Author

Topic: 2010 Wallet delivery and encryption "Treasure Hunt" (Read 344 times)

newbie
Activity: 20
Merit: 1
Tried the brain wallet, no outputs. don't believe that's the end of my story.

I realise the complexity of the process, I was really hoping that an old miner would put up his hand and admit to doing this in 2010.

Whilst playing his game, it inadvertently gave me 80+ similar but unique files... I am sure we will get there in the end, couple of coders taking a look, thanks to the forum, who knows really.

Appreciate your interest. thx
HCP
legendary
Activity: 2086
Merit: 4361
I assume you've tried basic things like just putting the 32char hex into something like BitAddress.org and seeing if it is a "brainwallet" password? Huh

But, as far as I'm aware, there have been no other wallets or systems that have used a similar method (SWF, images + hex values written as folder names etc) to "hide" private keys... in 2010, most people were playing with simple brainwallets and paper wallets... Undecided

I mean, the process could literally be almost anything at this point... like a SHA256 hash of the image file data... then flipped backwards etc.

Also, it could be some weird stenographic method hiding the actual key data in the image file bytes, as opposed to using the image data directly as the input to SHA256 etc... have you tried something like this: https://ctfs.github.io/resources/topics/steganography/file-in-image/README.html Huh
newbie
Activity: 20
Merit: 1
...and this, ladies and gentlemen, is why "security through obscurity" and attempting to do "clever things"™ when trying to secure your private keys is simply a "bad idea"™ Undecided

As unfortunate as it is for OP, I hope that this might help persuade people who think that doing things like re-arranging 12/24 word seeds, or substituting words or using some other "clever" process to try an obfuscate their private keys/seeds etc is just not a great plan.

It should hopefully also act as a cautionary tale about leaving coins in wallets that you did not create yourself and/or have not "tested" the backup/recovery process.


At the end of it I had data. one of which said DO_NOT_DELETE_72aXXXX a 32 bit hex key another an image of a playing card which I think was the image to remember from the game.
when you say "32 bit hex key"... do you mean 32 characters?


.... totally in agreement.... for what its worth, KISS! (keep it simple stupid), sorry yes 32 character hex!
HCP
legendary
Activity: 2086
Merit: 4361
...and this, ladies and gentlemen, is why "security through obscurity" and attempting to do "clever things"™ when trying to secure your private keys is simply a "bad idea"™ Undecided

As unfortunate as it is for OP, I hope that this might help persuade people who think that doing things like re-arranging 12/24 word seeds, or substituting words or using some other "clever" process to try an obfuscate their private keys/seeds etc is just not a great plan.

It should hopefully also act as a cautionary tale about leaving coins in wallets that you did not create yourself and/or have not "tested" the backup/recovery process.


At the end of it I had data. one of which said DO_NOT_DELETE_72aXXXX a 32 bit hex key another an image of a playing card which I think was the image to remember from the game.
when you say "32 bit hex key"... do you mean 32 characters?
newbie
Activity: 20
Merit: 1

Turns out that this is 98% of my challenge thanks but now to figure out which policy needs to be applied. In other words very close but no cigar!.
newbie
Activity: 20
Merit: 1
Are you saying that private keys are purposely hidden somewhere in the data, and them you paid for them knowing that you might not be able to find them or that they might not exist at all?

That makes little sense to me.

...sure and I would agree with you now, however, back in 2010 I was trading stocks, bitcoin was little more than an idealistic story. I spoke with a guy in the UK who sounded extremely knowledgeable, a cryptographer, a Bitcoin Miner, the right person!. He said he was a software developer who mined coins and was creating a new bitcoin exchange business. I asked if he could sell me some bitcoin to introduce me to the technology and processes, he gave me a url and I followed his instructions. At the end of it I had data. one of which said DO_NOT_DELETE_72aXXXX a 32 bit hex key another an image of a playing card which I think was the image to remember from the game.

I was busy and forgot about it all for a year, came back to it in 2011 with more time and a greater understanding of privkeys but couldn't derive my privkey or a wallet from these files.

NO BIG DEAL IN 2010-11. But 2021 and it is many 1000's of btc,  so sense would dictate to look at it again .

I had a bad first experience as did many.. I paid money and took a risk, everyone holding bitcoin takes the same journey! keys or not, sense or not its now a fun challenge to solve .

I need cryptographers not agony aunts!
legendary
Activity: 4466
Merit: 3391
Are you saying that private keys are purposely hidden somewhere in the data, and them you paid for them knowing that you might not be able to find them or that they might not exist at all?

That makes little sense to me.
newbie
Activity: 20
Merit: 1
back in the days, i remember playing around with those swf's... IIRC, there used to be tools to decompile them and look at the sourcecode? Maybe you can find a hint therein?

We took the .swf apart and nothing to say about it. But would be very interested in any standard tools which may have been around in 2010?? tools to translate an imagefile and a 32bit hex word into a privkey Wink
newbie
Activity: 20
Merit: 1
Anyone got any experience of this? can you offer any clues? do you recognise this or sell me these files?? I would now like to open the wallet lol!
https://www.dropbox.com/s/4pgfaa9gmnk2kn2/Screenshot%202021-02-22%2010.45.50.png?dl=0
https://www.dropbox.com/s/vickqz8f2kvtlj9/Screenshot%202021-02-22%2010.57.00.png?dl=0

Shockwave is an animation system that can be used to make simple interactive 2D games. A SWF contains the program. There is nothing in either of those two folders that look like they might even be remotely related to bitcoin.

A bitcoin wallet is usually stored in a file called wallet.dat in a folder that typically contains the following files and folders:

anchors.dat
banlist.dat
bitcoin.conf
blocks
chainstate
db.log
debug.log
fee_estimates.dat
mempool.dat
peers.dat
settings.json
wallet.dat

It looks like your folder has those along with other unrelated stuff.



... this flash file was the interface to obtain the "files" from which I understood that I should have been able to obtain private keys. Researching this more I am certain that image24.png is used as  a hex checksum or is hashed SOMEHOW with a 32 bit key to derive the  privkey. I have been testing and get results! (opening two other users wallets!!) but not the private keys I am after. I just don't know exactly what standard was applied to the process here, Hash the image, passphrase as a salt, hash the passphrase, single hash, double hash whos to know...? thx for the comments, its a privkey I am after here... certain of it.
newbie
Activity: 20
Merit: 1
It's first time i hear people actually obfuscate or/and encrypted wallet inside video game. Assuming it's not fake/hoax, i suspect it uses non-standard obsfucation, encryption or private key representation.

 ...Totally agree but this was May 2010 when lots of experimentation was taking place ...

I know there are few standard for wallet on early days of Bitcoin, but IMO hiding it on video game is still unusual.

But I think the bigger question here is what kind of wallet it is? All wallet softwares put a special sequence of bytes at the beginning of the wallet file that uniquely identifies its type (the so-called Magic Bytes).

Install a hex editor such as HxD (and make a copy of the extracted wallet file because HxD allows you to unintentionally edit and save the file just by typing keys on the keyboard!) and open the wallet file with it, look at the first 10 or so bytes and see if they match any of the defined magic bytes.

Shouldn't OP look for magic bytes used by bitcoin (such as 62 31 05 00 09 00 00 00) ?

Source : https://bitcoin.stackexchange.com/questions/41447/filesystem-is-corrupt-how-to-find-wallet-dat

...Appreciate that, will certainly take a deeper dive for the magic bytes, but feel we are looking for hidden private keys..
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
back in the days, i remember playing around with those swf's... IIRC, there used to be tools to decompile them and look at the sourcecode? Maybe you can find a hint therein?

There's a list of free and paid SWF decompilers nicely aggregated on a single page: http://bruce-lab.blogspot.com/2010/08/freeswfdecompilers.html?m=1

There's also a stack overflow question about it with more tools at https://stackoverflow.com/questions/97018/how-do-you-decompile-a-swf-file

Some more stuff I found from a google search:

https://www.flash-decompiler.com/
https://github.com/jindrapetrik/jpexs-decompiler



But I think the bigger question here is what kind of wallet it is? All wallet softwares put a special sequence of bytes at the beginning of the wallet file that uniquely identifies its type (the so-called Magic Bytes).

Install a hex editor such as HxD (and make a copy of the extracted wallet file because HxD allows you to unintentionally edit and save the file just by typing keys on the keyboard!) and open the wallet file with it, look at the first 10 or so bytes and see if they match any of the defined magic bytes.
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
back in the days, i remember playing around with those swf's... IIRC, there used to be tools to decompile them and look at the sourcecode? Maybe you can find a hint therein?
legendary
Activity: 4466
Merit: 3391
Anyone got any experience of this? can you offer any clues? do you recognise this or sell me these files?? I would now like to open the wallet lol!
https://www.dropbox.com/s/4pgfaa9gmnk2kn2/Screenshot%202021-02-22%2010.45.50.png?dl=0
https://www.dropbox.com/s/vickqz8f2kvtlj9/Screenshot%202021-02-22%2010.57.00.png?dl=0

Shockwave is an animation system that can be used to make simple interactive 2D games. A SWF contains the program. There is nothing in either of those two folders that look like they might even be remotely related to bitcoin.

A bitcoin wallet is usually stored in a file called wallet.dat in a folder that typically contains the following files and folders:

anchors.dat
banlist.dat
bitcoin.conf
blocks
chainstate
db.log
debug.log
fee_estimates.dat
mempool.dat
peers.dat
settings.json
wallet.dat

It looks like your folder has those along with other unrelated stuff.
newbie
Activity: 20
Merit: 1
If you do not have sole control of the private keys, then it is reasonable to assume that you were never in control of any Bitcoins at any point in time.

I don't see the point of the "miner" selling you the wallet without giving you any directions to retrieve it. What did you mean by Blockchain says otherwise? Did he give you an address or something?

... a valid point, but I have reason to believe this wasn't the intention of the seller/ miner and evidence on the blockchain points me to a software issue in 2011 which caused the loss of access for the developer to a significant haul of unsold btc which our transaction leads directly back to..  I feel that I do have the keys , just can't identify them!
newbie
Activity: 20
Merit: 1
It's first time i hear people actually obfuscate or/and encrypted wallet inside video game. Assuming it's not fake/hoax, i suspect it uses non-standard obsfucation, encryption or private key representation.

 ...Totally agree but this was May 2010 when lots of experimentation was taking place ...
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
If you do not have sole control of the private keys, then it is reasonable to assume that you were never in control of any Bitcoins at any point in time.

I don't see the point of the "miner" selling you the wallet without giving you any directions to retrieve it. What did you mean by Blockchain says otherwise? Did he give you an address or something?
newbie
Activity: 20
Merit: 1
Anyone got experience with wallets supplied to the customer contained in swf game files?

I purchased btc from a miner in May 2010, he provided an online game login to retrieve the wallet/s.

Instead of getting a simple privkey I ended up with a folder of game files which appear to be encrypted. These have sat in a folder on my PC for 11 years, I thought it might have been a hoax except the blockchain suggests otherwise. The swf file runs a simple image which does nothing, perhaps it used to contact a server but now nought.

The miner was a UK developer, I have lost all contact details.

One folder has a 32bit key title, The images seem to linked to a gozp.dat file but this won't open in either QT nor Electrum when renamed to wallet.dat. A weird .png image exists which seems to have a long hash key inside it... it's confusing.

Anyone got any experience of this? can you offer any clues? do you recognise this or sell me these files?? I would now like to open the wallet lol!

https://www.dropbox.com/s/4pgfaa9gmnk2kn2/Screenshot%202021-02-22%2010.45.50.png?dl=0

https://www.dropbox.com/s/vickqz8f2kvtlj9/Screenshot%202021-02-22%2010.57.00.png?dl=0

Jump to: