recover coinbase multisig wallet to electrum? - page 2.

effin_new_guy

newbie

Activity: 17

Merit: 21

Quote from: DaveF on January 16, 2022, 12:38:08 PM

So you my be able to download and tweak the .js files a bit to find what you need and change it.
I don't know enough about js and the app itself to be sure what would need to be changed. You would also have to find were the /addr is located and change it to /address and a few other things, but I don't see it as an impossible task. Just a long and annoying one.

-Dave

I could potentially make the change you are suggesting to the js file and I am not necessarily opposed to long and annoying (you have no idea how much work I have put into this already). Unfortunately I am a terrible programmer and cannot read or write code well at all and I don't trust myself not to screw it up. On top of that, this is only step 1 and I don't even comprehend steps 2 or step 3-a or step 3-b

Quote from: o_e_l_e_o on January 16, 2022, 12:39:46 PM

I was under the impression that Coinbase's multisig vaults have long been discontinued and they removed all support for them, and so this will no longer be an option. But regardless of what I think - have you tried this? It seems like it would solve all your problems if it is possible.

If you do not have the decryption key (and the above is not possible), then your options are limited to either brute forcing the decryption key so you can use the user seed and shared seed, or seeing if Coinbase will give you access to the Coinbase seed linked to your account (which seems highly unlikely).

I can see my vault on coinbase and when I click "withdraw from vault" nothing happens.
I am not certain that I do not know the decryption key for the shared seed. Unfortunately, there isn't any way to "test" it.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: effin_new_guy on January 16, 2022, 12:33:00 PM

I do not have the decryption password recorded so that may be an issue but the good news is I have the user seed and according to Coinbase's email, (refereced in this post) https://bitcointalksearch.org/topic/--5316286

Code:

What if I don’t know my vault password?
If you don’t know your vault password, you can instead copy/paste the user seed into the password field. This will allow you to approve your withdrawal. The user seed was provided to you when you created your multisig vault.

If that ends up working, you will be the first person I know who gained access to a 2/3 multisig wallet by having only one of the private keys with two of them missing.

At this point, it can't even be considered a multisig solution. If it's possible for you to recover it with just your "user seed", I wonder if Coinbase could have done it on their end with just their "Coinbase seed" as well?!

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: effin_new_guy on January 16, 2022, 12:33:00 PM

I do not have the decryption password recorded so that may be an issue but the good news is I have the user seed and according to Coinbase's email, (refereced in this post)

I was under the impression that Coinbase's multisig vaults have long been discontinued and they removed all support for them, and so this will no longer be an option. But regardless of what I think - have you tried this? It seems like it would solve all your problems if it is possible.

If you do not have the decryption key (and the above is not possible), then your options are limited to either brute forcing the decryption key so you can use the user seed and shared seed, or seeing if Coinbase will give you access to the Coinbase seed linked to your account (which seems highly unlikely).

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Pulling in from the other thread. If you take a look at constants.js you see:

Code:

"use strict";

var constants = {
  M: 2,
  MINIMUM_MINER_FEE: 20000,
  BITCOIN_SATOSHIS: 100000000,
  INSIGHT_API_URL_ROOT: "https://insight.bitpay.com/api/",
  DEBUG: false,
  REQUEST_PIPELINE_SIZE: 2,
  REQUEST_BACKOFF: 250,
  REQUEST_BACKOFF_CEILING: 3000,
  REQUEST_BACKOFF_MULTIPLIER: 1.25,
  REQUEST_RETRY_ATTEMPTS: 5
}

module.exports = constants;

So you my be able to download and tweak the .js files a bit to find what you need and change it.
I don't know enough about js and the app itself to be sure what would need to be changed. You would also have to find were the /addr is located and change it to /address and a few other things, but I don't see it as an impossible task. Just a long and annoying one.

-Dave

effin_new_guy

newbie

Activity: 17

Merit: 21

Quote from: o_e_l_e_o on January 16, 2022, 12:02:59 PM

The lack of a seed phrase isn't the most pressing issue right now. You can worry about how to turn the private keys (rather than seed phrases) in to a wallet later. The first thing you need to obtain is 2 of the 3 private keys.

You have the user seed private key. You will never obtain the Coinbase seed private key, since that was only ever held on Coinbase's servers. You have the shared seed private key, but it is encrypted. If you cannot decrypt it, then you will never be able to recover your wallet?

Do you remember the decryption password? If not, then the first thing you are going to have to do is to try to brute force it.

Agreed, not the most pressing issue. But the possession of a seed phrase as opposed to a "user seed" and a "user public key" and a "shared seed" and a "shared public key" and a "coinbase public key" and a password would simplify things incredibly and that is the frustration.
Not at any of you, obviously... In fact, I really appreciate all the responses I am getting.

I do not have the decryption password recorded so that may be an issue but the good news is I have the user seed and according to Coinbase's email, (refereced in this post) https://bitcointalksearch.org/topic/--5316286

Code:

What if I don’t know my vault password?
If you don’t know your vault password, you can instead copy/paste the user seed into the password field. This will allow you to approve your withdrawal. The user seed was provided to you when you created your multisig vault.

So I should be good, right? Grin

I am sure there is a catch... Huh

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: effin_new_guy on January 16, 2022, 10:57:18 AM

The lack of a seed phrase is what makes recovering a coinbase multisig vault as difficult as it is.

The lack of a seed phrase isn't the most pressing issue right now. You can worry about how to turn the private keys (rather than seed phrases) in to a wallet later. The first thing you need to obtain is 2 of the 3 private keys.

You have the user seed private key. You will never obtain the Coinbase seed private key, since that was only ever held on Coinbase's servers. You have the shared seed private key, but it is encrypted. If you cannot decrypt it, then you will never be able to recover your wallet?

Do you remember the decryption password? If not, then the first thing you are going to have to do is to try to brute force it.

effin_new_guy

newbie

Activity: 17

Merit: 21

Quote from: ?? on ??

So, Coinbase multisig vaults were a 2-of-3 multisig. One key was held solely by Coinbase. One key was held solely by the user. The third key was held by both Coinbase and the user in an encrypted form, with the password you have being the decryption key. When you logged in to the vault, you used your password to decrypt the shared key, which allowed you to make transactions on Coinbase's website using Coinbase's key and the shared key.

Based on that, a seed phrase and a password alone are not going to be enough to access your coins. You also need the shared key which your password decrypts. If you do not have this backed up as well, then your only hope is going to be to ask Coinbase nicely if they still have it stored and can send it to you.

I also don't think Coinbase provided a seed phrase at all for the user key; I think it was an actual private key. You should therefore have two strings of seemingly random letters and numbers, one which will be your user key and the other which will be your encrypted shared key.

You are absolutely correct, end users were not provided a seed phrase.
Upon the creation of a (multisig) vault, Coinbase provided the following:
(these are just random numbers formatted to look real, they are not valid)

# User seed: L3XCYcQ2pwY3YTuwyPXzWsvVtGnCp4zL2ajP3XQt2pVhPuKiVM7r
# User public key: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb
# Shared seed (encrypted): z3PCl3Goz8yXxYt9mx6I9B2YXNX7ulTU0O2a6T43OfjP23A2ahmwx72iJ
# Shared public key: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb
# Coinbase public key: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb

The lack of a seed phrase is what makes recovering a coinbase multisig vault as difficult as it is.
I am no python coder (not coder at all) but was able to get the code from this post on stack exchange https://bitcoin.stackexchange.com/questions/57207/how-to-derive-the-private-key-associated-with-a-coinbase-multi-sig-vault-address to produce something similar to the following:
(these are just random numbers formatted to look real, they are not valid)

Master Private Key corresponding to seed: xprvz3PCl3Goz8yXxYt9mx6I9B2YXNX7ulTU0O2a6T43OfjP23A2ahmwx72iJVkmTWy0ZmBZMZcIkVv bZteiiHkucAZFdK1m1kjfMB6542qggKO
Master Public Key corresponding to seed: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb
Extended Private key at index 14: xprvz3PCl3Goz8yXxYt9mx6I9B2YXNX7ulTU0O2a6T43OfjP23A2ahmwx72iJVkmTWy0ZmBZMZcIkVv bZteiiHkucAZFdK1m1kjfMB6542qggKO
WIF format of that key: 3OfjP23A2ahmwx72iJVkmTWy0ZmBZMZcIkVvbZteiiHkucADVDA

Not sure what exactly to do with the values produced from the user seed as that is only 1 of the signatures for a 2 of 3 vault but I will ask in Electrum.

Pmalek

legendary

Activity: 2730

Merit: 7065

Quote from: Charles-Tim on January 16, 2022, 03:46:45 AM

Coinbase solely have one key, you solely has one key while both you ( Coinbase and you) have the third key. Which means you have two keys.

If the "user seed" is his seed phrase or private key and the "shared seed" is the password-encrypted shared private key that o_e_l_e_o mentioned in the post you quoted, I guess you are right and he has the essentials to recover a 2/3 multisig wallet without having to contact Coinbase for further assistance.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Leading Crypto Sports Betting & Casino Platform

For you to understand, I have to quote from this thread, as I am not a Coinbase user.

Coinbase vault is 2-of-3 multisig wallet. Coinbase solely have one key, you solely has one key while both you ( Coinbase and you) have the third key. Which means you have two keys.

With your two keys you can move the funds.

Quote from: ?? on ??

with your 2 keys you could move funds.
There was also this option: https://coinbase.github.io/multisig-tool/
For you to dig through and get to your funds.

Quote from: ?? on ??

So, Coinbase multisig vaults were a 2-of-3 multisig. One key was held solely by Coinbase. One key was held solely by the user. The third key was held by both Coinbase and the user in an encrypted form, with the password you have being the decryption key. When you logged in to the vault, you used your password to decrypt the shared key, which allowed you to make transactions on Coinbase's website using Coinbase's key and the shared key.

Based on that, a seed phrase and a password alone are not going to be enough to access your coins. You also need the shared key which your password decrypts. If you do not have this backed up as well, then your only hope is going to be to ask Coinbase nicely if they still have it stored and can send it to you.

I also don't think Coinbase provided a seed phrase at all for the user key; I think it was an actual private key. You should therefore have two strings of seemingly random letters and numbers, one which will be your user key and the other which will be your encrypted shared key.

Hope this is helpful.

Pmalek

legendary

Activity: 2730

Merit: 7065

To get the best eyes on this, I suggest you move this thread to one of the sub-boards where technical issues are being discussed.
At the bottom of the page, you will see a button that says "Move Topic". Click on that and select the appropriate board. I am not sure what's the best fit, but it could be either Bitcoin Technical Support or Wallet software > Electrum I think.

effin_new_guy

newbie

Activity: 17

Merit: 21

if I have the "user seed" and the "user public key" and the "shared seed" and the "shared public key" and also a "coinbase public key" can I recover a Coinbase multisig wallet (created in 2016) into electrum using the steps mentioned in this post
https://bitcointalksearch.org/topic/m.20875786

I have pybitcointools working with the sample data from this post
https://bitcoin.stackexchange.com/questions/57207/how-to-derive-the-private-key-associated-with-a-coinbase-multi-sig-vault-address
so I should be able to get my xprv but not sure I understand "child index".

I've spent hours researching this and want to make sure I have things mostly figured out before I put any of my data in there.
I am also not sure about the "shared seed" my notes say "shared seed (encrypted)" and I have read references about a vault password being used to encrypt it but I am not sure I have that.

Thanks in advance for any assistance.

Topic: recover coinbase multisig wallet to electrum? - page 2. (Read 527 times)