Pages:
Author

Topic: Question about bip32 seed (Read 402 times)

hero member
Activity: 761
Merit: 606
July 16, 2021, 04:16:25 PM
#24
All of these last few posts are simply a method of making newer users "comfortable"  knowing that should Electrum disappear (and I am betting it never will) their coins will not be stuck in the blockchain.  It takes a while for new users to realize that there are not Electrum coins or Trezor coins, or whatever.  Once they spend some time reading and learning they will figure out how easy it is to move coins many different ways.
legendary
Activity: 2268
Merit: 18748
July 14, 2021, 03:13:10 AM
#23
Why do either of those and expose yourself to the risk of handling your raw private keys, potentially restoring them to a hot wallet, and therefore potentially exposing them to the internet and external attacks.

If you have Electrum running as an airgapped cold wallet, then better to just export the addresses you're interested in or your master public key, use something like coinb.in to create an unsigned transaction, and move it to your airgapped wallet to sign it.
legendary
Activity: 3472
Merit: 10611
July 13, 2021, 09:43:05 PM
#22
e.g. Using Electrum offline (air gap for safety) you can build a wallet easily from SEED.  Now you can open that air gap wallet and get the full PRIVATE key for any address you want to work with.  Once you have the full private key to any address you can literally move the coins using too many methods to comprehensively mention here.  No fears at all!!
An easier method (specially if you have a lot of used addresses) is to first recover the wallet from the seed phrase then go to the console and enter "getmasterprivate()" to get the master private key (xprv) with a quick search you can find the derivation path and you already know your address type.
This master key can be used in any other deterministic wallet to get the same addresses since there is no mnemonic to BIP32 seed conversion method that is specific to Electrum anymore.
hero member
Activity: 761
Merit: 606
July 13, 2021, 02:56:17 PM
#21
Another thing which wasn't mentioned above.  Even if Electrum disappeared from the internet you will always be able to download/find signed and verified Electrum versions, which will allow you to convert your SEED to something useable.

e.g. Using Electrum offline (air gap for safety) you can build a wallet easily from SEED.  Now you can open that air gap wallet and get the full PRIVATE key for any address you want to work with.  Once you have the full private key to any address you can literally move the coins using too many methods to comprehensively mention here.  No fears at all!!
legendary
Activity: 2730
Merit: 7065
July 11, 2021, 01:58:47 PM
#20
Judging by a post written by HCP in 2018 that I bookmarked but totally forgot about, BlackHatCoiner is right and the correct function really is "return true;" According to HCP, the change makes the software accept any entered recovery phrase as a correct entry by ignoring the checksum. 

Nice attention for details BlackHatCoiner.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
July 11, 2021, 10:33:57 AM
#19
Change this line to the following:
Code:
return h == true;
Are you sure that this is correct? Have you tried it?

If you want to ignore the checksum it should always return true, so it should be:
Code:
return true;

In your message, it'll most likely return false if not an error. Judging from the source code, h is a string variable, not a boolean.
legendary
Activity: 2268
Merit: 18748
July 11, 2021, 07:33:38 AM
#18
That project is based on the original Ian Coleman BIP39 tool. There haven't been any commits in the last 2-3 years, but it should still be working. You can use it to check if your Electrum seed is correct and if it's generating the correct addresses. Just make sure to download and run it offline like you would do with Ian Coleman's tool as well.
Rather than use a tool which is 3 years out of date and forked from a version of Ian Coleman which is also 3 years out of date, better just to do it yourself with the latest version of the software, so you know you are not risking being subjected to any bugs or vulnerabilities. It takes 2 minutes to do.

Go to Ian Coleman's site and download the zip of the latest version. Extract and navigate to \src\js, and then open the file jsbip39.js with a text editor.

Navigate to line 118:
Code:
return h == nh;
Change this line to the following:
Code:
return true;

Navigate to line 146:
Code:
passphrase = "mnemonic" + passphrase
Change this line to the following:
Code:
passphrase = "electrum" + passphrase

The first change tells it to ignore the checksum since you are using an Electrum seed phrase and not a BIP39 seed phrase. The second change fixes the salt that Electrum uses when turning seed phrases in to private keys. That's all you need to do. Then just go back in to the \src\ folder and run index.html, and you'll have a working Electrum seed checker.

Edit: Typo fixed, thanks.
legendary
Activity: 2730
Merit: 7065
July 11, 2021, 06:59:56 AM
#17
That project is based on the original Ian Coleman BIP39 tool. There haven't been any commits in the last 2-3 years, but it should still be working. You can use it to check if your Electrum seed is correct and if it's generating the correct addresses. Just make sure to download and run it offline like you would do with Ian Coleman's tool as well.
newbie
Activity: 8
Merit: 2
July 09, 2021, 06:43:47 AM
#16
look at this.
i found


https://github.com/FarCanary/ElectrumSeedTester

just llike iancoleman bip39 but it works for electrum specifically
legendary
Activity: 3472
Merit: 10611
June 08, 2021, 12:42:50 AM
#15
You can take Ian Coleman's tool for example, tell it to ignore the BIP39 checksum check and swap the word "mnemonic" for the word "electrum", and it will recover standard English Electrum seed phrases just fine.
Yeah, you're right. I guess I'm just too strict about the code I write/use and "ignore" doesn't work for me. I have to have every little details about the algorithm implemented correctly and fully tested before I can use it.
legendary
Activity: 2268
Merit: 18748
June 08, 2021, 12:04:35 AM
#14
-snip-
I think perhaps you misread my previous comment. While everything you say is correct, it is not relevant to OP's case where he has already generated an English Electrum seed phrase and is simply looking at alternative ways to recover it. The differing checksum and version bit requirements are only relevant in generating the seed phrase as I said above, and are not relevant when it comes to turning an already generated seed phrase in to private keys and addresses.

You can take Ian Coleman's tool for example, tell it to ignore the BIP39 checksum check and swap the word "mnemonic" for the word "electrum", and it will recover standard English Electrum seed phrases just fine.
legendary
Activity: 3472
Merit: 10611
June 07, 2021, 09:55:29 PM
#13
-snip-
The thing about Electrum seed phrases is that their major difference is in how the seed phrase itself is generated, and not in how the seed phrase is used to generate private keys. Just like BIP39 phrases, they still get paired with a salt using any additional passphrase (if one is set), they still go through 2048 rounds of HMAC-SHA512, they still generate a 512 bit seed number, and they still derive private and public keys in the same hierarchical manner. Literally the only difference is they use the word "electrum" instead of the word "mnemonic" in the salt, and they use a different derivation path. Therefore, any open source BIP39 wallet or code (such as Ian Coleman's site) can be changed pretty trivially to accept Electrum phrases and generate the same addresses as Electrum itself would.
Not that trivially because even though it may not like it but there are two major differences between the two algorithms. BIP39 simply uses a single SHA256 as its checksum which it will append to the end of the 128-bit entropy (assuming 12 word only) while Electrum uses an actual 132-bit entropy and increments it until it finds one that has a HMACSHA512 that starts with a certain bits.
That's not even the biggest difference, the biggest is in string normalization. BIP39 uses a simple KD normalization while Electrum significantly modifies the strings if they aren't plain English words (that includes the passphrase).
legendary
Activity: 2268
Merit: 18748
June 07, 2021, 04:39:29 AM
#12
-snip-
The thing about Electrum seed phrases is that their major difference is in how the seed phrase itself is generated, and not in how the seed phrase is used to generate private keys. Just like BIP39 phrases, they still get paired with a salt using any additional passphrase (if one is set), they still go through 2048 rounds of HMAC-SHA512, they still generate a 512 bit seed number, and they still derive private and public keys in the same hierarchical manner. Literally the only difference is they use the word "electrum" instead of the word "mnemonic" in the salt, and they use a different derivation path. Therefore, any open source BIP39 wallet or code (such as Ian Coleman's site) can be changed pretty trivially to accept Electrum phrases and generate the same addresses as Electrum itself would.
legendary
Activity: 2730
Merit: 7065
June 07, 2021, 03:14:11 AM
#11
Electrum is a unique seed (segwit as default), it works for electrum wallet only...
In the event that Electrum disappears from the face of the earth one day, it can no longer connect to any servers, and for some reason can't even be ran offline to export anything from it, an Electrum-native seed can be restored in Blue Wallet. The only requirement is that the wallet is not empty when being recovered. An empty wallet results in an error message that the seed is wrong/invalid.   
legendary
Activity: 2268
Merit: 18748
June 07, 2021, 12:48:40 AM
#10
My point here is you don't have enough space to keep XPRV also on cryptosteel.
An xprv encoded in Base58Check will be either 111 or 112 characters in length. The cryptosteel capsule can hold up to 123 tiles, so should be able to hold an xprv provided OP gets enough tiles. As I understand it, each cryptosteel only comes with enough tiles to guarantee ASCII strings up to 55 characters.

I still think it's unnecessary though, and duplicating his seed phrase across two capsules is the better option.
legendary
Activity: 2366
Merit: 2054
June 06, 2021, 07:01:29 PM
#9
I bought two cryptoSteel Capsule

1: XPRV (111 characters)
2: 12 words, (BIP32), Electrum.

just to be sure  Grin
Electrum is a unique seed (segwit as default), it works for electrum wallet only, you don't need to keep the derivation path also, it could make you confusing in the future. Just keep the 12 seeds.

cryptosteel capsule - It's able to keep full letter 12-word mnemonic seed, if you hold 24 seed, it will keep 4 letter front because of not enough space.
My point here is you don't have enough space to keep XPRV also on cryptosteel.
legendary
Activity: 2268
Merit: 18748
June 05, 2021, 02:06:16 PM
#8
I bought two cryptoSteel Capsule

1: XPRV (111 characters)
2: 12 words, (BIP32), Electrum.
There really is no need to back up your xprv. The xprv is derived from the seed phrase, so if you have the seed phrase, then you can easily obtain the xprv. Further, backing up an xprv is far more prone to error and if you do make an error, far more difficult to detect and correct compared to a seed phrase. If it were me, I would simply use both devices to back up the seed phrase so you have two back ups.

In terms of the derivation path, as long as you leave it as the default then I wouldn't worry too much about backing it up. Electrum will automatically detect the seed phrase type and restore to the correct path, and in the highly unlikely event that all copies of Electrum have been scrubbed from the internet in the future along with all information about what derivation paths it used, m/0'/0 isn't exactly super difficult to brute force.
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
June 02, 2021, 11:44:30 AM
#7
~snip~

I did two things:

I bought two cryptoSteel Capsule

1: XPRV (111 characters)
2: 12 words, (BIP32), Electrum.

just to be sure  Grin

The XPRV(111 characters) is the master private key, to be able to get the master private key you need to type this command below

Code:
wallet.keystore.xprv

After the wallet creation on Electrum, you can open the console and type that command and you will get the xprv or mater private key.

Actually, the seed phrase is enough as your backup, but it's your choice if you want both of them.
newbie
Activity: 8
Merit: 2
June 02, 2021, 09:38:00 AM
#6
Thanks, guys.. as I understood:

Segwit type:

codification BIP 32 in electrum: derivation path BIP141

codification bip 39 in others: derivation path BIP84

I did two things:

I bought two cryptoSteel Capsule

1: XPRV (111 characters)
2: 12 words, (BIP32), Electrum.

just to be sure  Grin
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
June 02, 2021, 12:05:32 AM
#5
Don't change your derivation path in case you're planning to do so unless you're also writing it down next to the mnemonic phrase. They are even harder to memorize than mnemonics.
Pages:
Jump to: