Pages:
Author

Topic: Create a seed from a selection of words (Read 1186 times)

legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
July 31, 2023, 06:55:24 AM
#82
Note: Win 11, I meant the desktop where all icons are like MyPc, ControlPanel, RecycleBin.
Now this info helps a lot.
In Windows, you have two ways to use the command:
  • 1. If pylauncher is selected when you installed Python, you can directly use "python" command in your Command Prompt or PowerShell
  • 2. You can also go to python's install location where python.exe is located, use that as your working directory and launch that executable to use the command.

-snip-
I think I correctly installed the required software but my problem was with the command as I didn't had enough knowledge in command line.
Any specific error when trying o_e_l_e_o's command?

I've added a heads-up because of my own tests in Windows, btcrecover and certain versions of python that couldn't compile a mandatory requirement for using seedrecover on ETH seed phrase.
Depending on your set-up and installed requirements, you may encounter that error.

First, can you test if python is installed correctly in your system?
Since it's on Windows, try to enter this command in your command prompt and see it it'll return with the installed version:
Code:
python -V
In the latest version, it should be like this (but has compatibility issue with seedrecover):
Code:
py -V

If nothing works, you need to do option2 which requires absolute paths.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
(suppose the seed.txt file is in desktop then what will be the path? [ ./PATH/TO/YOUR/FILE.txt ] < Confused with this  )

The easiest thing to do will be to put the file in the same directory as you extracted btcrecover to, then your path will simply be ./FILENAME.txt

Thanks brother I finally understood this. I will put the seed.txt in btcrecover folder.

Note: Win 11, I meant the desktop where all icons are like MyPc, ControlPanel, RecycleBin.
legendary
Activity: 2268
Merit: 18711
(suppose the seed.txt file is in desktop then what will be the path? [ ./PATH/TO/YOUR/FILE.txt ] < Confused with this  )
Well, it depends on if you are talking about the desktop of your computer or the desktop of your virtual machine, what OS you are running, what your account name is, and so on. Try finding the file in a file explorer and your OS might tell you path somewhere near the top of that window.

The easiest thing to do will be to put the file in the same directory as you extracted btcrecover to, then your path will simply be ./FILENAME.txt
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
If you came across some issue with specific requirements for ETH, try python 3.10.
Then install the dependencies via requirements-full.txt file again.

Also, the other possible derivation paths are listed inside btcrecover directory: ./derivationpath-lists/ETH.txt
If you exclude the --bip32-path arg, seedrecover.py will prompt you to select the correct derivation path and if you choose Ethereum, it'll automatically use the uncommented paths in that file.

I think I correctly installed the required software but my problem was with the command as I didn't had enough knowledge in command line. Also I didn't knew what derivation path was or how the path works (suppose the seed.txt file is in desktop then what will be the path? [ ./PATH/TO/YOUR/FILE.txt ] < Confused with this  )

Edit: All I know I Have the 12 seed words, but they were totally out of order, no seed word is missing and the wallet was ERC-20.
legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
Edit: I think I almost got it, I'll try to run the program now. Thank you for your valuable time.
If you came across some issue with specific requirements for ETH, try python 3.10.
Then install the dependencies via requirements-full.txt file again.

Also, the other possible derivation paths are listed inside btcrecover directory: ./derivationpath-lists/ETH.txt
If you exclude the --bip32-path arg, seedrecover.py will prompt you to select the correct derivation path and if you choose Ethereum, it'll automatically use the uncommented paths in that file.
legendary
Activity: 2268
Merit: 18711
-snip-
Ahh, I misunderstood your previous post. I thought you were saying the first unhardened 0 referred to your first receiving address, rather than referring to the category of external/receiving addresses.

I also do not use ETH, but you are right in saying it does not use change addresses, so I also wouldn't expect to see 1 at the change level unless someone did that manually or the wallet software was bugged or flawed.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
Maybe I was not accurate enough:
I'm aware that ETH wallets use derivation paths up to address index level, should be standard, including the receive_or_external/internal derivation level, ie. m/44'/60'/0'/0/0 (as you point out) for ETH, first account, receive or external address type, first (receive or external) address.

Short legend: m/{purpose}'/{coin type}'/{account index}'/{external | internal}/{address index}

I'm not so fluent with ETH, but it would surprise me to see an address derivation like m/44'/60'/0'/1/n (n being some address index between 0...231-1 (unhardened)) as to my limited knowledge about ETH I see no reason that an ETH wallet needs "internal" addresses like BTC wallets use them for the change coin return which is required due to the UTXO transaction model of BTC.


The reason we don't specify the full derivation path here is because btcrecover will start deriving addresses on top of whatever we specify.

So if we specify m/60'/44'/0'/0, and give it an address limit of 1 as I did, then it will check the address at m/44'/60'/0'/0/0.
If we specify m/60'/44'/0'/0 and give it an address limit of 10, then it would check between m/44'/60'/0'/0/0 and m/44'/60'/0'/0/9.
It's good to point this out for the less experienced users! As I have already worked with btcrecover, I know that.
legendary
Activity: 2268
Merit: 18711
Coin type 60' indicates ETH, the following 0' indicates first/standard account, the next 0 indicates receiving addresses (ETH normally doesn't use internal change addresses as it's not UTXO based like BTC)
That's not right. Ethereum does indeed use the change level of the derivation path, and for most wallets, the first Ethereum address will be at m/44'/60'/0'/0/0. The reason we don't specify the full derivation path here is because btcrecover will start deriving addresses on top of whatever we specify.

So if we specify m/60'/44'/0'/0, and give it an address limit of 1 as I did, then it will check the address at m/44'/60'/0'/0/0.
If we specify m/60'/44'/0'/0 and give it an address limit of 10, then it would check between m/44'/60'/0'/0/0 and m/44'/60'/0'/0/9.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN

You'll need to insert your address and the path to the file you just created above in the relevant places.

My seed.txt file is in desktop, then what will be the path?
I know I am really stupid to ask this.

Edit: I think I almost got it, I'll try to run the program now. Thank you for your valuable time.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
And I don't know the derivation path of this address because I am unfamiliar with this term "Derivation Path" .

Regarding the topic "derivation path" to get a better understanding, I recommend to take a look here: https://learnmeabitcoin.com/technical/derivation-paths (of course you can have a look into BIP-32 but that is a quite technical read)

o_e_l_e_o's instructions are quite spot on but it will only work if the derivation path for ethereum is standard like what he put on the command line for it: m/44'/60'/0'/0 (the single tick marks ' are there for a purpose, don't mess this up).
Coin type 60' indicates ETH, the following 0' indicates first/standard account, the next 0 indicates receiving addresses (ETH normally doesn't use internal change addresses as it's not UTXO based like BTC)
legendary
Activity: 2268
Merit: 18711
Well, let's assume it was generated using the standard Ethereum derivation path.

First of all create a plain text .txt file with one of each of the twelve words per line. So, like this:

Code:
one
two
three
four
five
six
seven
eight
nine
ten
eleven
twelve

Save the file somewhere easy to find.

You'll then want to run the following command:

Code:
python seedrecover.py --no-eta --no-dupchecks --mnemonic-length 12 --language EN --dsw --wallet-type ethereum --addr-limit 1 --addrs YOURADDRESSHERE --tokenlist ./PATH/TO/YOUR/FILE.txt --bip32-path "m/44'/60'/0'/0"

You'll need to insert your address and the path to the file you just created above in the relevant places.
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
Now what command do I have to input. Thanks in advance.


I see you've edited to say the address you have is an ERC20 address. So again, which wallet was used to create this address? Do you know the derivation path of this address?

The seeds were part of a puzzle competition. I cracked it but I don't know how or what wallet was used. And I don't know the derivation path of this address because I am unfamiliar with this term "Derivation Path" .
legendary
Activity: 2268
Merit: 18711
Now what command do I have to input. Thanks in advance.
I need some more information first. Please can you answer each of the following questions:

Is the address you have a bitcoin address?
Is it legacy (1), nested segwit (3), or native segwit (bc1)?
Which wallet was used to generate the seed phrase? (Alternatively, is the seed phrase BIP39 or Electrum?)
Do you know if you have used non-standard derivation paths or more than one account? (If you don't know what this means, then the answer is probably no.)

Edit:

I see you've edited to say the address you have is an ERC20 address. So again, which wallet was used to create this address? Do you know the derivation path of this address?
sr. member
Activity: 322
Merit: 318
The Alliance Of Bitcointalk Translators - ENG>BAN
A 12-word phrase will take a very long time.
If you know all 12 words, then btcrecover could descramble this in a matter of hours even with modest hardware, or much faster with good hardware. See: https://btcrecover.readthedocs.io/en/latest/Usage_Examples/2020-05-02_Descrambling_a_12_word_seed/Example_Descrambling_a_12_word_seed/

However, since OP is talking about 24 words, descrambling this is already impossible. Add in an unknown word and it becomes 2048 times more impossible. Tongue

Hello sir.

I know all 12 seed words but i don't know their order.
And I also have the address(ERC20). I tried the software you mentioned. But I have less knowledge in command line interface and etc. And his youtube guides are bit hard to understand for me as I am a newbie. So would you be kind enough to enlighten me. I have successfully installed the required software in a virtual machine.

Now suppose my 12 seed are: one two three four five six seven eight nine ten eleven twelve

Now what command do I have to input. Thanks in advance.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
i also think you can do a new wallet from time to time but it also can be unsafe if you think there is a possibility, someone get the same phrase like you. there is a bigger possibility to get hacked if you use a hotwallet or a web3 wallet and infect it with ransomware. use a 24seed and make it as cold wallet. if you want to use the bitcoin for other stuff like collecting it, you can make a second wallet and use it as hot wallet.

It won't happen during the lifetime of our solar system or even beyond (estimated), unless the RNG is severly flawed. Not for a 128-bit secret, beyond comprehension less for a 256-bit secret. The probability is in theory not equal to zero, but I'd say in practice it is basically zero.

Unless you do something stupid (and there's a lot of that possible) there's no need to move funds on some regular schedule into new wallets. You ruin any pseudonymity of your UTXOs with such moves. Unnecessary dangers. You would burden yourself with a lot of unnecessary safekeeping (remember, you shouldn't completely delete old wallets as you might receive funds on old addresses by accident or from someone who got some old addresses in the past). Then always have to renew your redundant storage for every new wallet iteration? No, thanks.

Simply use decent hardware wallets or a hot watch-only wallet with a proper cold wallet for the precious private keys.

When a wallet is created, first there's a as random as possible secret, most commonly 128 bit long (represented by 12 recovery words) or 256 bit long integer (represented by 24 recovery words). The software doesn't pick somehow first the recovery words. The software (be it a software or hardware wallet) first generates a long random integer which is encoded in human readable and easy storable recovery words. Not the other way round.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
At least one can create a new wallet and transfer coins every year but logically and mathematically, absolutely everyone is safe.
You should certainly transfer everything to a new wallet if you have any concerns about your seed phrase being leaked or the security of your back ups, but such a transfer is meaningless when it comes to brute forcing, which does not need to be protected against in the first place.
Yes, that's what I meant in the first place, it's meaningless to be afraid of 12 or 24 word seed. But as I see, out of no reason, people are afraid that since the 2048 word list is publicly available, their wallets may be bruteforced. I know, there is just no way for that to happen but as you see, people even think about their own word list for 'safety' over publicly available one. So, these people aren't going to stop. In this case, I think it's better if meaninglessly super paranoid people create a new wallet from time to time and transfer coins compared to the idea of using your own word list or manually creating a seed phrase.


i also think you can do a new wallet from time to time but it also can be unsafe if you think there is a possibility, someone get the same phrase like you.
What does it mean if someone get the same phrase like you? There is no way that someone will generate the same seed phrases in the same order as I generated becuase there are 2048 words in the list and there is simply no way for that accident to happen.
jr. member
Activity: 35
Merit: 2
Keep in mind that security of revealed 24 words out of order is still not as high as security of a private key because you are revealing your entropy and 620,448,401,733,239,439,360,000 is 6e+23 whereas security of a bitcoin private key is 2128=3e+38.
I think one can feel secure till death or even after.

The normal user generates in his life maybe 10 addresses and not always the sum times the number of people who live in 100 years make it very unlikely.
Let's say all 8 billion people on the planet all generate 1,000 new addresses every second for the next 5 billion years non stop. After 5 billion years we will only have generated 0.00000000000000009% of all possible addresses.
This is so right! And I don't really understand why do some people think that because 2048 word list is public, it will be dangerous and unsafe, I just can't figure it out because they can mathematically prove that the probability of someone bruteforcing their wallet with positive result is so low that we can confidently say that it will never happen. At least one can create a new wallet and transfer coins every year but logically and mathematically, absolutely everyone is safe.

I really pray that one day people will never look for alternative methods of generating bitcoin seeds.

i also think you can do a new wallet from time to time but it also can be unsafe if you think there is a possibility, someone get the same phrase like you. there is a bigger possibility to get hacked if you use a hotwallet or a web3 wallet and infect it with ransomware. use a 24seed and make it as cold wallet. if you want to use the bitcoin for other stuff like collecting it, you can make a second wallet and use it as hot wallet.
legendary
Activity: 2268
Merit: 18711
Is proper randomization possible by proper randomization I mean true random phrase generation
Yes, it is possible to generate truly random numbers. Whether or not your seed phrase was generated using a truly random number or a pseudorandom number depends on the method in which you generated it.

https://en.wikipedia.org/wiki/Hardware_random_number_generator

At least one can create a new wallet and transfer coins every year but logically and mathematically, absolutely everyone is safe.
You should certainly transfer everything to a new wallet if you have any concerns about your seed phrase being leaked or the security of your back ups, but such a transfer is meaningless when it comes to brute forcing, which does not need to be protected against in the first place.

hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
Keep in mind that security of revealed 24 words out of order is still not as high as security of a private key because you are revealing your entropy and 620,448,401,733,239,439,360,000 is 6e+23 whereas security of a bitcoin private key is 2128=3e+38.
I think one can feel secure till death or even after.

The normal user generates in his life maybe 10 addresses and not always the sum times the number of people who live in 100 years make it very unlikely.
Let's say all 8 billion people on the planet all generate 1,000 new addresses every second for the next 5 billion years non stop. After 5 billion years we will only have generated 0.00000000000000009% of all possible addresses.
This is so right! And I don't really understand why do some people think that because 2048 word list is public, it will be dangerous and unsafe, I just can't figure it out because they can mathematically prove that the probability of someone bruteforcing their wallet with positive result is so low that we can confidently say that it will never happen. At least one can create a new wallet and transfer coins every year but logically and mathematically, absolutely everyone is safe.

I really pray that one day people will never look for alternative methods of generating bitcoin seeds.
member
Activity: 115
Merit: 69
Why would you want that? It's much less secure if you don't use a proper random.

Is proper randomization possible by proper randomization I mean true random phrase generation, I am asking this because, in most encryptions, we use pseudo randomization which is like randomization but cant generate real random phrases.
Pages:
Jump to: