Does wallet.dat ever expose private keys? - page 2.

Quickseller

copper member

Activity: 2996

Merit: 2374

Quote from: Xynerise on December 11, 2017, 11:20:38 AM

Quote from: Quickseller on December 10, 2017, 11:27:41 PM

If you are using an HD wallet, anytime you sign a transaction, the private key(s) used to sign the transaction will be stored in RAM. An attacker could use the private key along with the xpubkey (which will always be in an unencrypted state), to be able to calculate the rest of your private keys in your wallet.

So if you are using a HD wallet and the hacker has your xpubkey and just one of your private keys then he will be able to hack all your bitcoin addresses from the seed?

He may be able to calculate the rest of your private keys based on this information. A hacker could also simply get your xprivkey if he is aware of what you type for your passphraise.

Xynerise

sr. member

Activity: 322

Merit: 363

39twH4PSYgDSzU7sLnRoDfthR6gWYrrPoD

Quote from: Quickseller on December 10, 2017, 11:27:41 PM

If you are using an HD wallet, anytime you sign a transaction, the private key(s) used to sign the transaction will be stored in RAM. An attacker could use the private key along with the xpubkey (which will always be in an unencrypted state), to be able to calculate the rest of your private keys in your wallet.

So if you are using a HD wallet and the hacker has your xpubkey and just one of your private keys then he will be able to hack all your bitcoin addresses from the seed?

Quickseller

copper member

Activity: 2996

Merit: 2374

If you are not using a HD wallet, anytime you sign a transaction, your wallet.dat will be unencrypted in RAM, or more specifically, the decryption key to decrypt the wallet.dat file will be in RAM, along with the private key(s) of what you are using to sign. If an attacker has access to your RAM when you are signing a transaction, all of your money is effectively stolen.

If you are using an HD wallet, anytime you sign a transaction, the private key(s) used to sign the transaction will be stored in RAM. An attacker could use the private key along with the xpubkey (which will always be in an unencrypted state), to be able to calculate the rest of your private keys in your wallet.

Also, an attacker is likely able to monitor what you enter into your keyboard, so they can get your passphraise anyway, so an attacker could simply copy your wallet.dat and use what you typed as your passphraise.

Thirdspace

hero member

Activity: 1232

Merit: 738

Mixing reinvented for your privacy | chipmixer.com

Quote from: ranochigo on December 08, 2017, 01:08:39 AM

On each password change, the client extracts all the used addresses and store them inside the wallet file. The new seed will be used to generate all future addresses.

when the new password created and new seed used, how are old addresses/privkeys being stored?
are old privkeys saved unencrypted (no longer protected) or still encrypted with old password?
how can we sign transaction related to those old addresses if current password only work for new addresses generated from new seed?

jnano

member

Activity: 301

Merit: 74

You mean, old addresses are anyway kept as is (private keys, etc.), just the HD seed is not kept?
Why does changing the password require changing the seed?

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: jnano on December 08, 2017, 12:13:11 AM

Quote from: ranochigo on December 07, 2017, 11:41:53 AM

If you have a HD wallet, it would have the same seed till you change/set/remove the password.

On each password change it adds a new seed, keeping the old ones?

On each password change, the client extracts all the used addresses and store them inside the wallet file. The new seed will be used to generate all future addresses.

jnano

member

Activity: 301

Merit: 74

Quote from: ranochigo on December 07, 2017, 11:41:53 AM

If you have a HD wallet, it would have the same seed till you change/set/remove the password.

On each password change it adds a new seed, keeping the old ones?

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: oblivi on December 07, 2017, 11:22:52 AM

Is there any chance that a hacker gets to see all of your private keys? or he would need to have a RAT installed on your computer and enter the "dumpprivkey" command on every address WHILE your Core client is opened and unlocked?

In all honesty, it really isn't that hard for a hacker to copy your wallet.dat remotely and enter the password he captured. You wouldn't even know it.

If your computer has a RAT or any malware in particular, everything about you is compromised. They can get it from memory but they would only get the encrypted keys till you unlock it.

Quote from: oblivi on December 07, 2017, 11:22:52 AM

And the HD wallet.dat from Core does have a seed that could be hacked? (with all of your funds on it). Im still using the good ol wallet.dat (it shows HD is not enabled) and I was wondering about that..

If you have a HD wallet, it would have the same seed till you change/set/remove the password. If any attacker gets any of your backups unencrypted/encrypted with weak password, then you're doomed.

However, without HD wallet, they can only, at most get 1000 addresses. Lets say you use it frequently and you had a backup 2 years ago that was compromised. As long as you have had 1000 transactions, your current Bitcoins remain safe, provided that you have no coins on older addresses.

oblivi

hero member

Activity: 700

Merit: 501

Is there any chance that a hacker gets to see all of your private keys? or he would need to have a RAT installed on your computer and enter the "dumpprivkey" command on every address WHILE your Core client is opened and unlocked?

And the HD wallet.dat from Core does have a seed that could be hacked? (with all of your funds on it). Im still using the good ol wallet.dat (it shows HD is not enabled) and I was wondering about that..

Topic: Does wallet.dat ever expose private keys? - page 2. (Read 1049 times)