Author

Topic: decryption of wallet (Read 818 times)

legendary
Activity: 2268
Merit: 18771
October 22, 2022, 03:33:16 AM
#54
I thought the cloning could have an effect the Bitcoins.
It doesn't work like this.

The bitcoin themselves are never "in" your wallet or "on" your computer. The bitcoin never leave the blockchain. All that your wallet stores are the private keys necessary to allow you to tell the network how you want to spend or move those bitcoin. If you copy your wallet file, then you will have two wallet files containing the same private keys which will both have access to the same bitcoin on the blockchain, but the bitcoin themselves are not cloned.

Think of it like if an attacker cloned your bank card. Both the original and the clone can spend the same money from the same account, but the actual money in your account is not cloned.
newbie
Activity: 13
Merit: 0
October 21, 2022, 03:33:50 PM
#53
Hello guys, I'm a newbie. I'll love to know if it can be possible to rewrite the program of a Bitcoin wallet application software that has bitcoins in it?
Thanks

Please explain. What do you mean by "rewrite the program"?

If you have some programming skill, then it is possible to "rewrite" Bitcoin Core source code and make a clone of the program that can do everything that original program does and more. But there is no real benefit to doing so, because nobody will care about your clone. What exactly do you want to achieve?

By the way, bitcoins are not in the program but on the blockchain.


Thank you stalker22, that's the answer I needed. I thought the cloning could have an effect the Bitcoins. There's no telling what hackers and scammers are capable of.
legendary
Activity: 1526
Merit: 1359
October 21, 2022, 03:16:48 PM
#52
Hello guys, I'm a newbie. I'll love to know if it can be possible to rewrite the program of a Bitcoin wallet application software that has bitcoins in it?
Thanks

Please explain. What do you mean by "rewrite the program"?

If you have some programming skill, then it is possible to "rewrite" Bitcoin Core source code and make a clone of the program that can do everything that original program does and more. But there is no real benefit to doing so, because nobody will care about your clone. What exactly do you want to achieve?

By the way, bitcoins are not in the program but on the blockchain.
newbie
Activity: 13
Merit: 0
October 21, 2022, 02:16:05 PM
#51
Hello guys, I'm a newbie. I'll love to know if it can be possible to rewrite the program of a Bitcoin wallet application software that has bitcoins in it?
Thanks
legendary
Activity: 2268
Merit: 18771
October 15, 2022, 02:38:42 AM
#50
maybe but maybe it just means its not a proven scam. not 100%.
There are literally millions of sites out there which are 100% scams. Not just in bitcoin, but in general. Malicious clones of exchanges, platforms, mixers, wallets, shops, etc. MLM schemes. Fake charities, casinos, lotteries, marketplaces, etc. Fake investment companies. Fake employment companies. Fake companies in general. The list is endless.

You can report these sites if you want, but what incentive do web hosts have to take down these sites? Scammers pay them, and they don't take a hit to their reputation by continuing to host scammers because almost nobody even bothers to find out who is hosting these scams in the first place. Register themselves to the Seychelles or similar and they can pretty much do what they like. And even if you succeed in taking down a scam site, it will be re-hosted at a different address within hours.
hero member
Activity: 924
Merit: 5943
not your keys, not your coins!
October 13, 2022, 07:42:48 PM
#49
Hard-core CLI transaction creation? I think you're right, there's not much of a market for that.
I was picturing a very minimal GUI, as presumably most people who are able to navigate CLI transaction creation from scratch would also be able to read code well enough to vet a wallet like Electrum.
I do like and support this idea! My main question would be how to handle the cryptography. Use existing ('tried & tested') crypto-libraries that have been around forever and avoid relatively hard to verify (the whole purpose of the project) code segments completely or attempt rewriting just the parts of the cryptography that are required, but make the code less trivial to understand and verify, thus allowing to verify the whole, compact, codebase, but making it a bit larger and a bit harder to understand in the process?
sr. member
Activity: 1190
Merit: 469
October 11, 2022, 08:21:42 PM
#48

Seriously tho, it's actually really difficult to get scam sites taken down a lot of the time... even 100% proven scams. Based on personal experience, about the only recourse you have is to complain to the DNS provider and/or webhost and hope that their complaints/abuse team care enough to do something about it Undecided

maybe but maybe it just means its not a proven scam. not 100%. you can't just go taking sites off line because you THINK they are a scam. and if you can't prove it then all you really got is anecdotal stories. not saying there isn't something to them but i think almost every software for bitcoin has some people that lose funds due to something they can't explain. some things have more complaints then others but does that mean some of them are scam and some arent?

now with that said, would i use some software to generate addresses that was not open source that had complaints about people saying they lost their funds? probably not.
HCP
legendary
Activity: 2086
Merit: 4363
October 11, 2022, 07:50:11 PM
#47
 
they can't allow a provable scam to continue operating and stealing peoples' money.
You must be new to the internet Tongue

Seriously tho, it's actually really difficult to get scam sites taken down a lot of the time... even 100% proven scams. Based on personal experience, about the only recourse you have is to complain to the DNS provider and/or webhost and hope that their complaints/abuse team care enough to do something about it Undecided
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 11, 2022, 08:27:27 AM
#46
presumably most people who are able to navigate CLI transaction creation from scratch would also be able to read code well enough to vet a wallet like Electrum.
I love CLI, but I can't read Electrum's code. I would guess that applies to more people, thoroughly checking a lot of code is much more work (and more complicated) than following CLI-instructions.
legendary
Activity: 2268
Merit: 18771
October 11, 2022, 08:24:48 AM
#45
Hard-core CLI transaction creation? I think you're right, there's not much of a market for that.
I was picturing a very minimal GUI, as presumably most people who are able to navigate CLI transaction creation from scratch would also be able to read code well enough to vet a wallet like Electrum.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 11, 2022, 05:41:38 AM
#44
i know it's still running today. the question is how and why? can i prove to myself somehow that the site is a scam? maybe that's why it never got took offline because they can't prove it 100%.
Scammers make a living by scamming people, of course they don't take their site offline.
What might work, is going through their registrar of web host, but in the latter case they'll just move somewhere else.

Perhaps there is a market for a bare bones wallet which can only generate segwit addresses, sign transactions, and nothing else, but I can't imagine it would be a very big market.
Hard-core CLI transaction creation? I think you're right, there's not much of a market for that.
legendary
Activity: 2268
Merit: 18771
October 11, 2022, 05:30:40 AM
#43
the question is how and why? can i prove to myself somehow that the site is a scam? maybe that's why it never got took offline because they can't prove it 100%.
I mean, it is a well known scam based on how many reports we have of people losing money on it, and reports of it generating addresses which have already been used. I suppose you could try to examine the back end (although since being sold and turning in to a scam then obviously the source code is no longer available on Github), or use it to generate some addresses to fund and watch your coins being stolen.

Being a scam is rarely enough to get a site taken down altogether, though.

which is why i like simple code minimal code. code that i can understand. code that isn't thousands of lines long when it doesn't need to be.
The thousands of lines of extra code are to program additional functions like a GUI, coin control, being able to choose a fee, different address types, multi-sig, Lightning support, and so on. The code usually isn't there for no good reason. Perhaps there is a market for a bare bones wallet which can only generate segwit addresses, sign transactions, and nothing else, but I can't imagine it would be a very big market.
sr. member
Activity: 1190
Merit: 469
October 10, 2022, 08:19:06 PM
#42
Your quotes are all messed up.
sorry about that. but i fixed it, they should make it easier to quote people without having to type in "quote" blocks manually.

Quote
No, it is still running today. The original owner (who was honest) sold the site, and the new owner turned it in to a malicious scam, which people continued (and continue) to use without realizing it due to the original site's good reputation.

i know it's still running today. the question is how and why? can i prove to myself somehow that the site is a scam? maybe that's why it never got took offline because they can't prove it 100%.


Quote
There is no way your validity checker could be accurate enough to guarantee safety without also declaring a lot of perfectly safe code invalid. If you are going to write a program that locks down your wallet software to only doing the absolute minimum with no deviation allowed, then better to just write minimalist wallet software in the first place, which even someone with a low amount of coding knowledge could verify themselves.
which is why i like simple code minimal code. code that i can understand. code that isn't thousands of lines long when it doesn't need to be.


Quote
I've spoken about this before: https://bitcointalksearch.org/topic/m.59983088
i replied on that thread.
legendary
Activity: 2268
Merit: 18771
October 10, 2022, 03:08:28 AM
#41
Your quotes are all messed up.

so they took the website offline then once it became a scam right? they can't allow a provable scam to continue operating and stealing peoples' money.
No, it is still running today. The original owner (who was honest) sold the site, and the new owner turned it in to a malicious scam, which people continued (and continue) to use without realizing it due to the original site's good reputation.

the validity checker could publish a list of methods that were allowed and then inside each method it would inspect to make sure that the only things that were happening were the standard bitcoin address generation process. anything that was there that did not belong would mean "invalid program". simple as that. a seed phrase inside the random number generator? invalid. some unknown decimal or hex number just being defined somewhere? invalid. an attempt to connect to the internet? invalid. anything unknown? need to write better code. invalid!
There is no way your validity checker could be accurate enough to guarantee safety without also declaring a lot of perfectly safe code invalid. If you are going to write a program that locks down your wallet software to only doing the absolute minimum with no deviation allowed, then better to just write minimalist wallet software in the first place, which even someone with a low amount of coding knowledge could verify themselves.

i would think rolling dice or flipping coins is better than any algorithm that produces pseudo random numbers.
Not necessarily. There are lot of things to consider when trying to extract entropy from a physical process, things which most people don't even know exist and so make the mistake of thinking it is a straightforward process. I've spoken about this before: https://bitcointalksearch.org/topic/m.59983088
sr. member
Activity: 1190
Merit: 469
October 09, 2022, 08:41:31 PM
#40
That sounds a lot like virus scanners, where companies make a living of selling updates for dozens of new virusses per day. It will never be secure.
well viruses are different since computers have to connect to the internet and be forced to interact with all different types of software that a user might decide to install. you can't just lock them down too much or else the user wouldn't be able to do anything.

I've seen people lose their Bitcoins because a once trusted paper wallet website got sold and turned into a scam. Even offline, it creates compromised paper wallets because it doesn't create random private keys.
so they took the website offline then once it became a scam right? they can't allow a provable scam to continue operating and stealing peoples' money.
imagine that website still existing on the internet and someone downloaded it before it became a scam and used it with no ill affects but then they decided to "upgrade" by downloading the latest version and then got scammed. that would really throw them for a loop  Shocked and it would be their fault though for not monitoring the situation.


Quote
If this were true, then malware would no longer exist because every possible workaround had been patched. There will also be a new workaround.

the validity checker could publish a list of methods that were allowed and then inside each method it would inspect to make sure that the only things that were happening were the standard bitcoin address generation process. anything that was there that did not belong would mean "invalid program". simple as that. a seed phrase inside the random number generator? invalid. some unknown decimal or hex number just being defined somewhere? invalid. an attempt to connect to the internet? invalid. anything unknown? need to write better code. invalid!

Quote
Depends on the random number generator on your computer. Is it better than some javascript RNG? Yes. Is it better than /dev/urandom? Probably not. However, it is also harder to do, easier to make a mistake, and easier to do in an insecure manner, so I wouldn't generally recommend it to most people.

i would think rolling dice or flipping coins is better than any algorithm that produces pseudo random numbers. now if you're talking about true random like linux /dev/random maybe that's different. windows doesn't have that though.

legendary
Activity: 2268
Merit: 18771
October 09, 2022, 06:48:29 AM
#39
but at some point they would have to really be clever to find more workarounds. at some point there might not be anymore.
If this were true, then malware would no longer exist because every possible workaround had been patched. There will also be a new workaround.

thats better than using the random number generator on your computer?  Shocked
Depends on the random number generator on your computer. Is it better than some javascript RNG? Yes. Is it better than /dev/urandom? Probably not. However, it is also harder to do, easier to make a mistake, and easier to do in an insecure manner, so I wouldn't generally recommend it to most people.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 09, 2022, 03:24:59 AM
#38
if someone did that and somehow found a loophole, then you patch it by adding their workaround as another item in your list. but at some point they would have to really be clever to find more workarounds.
That sounds a lot like virus scanners, where companies make a living of selling updates for dozens of new virusses per day. It will never be secure.

If you are completely paranoid about how your seed phrase was generated and do not trust any piece of software, then the best option would be to do it manually, using 128 coin flips and an airgapped Linux machine to calculate the checksum.
thats better than using the random number generator on your computer?  Shocked
Yes! It's very difficult to verify the randomness of your computer, but it's very easy to verify that a coin flip is random. It's not perfect, but it's not something anyone else can reproduce.

I've seen people lose their Bitcoins because a once trusted paper wallet website got sold and turned into a scam. Even offline, it creates compromised paper wallets because it doesn't create random private keys. That won't happen with coin flips. You should still make sure the software you use to create a private key out of it isn't compromised.
sr. member
Activity: 1190
Merit: 469
October 08, 2022, 08:21:07 PM
#37
There would be no way to write a piece of software which could detect every possible way a wallet could be malicious,
what you do is make a list of all the possible ways. then you have to have subroutines that check each way. the program will run the software through each subroutine.



Quote
and even if someone attempted such a piece of software, then an attacker could also download it and find a work around.
if someone did that and somehow found a loophole, then you patch it by adding their workaround as another item in your list. but at some point they would have to really be clever to find more workarounds. at some point there might not be anymore.

Quote
If you are completely paranoid about how your seed phrase was generated and do not trust any piece of software, then the best option would be to do it manually, using 128 coin flips and an airgapped Linux machine to calculate the checksum.
thats better than using the random number generator on your computer?  Shocked


legendary
Activity: 2268
Merit: 18771
October 08, 2022, 03:51:43 AM
#36
or maybe there's a software that you could run on a piece of other software to detect if it was malicious or not.
There would be no way to write a piece of software which could detect every possible way a wallet could be malicious, and even if someone attempted such a piece of software, then an attacker could also download it and find a work around.

If you are completely paranoid about how your seed phrase was generated and do not trust any piece of software, then the best option would be to do it manually, using 128 coin flips and an airgapped Linux machine to calculate the checksum.
sr. member
Activity: 1190
Merit: 469
October 07, 2022, 09:39:42 PM
#35
Up to the individual, probably. You need to differentiate between whether you are checking for accuracy or checking for maliciousness. If your copy of bitaddress generates one address accurately, then you can be pretty sure if it is non-malicious then it will generate all addresses accurately. However, a malicious piece of software may generate one or two addresses accurately and then start generating fake addresses.
Yeah I think we were talking about the former situation, not the latter. Detecting maliciousness is a whole different thing that you can't do by just comparing outputs.

Quote
However, given that any malicious software could generate addresses from predetermined seed phrases or private keys which are known to an attacker, then testing them in this manner does not protect against attack. That can only be done by reviewing the source code.

or maybe there's a software that you could run on a piece of other software to detect if it was malicious or not. it seems plausible that this would be a reasonable thing to want to do. because reviewing by hand not everyone has that type of expertise.
legendary
Activity: 2268
Merit: 18771
October 06, 2022, 04:16:26 AM
#34
What I'm talking about is someone that generates paper wallets using something like bitaddress. Do they need to check every single address or just a few of them and then as long as those check out, they can assume bitaddress works correctly so there is no further need to keep checking newly generated addresses. I would think "yes" with a few caveats but in general "yes".
Up to the individual, probably. You need to differentiate between whether you are checking for accuracy or checking for maliciousness. If your copy of bitaddress generates one address accurately, then you can be pretty sure if it is non-malicious then it will generate all addresses accurately. However, a malicious piece of software may generate one or two addresses accurately and then start generating fake addresses.

However, given that any malicious software could generate addresses from predetermined seed phrases or private keys which are known to an attacker, then testing them in this manner does not protect against attack. That can only be done by reviewing the source code.
sr. member
Activity: 1190
Merit: 469
October 05, 2022, 10:04:58 PM
#33

No. They would realize letting larry_vw_1955 touch their wallet was a big mistake Cheesy
letting anyone touch their wallet might be a big mistake  Grin

Quote
Example: you use a hardware wallet, with Electrum. When you create a new deposit address, you should confirm the address on the hardware wallet. It's not about trusting Electrum, you're using a hardware wallet so that you don't have to. Whatever happens to your software, you want to know for sure your funds are going to your own address.
yeah that's a different useage scenario but consider this: i got a cheap hardware wallet long time ago (or rather, a hardware wallet that was on sale for very cheap, how about that?) but never trusted it enough to actually want to use it. i'd rather use software or paper wallets than use something that I don't fully understand. i tried to understand it but it seemed very confusing and i wasn't sure what it relied on like what company's servers to send and receive transactions and what software would need to be installed on my computer,etc etc not really worth the time and effort to try and figure it out.


Quote from: o_e_l_e_o
Absolutely. Which goes back to the original point of testing your back up with different software. What if you accidentally, either through user error or bugged software, created a wallet using some crazy derivation path with 200+ levels, did not test your recovery, and then loaded it with funds? You now have a useless seed phrase back up securing coins in a derivation path you would never find again, all while being completely unaware of that fact.

Well, maybe my initial question was misunderstood. What I'm talking about is someone that generates paper wallets using something like bitaddress. Do they need to check every single address or just a few of them and then as long as those check out, they can assume bitaddress works correctly so there is no further need to keep checking newly generated addresses. I would think "yes" with a few caveats but in general "yes".
legendary
Activity: 2268
Merit: 18771
October 05, 2022, 02:54:20 AM
#32
I would love to put their funds on some derivation path 240 levels deep and see how they felt about it then. They would probably never find their funds.
Absolutely. Which goes back to the original point of testing your back up with different software. What if you accidentally, either through user error or bugged software, created a wallet using some crazy derivation path with 200+ levels, did not test your recovery, and then loaded it with funds? You now have a useless seed phrase back up securing coins in a derivation path you would never find again, all while being completely unaware of that fact.

Example: you use a hardware wallet, with Electrum. When you create a new deposit address, you should confirm the address on the hardware wallet. It's not about trusting Electrum, you're using a hardware wallet so that you don't have to. Whatever happens to your software, you want to know for sure your funds are going to your own address.
This is a slightly different issue. When I check my back ups, I only ever check the first addresses. That is enough for me to be sure that I am using the right seed phrase at the right derivation path with the right script type to reproduce the wallet again in the future. When I check each new Electrum address on the screen of my hardware wallet, I am checking that my computer or my Electrum install has not been infected with malware or subjected to some other malicious attack which results in it displaying an incorrect address.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 05, 2022, 02:27:35 AM
#31
Quote from: o_e_l_e_o
I would wager that the majority of people don't even know what a derivation path is.
I would love to put their funds on some derivation path 240 levels deep and see how they felt about it then. They would probably never find their funds. Then they would realize that knowing their derivation path is just as important
No. They would realize letting larry_vw_1955 touch their wallet was a big mistake Cheesy
I've seen problems caused by weird derivation paths, but as long as it's created by known software, you can probably find the derivation path by searching the internet.
If you use Electrum, you can be pretty sure you can recover the funds from your seed words without understanding anything else.

Quote
Quote from: LoyceV
I checked only the first few addresses indeed. You now make me feel sloppy for not testing the first 100.
If you really feel you need to check the first 100 then I would humbly suggest you have a trust issue with whatever software you are using and probably should ask yourself why you distrust it so much.
Example: you use a hardware wallet, with Electrum. When you create a new deposit address, you should confirm the address on the hardware wallet. It's not about trusting Electrum, you're using a hardware wallet so that you don't have to. Whatever happens to your software, you want to know for sure your funds are going to your own address.
sr. member
Activity: 1190
Merit: 469
October 04, 2022, 08:38:37 PM
#30
Quote from: o_e_l_e_o
I would wager that the majority of people don't even know what a derivation path is.
I would love to put their funds on some derivation path 240 levels deep and see how they felt about it then. They would probably never find their funds. Then they would realize that knowing their derivation path is just as important as knowing their seed phrase - well almost. Just like you need an ID to make a withdrawal at your bank, you need your derivation path...well you MIGHT need it sometime. If you ever go to the bank that is!

Quote from: LoyceV
I checked only the first few addresses indeed. You now make me feel sloppy for not testing the first 100.

If you really feel you need to check the first 100 then I would humbly suggest you have a trust issue with whatever software you are using and probably should ask yourself why you distrust it so much. Software that works shouldn't need to be doublechecked all the time. Unless you wrote it yourself, then you might want to run more extensive tests. But not every time you generate an address. There should be some level of trust in the functionality that you say " i know it worked because i did unit tests with 100 different addresses so I'll trust what it generates for me going forward". otherwise it's not software, it is just a crutch. using it as a crutch with something else. Angry
legendary
Activity: 2268
Merit: 18771
October 04, 2022, 03:51:08 AM
#29
Surely there are android bitcoin wallets that adhere to standards like bip39. and are open source but the best bet is dont use android wallets period. you can't really trust them.
Of course, but the point we are making is that some people don't do that. And even if you do only use reputable, open source wallets, have you scanned every single line of code to make sure it is doing what you think it is doing? Doubtful. And even if you do, you cannot be 100% sure that you have not made a mistake when writing down your seed phrase or similar unless you test your back ups. There is literally no reason to not test your back ups before you fund the wallet.

what kind of person puts their money into some wallet without knowing what derivation path is being used though?
I would wager that the majority of people don't even know what a derivation path is.

you have to ask yourself why you would use something other than a trezor or nano though.
Again, I won't, but lots of people do.

So you test every single address or just one address and if that one works, you consider it "good to go" for any further addresses without checking them.
Checking the first address matches is sufficient. The chance of a different seed phrase or incorrect back up generating the same first address is essentially zero.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 04, 2022, 02:54:29 AM
#28
what kind of person puts their money into some wallet without knowing what derivation path is being used though?
If I have to guess: 98% of all Bitcoin users who don't keep their coins on an exchange.

Quote
So if you tested it with a particular address and it worked, then you can generate new addresses and not need to test those right? because you trust the software works since it worked with that one particular address that one time. just trying to clarify.
I checked only the first few addresses indeed. You now make me feel sloppy for not testing the first 100.
sr. member
Activity: 1190
Merit: 469
October 03, 2022, 09:07:07 PM
#27

The example I gave of Bread wallet is absolutely software which runs on your own device. Another example would maybe be Schildbach's bitcoin wallet, which does not use seed phrases but its own unique encrypted back ups which can only be recovered using the same software.
Surely there are android bitcoin wallets that adhere to standards like bip39. and are open source but the best bet is dont use android wallets period. you can't really trust them.

Quote
The point here is that Bread wallet didn't tell its users what derivation path was being used. Many wrongly assumed it was the standard BIP 44/49/84 paths, but because they never tested their recovery using independent software (as we are advocating here), they never found out they were wrong until they couldn't access their coins.

what kind of person puts their money into some wallet without knowing what derivation path is being used though?


Quote
Not only are plenty of people still using non-standard formats, but there are plenty more still in development, such as Block's new hardware device, which will not use seed phrases and be completely dependent on Block for recovery.
you have to ask yourself why you would use something other than a trezor or nano though. as far as I have seen most of these new hardware wallets that come out are overpriced and not nearly as well tested as trezor or nano, how could they be ? they are new! only way i would use one of this things is if they gave it to me for free but no way am i buying one.  Cool

Quote from: LoyceV
Correct. One of the reasons for testing in the first place is peace of mind: I know I can decrypt it.
So if you tested it with a particular address and it worked, then you can generate new addresses and not need to test those right? because you trust the software works since it worked with that one particular address that one time. just trying to clarify.

Quote
For what it's worth: so far, all my testing always confirmed what I was hoping to see. But without testing, I wouldn't know that for sure.
So you test every single address or just one address and if that one works, you consider it "good to go" for any further addresses without checking them.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 03, 2022, 02:51:16 AM
#26
The point here is that Bread wallet didn't tell its users what derivation path was being used. Many wrongly assumed it was the standard BIP 44/49/84 paths, but because they never tested their recovery using independent software (as we are advocating here), they never found out they were wrong until they couldn't access their coins.
I even tested my recovering my hardware wallet before funding it: I used Ian Coleman's site (obviously on an air-gapped system, running live Linux from RAM) to see if I could reproduce the same addresses as my hardware wallet showed.
For what it's worth: so far, all my testing always confirmed what I was hoping to see. But without testing, I wouldn't know that for sure.
legendary
Activity: 2268
Merit: 18771
October 03, 2022, 02:39:21 AM
#25
The examples you give below of blockchain.com and coinbase are poor examples since they are not software, rather they are services.
The example I gave of Bread wallet is absolutely software which runs on your own device. Another example would maybe be Schildbach's bitcoin wallet, which does not use seed phrases but its own unique encrypted back ups which can only be recovered using the same software.

well, the link you provided has to do with the breadwallet to coinbase migration situation. if someone doesn't keep track of the derivation path their funds are on then that is a big mistake on their part. but it doesn't mean the software doesn't work.
The point here is that Bread wallet didn't tell its users what derivation path was being used. Many wrongly assumed it was the standard BIP 44/49/84 paths, but because they never tested their recovery using independent software (as we are advocating here), they never found out they were wrong until they couldn't access their coins.

hopefully these day people are only using standard bitcoin formats not proprietary. there's really no reason for using proprietary formats otherwise they might end up being an avid reader of your thread there. Shocked
Not only are plenty of people still using non-standard formats, but there are plenty more still in development, such as Block's new hardware device, which will not use seed phrases and be completely dependent on Block for recovery.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 03, 2022, 02:27:36 AM
#24
It is always smart to test your back up or private keys with different software.
but once you tested it once, you don't need to test it again right?
Correct. One of the reasons for testing in the first place is peace of mind: I know I can decrypt it.

Quote
hopefully these day people are only using standard bitcoin formats
I'm not as optimistic as you are Wink
sr. member
Activity: 1190
Merit: 469
October 02, 2022, 08:19:56 PM
#23
What if the software I used uses a non-standard encryption and it turns out I can only decrypt it with that software? Then, 20 years later, I can't find it anymore.
There is already precedence for this.
The examples you give below of blockchain.com and coinbase are poor examples since they are not software, rather they are services. To really make the point, we should be sticking to software that one runs on one's computer to generate bitcoin addresses not services they log into and use. There is a distinction between the two things which should not be overlooked or glossed over.

And that's without even mentioning bugged, flawed, or malicious software, which might not derive the correct keys like you think it is doing.
well yeah that can happen but with bitaddress? how about some links.

Quote
It is always smart to test your back up or private keys with different software.
but once you tested it once, you don't need to test it again right? as long as nothing changes like upgrading the software.

Quote from: LoyceV
I've already seen many people who had a hard time recovering their old storage format. I even created [overview] Recover Bitcoin from any old storage format for it, but it's far from complete.
hopefully these day people are only using standard bitcoin formats not proprietary. there's really no reason for using proprietary formats otherwise they might end up being an avid reader of your thread there. Shocked
legendary
Activity: 2268
Merit: 18771
October 02, 2022, 03:29:03 AM
#22
What if the software I used uses a non-standard encryption and it turns out I can only decrypt it with that software? Then, 20 years later, I can't find it anymore.
There is already precedence for this. Blockchain.com, for example, used to give out recovery phrases which were not BIP39 phrases, but rather simply to recover access to wallet files on their platform if uses had forgotten their passwords. Now, many years later, although they claim to still support these phrases many users find themselves unable to recover their wallets. Another example is Coinbase, which used to run multi-sig vaults, have discontinued their support of them, and users can no longer recover access to their funds despite possessing the necessary back ups. Even something as simple as a wallet using a non-standard derivation path is enough to cause huge amounts of problems trying to recover your coins. And that's without even mentioning bugged, flawed, or malicious software, which might not derive the correct keys like you think it is doing.

It is always smart to test your back up or private keys with different software.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 02, 2022, 02:37:02 AM
#21
why does it need to be different software than you used to create it?
I like being thorough Smiley What if the software I used uses a non-standard encryption and it turns out I can only decrypt it with that software? Then, 20 years later, I can't find it anymore.
I've already seen many people who had a hard time recovering their old storage format. I even created [overview] Recover Bitcoin from any old storage format for it, but it's far from complete.
sr. member
Activity: 1190
Merit: 469
October 01, 2022, 06:24:06 PM
#20

I don't think they can help it much when printing from a browser. This is one of the many reasons I test my backup before funding it. By manually typing the key and decrypting it with different software than you used to create it, you know you can decrypt it later. If your test fails, you know not to fund it. (of course, all this should be done off-line, running a Live Linux from RAM).

that's a pretty good idea but why does it need to be different software than you used to create it? you can generate a private key in bitaddress and then go and verify it within bitaddress too.  so u don't need another different software.

legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
October 01, 2022, 04:30:08 AM
#19
if they are not correct then why would they not be?
Have you tried the QR-code?

bitaddress really should be more careful about how it prints things out. either print it out correctly and fully or don't print anything
I don't think they can help it much when printing from a browser. This is one of the many reasons I test my backup before funding it. By manually typing the key and decrypting it with different software than you used to create it, you know you can decrypt it later. If your test fails, you know not to fund it. (of course, all this should be done off-line, running a Live Linux from RAM).
legendary
Activity: 2268
Merit: 18771
October 01, 2022, 01:46:39 AM
#18
Oh so you tested one of the other private keys and were not able to get a private key either?
Correct. Hence me asking if you are sure the characters you have posted here are accurate. If I go to bitaddress and create a page of encrypted paper wallets, I can brute force missing characters with 100% accuracy. So either the string you have shared above has incorrect characters or is not a BIP38 key at all.

Are you able to share a high resolution picture of the key you have shared above (the one you said has no funds on it)? You can crop out the other keys. And you can share it privately if you prefer.

bitaddress really should be more careful about how it prints things out. either print it out correctly and fully or don't print anything
There is nothing it can do stop people from locally scaling the page it produces, so much that it is too large for a single piece of paper, which is what has happened here.
sr. member
Activity: 1190
Merit: 469
September 30, 2022, 06:30:33 PM
#17
Thanks, I just sent it.
This is the picture I received:
Image loading...

This indeed looks like Bitaddress.org's Paper Wallet with "Hide Art?" ticked. And it shows what I've seen myself too: the printer (driver) messed up the page.

bitaddress really should be more careful about how it prints things out. either print it out correctly and fully or don't print anything
newbie
Activity: 8
Merit: 12
September 30, 2022, 02:07:17 PM
#16
Oh so you tested one of the other private keys and were not able to get a private key either? If they are correct? Well I double checked if I wrote down the other characters correctly, if they are not correct then why would they not be?
legendary
Activity: 2268
Merit: 18771
September 30, 2022, 07:43:55 AM
#15
Could it be that the third digit "n" could be different as well. I made the wallet in 2020 if that has any meaning. Any bright ideas Smiley ?
It could be, but it's unlikely. bitaddress's source code hasn't changed for 6 years. Are you 100% sure all the other characters are correct?

although I'm not sure if it can brute-force missing characters in a BIP-38 key with known password.
It can, and indeed, knowledge of the password is unnecessary. BIP38 keys use Base58Check, so it can brute force a few missing characters until it finds those that match with the checksum.

Edit:

I've tested the string you shared above: rgHM7eKVe37vCGtGQRVNRcN6pfa2gRAzaxdsG86RSmKdnMAEkPZnHJ

I'm unable to find any combination of 6P** (or 6P*string* or 6Pstring**) which creates a valid key. Again, are you sure you have the right characters?
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
September 30, 2022, 06:18:54 AM
#14
Any bright ideas Smiley ?
Have you tried the QR-code?

Otherwise, The FinderOuter may work for brute-forcing, although I'm not sure if it can brute-force missing characters in a BIP-38 key with known password. If it can't, @Coding Enthusiast may be willing to add this feature.
newbie
Activity: 8
Merit: 12
September 30, 2022, 05:25:54 AM
#13


Edit: Actually, I've been able to recreate this by trying to print my own page of paper wallets from bitaddress and messing with the scaling factor up to around ~150%. It does indeed only cut characters off from the start. And actually, bitaddress only generates EC multiplied compressed keys, meaning all the keys will have the prefix "6Pn". So OP is only missing a single character from each key, in the 4th position, which will be between the characters "M" and "Z". Given that "O" isn't used in Base58Check, then that only leaves 13 possibilities for each key.

Hey so I still have problems with the private key. I've tried to start with 6Pn(A-Z) but it says that all of those are invalid keys. It is the key and not the pass phrase because I made a new wallet and put in the wrong phrase and I got a different message. Could it be that the third digit "n" could be different as well. I made the wallet in 2020 if that has any meaning. Any bright ideas Smiley ?
newbie
Activity: 8
Merit: 12
September 30, 2022, 03:41:47 AM
#12
Wow! Thank you so much guy. I now see that the first ones are cut of. I didn't realize it before ok. I will try to use bitaddress now to decrypt the key. Thanks so much for your brightness.
legendary
Activity: 2268
Merit: 18771
September 29, 2022, 01:42:39 PM
#11
The BIP38 encrypted private key will be right aligned with the line of text above it which should say "Encrypted Private Key (Password required)". If you can read all of that line (I can't quite make out whether you can see "required)" under the QR code from the small image you have attached), then you should also therefore have the end of the private key.

This would mean that OP's printer has cut off the the first 4 characters, the first 2 of which will be "6P", meaning he just has to brute force 2 characters in a known position, which will be relatively easy to do provided he knows the decryption password.

Edit: Actually, I've been able to recreate this by trying to print my own page of paper wallets from bitaddress and messing with the scaling factor up to around ~150%. It does indeed only cut characters off from the start. And actually, bitaddress only generates EC multiplied compressed keys, meaning all the keys will have the prefix "6Pn". So OP is only missing a single character from each key, in the 4th position, which will be between the characters "M" and "Z". Given that "O" isn't used in Base58Check, then that only leaves 13 possibilities for each key.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
September 29, 2022, 11:45:31 AM
#10
Thanks, I just sent it.
This is the picture I received:
Image loading...

This indeed looks like Bitaddress.org's Paper Wallet with "Hide Art?" ticked. And it shows what I've seen myself too: the printer (driver) messed up the page. It looks like a few characters are missing, you're supposed to have 58 characters, and the first 2 are supposed to be "6P" That still leaves a lot of options, and BIP38 is heavy encryption, but it should be possible to brute-force the missing characters.
Or, since you have a QR-code, you can try that. It's partially covered with text, but it might still work. Be careful though: several QR-decoders steal any Bitcoin they can.
Mycelium (on Android) supports BIP38. Be careful what you're using, especially if a large amount is at risk.
newbie
Activity: 8
Merit: 12
September 29, 2022, 10:38:24 AM
#9

I haven't seen this format on Bitaddress.org.
Feel free to email ([email protected]) me the picture (the one that isn't funded, obviously), I'll post it here.
[/quote]

Thanks, I just sent it.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
September 29, 2022, 10:33:46 AM
#8
I have printed the wallet and I am all sure it is from bitaddress.org from maj 2020.
I would put in a photo here but it looks like I am not able to. The encrypted key of a similar adress is

rgHM7eKVe37vCGtGQRVNRcN6pfa2gRAzaxdsG86RSmKdnMAEkPZnHJ
I haven't seen this format on Bitaddress.org.
Feel free to email ([email protected]) me the picture (the one that isn't funded, obviously), I'll post it here.
newbie
Activity: 8
Merit: 12
September 29, 2022, 09:19:47 AM
#7
http://
I have printed the wallet and I am all sure it is from bitaddress.org from maj 2020.
I would put in a photo here but it looks like I am not able to. The encrypted key of a similar adress is

rgHM7eKVe37vCGtGQRVNRcN6pfa2gRAzaxdsG86RSmKdnMAEkPZnHJ

This waller is 100% empty so no worries  Cool
Anyone any clue how to decrypt this shit?
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
September 28, 2022, 08:14:50 AM
#6
It could be AES encryption encoded in Base58. Check the paper wallet to see if there is any design identifying what we are it came from.
legendary
Activity: 2268
Merit: 18771
September 28, 2022, 04:16:19 AM
#5
So I have a paper wallet with an encrypted private key with 54 entries starting with for example rgHM7 or wTdev
Do you mean the strings have 54 characters each, or you have 54 strings? Can you elaborate on what character set the strings are using? Do they end with a "=" symbol?

The only thing which bitaddress generates which fits that character set are private keys in Base64 format. These should be 44 characters long.

Are you sure you used bitaddress? Did you download and verify the latest release and run it offline?
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
September 28, 2022, 02:19:26 AM
#4
So I have a paper wallet with an encrypted private key with 54 entries starting with for example rgHM7 or wTdev, so it doesn't seem to be a bip38 encryption. What kind of encryption can it be and how can I go about to decrypt it. The paper wallet was generated at bitaddress.org.
When did you create this paper wallet? You may be able to find a version of Bitaddress from around that time. See if you can create a similar wallet, it might help determine what happened.
Also: did you print the wallet, or did you write it down? I've seen people make mistakes writing down keys.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
September 28, 2022, 12:20:22 AM
#3
The paper wallet was generated at bitaddress.org. And oh how I regret encrypting it Smiley
The characters resembles the Base64 format, but the number of characters doesn't match.
I tried the earliest release (v2.8.1), the earliest tag (v1.6) and the latest version (web) of bitaddress and all don't output any 54-character string.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
September 27, 2022, 06:36:04 PM
#2
If it was generated from bitaddress.org why not try to decrypt it there if you still know the passphrase?

If not, and if you forgot some parts of the passphrase you can use the bitcoin recovery tool from FinderOuter
or if you totally forgot them then you can try to brute force your encrypted private key you can use this https://github.com/3rdIteration/btcrecover
I'm sure brute-forcing your encrypted private key to decrypt it would be a long journey if you have a long passphrase.
newbie
Activity: 8
Merit: 12
September 27, 2022, 12:15:52 PM
#1
Hi,
So I have a paper wallet with an encrypted private key with 54 entries starting with for example rgHM7 or wTdev, so it doesn't seem to be a bip38 encryption. What kind of encryption can it be and how can I go about to decrypt it. The paper wallet was generated at bitaddress.org. And oh how I regret encrypting it Smiley
Could someone please help?
Jump to: