Pages:
Author

Topic: Can the encrypted wallet be recovered using the unencrypted? (Read 7332 times)

legendary
Activity: 1246
Merit: 1016
Strength in numbers
Why does the standard client always send the change to a new address?? It would make more sense to send the change back to one of the sending addresses.

Sending to a new address leaks the least privacy.  Also, there is no concept of a sending address in the bitcoin system.

Sending back to one of the input addresses could be an optional setting.
legendary
Activity: 1031
Merit: 1000
Something needs to be changed if I really can't get these coins back.  It is reasonable for me to think that if I have an unencrypted file, back it up, and then encrypt one of them, that I can derive the encrypted version from the unencrypted one if I know the password.  There should be a warning in there somewhere.  I am sick over losing this many coins.


As far as creating a safe and secure backup of private keys, what about (1) using an offline computer to create a wallet address via bitaddress.org's html/javascript then (2) placing the keys into a TrueCrypt volume and (3) transferring the TrueCrypt volume, or offline generated transaction, via USB to an online computer and backing up to multiple places like Dropbox, AWS, Google Drive, etc.

Here is the code to create offline wallets and generate offline transactions.

Is there a flaw in this procedure that I am not seeing?
kjj
legendary
Activity: 1302
Merit: 1026
Why does the standard client always send the change to a new address?? It would make more sense to send the change back to one of the sending addresses.

Sending to a new address leaks the least privacy.  Also, there is no concept of a sending address in the bitcoin system.
newbie
Activity: 14
Merit: 0
Why does the standard client always send the change to a new address?? It would make more sense to send the change back to one of the sending addresses.
kjj
legendary
Activity: 1302
Merit: 1026
Still a tiny chance of recovering the laptop.  The encrypted wallet is not on the flash drives.  In my mind at the time, I thought that encrypting the wallet was a repeatable process just like encrypting any other file, so I did not think to back it up again.
Yes the developers really screwed that one up. That's why bitcoin still deserves beta status.

https://github.com/bitcoin/bitcoin/issues/1884

Don't be too hard on the devs.  Wallet encryption has been around for like a year, and we are just now noticing this problem, which suggests that it is not obvious except in hindsight.
sr. member
Activity: 257
Merit: 250
Not trusting third parties with my private keys
yeah i checked that.  the computer had a logon password, and they didnt steal the charger, and it was constantly crashing and I had to boot it like 8 times to get it to load windows properly, so the thief would probably just wipe it.  Probably still recoverable if I get it back though.
legendary
Activity: 1092
Merit: 1016
760930
I do not believe I backed the encrypted wallet up on the flash drive.  If on some off chance I did, it is not showing up on the recovery tools.  Perhaps I will mess with this hex thing once I determine if I cannot recover the laptop

Have you tried to check your Dropbox access logs as I mentioned?
If you can't find them, let me know and I'll help you out.
sr. member
Activity: 257
Merit: 250
Not trusting third parties with my private keys
I do not believe I backed the encrypted wallet up on the flash drive.  If on some off chance I did, it is not showing up on the recovery tools.  Perhaps I will mess with this hex thing once I determine if I cannot recover the laptop
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
There are many laptop tracking software available. A commercial one is Lo Jack for computers. An open source one is Prey.

BUT, they have to be installed and activated prior to your laptop being stolen. (Works with desktops and smart phones too.)
donator
Activity: 994
Merit: 1000
Sorry, I should've emphasized today's update:

Still a tiny chance of recovering the laptop.  The encrypted wallet is not on the flash drives.  
Yes. That assumes the OP has done a deep scan. casascius implicitly asked the OP to confirm that.
legendary
Activity: 1092
Merit: 1016
760930
Sorry, I should've emphasized today's update:

Still a tiny chance of recovering the laptop.  The encrypted wallet is not on the flash drives.  
donator
Activity: 994
Merit: 1000
Errr.. Guys, read the OP (and subsequent posts) again. Your advice is good but unfortunately not relevant at this stage. Before any of that can happen, the laptop must be recovered from the thief.
https://bitcointalksearch.org/topic/m.1206155
legendary
Activity: 1092
Merit: 1016
760930
Errr.. Guys, read the OP (and subsequent posts) again. Your advice is good but unfortunately not relevant at this stage. Before any of that can happen, the laptop must be recovered from the thief.
donator
Activity: 994
Merit: 1000
My understanding is that an encrypted wallet is simply an unencrypted database with encrypted records in it.  I think the wallet file itself, the database overhead being unencrypted, could easily be found on a hard drive simply by scanning all disk sectors for unique string markers that are plenty easy to find with a tool like WinHex.
Exactly. https://bitcointalksearch.org/topic/m.1016998

I suppose the OP explored this option already. If not - I recommend reading the advice more carefully...

Ironically, I don't think the wallet file stores Bitcoin addresses in human-readable text form anywhere in the wallet.dat, even in an unencrypted wallet.  I believe it only stores the actual underlying public key and hash, which are just random-looking binary data.  So even if this wallet existed on the drive, if I'm right about this, the script wouldn't be able to find it.

You would, rather, be searching for strings that appear, such as "blockindex", "bestblock", "pool"... the most valuable record is "key", and surely there has got to be a few relatively static bytes that could be searched.
BTC addresses are stored in binary form. The referenced script works, since the tool grep searches for the supplied key in binary form. Try it out. Replace /dev/sdaX with your wallet file.
sr. member
Activity: 448
Merit: 254
I believe it only stores the actual underlying public key and hash, which are just random-looking binary data.

Maybe if he knows an address, he could search for that in hex?  (Going on the assumption there might be something to recover.)

I just pulled two addresses out of my wallet, one I received coins at and one I sent coins to; base58-decoded them into hex at brainwallet.org, and searched wallet.dat for them in a hex editor, found both in the clear in my encrypted wallet.  (This is pretty disconcerting, depending on what you were hoping an encrypted wallet would do for you.)

So, if you do this on a whole disk and find stuff, there's a good chance they're wallet fragments.  From there I guess you start looking for nearby markers like Casascius talked about.
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
My understanding is that an encrypted wallet is simply an unencrypted database with encrypted records in it.  I think the wallet file itself, the database overhead being unencrypted, could easily be found on a hard drive simply by scanning all disk sectors for unique string markers that are plenty easy to find with a tool like WinHex.
Exactly. https://bitcointalksearch.org/topic/m.1016998

I suppose the OP explored this option already. If not - I recommend reading the advice more carefully...

Ironically, I don't think the wallet file stores Bitcoin addresses in human-readable text form anywhere in the wallet.dat, even in an unencrypted wallet.  I believe it only stores the actual underlying public key and hash, which are just random-looking binary data.  So even if this wallet existed on the drive, if I'm right about this, the script wouldn't be able to find it.

You would, rather, be searching for strings that appear, such as "blockindex", "bestblock", "pool"... the most valuable record is "key", and surely there has got to be a few relatively static bytes that could be searched.
donator
Activity: 994
Merit: 1000
My understanding is that an encrypted wallet is simply an unencrypted database with encrypted records in it.  I think the wallet file itself, the database overhead being unencrypted, could easily be found on a hard drive simply by scanning all disk sectors for unique string markers that are plenty easy to find with a tool like WinHex.
Exactly. https://bitcointalksearch.org/topic/m.1016998

I suppose the OP explored this option already. If not - I recommend reading the advice more carefully...
vip
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
To answer the question as to whether the deleted encrypted wallet material is still on the drive, I think it should be deterministically possible to confirm it or rule it out with a simple disk scan with a hex editor.

My understanding is that an encrypted wallet is simply an unencrypted database with encrypted records in it.  I think the wallet file itself, the database overhead being unencrypted, could easily be found on a hard drive simply by scanning all disk sectors for unique string markers that are plenty easy to find with a tool like WinHex.

I don't have a computer with an encrypted wallet.dat handy, but I will bet I could find tons of strings in the file that would be highly likely to appear in every wallet.dat, and I am sure others can provide a suitable search string as well.
donator
Activity: 994
Merit: 1000
Still a tiny chance of recovering the laptop.  The encrypted wallet is not on the flash drives.  In my mind at the time, I thought that encrypting the wallet was a repeatable process just like encrypting any other file, so I did not think to back it up again.
Yes the developers really screwed that one up. That's why bitcoin still deserves beta status.
sr. member
Activity: 257
Merit: 250
Not trusting third parties with my private keys
Still a tiny chance of recovering the laptop.  The encrypted wallet is not on the flash drives.  In my mind at the time, I thought that encrypting the wallet was a repeatable process just like encrypting any other file, so I did not think to back it up again.
Pages:
Jump to: