Pages:
Author

Topic: I REGAINED access to Bitcoins in my made-up brainwallet! - page 2. (Read 631 times)

hero member
Activity: 560
Merit: 1060
Quote
I don't think anyone actually uses BIP38 anymore outside the collectibles community.
I think you're wrong, but can't prove it Wink

I could help proving this statement  Tongue
Now, seriously, were you doing an experiment (for fun) ?
Personally, if I used something like that, I would definitely keep the phrases in paper backups, without ever mentioning or stating they had anything to do with Bitcoin.

Simple brainwallets (by human standards) are in many cases fundamentally flawed which has been proven. You simply can't use anything that's online available as source for a simple brainwallet (simple in terms of taking only the SHA-256 of the source phrase as private key).

Or use my tool https://bitcointalksearch.org/topic/brain21-a-simple-brain-wallet-generator-in-bash-5488789 (Only kidding of course!)
member
Activity: 378
Merit: 93
Enable v2transport=1 and mempoolfullrbf=1
I was throwing away some old empty seeds I had written down and saw the 12 words from my first hardware wallet. I had memorized these before, but I switched devices ~5 years ago. Out of those 12 words I memorized, I only remembered 1 now.

Strength of passwords and number of unique passwords seems like a bottleneck that humans are running into. Machines are becoming more powerful at guessing passwords, so humans are required to remember longer and more complex phrases. To access my Bitcoin wallet on my node running on my laptop, I'm burdened with 4 layers of passwords - disk decryption, user login, node login, wallet login.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Out of curiosity: the subtraction of 1 from the intermediate 6P private key (I assume after conversion from WIF to hex format, otherwise the WIF's checksum would break) is an intentional obfuscation step?
I'm not subtracting "-1", I'm adding it (see this example) as a nonce. I could use "-2" to get the next address. In a way, they're like hardened private keys: if one leaks, it's not possible to find the next one.

Quote
Simple brainwallets (by human standards) are in many cases fundamentally flawed which has been proven. You simply can't use anything that's online available as source for a simple brainwallet (simple in terms of taking only the SHA-256 of the source phrase as private key).
Have a look at WarpWallet.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
Out of curiosity: the subtraction of 1 from the intermediate 6P private key (I assume after conversion from WIF to hex format, otherwise the WIF's checksum would break) is an intentional obfuscation step?

Your recipe is already a bit complex. But why this subtraction step? Didn't you trust your initial passphrase1 and encryption passphrase2 enough?

Simple brainwallets (by human standards) are in many cases fundamentally flawed which has been proven. You simply can't use anything that's online available as source for a simple brainwallet (simple in terms of taking only the SHA-256 of the source phrase as private key).
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
BIP38 with segwit addresses would be non-standard, because it only mentions encoding the address into compressed or uncompressed base58.
I could create a Segwit address from the resulting private key.

Quote
I don't think anyone actually uses BIP38 anymore outside the collectibles community.
I think you're wrong, but can't prove it Wink

Quote
There are better ways to encrypt large amounts of private keys especially the ones that are derived from HD keys.
Do tell: how? What standard encryption is heavy enough to keep $1000 secure for 2 years with password zLwMiR, even after giving hints? I'd like to use something better, but I haven't seen anything that follows a standard.
For the record: this exercise wasn't only about encryption, it was about remembering everything from scratch.

Quote
PS: Your algorithm for deriving a brainwallet is quite hard to remember Tongue
That's why I wrote it down Wink
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
By now, a Segwit version would be better.

BIP38 with segwit addresses would be non-standard, because it only mentions encoding the address into compressed or uncompressed base58.

I don't think anyone actually uses BIP38 anymore outside the collectibles community. There are better ways to encrypt large amounts of private keys especially the ones that are derived from HD keys.

PS: Your algorithm for deriving a brainwallet is quite hard to remember Tongue
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I don't get this part:

Quote
1. Passphrase > brainwallet > uncompressed privkey
This is a better description:
Code:
1. Passphrase for brainwallet + passphrase2 for BIP38 (on air-gapped bitaddress.org) > compressed key (starting with 6P)
2. Take this 6P encrypted key, add -1 at the end, and use this as passphrase to create a brainwallet. Fund the compressed addy

Quote
If you didn't initially know the address then when you use the private key to generate its base58 address, you could've checked it for a balance on a block explorer, without the other steps.
I didn't know the address nor privkey. Now I know both again.



As an example (I did this online because it's only for testing):
  • Go to bitaddress.org
  • Click Wallet Details
  • In privkey field, enter "longpassphrasetoremember"
  • Tick "BIP38 Encrypt"
  • Enter "extrapassphrase" and click Encrypt BIP38
  • Click OK to use it as brainwallet
  • The resulting encrypted privkey is 6PRKrgToVFyMzHL3qYa9Pq7e1ZugAiaYGYUxK2ccVaUoSeK9PYnqFti5Br
  • Now create a new brainwallet out of "6PRKrgToVFyMzHL3qYa9Pq7e1ZugAiaYGYUxK2ccVaUoSeK9PYnqFti5Br-1", and use compressed addy 14ut6qNTdRaexXRtMjYQc7bkStr2FLNfhk 1BsQ1rYAi2nNpnqpCLyQS4fkV4dEf3jegB to store funds (don't use this one, obviously)
  • Before funding anything, see if you can reproduce your address from scratch
This is what I did. By now, a Segwit version would be better.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
I don't get this part:

Quote
1. Passphrase > brainwallet > uncompressed privkey

If you didn't initially know the address then when you use the private key to generate its base58 address, you could've checked it for a balance on a block explorer, without the other steps.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
Guess what: I figured it out! It turns out my mind had added a character to my passphrase, that shouldn't be there. Without it, I can recover the address.
To me, this proves (and/or confirms) 2 things:
1. My "it's all in my head" storage system works.
2. My "it's all in my head" storage system is far too risky.

The funny part is: I took notes of the method I used, because I wasn't sure I'd remember all the details (even though, as a relative Bitcoin Newbie back then, I didn't realize the first 2 steps could have been done in one step). What surprised me, is that I doubted the method I wrote down, and not the passphrase I memorized:
I do remember the passphrases used. I won't say I'm 100% certain, so let's say I'm 99% certain those are correct. That makes it likely there's something in my method that I can't reproduce.
It was the other way around. It's funny how my mind tricks me into trusting .... my mind Grin

Lessons learned
Don't do brainwallets Tongue Even though I'll keep this one for now, it's still not recommended. And if you do insist (which you should only do if you know for sure it's difficult enough to withstand brute-force attacks): keep a backup. Or just don't do it. But if you do, and if you can't restore it in the future: please open a topic about it Tongue

which address I put in my email then, in 2015, when I received my 10k sats?
That's not much to go on. It gives 71,371 possible transactions.
copper member
Activity: 821
Merit: 1992
Quote
Years ago, I sent some Bitcoin to an address without any physical backup, to see if I could find it back years later. Now, I can't find them back. Lol.
Yes, it is quite common. Having at least a single physical backup is very important. If someone want to dig into the chain, then I have a similar puzzle, good luck finding it:

1. The amount was exactly 10k satoshis.
2. It was sent from this site as a giveaway, for writing an email: https://web.archive.org/web/20150106042627/http://99bitcoins.com:80/get-your-first-bitcoin/
3. I put that into this scammy wallet, probably in 2015: https://bitcointalksearch.org/topic/easycoin-easycoinsayj7p5lonion-scam-943146

I guess this was the first time, when I saw some on-chain transaction, filled with the data I wanted to use. Of course, those coins are now gone, and that website is no longer reachable (also because Tor moved into new address types). Probably those coins were moved long time ago, but no matter how hard I tried, it is impossible for me, to find them. Also, the mailbox, which I used, was removed in 2016, so it is long gone.

Quote
I'm guessing the most plausible things you can remember here would be the amount and a more accurate time of transaction, this ca narrow down the search a lot further.
I don't think so. If I am wrong, then tell me: which address I put in my email then, in 2015, when I received my 10k sats?

Quote
But puzzles that I can't solve are frustrating, until someone else solves them.
There are many unsolved puzzles, related to brainwallets, for example bc1qt2mdkehmphggajer3ur3g8l754scj4fdrmw3rn now contains 0.01 BTC. I guess it is related into writing "pi" value somehow, but the most obvious things, like writing "3.14" in ECDSA, does not lead to the right key (and addresses like 17mKugcBDEJbu391Fq41AdwLeGHwJLPRDf were cleared long time ago).
hero member
Activity: 714
Merit: 1298

Questions
Why did I do step 1 and 2? That could have been done in one step, unless I'm missing something now.


Certainly you could do it in one single step. Probably you didn't notice BIP-38 encryption option at first, thus , applied it afterwards


Questions

Does BIP38 encryption always produce the same encrypted key,

Yes,  providing it is properly coded.


Questions

 could the same privkey and passphrase produce a different encrypted string if I use different software?


Yes, providing the different software is    intentionally designed to produce a different encrypted string (the aim being to steal your fund) , known to person, who is behind this software,
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I'm guessing the most plausible things you can remember here would be the amount and a more accurate time of transaction, this ca narrow down the search a lot further.
I think it must have been 2018, but I could be off. I can't narrow it down more accurately. I know the input amounts, the sum of that minus the transaction fee is on the address I'm looking for. Unless it was dusted later, in that case the balance can be a bit higher.

I don't remember the address.
I remember the amount on 2 addresses used to fund it.
Can you work it another way? Did you send them from a wallet you control?
Nope.

I have been trying the second website which is now a scam website. I tried it just to know how the encryption is but if you try anything with passphrase on the site, it will keep on loading and not give you any result. I just want to test it, not use it.
I have an old version, from before the site got sold. You may still be able to find it on Github.

I'm currently new to these though but can you retry same process over and over again on empty wallets ??
Yes. Actually, all I get is empty wallets.



I should have just posted a BIP38 encrypted key on Bitcointalk as a backup Tongue



I like "treasure hunts". I like Bitcoin puzzles. I even like Fork recoveries. It always feels like a challenge to find money. I like it. But puzzles that I can't solve are frustrating, until someone else solves them. In this case, that won't happen, which is why this will be "tormenting" me forever until I find it Cheesy
sr. member
Activity: 476
Merit: 299
Learning never stops!
~

I'm currently new to these though but can you retry same process over and over again on empty wallets ??
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
Does BIP38 encryption always produce the same encrypted key, or could the same privkey and passphrase produce a different encrypted string if I use different software? I probably used bitaddress.org or the other (now scamming) paper wallet site from back in those days.
The annoying part: to try anything, takes me several manual actions on an air-gapped system. I can't quickly test a lot of options.

I have been trying the second website which is now a scam website. I tried it just to know how the encryption is but if you try anything with passphrase on the site, it will keep on loading and not give you any result. I just want to test it, not use it.

If it is on bitaddress, it will always give you the same encryption if you use the same passphrase to encrypt the private key.

I think BIP38 is a standardized encryption and it supposed to be the same result irrespective of the website used, but some wallets paper wallet generator can go another way.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
I don't remember the address.
I remember the amount on 2 addresses used to fund it.

Can you work it another way? Did you send them from a wallet you control? If so can you narrow down the info from there?

The annoying part: to try anything, takes me several manual actions on an air-gapped system. I can't quickly test a lot of options.

And

I wasn't dumb enough to use a large amount, but I'd still like to find it back. I won't lose sleep over the amount...

If it's an amount you don't mind loosing then stop worrying about using an air gapped system that is taking you more time and effort. You are more likely to make a mistake and miss the fact they yes you did find the addresses & keys.


Other then to see if you could was there another reason for this? Perhaps something else that may help you remember.
i.e. I was annoyed at DaveF when I did this so I vanitygenned 1FuckDave as one of the addresses?

-Dave


legendary
Activity: 2254
Merit: 2406
Playgram - The Telegram Casino
I don't remember the address.
I remember the amount on 2 addresses used to fund it.
I don't remember the transaction fee.
I don't remember the year I did all this. I guess it was somewhere between 2017 and 2020.
I'm guessing the most plausible things you can remember here would be the amount and a more accurate time of transaction, this ca narrow down the search a lot further. You can try linking the action to at other event you did before or after at the time, so for example if you were taking an exam when you did this or attended a wedding. With the address you can use any available tool that works now to check that with the passphrase to know if it's valid.

If you do get the amount and it's less insignificant, it will make the 'I told you sos' more fun'.

Also do you think at that time you would have left some clues for you now to find it?
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
TL;DR
Years ago, I sent some Bitcoin to an address without any physical backup, to see if I could find it back years later. Now, I can't find them back. Lol.

Long version
I combined a brainwallet with BIP38 encryption to make it very hard to crack. A bit like this proposal, but my own version. I kept notes of what I did:
Code:
1. Passphrase > brainwallet > uncompressed privkey
2. BIP38 compress this key with passphrase2
3. Take this 6P encrypted key, add -1, use this as brainwallet and fund the compressed addy
I don't remember the address.
I remember the amount on 2 addresses used to fund it.
I don't remember the transaction fee.
I don't remember the year I did all this. I guess it was somewhere between 2017 and 2020.
I'm pretty sure all addresses involved were legacy.
Blockchair's transaction search gives thousands of potential transactions. I can narrow it down to less than a thousand by making some assumptions. I can't select all search options I'd need for a lower number of transactions.
I do remember the passphrases used. I won't say I'm 100% certain, so let's say I'm 99% certain those are correct. That makes it likely there's something in my method that I can't reproduce.
I am 100% certain nobody brute-forced my private key. The passphrase was too long for heavy BIP38 encryption, and the setup was too complicated (so automated searches (which are used to attack all regular brainwallets at once) can't be used.

Questions
Why did I do step 1 and 2? That could have been done in one step, unless I'm missing something now.
Does BIP38 encryption always produce the same encrypted key, or could the same privkey and passphrase produce a different encrypted string if I use different software? I probably used bitaddress.org or the other (now scamming) paper wallet site from back in those days.
The annoying part: to try anything, takes me several manual actions on an air-gapped system. I can't quickly test a lot of options.

How much?
I wasn't dumb enough to use a large amount, but I'd still like to find it back. I won't lose sleep over the amount, but I already know if I can't recover it, it's going to torment me for years. I rarely lose data, and I don't like it.

No spam
Self-moderated to prevent spam. Discussion is of course allowed. I already know I was stupid, but feel free to rub it in Tongue Telling me "I told you so" is allowed too Tongue
Pages:
Jump to: