Private Key lost one character - page 3.

j55rrt

newbie

Activity: 16

Merit: 1

i stored the altcoin in bitcoin address and it was generated from bitaddress, subsequently import the address in omniwallet to view/transfer the coins.

1. 50 characters private key on hand under WIF format, start with "5".
2. I cann't import my private key into omniwallet, now i recall i used to be imported before...but not sure i copy it from clipboard or on my paper written paper.
3. subsequently i found bitaddress private key was generated with 51 characters, and i suspect my 50 characters written on paper was incorrect, and it should be 51 char instead...

Thank you for all dudes in assist to provide the script to find the missing char, but no smiling from lucky lady Huh

j55rrt

newbie

Activity: 16

Merit: 1

Quote from: Rune on June 12, 2016, 01:06:28 PM

This is a pretty common problem when recording such a long key.
Always best to test the recorded key before sending bitcoins to it.

I am curious as to how much bitcoins are stuck there for now?

>10 btc

Rune

legendary

Activity: 1229

Merit: 1001

This is a pretty common problem when recording such a long key.
Always best to test the recorded key before sending bitcoins to it.

I am curious as to how much bitcoins are stuck there for now?

j55rrt

newbie

Activity: 16

Merit: 1

Quote from: kn_b_y on April 27, 2016, 09:09:54 PM

Here's a script in python which uses deepceleron's idea of using the checksum to filter out bad candidates.

It does depend on python-bitcoinlib.
https://github.com/petertodd/python-bitcoinlib

Code:

import bitcoin.base58
from bitcoin.core import b2x, x
from bitcoin.wallet import CBitcoinSecret, P2PKHBitcoinAddress
from bitcoin.core import Hash

def insert_char(string, char, i):
    return string[:i+1]+char+string[i+1:]

def verify_wif_checksum(wif):
    byte_string = b2x(bitcoin.base58.decode(wif))
    private = byte_string[:-8]
    checksum = byte_string[-8:]
    return checksum == b2x(Hash(x(private)))[:8]

def candidate_wifs(corrupted_wif):
    candidates = []
    for i in range(len(corrupted_wif)):
        for char in bitcoin.base58.B58_DIGITS:
            candidate_wif = insert_char(corrupted_wif, char, i)
            if verify_wif_checksum(candidate_wif):   
                candidates.append(candidate_wif)
    return candidates


# Provide a WIF private key with a single missing character.
corrupted_wif = '5HueCGU8rMjxEXxiPuD5BDku4kFqeZyd4dZ1jvhTVqvbTLvyTJ'
#   Should be:  '5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ'

for candidate_wif in candidate_wifs(corrupted_wif):
    print(candidate_wif)

It should hopefully output any candidate private keys.

For example:
5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ

Hi, the script run perfectly as i did some test. Many thanks! Wink

However, it show no result when i insert my 50 characters private key. I'm completely out of clue now.... Huh

mocacinno

legendary

Activity: 3514

Merit: 5123

https://merel.mobi => buy facemasks with BTC/LTC

Quote from: immangrace on April 30, 2016, 12:49:27 PM

The possibilities to find the missing character seems simple. It is very hard to find it correct. If you're not sure the place of the character in your private key, it may be impossible to generate the correct address.

If you read the code kn_b_y has produced, you'll see that it's not only possible, but even not that hard to do... If you're not familiar with python, i already gave a basic start on how to solve the problem with perl (altough kn_b_y's version is a lot better, it only produces valid private keys)

immangrace

full member

Activity: 196

Merit: 100

The possibilities to find the missing character seems simple. It is very hard to find it correct. If you're not sure the place of the character in your private key, it may be impossible to generate the correct address.

kn_b_y

newbie

Activity: 26

Merit: 3

Quote from: mocacinno on April 28, 2016, 02:07:21 AM

Seems like kn_b_y solved your problem Grin

@kn_b_y: nice work man, just a little tip: try to avoid posting real private keys... The address you generated was empty (luckily), but still used, so if it's part of a wallet of yours, it might be a good idear to "freeze" it, so you don't accidently receive any coins in it...

Though I noticed the generated address was incorrect - a potential hazzard!

So I've edited the post.

kn_b_y

newbie

Activity: 26

Merit: 3

Quote from: mocacinno on April 28, 2016, 02:07:21 AM

Seems like kn_b_y solved your problem Grin

@kn_b_y: nice work man, just a little tip: try to avoid posting real private keys... The address you generated was empty (luckily), but still used, so if it's part of a wallet of yours, it might be a good idear to "freeze" it, so you don't accidently receive any coins in it...

Thanks. I'm available for work. Wink

Anybody??

Yeah, I too was curious to see if the address had been used before and noticed some activity.

It's not a key I generated. It's the one from deepceleron's post which is also used in the WIF docs at:
https://en.bitcoin.it/wiki/Wallet_import_format

mocacinno

legendary

Activity: 3514

Merit: 5123

https://merel.mobi => buy facemasks with BTC/LTC

Seems like kn_b_y solved your problem Grin

@kn_b_y: nice work man, just a little tip: try to avoid posting real private keys... The address you generated was empty (luckily), but still used, so if it's part of a wallet of yours, it might be a good idear to "freeze" it, so you don't accidently receive any coins in it...

xhomerx10

legendary

Activity: 3808

Merit: 7912

Quote from: j55rrt on March 23, 2016, 08:30:23 AM

Hi,

I wrote my private key on the paper, and i tried to retrieve the btc from the address recently, but found my private key only contain 50 characters! It is my mistake when record down the private key!!

The private key format is WIF without any compressed, base58, start with "5".
I've 50 characters on hand, is there any brute force tools to calculate the key in quick way?

Thank you.

How many coins are stored in the address?

kn_b_y

newbie

Activity: 26

Merit: 3

Here's a script in python which uses deepceleron's idea of using the checksum to filter out bad candidates.

It does depend on python-bitcoinlib.
https://github.com/petertodd/python-bitcoinlib

Code:

import bitcoin.base58
from bitcoin.core import b2x, x
from bitcoin.wallet import CBitcoinSecret, P2PKHBitcoinAddress
from bitcoin.core import Hash

def insert_char(string, char, i):
    return string[:i+1]+char+string[i+1:]

def verify_wif_checksum(wif):
    byte_string = b2x(bitcoin.base58.decode(wif))
    private = byte_string[:-8]
    checksum = byte_string[-8:]
    return checksum == b2x(Hash(x(private)))[:8]

def candidate_wifs(corrupted_wif):
    candidates = []
    for i in range(len(corrupted_wif)):
        for char in bitcoin.base58.B58_DIGITS:
            candidate_wif = insert_char(corrupted_wif, char, i)
            if verify_wif_checksum(candidate_wif):   
                candidates.append(candidate_wif)
    return candidates


# Provide a WIF private key with a single missing character.
corrupted_wif = '5HueCGU8rMjxEXxiPuD5BDku4kFqeZyd4dZ1jvhTVqvbTLvyTJ'
#   Should be:  '5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ'

for candidate_wif in candidate_wifs(corrupted_wif):
    print(candidate_wif)

It should hopefully output any candidate private keys.

For example:
5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ

mocacinno

legendary

Activity: 3514

Merit: 5123

https://merel.mobi => buy facemasks with BTC/LTC

It isn't finished (yet), i just had 10 minutes over my lunchbreak, so i made a first "draft".. No checking for correct keys ATM.
Just enter the characters that can be used to insert into your key in the $db string, and the key (missing 1 character) in the $privatekey_wif string, and the script will generate all possible combinations...

It should run on windows Undecided

with activestate perl, without any extra modules... It's untested, and i don't take any blame if things go wrong Grin

You can take this script, and invoke any windows command (like bitcoin-cli importprivkey $key) and make this work, or you can wait untill i've included a checking-function (if and when i find the time to do this).

Code:

#!c:\perl64\bin\perl.exe
$db = "allvalidcharacters";
$privatekey_wif="mykeymissingonecharacter";
@delen = split('',$privatekey_wif);
@letters = split('',$db);
$length = length($privatekey_wif);
for ($position = 0; $position < $length+1; $position++)
{
	foreach(@letters)
	{
		@new = @delen;
		splice(@new, $position, 0, $_);
		print join('',@new)."\n";
	}
}

j55rrt

newbie

Activity: 16

Merit: 1

Quote from: mocacinno on April 18, 2016, 01:49:06 AM

@deepceleron: thanks for the info, i never tought about the problem like that.

Since it seems to be an interesting problem, i'll try to write a perl script to take a private key in WIF format with x missing letters as input, and permutate all allowed characters in this string, test if the permutated pk is valid and write all the valid keys to a logfile (or import them in bitcoin core directly).

Since this is a bit more difficult, and i can only work on the problem during my luchbreak, it might take a couple of days tough.

I cann't appreciate enough for your help Cheesy

. Take your time, this is not a problem.

mocacinno

legendary

Activity: 3514

Merit: 5123

https://merel.mobi => buy facemasks with BTC/LTC

@deepceleron: thanks for the info, i never tought about the problem like that.

Since it seems to be an interesting problem, i'll try to write a perl script to take a private key in WIF format with x missing letters as input, and permutate all allowed characters in this string, test if the permutated pk is valid and write all the valid keys to a logfile (or import them in bitcoin core directly).

Since this is a bit more difficult, and i can only work on the problem during my luchbreak, it might take a couple of days tough.

deepceleron

legendary

Activity: 1512

Merit: 1036

The wallet import format has a checksum in it just like Bitcoin addresses. It is possible to quickly determine if a candidate "recovered" key is valid:

WIF checksum checking

1 - Take the Wallet Import Format string

Code:

   5HueCGU8rMjxEXxiPuD5BDku4MkFqeZyd4dZ1jvhTVqvbTLvyTJ

2 - Convert it to a byte string using Base58Check encoding

Code:

   800C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D507A5B8D

3 - is the beginning byte string 0x80? If not, invalid.

4 - Drop the last 4 checksum bytes from the byte string

Code:

   800C28FCA386C7A227600B2FE50B7CAE11EC86D3BF1FBE471BE89827E19D72AA1D

5 - Perform SHA-256 hash on the shortened string

Code:

   8147786C4D15106333BF278D71DADAF1079EF2D2440A4DDE37D747DED5403592

6 - Perform SHA-256 hash on result of SHA-256 hash

Code:

   507A5B8DFED0FC6FE8801743720CEDEC06AA5C6FCA72B07C49964492FB98A714

7 - Take the first 4 bytes of the second SHA-256 hash, this is the checksum

Code:

507A5B8D

8 - Is #7 the same as the last 4 bytes of #2? If not, invalid.

If we have such a checking routine that can try hundreds of WIF key checksums per second, then all we need to do is feed different text possibilities into the validator logically. It may be possible to programmatically find the private key with several characters mistranscribed or missing:

- Starts with "5"? No? Add "5" if missing characters; substitute "5" if right length; add "5" and drop other characters if right length;
- Correct Length: substitute alternate upper/lower case for one character, check all positions for one character wrong, then iterate for increasing numbers of multiple incorrect cases, incorrect letters, etc;
- Missing one character? Try adding all Base58 characters at all positions.

Missing two characters? It becomes a slightly harder problem. Adding two characters in all possible positions = 3,956,064 possibilities (if the 5 at the start is correct). Single-threaded python does about 300,000 SHA256 hashes a second on my PC, so probably less than a minute to try all.

This might be an interesting programming project, but I wouldn't bother until it's actually going to recover some Bitcoins.

j55rrt

newbie

Activity: 16

Merit: 1

Quote from: mocacinno on April 15, 2016, 05:11:58 AM

Quote from: j55rrt on April 15, 2016, 03:12:50 AM

thanks dude, i will run it in cygwin Wink

If you cannot get it fixed, let us know and i'll rewrite it in perl (not much work, but i won't do it if it's not needed)

that will be great if you can rewrite it in perl.
i just ran it in the cygwin, same error Grin

mocacinno

legendary

Activity: 3514

Merit: 5123

https://merel.mobi => buy facemasks with BTC/LTC

Quote from: j55rrt on April 15, 2016, 03:12:50 AM

thanks dude, i will run it in cygwin Wink

If you cannot get it fixed, let us know and i'll rewrite it in perl (not much work, but i won't do it if it's not needed)

j55rrt

newbie

Activity: 16

Merit: 1

Quote from: mocacinno on April 15, 2016, 02:33:47 AM

Quote from: dserrano5 on April 15, 2016, 02:30:38 AM

Quote from: j55rrt on April 15, 2016, 01:58:29 AM

I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ??

C:\Strawberry\perl\test>perl test.pl
Missing $ on loop variable at test.pl line 1.

Quote

for i in `perl -e '$,=" ";
print +(A..Z),(a..z),(0..9)'`;

"for i in something; do something; done" is not perl. It's bash, and I don't think you get that in stock windows boxes even today. Install cygwin and try there.

^^ this is correct... I'm running on a linux box (and i wrongly assumed so were you), so it's basically a combination between bash and perl (which is installed by default on 90+% of the linux distros, but not on windows... you need something like mobaXterm or cygwin with some addons to do this task)...
Did you get this solved, or do i have to rewrite it in pure perl?

Quote from: dserrano5 on April 15, 2016, 02:30:38 AM

Quote from: j55rrt on April 15, 2016, 01:58:29 AM

I'm using perl in window, and encounter an error as below. Do i have to define the variables like i='(A..Z)' ??

C:\Strawberry\perl\test>perl test.pl
Missing $ on loop variable at test.pl line 1.

Quote

for i in `perl -e '$,=" ";
print +(A..Z),(a..z),(0..9)'`;

"for i in something; do something; done" is not perl. It's bash, and I don't think you get that in stock windows boxes even today. Install cygwin and try there.

thanks dude, i will run it in cygwin Wink

j55rrt

newbie

Activity: 16

Merit: 1

Quote from: vlamer on April 15, 2016, 02:35:01 AM

maybe you can use crunch - wordlist generator
https://sourceforge.net/projects/crunch-wordlist/

Code:

./crunch 52 52 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz -t L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY@ -o found.txt

cool tool, i give a try Cheesy

mocacinno

legendary

Activity: 3514

Merit: 5123

https://merel.mobi => buy facemasks with BTC/LTC

Quote from: vlamer on April 15, 2016, 02:35:01 AM

maybe you can use crunch - wordlist generator
https://sourceforge.net/projects/crunch-wordlist/

Code:

./crunch 52 52 123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz -t L4rK1yDtCWekvXuE6oXD9jCYfFNV2cWRpVuPLBcCU2z8TrisoyY@ -o found.txt

it's a nice tool... I didn't know that one, seems like a really cool tool to use in the future.
Thanks for the link

Topic: Private Key lost one character - page 3. (Read 6410 times)