Topic: [How Electrum Works] Why you should be careful with your private keys. (Read 9303 times)

blockchain.info is not compatible with armory. For your purposes the only thing compatible with armory is armory, only thing compatible with electrum is electrum and so on.

Choose:

a) Offline armory + online armory

Or

b) offline electrum + online electrum

Don't mix and match wallets.

Yes, I'm definitely going to stick with a single Client wallet because you are right: otherwise I'd have to test sending out some mBTC to see if the private key is really working for that address but that'd be messy and tedious and dangerous.

Is the blockchain.info wallet I was referring before also incompatible with Armory? If yes, then I'd do all in Electrum. But if it's compatible, I'd like to learn from you if that's viable alternative or I should forget about that, too.

The only reason I'm leaning towards Armory is that in the unlikely event my offline PC crashes, I still can have a paper backup, which can be further split into 2 out of 3 paper sheets or electronic fragments required with a SecurePrint code, which is not even printed in the backup sheets to recover the seed. Electrum only has a phrase-based recovery method but that's about it.

Thanks for your suggestions!

Why are you using armory to begin with? If you want an offline cold wallet with watch-only compononet, Electrum is just as secure as Armory. Armory is only more secure on the online component, as it has the blockchain locally. But you seem to be wanting a light client. So Electrum sounds good for you, if you'd just use it normally.

First of all, my script is not cryptographically secure. I slapped it together so that hopefully it would generate your address. However, there is NO GUARANTEE that every private key listed will definitely correspond to the address listed. Be warned.

Also, the addresses being generated, even if you use Armory's paper backup seed, will NOT be the same as Armory. ALSO, if you decode the paper backup into hex and input it as a restore seed for electrum, you will get COMPLETELY DIFFERENT ADDRESSES from my script AND Armory.

So in summary, either switch to Electrum and send your bitcoins there, or just download the blockchain in Armory. Don't mix the two systems.


I am very glad to have helped!

You can pay the bounty to my tipping address in my sig or the address I pasted in my post a little while back.

Stay safe!

Success!!!!  
Thanks a lot!!

Ok, so to summarize. I know that those two wallets are currently not compatible. However, if I do again exactly what I did before but derive the private key using the script you provided in an offline computer BEFORE I send any coins to its public address, I should be in good shape.

I had requested Armory to create a light client but I believe they indicated some time ago that that goes against their security principles (someone might impersonate/hack the torrent/servers holding the blockchain , like the model Electrum does).

Alternatively, I can create a watch-only wallet with Blockchain.info offline, dump the transaction history from sending address from bitcoinexplorer, run a local copy of Brainwallet HTML code in an offline computer to create and sign the transaction offline. And finally, I'll just broadcast it in blockchain.info. In this case, there would be no need to use Electrum at all.
In the offline computer I can have Armory import the private key and back up all using paper backup method. This is the most secure and still light wallet model I can think of.  Bye Bye Electrum...

NO

That is NOT correct!

Armory and Electrum use fundamentally different algorithms to generate keys, so using the SAME MPK and SAME root seed will generate DIFFERENT addresses.

If you would like to use Electrum, install Electrum on your offline computer and create a new wallet.

Electrum and Armory are NOT compatible.

I am 100% certain your bitcoins will be recovered this time, but next time you might not be so lucky.

Thanks all.

So the publicX and publicY  I used correspond to a **regular receiving address I created in Armory**  , for which I do have its private key as well.

 I'm getting the feeling that I should have used Armory's root key/paper backup (2 text lines) when I created my Electrum wallet (after necessarily removing the "04" and using only the next 128 chars), is that correct?

Will go ahead and use the updated scripts above...not before crossing my fingers. :-)

Oh ok, I just downloaded Armory and I see what you mean now.


> arorts

I updated all the scripts and the exe to do what Abdussamad mentioned.

Please follow his instructions to find the "PublicX" and "PublicY" that you used in Electrum... then just above it you will see "PrivHexBE"

The new script will ask you for PrivHexBE and NOT the paper backup phrase.

You will get your bitcoins back! yay!

Here's the exe
https://github.com/dabura667/help_arorts/releases/download/0.1/arms.exe

Here's the scripts (use arms_mac.py if you're doing it on your mac)
https://github.com/dabura667/help_arorts/archive/master.zip

The instructions I gave have nothing to do with his master seed. They are for dumping address specific priv keys.

Edit: To clarify he is using the public key of an ordinary bitcoin address in his armory wallet. Not the armory MPK or anything like that. Just the pub key of an ordinary address. The instructions above are for getting the corresponding priv key and going from there.

He did that essentially with my script. But the Public X and the Public Y he used as his MPK in Electrum were NOT from his master seed.

I am currently working with him to figure out where his Public X and Public Y came from.

Perhaps a different wallet? (Maybe he has multiple and is mixing them up?)

In armory:

- Double click on the wallet
- Click on 'backup this wallet'
- Select 'export key lists' radio button, click on button 'export key list'
- In the next window check 'public key(be)'
- Find the public key you entered into electrum and note down the corresponding private key (hex or wif).

The private key in armory is broken up by spaces. Remove the spaces and combine it into one long string and follow the instructions above:

https://bitcointalksearch.org/topic/m.8258543

Alternatively, if you are willing to trust me, you could PM me the private key and I'll send the btc to an address you control.

Yes to all your questions above. I just checked again and Armory's MPK is the same exact string as the MPK in Electrum.

Are the PublicX and PublicY values in hex format?

Are each of them a 64 character string consisting only of 0-9a-f?
Concatenated it should be a 128 character string consisting only of hex digits.

Is that what you placed into electrum? Is that also what shows up in your Master Public Key area in Electrum?

Electrum's MPK is just the Public x value and the Public Y value in 32 byte hex format concatenated.

What exactly did you input into Electrum when creating the watch-only wallet? Perhaps could you PM me what you inputted and also what your Electrum is saying is the MPK?

Unfortunately, I got a "Your MPK and the backup phrase MPK don't match"

BTW, what I entered as the Master Public Key in Electrum was NOT a decoded version of Armory's root key/paper backup but a concatenation of PublicX and PublicY entries shown in Armory so I never saw any "04" prefix to even think to remove it.

Any thoughts?

Yes.

I would recommend running the exe on your offline Windows machine, though. If you run the script on your online Mac, then your offline Armory wallet's private keys have touched the internet.

From the sounds of it, you will restore all of your bitcoins. You only sent to one of the first addresses that was shown, correct?

Right now the script only generates 5 receiving addresses and 3 change addresses. This is the default number of keys shown for a new Electrum wallet.

I have explained how to run the script in Windows here, and on Mac via PM. Either way you choose, you should have the WIF private keys you need to recover your funds.

Let me know how it goes :-D

Hello everyone,

I had to take some time off so I haven't recovered my coins yet. Just to make sure I follow the right process here are some clarifications:

- My offline Armory wallet is a Windows one
- My online Electrum wallet is in a Mac computer (latest OS X version)
- The MPK I entered as the seedless Electrum wallet was exactly a concatenation of the 2 publicX and PublicY keys listed in Armory, NOT a decoded version of the paper backup/root key
-  I didn't remove any initial or ending characters before entering it in Electrum

Having said that, what should be the right process that can be safely run offline? Seems like dabura667's last post?

Thanks

arorts had PMed me and I figured out his exact situation.

1. in armory, there is an ability to export the Master Public Key of the deterministic wallet.

2. He exported armory's MPK and used it to generate a watch-only wallet on Electrum.

3. He sent bitcoins to his watch-only wallet, and since there is no methodology in Electrum that directly allows use of the stretched Master Private Key... I basically slapped a script together that converts the Armory paper backup into the Master Private Key and does exactly what you said, except without any dependencies. (I had originally planned for him to copy/paste into an online python compiler or something... so I didn't want dependencies that weren't default contained in Python.)

Anywho, there is an example case within arms.py (it's commented out, the Armory backup seed is on two lines, one without spaces just to make it easier to copy. and the MPK that corresponds.)

Try compiling it, or just running the script in python directly. Any errors should show the error and pause (using raw_input() to wait for Enter to be pressed before closing)... also pressing enter after address gen closes as well.

arorts hasn't replied but if anyone else is in this situation it's actually pretty simple to get the address specific private keys.


So if the "master private key" corresponding to the "master public key" used to create the watch only wallet is f45xxxx...xe3c and you want the private key for the first address in the wallet:


If you need to convert between hex encoded private keys and WIF ones just use encode_privkey. So again:


You can then import that into whatever wallet you like.

Because I edited my post with an exe file I would like people to build and verify to vouch for it.

I would publish the hash signed by my pgp key, but I am not sure whether py2exe will create a deterministically identical exe...

If anyone knows a lot about py2exe I would appreciate advice on a way to guarantee the same hash.

EDIT:

To others that will vouch for my executable:
https://github.com/dabura667/help_arorts
Here's the source.

I will upload an exe file to make things easier.
https://github.com/dabura667/help_arorts/releases/download/0.1/arms.exe

Although, if you take this exe and just run it on an offline computer you can keep your armory wallet safe.
but either way there's the source and instructions on how to recreate the build.

(To anyone who checks my source: fyi including the ripemd160 library in there was a workaround for the website I linked below. They didn't support ripemd160 hashing for some reason.)

^^^^^^^^^^^^^^^^^^^^^^^^

There are two ways you can go about this:

1. You can do this all online. But this will cause you do type your backup phrase on an online computer. As you must go to a website that can not be downloaded locally.

Go to http://www.compileonline.com/execute_python_online.php

In the left hand side of the window (Where it says "print "Hello World"" etc.) delete all the stuff written there, then paste in the code at the following site.

http://0bin.net/paste/+JXKiGgA1dJdBLaI#yXV7WhIlhpCpIcGieW0ibIThcYczSF7u-UxUF8dYC5P
(There's a button at the top of the page to "Copy whole text to Clipboard". It will make it easier)

Once you pasted into the left side of the first site... scroll down to the bottom of the code. You will see lots of green # symbols and an explanation.


Follow the instructions and replace the backup phrase that is in there with your backup Armory phrase (should be 9 words x 2 lines) and separate the two lines with <>

Then go into Electrum. The one that you accidentally made the watch-only wallet with your bitcoins.

Click "Wallet" > "Master Public Key" and copy the long number there. paste it in the second area in place of the '5a09...0c87' stuff (remember to keep the ' ' around it tho.)

Once you've entered these two things. Click the "Execute Script" button on the upper left corner.


2. If you don't want to do this online. You must have an offline computer with python 2.7 or later installed.

Copy the text from http://0bin.net/paste/+JXKiGgA1dJdBLaI#yXV7WhIlhpCpIcGieW0ibIThcYczSF7u-UxUF8dYC5P

Paste it into a new text file, Change the two items near the bottom like in option 1, save the text file as "All Files" type and in the filename box, call it "arms.py" (remember to put in the .py )

Open the terminal or Python console to the folder in which you have arms.py saved.

Run arms.py


---------------------

If you do either of these, and you actually used the Armory MPK correctly in Electrum (stripping the 04 at the beginning and removing the chain code if any) then you should see the 5 receiving and 3 change addresses that are in your electrum watch-only wallet, along with their respective WIF private keys.

Find the address that you accidentally sent to and copy down its WIF private key.

Then you can import that to whatever client you wish to restore your bitcoins.


Possible errors:

1. If it says "Your MPK doesn't match..." and doesn't show you any addresses... sorry... your bitcoins are gone.

2. If it says "Checksum error" then you mis-typed in your Armory backup phrase.

3. If it says anything else, or the addresses don't match what you accidentally sent to, then let me know.

I believe I can help you. What operating system are you using? Are you comfortable using the command line?