BTCRecover seed phrase recovery securely in the cloud?

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: PawGo on March 28, 2022, 07:32:22 AM

Quote from: ABCbits on March 28, 2022, 04:50:26 AM

It's true, btcrecover have single core bootleneck[1]. But instance on vast.ai usually use high-end CPU so it's less likely you hit the bottleneck if you only use 1 GPU. The documentation itself only mention bottleneck on multi-GPU setup[2]

I do not know how well it works, but if you rent on vast.ai and you plan to heavily use CPU, see if you rent all the cores or only some of them.
Sometimes machines with several GPUs are listen more than twice - for example server with 4 GPUs may be offered as a 4GPU and then all the cores or 4 x 1 GPU with 1/4 number of cores. And then performance may be lower, comparing to dedicated machine with 1 GPU installed only.

I just checked vast.ai again and it's true there are instance where only few cores available. However, BIP39 12 Word Seed have big speed boost if you use GPU[1] and most instance i've seen offer at least 4 cores. It shouldn't be big concern unless you wish to use both CPU and GPU with some testing to reduce search time as much as possible.

[1] https://btcrecover.readthedocs.io/en/latest/GPU_Acceleration/#performance-notes

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: PrimeNumber7 on March 27, 2022, 04:00:00 PM

Quote from: ?? on ??

--snip--

A better GPU is not necessarily going to result in more efficient searching because of CPU bottlenecking.

It's true, btcrecover have single core bootleneck[1]. But instance on vast.ai usually use high-end CPU so it's less likely you hit the bottleneck if you only use 1 GPU. The documentation itself only mention bottleneck on multi-GPU setup[2]

Quote from: PrimeNumber7 on March 27, 2022, 04:00:00 PM

Due to the large investment required to find the seed the OP is looking for, I am hesitant to recommend he pursue this (even while overlooking the security issues) due to the risk that the OP made a mistake regarding the list of remaining words.

I agree, even my assumption is based on OP doesn't make any additional mistake.

[1] https://github.com/3rdIteration/btcrecover/issues/184#issuecomment-843130049
[2] https://btcrecover.readthedocs.io/en/latest/Usage_Examples/2020-10-06_Multi-GPU_with_vastai/Example_Multi-GPU_with_vastai/#background

HCP

legendary

Activity: 2086

Merit: 4361

Quote from: Prof-Meowington on March 18, 2022, 03:14:42 PM

is there some way to securely run BTCRecover seed phrase recovery on cloud rigs, like vast.io?

The short answer (ignoring all the performance/cost issues is), is "No, it is not secure". You're putting data on the cloud... the security related issues with this should be obvious Wink

PawGo

legendary

Activity: 952

Merit: 1385

Quote from: ABCbits on March 28, 2022, 04:50:26 AM

It's true, btcrecover have single core bootleneck[1]. But instance on vast.ai usually use high-end CPU so it's less likely you hit the bottleneck if you only use 1 GPU. The documentation itself only mention bottleneck on multi-GPU setup[2]

I do not know how well it works, but if you rent on vast.ai and you plan to heavily use CPU, see if you rent all the cores or only some of them.
Sometimes machines with several GPUs are listen more than twice - for example server with 4 GPUs may be offered as a 4GPU and then all the cores or 4 x 1 GPU with 1/4 number of cores. And then performance may be lower, comparing to dedicated machine with 1 GPU installed only.

PrimeNumber7

copper member

Activity: 1652

Merit: 1901

Amazon Prime Member #7

Quote from: ?? on ??

Quote from: PawGo on March 19, 2022, 07:56:20 AM

Quote from: ?? on ??

The number could be lower since AFAIK btcrecover ignore invalid checksum.

It is still a lot. Probably that's why noone solved yet 10ETH challenge (https://bitcointalksearch.org/topic/10eth-challenge-ethereum-parabolic-move-bitcoin-generator-portfolio-update-5225392) - if it is real of course.

Code:

50^9 / 2^4 / (134 000 * 2.99) / 3600 / 24 = 3526.3 days

Yes, but i find 16 times reduction (since 12 words seed has 4 bit checksum) worth mentioning. And looking at btcrecover, 100K/s seems to be low approximation since Nvidia 1660 Ti have 134K/s[1]. And since service like vast.ai only offer high end GPU such as RTX 3080 Ti (which is 299% faster than 1660 Ti), the search time should be lower.

Code:

3526.3 * 24 * 0.301 = $25473.99

On vast.ai, cost of single RTX 3080 Ti is $0.301/hour and it costs about $25473.99. So it should be viable if OP roughly have more than 0.5 BTC. Take note that,
1. Additional benchmark is needed since it's just theoretical number.
2. Since vast.ai also offer decent CPU, you could use it for small boost.
3. Assuming 50 words chosen by OP is correct.

[1] https://btcrecover.readthedocs.io/en/latest/GPU_Acceleration/#performance-notes
[2] https://www.techpowerup.com/gpu-specs/geforce-gtx-1660-ti.c3364
[3] https://vast.ai/console/create/, instance ID 3279060

A better GPU is not necessarily going to result in more efficient searching because of CPU bottlenecking.

Due to the large investment required to find the seed the OP is looking for, I am hesitant to recommend he pursue this (even while overlooking the security issues) due to the risk that the OP made a mistake regarding the list of remaining words.

Regarding the security issue specifically. It does not appear vast.ai is targeting crypto users, and their target market appears to be those wishing to train machine learning models. This means the host is unlikely to be watching and waiting for you to find a private key/seed. So you should have time to move any coin that can be spent using the private keys derived by the seed. With that being said, using any cloud computing service to find a seed means your seed has been on a computer that was exposed to the internet, more specifically on a computer you do not have full control over. It would be best to move any coin to an address derived from a freshly generated seed if you can bruteforce the seed.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Prof-Meowington on March 18, 2022, 03:14:42 PM

I have a list of nearly 50 words. I have a rough idea which words *could* be part of the seed, and which are *probably* not part of it, but I'm not sure so it's really just guesswork.

Did you look at all 2048 words and tried to remember which ones might be part of your seed? If so, then the slightest mistake means one of the words you need isn't even in the list of 50, and you'll never find it.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

You can certainly try on vast.ai, but apart from the obvious security implications the btcrecover documentation suggests that this might not be as fast as you are hoping:

Quote from: https://btcrecover.readthedocs.io/en/latest/Usage_Examples/2020-10-06_Multi-GPU_with_vastai/Example_Multi-GPU_with_vastai/

This process is not secure for seed recovery, BIP39 seed recovery or where you upload the wallet file to the cloud server... At this time, BIP39 seed recovery also bottleknecks badly on CPU, so will see little benefit from this approach...

As PawGo has pointed out, though, even if you can rent vast.ai this is too much work. You will need to either fix the position of a few more words or narrow down the list of 50 words to choose from.

I'm curious as to how you even ended up in this situation to begin with. How did you back up your seed in the first place?

PawGo

legendary

Activity: 952

Merit: 1385

Quote from: ?? on ??

Quote from: PawGo on March 18, 2022, 03:30:44 PM

Code:

50^9 / 100000 /3600/24 =226056 days

Assuming you may get 100k/s

The number could be lower since AFAIK btcrecover ignore invalid checksum.

It is still a lot. Probably that's why noone solved yet 10ETH challenge (https://bitcointalksearch.org/topic/10eth-challenge-ethereum-parabolic-move-bitcoin-generator-portfolio-update-5225392) - if it is real of course.

PawGo

legendary

Activity: 952

Merit: 1385

Code:

50^9 / 100000 /3600/24 =226056 days

Assuming you may get 100k/s
Speed may depend if you look for btc address or eth.
Maybe it will be slower, maybe faster, but you see what is the more or less expected work to do. It is not a matter of 2 hours.

Answering your questions:
- I think vast instances are isolated, but maybe I am wrong.
- of course the more words you have, the better. Or limit list of possible words.

Prof-Meowington

newbie

Activity: 5

Merit: 14

Hello everyone,

is there some way to securely run BTCRecover seed phrase recovery on cloud rigs, like vast.io? I know it's not recommended because the host can take the seed phrase for themselves, if found.

What I would like to do is recover a 12 word seed phrase where I know the first 3 words, for the remaining words I have a list of nearly 50 words. I have a rough idea which words *could* be part of the seed, and which are *probably* not part of it, but I'm not sure so it's really just guesswork. Is this even doable, if yes, how long would it take? Or would I need to know more of the words, like 4-5? Obviously my PC is nowhere near powerful enough for this.

Topic: BTCRecover seed phrase recovery securely in the cloud? (Read 206 times)