This guide will be about extracting Bitcoin private keys from Bitcoin Android encrypted wallet backup file, commonly known as "schildbach wallet" or "protobuf wallet".
Before beginning, let me bust out some myth. No, you don't need to use Linux. In fact, the whole process is done in Windows 10.
The reason I wrote this because:
Instead of generating a seed, I'll show you how to extract the actual private keys itself in WIF, not some seed that needs to be derived.
WIF is portable across every wallet program, because it is the actual private keys itself you use to spend Bitcoins.
I will be using Chocolatey so I don't need to mess with PATH. If you don't, I assume you're comfortable with command-line interface and willing to build OpenSSH from sources or put your trust into OpenSSH binaries for Windows that other has built.
1. Remove spending PIN (if set), and export your Bitcoin Android walletOpen the Bitcoin Android app > Overflow button (three dots) > Safety > Remove spending PIN
then Back up wallet
Supply a password. It will be used on step 4.
2. Copy over your Bitcoin Wallet encrypted wallet backup file to your computer. Use USB cable, or whatever method you are comfortable with (adb pull, Bluetooth, Nearby Share, Pushbullet, etc.)3. Install required dependencies: Gradle, OpenSSH, and Git.choco install gradle openssh git
4. Decrypt the walletopenssl enc -d -aes-256-cbc -a -md md5 -in -out
A prompt will appear "enter aes-256-cbc decryption password:"
Type in your password that you have set in step 1.
The warning below is normal. The file would be successfully decrypted regardless.
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
Be warned. Your wallet is now decrypted. Anyone who gains possession of this file would be able to spend your Bitcoins.
5. Clone the BitcoinJ repositorygit clone https://github.com/bitcoinj/bitcoinj.git
6. Navigate to wallet-tools directory7. Run wallet-tools to dump the private keys out of the walletgradle run --args="dump decrypt --dump-privkeys --wallet="""
You can dump it to a text file instead to the text output (stdout) instead:
gradle run --args="dump decrypt --dump-privkeys --wallet=""" > private-keys.txt
8. Inspect the private keys dumpThe dump would be separated into several sections for each output script type. My wallet is made by Bitcoin Android Version 8.08, so there's two types of address I have, namely P2PKH (legacy) and P2WPKH (SegWit Bech32). Find "Ouput script type:" (yes, it's an typo, and yes, that's the actual output of bitcoinj's wallet-tool. someone raise an issue pls.)
Each wallet would hold multiple private keys. The actual private keys itself are after the words "priv WIF=". You can use the Find function (Ctrl+F) to find all the keys.
Don't forget to securely wipe your unencrypted wallet file and the dumped private keys, should you dump it into a file. Use any secure erase utility you prefer, but if you don't have any, EraserDrop is a small utility that would do so, and has a PortableApp package.
To wipe file and folders using EraserDrop, select them, drag and drop into the EraserDrop's icon on your screen. Don't forget to close Command Prompt and Notepad before wiping the files, else the file would be locked and EraserDrop won't be able to securely wipe it.
To quit EraserDrop, right click on the EraserDrop's icon on your screen or in your taskbar tray's, then select Exit.
BONUS: How to sweep private keys to Electrum.Prefix the P2PKH (legacy, address starts with 1) WIF private keys with "p2pkh:", so "p2pkh:yourwifprivatekey"
Prefix the P2WPKH-in-P2SH (SegWit, address starts with 3) WIF private keys with "p2wpkh-p2sh:", so "p2wpkh-p2sh:"
Prefix the P2WPKH (SegWit Bech32, address starts with bc1) private keys with "p2wpkh:", so "p2wpkh:yourwifprivatekey"
On Electrum, CREATE a new wallet. DO NO USE THE IMPORT FUNCTION, because else you can't backup your wallet into Electrum's seed format, nor use Lightning Network.
Then go to Wallet > Private keys > Sweep and paste
EVERY of your private keys (your wallet will have multiple private keys, don't miss any of them)
ONE private key
EVERY LINE.