Author

Topic: How to "test" a private key? (Read 13905 times)

hero member
Activity: 1106
Merit: 521
November 20, 2016, 01:03:32 PM
#27
If your using bitaddress then you will be fine, but be careful if you are messing about with it yourself. Shocked
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
November 20, 2016, 11:52:48 AM
#26
But as you sure I will be able to spend the funds even though the privkey prints the public key? I am concerned about the bug listed here
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

1. You are using Bitcoin Core, not Multi-Bit
2. That bug is for a particular address, you won't ever get that address from using Bitcoin Core
3. When you see the public key and address, it should work. It will work.

What about if I use Bitaddress to generate the keys offline. Does it have that bug fixed?

If you are so interested in that particular bug you can read about it here: https://github.com/keepkey/multibit/issues/661 and https://multibit.org/blog/2015/02/02/wallet-forensics.html and it seems to me that the problem was with the user not the wallet and because he had imported private keys and messed up things in his wallet.

You are talking about generating a private key with bitaddress not a wallet with multibit
legendary
Activity: 3808
Merit: 1723
November 20, 2016, 02:01:58 AM
#25
But as you sure I will be able to spend the funds even though the privkey prints the public key? I am concerned about the bug listed here
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

1. You are using Bitcoin Core, not Multi-Bit
2. That bug is for a particular address, you won't ever get that address from using Bitcoin Core
3. When you see the public key and address, it should work. It will work.

What about if I use Bitaddress to generate the keys offline. Does it have that bug fixed?
legendary
Activity: 1042
Merit: 2805
Bitcoin and C♯ Enthusiast
November 20, 2016, 12:44:34 AM
#24

So is there any tutorial or examples can that show how to decode/encode the base 58 private keys. I am still confused.

https://bitcoin.org/en/developer-reference#address-conversion
https://en.bitcoin.it/wiki/Base58Check_encoding

Also I think the following can be helpful to look at:

http://chimera.labs.oreilly.com/books/1234000001802/ch04.html#base58
staff
Activity: 3458
Merit: 6793
Just writing some code
November 19, 2016, 10:20:57 PM
#23
When I put in

AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D1501

I get an error:

Cannot Decode! Invalid Base58 Character(s)!
That's because it isn't a base 58 check encoded private key (what you normally think of as a private key). That is the hex of the actual private key, just a really big number.

So is there any tutorial or examples can that show how to decode/encode the base 58 private keys. I am still confused.
You already have decoded the base58 check encoded private key. As I already said, you have the key in its hex format. You can convert that to decimal if you really want to. You have the key in hex so you can check whether it is greater than 0x01 and less than the large hex number I posted earlier.
legendary
Activity: 3808
Merit: 1723
November 19, 2016, 08:41:55 PM
#22
When I put in

AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D1501

I get an error:

Cannot Decode! Invalid Base58 Character(s)!
That's because it isn't a base 58 check encoded private key (what you normally think of as a private key). That is the hex of the actual private key, just a really big number.

So is there any tutorial or examples can that show how to decode/encode the base 58 private keys. I am still confused.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 19, 2016, 07:35:09 PM
#21
But as you sure I will be able to spend the funds even though the privkey prints the public key? I am concerned about the bug listed here
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

1. You are using Bitcoin Core, not Multi-Bit
2. That bug is for a particular address, you won't ever get that address from using Bitcoin Core
3. When you see the public key and address, it should work. It will work.
staff
Activity: 3458
Merit: 6793
Just writing some code
November 19, 2016, 07:11:49 PM
#20
When I put in

AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D1501

I get an error:

Cannot Decode! Invalid Base58 Character(s)!
That's because it isn't a base 58 check encoded private key (what you normally think of as a private key). That is the hex of the actual private key, just a really big number.
legendary
Activity: 3808
Merit: 1723
November 19, 2016, 06:37:03 PM
#19
So using
http://lenschulwitz.com/base58

Say my private key is:
L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP

Decoding results in:
80AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D150146441A8A

So as long as it doesn't start with a 0 it should be good?
Close. First you drop the first byte (0x80) and the last 4 (0x46441A8A). What remains is the actual private key. So long as that is not all zeros or that it does not begin with a bunch of F's, it should be good.

When I put in

AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D1501

I get an error:

Cannot Decode! Invalid Base58 Character(s)!



Say my private key is:
L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP

1. Launch Bitcoin Core (can be offline)
2. Open console
3. type importprivkey L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP
4. See if you get a new address in the wallet
5. Securely erase / restart tails / revert VM / toss a grenade / shoot computer / burn in thermite


My post from 3 years ago has not changed.

But as you sure I will be able to spend the funds even though the privkey prints the public key? I am concerned about the bug listed here
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

Besides all suggestions above I would do like this
1) Download brain wallet (a copy is here http://wallet-2sx53n.sakurity.com/ , or in github)
2) (Offline) Sign a message, if it works then it's ok.


Is there a difference of that brain wallet sign/verify function compared to the one found in the bitcoin core ?
legendary
Activity: 1204
Merit: 1000
November 19, 2016, 01:08:48 PM
#18
Besides all suggestions above I would do like this
1) Download brain wallet (a copy is here http://wallet-2sx53n.sakurity.com/ , or in github)
2) (Offline) Sign a message, if it works then it's ok.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 19, 2016, 01:01:05 PM
#17
Say my private key is:
L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP

1. Launch Bitcoin Core (can be offline)
2. Open console
3. type importprivkey L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP
4. See if you get a new address in the wallet
5. Securely erase / restart tails / revert VM / toss a grenade / shoot computer / burn in thermite


My post from 3 years ago has not changed.
staff
Activity: 3458
Merit: 6793
Just writing some code
November 19, 2016, 10:07:26 AM
#16
So using
http://lenschulwitz.com/base58

Say my private key is:
L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP

Decoding results in:
80AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D150146441A8A

So as long as it doesn't start with a 0 it should be good?
Close. First you drop the first byte (0x80) and the last 4 (0x46441A8A). What remains is the actual private key. So long as that is not all zeros or that it does not begin with a bunch of F's, it should be good.
legendary
Activity: 3808
Merit: 1723
November 19, 2016, 02:36:24 AM
#15
Sorry to re-bump this old thread. But I am a little paranoid whether I will be able to actually spend the Bitcoin wallet that I created offline.

I know you can use bitaddress.org AND the importprivkey with bitcoind and you can easily check if the PRIVATE key matches the PUBLIC key.

However I am concerned with this situation
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

Basically he created an offline wallet but due to some bug he cant ever spent that bitcoin due to some exponent bug.

I heard that the best way to see if you can actually spend the BTC is to SIGN and VERIFY a message offline. However I can't find an website which does this at the moment.
There are a few ways to check the validity of the key.

First, you can decode the base58 check encoding to get the raw hex of the private key. Then just check that that number is between 1 and 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 inclusive. Obviously if you happen to get a key that is either of those two numbers, you should generate a new key.

You can also install electrum or Bitcoin Core on the machine itself and sign and verify a message to ensure that the key works.

So using
http://lenschulwitz.com/base58

Say my private key is:
L2vDMT2mY9AiNYZgnfK8tBoCh55XWS76h8bdM2Y3wGfnf4R2EamP

Decoding results in:
80AA05F15D112414670BAD47FCCC52AD6486D5CB33BEA4463E8DFF0C5B1C1F4D150146441A8A

So as long as it doesn't start with a 0 it should be good?





staff
Activity: 3458
Merit: 6793
Just writing some code
November 19, 2016, 01:32:04 AM
#14
Sorry to re-bump this old thread. But I am a little paranoid whether I will be able to actually spend the Bitcoin wallet that I created offline.

I know you can use bitaddress.org AND the importprivkey with bitcoind and you can easily check if the PRIVATE key matches the PUBLIC key.

However I am concerned with this situation
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

Basically he created an offline wallet but due to some bug he cant ever spent that bitcoin due to some exponent bug.

I heard that the best way to see if you can actually spend the BTC is to SIGN and VERIFY a message offline. However I can't find an website which does this at the moment.
There are a few ways to check the validity of the key.

First, you can decode the base58 check encoding to get the raw hex of the private key. Then just check that that number is between 1 and 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 inclusive. Obviously if you happen to get a key that is either of those two numbers, you should generate a new key.

You can also install electrum or Bitcoin Core on the machine itself and sign and verify a message to ensure that the key works.
legendary
Activity: 3808
Merit: 1723
November 19, 2016, 01:09:39 AM
#13
Sorry to re-bump this old thread. But I am a little paranoid whether I will be able to actually spend the Bitcoin wallet that I created offline.

I know you can use bitaddress.org AND the importprivkey with bitcoind and you can easily check if the PRIVATE key matches the PUBLIC key.

However I am concerned with this situation
http://www.reddit.com/r/Bitcoin/comments/2t3vn0/i_cant_send_my_btc_a_triangle_apear_i_use_multibit/

Basically he created an offline wallet but due to some bug he cant ever spent that bitcoin due to some exponent bug.

I heard that the best way to see if you can actually spend the BTC is to SIGN and VERIFY a message offline. However I can't find an website which does this at the moment.
tyz
legendary
Activity: 3360
Merit: 1533
December 27, 2015, 02:56:14 PM
#12
Thanks, this was exactly what i was looking for. Very easy to use. Did not know that Valerin Buterin has released a set of Bitcoin tools based on Python.

Sorry, to reactivate this two years old thread but I have got a similar question. I created paper wallets using offline Bitaddress.org.
Now, I want to verify that the generated private keys fit to the public keys. Just to get sure that the algorithm of the downloaded source of Bitaddress.org is not damaged in any way. Is there a little Python or C++ comand tool to verify the keys offline?
You could try pybitcointools: https://github.com/vbuterin/pybitcointools
staff
Activity: 3458
Merit: 6793
Just writing some code
December 25, 2015, 02:33:31 PM
#11
Sorry, to reactivate this two years old thread but I have got a similar question. I created paper wallets using offline Bitaddress.org.
Now, I want to verify that the generated private keys fit to the public keys. Just to get sure that the algorithm of the downloaded source of Bitaddress.org is not damaged in any way. Is there a little Python or C++ comand tool to verify the keys offline?
You could try pybitcointools: https://github.com/vbuterin/pybitcointools
tyz
legendary
Activity: 3360
Merit: 1533
December 25, 2015, 10:13:10 AM
#10
Sorry, to reactivate this two years old thread but I have got a similar question. I created paper wallets using offline Bitaddress.org.
Now, I want to verify that the generated private keys fit to the public keys. Just to get sure that the algorithm of the downloaded source of Bitaddress.org is not damaged in any way. Is there a little Python or C++ comand tool to verify the keys offline?
501
newbie
Activity: 28
Merit: 0
November 20, 2013, 11:48:59 PM
#9
For bitaddress.org I use the compressed version. For the brain wallet, I input the passphrase, then I get the resulting uncompressed private key, I put that in the wallet details tab, and use the compressed version of the address and private key.

That has not failed me.

Thanks. I haven't tried a brain wallet yet, just normal paper wallets where I encoded the keys before printing them. So just went ahead and booted an offline machine again, decoded the keys myself and then entered them into bitaddress to make sure the address it gave me matched, and it did, so I'm assuming everything is good.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 20, 2013, 08:33:23 PM
#8
Yes, doing an actual test import on a brand new wallet on an offline computer using bitcoin-qt that you securely delete later should allow you to check that you can do it in the future.

For the most part, all my vanitygen generated compressed keys work; you can use any prefix or just 1 to make a lot of them and pick one. If you make wallets using dice or true random numbers, bitaddress.org also works.

For bitaddress.org I use the compressed version. For the brain wallet, I input the passphrase, then I get the resulting uncompressed private key, I put that in the wallet details tab, and use the compressed version of the address and private key.

That has not failed me.
501
newbie
Activity: 28
Merit: 0
November 20, 2013, 11:47:02 AM
#7
What you should be doing is testing the methodology used to create multiple keys, not testing a particular key.

Spending money sent to an offline address removes the associated security

I know, I don't want to actually spend any of the money associated with the paper wallet. I just want to check that I encoded and printed the private key correctly, so that in the future when I want to spend the money I don't discover that I made a mistake and the money is lost.

I think Patel and Dabs' solutions will both work, I'm going to test them today.
legendary
Activity: 1512
Merit: 1036
November 20, 2013, 04:34:01 AM
#6
What you should be doing is testing the methodology used to create multiple keys, not testing a particular key.

Spending money sent to an offline address removes the associated security:
  • The private key must be put on an online computer system in order to spend the money, where it may be compromised, and,
  • Spending from an address reveals it's public key, which may reduce cryptography robustness.

Generate multiple paper wallets at the same time using the same method. Spend a test amount of bitcoins sent to one wallet (and discard it), ensuring that your creation and spending method is not flawed.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
November 19, 2013, 11:52:35 PM
#5
Use bitcoin-qt.
Use offline computer.
Run bitcoin-qt.
Use importprivkey with the unencrypted private key.
Check the address if it's there.
Securely erase or wipe wallet.dat of offline computer.
501
newbie
Activity: 28
Merit: 0
November 19, 2013, 11:35:21 PM
#4
Download bitaddress.org save html file, go on offline computer, go to wallet details tab, enter private key, see if address matches what you have

Thanks, that sounds like it will work.

@daoneway I meant testing the private key. I know the public address is correct because I didn't encode that.
legendary
Activity: 1321
Merit: 1007
November 19, 2013, 07:04:06 PM
#3
Download bitaddress.org save html file, go on offline computer, go to wallet details tab, enter private key, see if address matches what you have
full member
Activity: 149
Merit: 100
November 19, 2013, 07:03:04 PM
#2
send small amount of btc?
501
newbie
Activity: 28
Merit: 0
November 19, 2013, 06:58:35 PM
#1
I am currently keeping 90% of my BTC in cold storage on paper wallets. Now I want to start generating my paper wallets with encrypted private keys (just using a cipher of my choice to encode the key before printing it out). However, I'm a little nervous that I'll make a mistake when encoding it, and then the funds I send there will be lost.

I was wondering if there would be a way to test the private key to see if I've actually written it down correctly, but without connecting to the network while doing this (because I want these wallets to remain pure cold storage). Just for my own peace of mind.

Is there any way to do this?
Jump to: