Topic: SOLVED: deprecated wallet: mSIGNA - how to access private keys? TINY BTC BOUNTY! - page 2. (Read 318 times)

Kryptowerk has provided me with a TXID, which I will obviously not share here for his privacy. However, I will explain what we have figured out so far to see if anyone else can chime in.

The P2SH address is indeed set up very oddly as a 1-of-1 multi-sig. It is as follows:


I have advised Kryptowerk how to extract the public keys from the redeem script for each address which has previously been used. They are all compressed public keys. With this list of public keys, and I then suggested he use https://iancoleman.io/bip39/ offline to enter his seed phrase, select BIP32, and then experiment with various derivation paths to see if he could find any matching public keys. However, no luck so far.

So yeah, it's not a simple nested segwit address at all. Would you be willing to PM the transaction ID so I can look at the script and see what it does exactly? The next step would be to extract the public key hash from the script and see if we can generate the matching private key from your seed phrase.

Okay, wow how do you know this stuff?
Ermm... yes so, there are several interesting things here:
ScriptSig says "OP_0
OP_PUSHBYTES_72" then followed by defintely more than 40 chars (looks like around 100)
and then it says OP_PUSHBYTES_37 followed by maybe 50 characters

Also it says multisig 1/1 - which isn't normal, right? Does a 1/1 multisig even make sense?
Seems like you were right and every mSIGNA wallet is indeed multisig - even when it actually isn't really. 

It wouldn't tell you anything about the derivation path, but it would tell you if you are indeed looking for a standard nested segwit address. If you are, then we can tackle finding out the derivation path. If the script is something different, then checking derivation paths as you are doing with Electrum or similar will get you nowhere.

Find one of your addresses from the mSIGMA wallet which has sent coins out from it, and grab the TXID. Head over to https://mempool.space/ and look up that transaction. Click on where it says "Details" on the right hand side. Underneath your address the first field should be titled "ScriptSig (ASM)". Hopefully next to that it says "OP_PUSHBYTES_22", followed by "0014" and then 40 random characters. If it does, then you've got a nested segwit address. If not, then you've got something different.

I see. Yes, good point! I am 99.9% certain it's not a multi-sig. First of I would have remembered and written down some info about it on my seed-paper.
But most importantly, I tried re-importing via the wordlist into mSIGNA and it worked flawlessly - they display a hash for each "keychain" (actually the HD wallet) and it is the same for the imported wallet via SEED compared to my original wallet.

No such option available like importing or exporting tx with mSIGNA.

I did check their source code a little bit. Not sure where to look for it and even if I find something how to proceed from there. - Just getting the right derivation path info would probably solve it, right?
About the own node solution: Right now don't even have the disc space for a BTC full node (but could use some older HDD lying around) - my worry is, even after finally having a synced full node running and connected to mSIGNA, the sync process will be stuck somewhere - that's what people seem to report on their github a lot.


That sounds interesting. Would it tell anything about the derivation path or other wallet properties? How does the script used to send help in my case?
Can you guide me through the steps without me exposing my pub keys?

In the end it's around 300 bucks that are unaccessible right now. Would be nice to have, but don't want to spend weeks trying to recover them.
I'm giving away 0.001 BTC for whoever helps the most to recover these funds. Will add info in OP. I reserve the right to decide at my own discretion who will get the funds - if more people are involved in finding a solution I might split it up.

Thanks already for your helpful inpot @o_e_l_e_o .
btw, I edited OP to include link to mSIGNA source code.

Yeah, I get that. My point of importing the seed phrase again was to ensure your wallet is indeed just a single signature wallet derived from that seed phrase and not some more complex multi-sig set up which we would never be able to recover using just one seed phrase.

Having read through the .pdf again, I'm not so sure:


There is no mention that they use nested segwit addresses, which is the type of address every other wallet will try to recover when given a seed phrase and a P2SH address type. The sentence above I've just quoted suggests they may use some strange custom 1-of-1 script, in which case you will never find it by just playing with the derivation path. You will need to find the exact script being used.

Does mSIGMA have the option to import transactions from elsewhere? That would be the easiest way forward - create an unsigned transaction elsewhere, import it to mSIGMA for signing, and then export it for broadcast. If not, then I think the easiest option is going to be to spin up your own node and get mSIGMA to connect to it. Otherwise you will need to comb through the entire source code to figure out exactly the script type and derivation path which is being used.

Alternatively - have you spend from any of these addresses in the past? If so, we can view the script for them on the blockchain.

I may not have made that clear in OP: But I can still access my wallet in mSIGNA. That's not the issue. This is where I got all the public keys and see a few of change funds still on there.
The issue is using the exportable keys as described in OP via 1), 2) or 3) to import properly via an other wallet.

Also, my wallet is NOT setup as a multisig, just a regular HD wallet. Multisig apparantly was optional.
My guess it's only about finding the right derivation path. Wonder if there is any tool to determine which is used by mSIGNA here.
Thanks for digging up that old pdf - no info on their derivation path used, though.

Seems the derivation path issue was already around in 2017: https://bitcointalksearch.org/topic/m.21524209

Probable solutions to my problem
- get mSIGMA to connect to a node (I don't have a full node)
- find the proper derivation path used by the wallet & import to another wallet

The .pdf I linked to above says it should connect to your own node. Are you running a node?

Can you import your seed phrase back in to mSIGNA and regenerate the same wallet with the same addresses? If so, then it is hopefully just a case of finding the right derivation path. But I worry given what is written on that .pdf it is going to be significantly more complicated since it apparently uses an unknown multi-sig arrangement.

Seems like the same or similar tool like the one I linked to in my post.
The problem is, I can play with some of the settings but the "Derived Addresses" list on the bottom of the page doesn't come up with a match to one of the public addresses I can see in the mSIGNA wallet.
My guess is BIP49 (or maybe BIP141) would be the right option, as they are the only ones producing addresses starting with 3. But playing a little with the derivation pathes (I tried 1-5/1-5) doesn't bring up a match.

Something to note: The BIP32 Extended Key does never match the one from mSIGNA no matter which of the BIP options I choose, also altering some of the derivation pathes.


I still do have the mSIGNA wallet. It doesn't offer any option to export single private keys. The only private key export option is said BIP32 extended private key.
The problem with the software is, I wasn't able to get it to connect to a node so far.
I used this list here: https://bitnodes.io/nodes/#network-snapshot and tried some of the addresses. Any better suggestions?

Thanks!

I've found an archived version of their old website here: https://web.archive.org/web/20150316215945/https://ciphrex.com/

It says there, however, that it was a multi-sig wallet.

I've also found their old GitHub here: https://github.com/ciphrex/mSIGNA

Looking through the issues on that GitHub, people are talking about .vault files. Do you have one of these?

You could potentially try to download their software and see if you can import what you have back in to mSIGMA, and then from there extract the raw private keys? I'd be careful downloading and running such long outdated and completely unreviewed code, however. You could also try making a copy of the .priv file and then simply opening it with a text editor and see if there are any private keys inside?

Edit: Also found an archived copy of their "Getting Started" pdf here: https://web.archive.org/web/20190410173347/https://ciphrex.com/docs/mSIGNA-Getting_Started.pdf

Try https://iancoleman.io/bip39/ instead. Play with it until you find the right derivation path.

Segwit did not exist 7 years ago.

--Knight Hider

This is a question for the sligthly more tech-savy Bitcoiners out here.

I recently accessed an old wallet called mSIGNA. It was recommended about 7 years ago and I used it for a while.
Now I want to access the remaining funds. This would only work if either I can connect to a node with this outddated wallet - Couldn't get it to work so far.
Or by exporting and re-importing the keys to another wallet.

The good news: I can access the public key list that was in use. And found an amount of slightly above 0.01 BTC that I want to transfer.
I still have the password.

The wallet allows to export the following (private) information:
1. Seed word list. It's a 24 word list.
2. BIP32 extended key
3. Private key file (file ending in .priv) -> no idea what that is and if it can be imported in other wallets

Now, I have tried to import 1) and 2) via electrum wallet.
Here are the options I tried without success so far (wallet not showing any transactions in the tx history). Note, I am connected to a node and other wallets update correctly, so it's not a connection problem.
- KEYRESTORE
  a) I already have a seed - here the import is only possible by switching to BIP39 seed
     I tried all 3 available address formats (legacy, p2sh-segwit and native segwit) without success. Also Detect Existing Accounts doesn't find anything. I left the suggested derivation path unchanged - maybe with the right path settings this could be solved?
  b) Use a master key - If I choose this option, Electrum accepts the BIP32 extended key exported from mSIGNA. However again, there are no transactions recognized.
- IMPORT BITCOIN ADDRESSES OR PRIVATE KEY - you can only import regular private keys, and I cannot export/access there from the mSIGNA wallet. - I played a little with this tool: https://bip32.tools/?lang=en But couldn't get it to create a list of private keys for me.

If anyone can either help me to import my mSIGNA keys into another wallet so I can access any remaining funds or get mSIGNA to work again (meaning make it connect to a node so I can just send my funds) it would be much appreciated.
Thanks in advance!

Made this self-moderated to avoid spam and farm comments. Anything off-topic or doing nothing else than suggesting something already explained in my post will be deleted.


Possibly helpful resources (edited)
- mSIGNA github: https://github.com/ciphrex/mSIGNA
- archive of old website: https://web.archive.org/web/20150316215945/https://ciphrex.com/



final edit: a solution
The "easiest" way to access my unspent outputs / a solution was provided here: https://bitcointalksearch.org/topic/m.62604661
Case solved / funds returned.

However we still don't know the correct derivation path of mSIGNA and how to import the seed phrase or master private key into another wallet in way that lets you access your funds. (bonus quest for anyone interested, no bounty for solving it, though)