FYI the KDF is sha256(sha256("password")), and the encryption is AES-256 in CBC mode with PKCS7 padding. Electrum 1's own mnemonic.py library is included and used if it's an Electrum 1 seed to finish the conversion from seed to mnemonic sentence.

[dabura667]

So the question is... Is it possible to get the seed back,by knowing the code above? Some help would be realy appreciated! Thanks!

No, not by the encrypted seed alone.

First, understand what AES encryption does. It takes input data and jumbles it up into random looking data... When you test a password, the only way you can know if it's the right password is if you get back the original message.

Why does this matter?

With Electrum 1.x, the "message" being encrypted is 16 random bytes of information (the decoded seed)... so the only way to know whether you got the password correct or not is to do the following:

1. Decrypt with AES and your password attempt.
2. Hash the result with itself 100000 times.
3. Use that final hash as a private key and find the x and y values of the public key.
4. Compare the x and y values to your wallet's MPK (master public key) and if they are equal, then your passphrase was correct.

So as I have shown in step 4, you ALSO need the MPK (it should be 128 character hexidecimal (0-9A-F) string) of the wallet that contained that encrypted seed.

1.x wallets store the MPK as

Code:

"mpk": "f3b9ecda...7ca3bef7"

If you would like to make a script that tests many passwords, you will first have to understand how to derive from the decoded seed to the master public key.

[btchris]

With Electrum 1.x, the "message" being encrypted is 16 random bytes of information (the decoded seed)...

Actually that's not true.

The message being encrypted is a hex-encoded string of the 16 random bytes; it's 32 hex digits. On top of that, it's PKCS7 padded, which for a 32-byte string results in 16 bytes all of value 0xf being appended to the end of the string before encryption. This makes it very easy (and fast) to test passwords against Electrum 1.x wallets (with 2.x you can use a similar trick by trying to decrypt the master private key which is encoded in BIP32 xprv format before encryption).

If you would like to make a script that tests many passwords, you will first have to understand how to derive from the decoded seed to the master public key.

Source: I have done so.... https://github.com/gurnec/btcrecover

so the only way to know whether you got the password correct or not is to do the following:

1. Decrypt with AES and your password attempt.
2. Hash the result with itself 100000 times.
3. Use that final hash as a private key and find the x and y values of the public key.
4. Compare the x and y values to your wallet's MPK (master public key) and if they are equal, then your passphrase was correct.

Out of all of the wallets btcrecover supports (roughly 10 depending on how you count), the only wallet where I actually have to go so far as to derive a pubkey from a privkey to check if a password is correct is Armory. All of the others offer similar tricks to prevent having to doing so.

That's not to say that they're all insecure. Although it's true there are a surprising number of wallets with non-existent key stretching, there are a few that do it right (from a key stretching point of view, anyways, some of these have other encryption issues): Bitcoin Core, Armory, MultiBit HD, Hive for OS X (vanilla bitcoinj), and to a much lesser extent Blockchain.info's most recent version as of roughly late last year.

[user2015]

Could anyone make a video of how to do this? i would pay that person as soon as i get the coins back...

[dabura667]

Could anyone make a video of how to do this? i would pay that person as soon as i get the coins back...

Just to clarify, what exactly do you want the video to show?

Taking the MPK and the encrypted seed and attempt passwords on it to check if the password is correct?

Is that it?

[user2015]

It can be decrypted with the seed_password you posted using Electrum's kdf and cipher, and the result is "This is just a test for AES decryption!", but as an Electrum seed it's meaningless, so I couldn't say where it came from.

btchris managed to decrypt the code which i posted as an example. So basically i need some kind of tutorial to fugure out how to use "electrum kdf and cipher" to decrypt the real code.

[btchris]

It can be decrypted with the seed_password you posted using Electrum's kdf and cipher, and the result is "This is just a test for AES decryption!", but as an Electrum seed it's meaningless, so I couldn't say where it came from.

btchris managed to decrypt the code which i posted as an example. So basically i need some kind of tutorial to fugure out how to use "electrum kdf and cipher" to decrypt the real code.

Do you have an Electrum wallet file?

If not, can you create a text file like this, except put your real encrypted seed in it?

Code:

{"seed": "hGt+sQGFlt7Dhgb3a1kHetNJmlxrMQrZ3D8mheYgVr79ZEGOZK1btAzv44QMwGQ2K+1a/1ct10abxrX56OtvFA==", "use_encryption": true}

If you can, you can follow the instructions I posted above to download and run a decryption tool, here:
https://github.com/gurnec/decrypt_electrum_seed

[user2015]

It seems like my wallet file broke down. But the good thing i saved the code to an txt file before it happened. So now i installed python 2, and opened it with terminal. What should i do next ?

[Abdussamad]

If you don't know how to do this yourself perhaps its best if you handed this work over to someone else? Dave of wallet recovery services gets recommended a lot on this forum.

[jack14]

It can be decrypted with the seed_password you posted using Electrum's kdf and cipher, and the result is "This is just a test for AES decryption!", but as an Electrum seed it's meaningless, so I couldn't say where it came from.

btchris managed to decrypt the code which i posted as an example. So basically i need some kind of tutorial to fugure out how to use "electrum kdf and cipher" to decrypt the real code.

Do you have an Electrum wallet file?

If not, can you create a text file like this, except put your real encrypted seed in it?

Code:

{"seed": "hGt+sQGFlt7Dhgb3a1kHetNJmlxrMQrZ3D8mheYgVr79ZEGOZK1btAzv44QMwGQ2K+1a/1ct10abxrX56OtvFA==", "use_encryption": true}

If you can, you can follow the instructions I posted above to download and run a decryption tool, here:
https://github.com/gurnec/decrypt_electrum_seed

i have the same problem please help,maybe you can to make video lesson how to do it,please

[user2015]

I figured out how to do it, but im getting this message :

Traceback (most recent call last):
  File "C:\Users\user\Downloads\btcrecover-master\seedrecover.py", line 1292, in
 <module>
    mnemonic_sentence = main(sys.argv)
  File "C:\Users\user\Downloads\btcrecover-master\seedrecover.py", line 1210, in
 main
    loaded_wallet = btcr.load_wallet(wallet_filename)  # raises on failure; no s
econd chance
  File "C:\Users\user\Downloads\btcrecover-master\btcrecover.py", line 196, in l
oad_wallet
    return wallet_type.load_from_filename(wallet_filename)
  File "C:\Users\user\Downloads\btcrecover-master\seedrecover.py", line 956, in
load_from_filename
    wallet = json.load(wallet_file)
  File "C:\Python27\lib\json\__init__.py", line 290, in load
    **kw)
  File "C:\Python27\lib\json\__init__.py", line 338, in loads
    return _default_decoder.decode(s)
  File "C:\Python27\lib\json\decoder.py", line 369, in decode
    raise ValueError(errmsg("Extra data", s, end, len(s)))
ValueError: Extra data: line 46 column 1 - line 46 column 100 (char 2942 - 3041)


Press Enter to exit ...

How to fix it ? Thanks

[btchris]

ValueError: Extra data: line 46 column 1 - line 46 column 100 (char 2942 - 3041)

Press Enter to exit ...

How to fix it ? Thanks

Great, I'm glad you're closer...

It probably means that you're not loading an Electrum wallet file. If you created a text file yourself, can you please double-check that it looks like this:

Code:

{"seed": "hGt+sQGFlt7Dhgb3a1kHetNJmlxrMQrZ3D8mheYgVr79ZEGOZK1btAzv44QMwGQ2K+1a/1ct10abxrX56OtvFA==", "use_encryption": true}

It must have a { at the beginning and a } at the end, and it must use double-quotes, ", everywhere except for around the last word (true).

[user2015]

changed everything, now im getting this

Traceback (most recent call last):
  File "C:\Users\user\Downloads\btcrecover-master\seedrecover.py", line 1292, in
 <module>
    mnemonic_sentence = main(sys.argv)
  File "C:\Users\user\Downloads\btcrecover-master\seedrecover.py", line 1210, in
 main
    loaded_wallet = btcr.load_wallet(wallet_filename)  # raises on failure; no s
econd chance
  File "C:\Users\user\Downloads\btcrecover-master\btcrecover.py", line 196, in l
oad_wallet
    return wallet_type.load_from_filename(wallet_filename)
  File "C:\Users\user\Downloads\btcrecover-master\seedrecover.py", line 956, in
load_from_filename
    wallet = json.load(wallet_file)
  File "C:\Python27\lib\json\__init__.py", line 290, in load
    **kw)
  File "C:\Python27\lib\json\__init__.py", line 338, in loads
    return _default_decoder.decode(s)
  File "C:\Python27\lib\json\decoder.py", line 366, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "C:\Python27\lib\json\decoder.py", line 382, in raw_decode
    obj, end = self.scan_once(s, idx)
ValueError: Expecting property name: line 41 column 5 (char 2691)

Press Enter to exit ...

[btchris]

I completely missed something from your last post, sorry about that....

I've got two questions for you.

1. Are you trying to use this: (A) https://github.com/gurnec/decrypt_electrum_seed,
or this: (B) https://github.com/gurnec/btcrecover/blob/master/docs/Seedrecover_Quick_Start_Guide.md ?

2. Can you please post (or PM) your entire wallet file here, but (very important, of course) remove about half of anything that comes after seed or master_private_keys?

[user2015]

Im using B. Do you mean to remove half of the seed code and post it here ?

[btchris]

Im using B. Do you mean to remove half of the seed code and post it here ?

OK, I didn't realize that. seedrecover.py should be able to read an Electrum wallet file, but maybe there's a bug.

Two more questions for you....

1. So, seedrecover.py is for when you have an Electrum wallet file, and most of a seed (and you don't have the password), but the seed you have isn't quite right. Is that what you're trying to fix?

2. Do you think your password is pretty strong? If so, you can PM me your entire Electrum wallet file and remain safe, and I can try to figure out what the bug is. If your password isn't strong, giving me your wallet file would be dangerous for you....

[user2015]

I pm'ed u.