Pages:
Author

Topic: Twitter dude lost access to his bitcoin using his weird(?) setup (Read 444 times)

hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
Even using a space could create problems.
He is saying that coins are still there and nothing moved, so he is obviously making some mistake with passphrase.
Spaces can cause issues, I checked that with https://iancoleman.io/bip39/ script. Leading or trailing spaces or multiple consecutive spaces in optional additional mnemonic passphrase all yield distinct wallets and keys.

Electrum behaves the same with BIP39 mnemonic seed words and with "dangerous" spaces spits out a warning:
I didn't know that Electrum wallet is displaying error message like that, but this could be better than opening wallet with zero balance  Wink
It must display an error message because the hardware wallet device can't properly provide the correct secret to unencrypt the wallet. Being quiet and opening the wrong wallet would clearly be the wrong action in such a setup.



6. Write down and backup your passphrase, not just your seed words.
And better not store it together with the mnemonic seed words as then the optional mnemonic passphrase makes not much sense (to me), you gain no additional security for your wallet if stored together.
legendary
Activity: 2212
Merit: 7064
He has simply forgotten his passphrase or is is making a mistake when entering it (wrong case, forgetting a symbol, something like that). He probably needs to look in to brute forcing it with btcrecover.
Even using a space could create problems.
He is saying that coins are still there and nothing moved, so he is obviously making some mistake with passphrase.
I didn't know that Electrum wallet is displaying error message like that, but this could be better than opening wallet with zero balance  Wink
His mistake was that he didn't wrote and made backup for passphrase he used, and he is trusting in worst possible storage device - his brain and memory.
Brain could be one of the most private secure place to store some information, but it is most unreliable at the same time, just ask Alzheimer's patients and older people.

5. Don't try to reinvent the wheel and use tested and recommended methods of generating and storing your private information.
6. Write down and backup your passphrase, not just your seed words.
legendary
Activity: 2730
Merit: 7065
The issue this lad is having is all the proof we need that much more attention are needed for proper seed/passphrase testing and backup. When people get a hardware wallet, they might start relaxing and being overconfident that nothing could possibly go wrong. But you should never be in a hurry to fund an address before you are 100% sure of its recovery.

1. Check, double check, and triple check the seed.
2. Do the same with the passphrase.
3. Recover your wallet from seed and enter your passphrase to see if it recovers a wallet with the same addresses.
4. Deposit a few satoshis to your wallet and try spending them before moving the rest of your portfolio to the wallet.
5. Don't try to reinvent the wheel and use tested and recommended methods of generating and storing your private information. 
legendary
Activity: 2464
Merit: 4415
🔐BitcoinMessage.Tools🔑

He has simply forgotten his passphrase or is is making a mistake when entering it (wrong case, forgetting a symbol, something like that).

While my gut feelings also tell me that he might have simply forgotten his passphrase or have never actually known it (because of lack of proper backup testing), we still cannot afford to rule out the possibility that there may have been an issue with the software itself. He used the same software (Electrum wallet) both to decrypt an old wallet and create a new one, and in both cases, he achieved nothing. If he had tried some other wallet, we would have had more information, particularly whether or not he experiences the same error when using wallets from other software providers.

I found an old thread where one of the users successfully replicated an error message by connecting a knowingly working and updated to the latest firmware hardware device to Electrum wallet, which turned out to be using an outdated version of the hardware wallet's plugin. Having had updated the plugin to the latest version, he managed to get everything working.

Maybe this situation is similar and something like...

Code:
python3 -m pip install bitbox02

...will do the trick.
legendary
Activity: 2268
Merit: 18748
Simple solution would be to try using hardware wallet with same passphrase in native, for Trezor that would be Trezor Suite, there wont' be any error if different passphrase was used.
Looks like he already tried this, unlocking the hardware wallet with the "correct" passphrase and using that to create a brand new Electrum wallet: https://nitter.it/TheVladCostea/status/1553245488748630016#m. As expected, it showed zero balance.

Again, this is all in keeping with him using the wrong BIP39 passphrase. Unlocking the wallet with what he thinks is the right passphrase but isn't will result in an error trying to decrypt the existing Electrum wallet file (which he experienced from his first post), and will result in any new Electrum wallet file generating different addresses with zero balance (which is what he has done here).

He has simply forgotten his passphrase or is is making a mistake when entering it (wrong case, forgetting a symbol, something like that). He probably needs to look in to brute forcing it with btcrecover.
legendary
Activity: 2212
Merit: 7064
I think it is still a BIP39 passphrase. If you have already created an Electrum wallet paired to a hardware wallet which has a BIP39 passphrase, and then try to open that Electrum wallet file with the hardware wallet attached but with a different passphrase enabled, then you get this error. You can reproduce this on Ledger and Trezor devices too. It's just Electrum's error message of saying whatever wallet is open on the hardware wallet does not match the Electrum wallet file, and therefore it cannot be decrypted.
Or it could be that some of the wallet files related on his computer somehow got corrupted and that is why it is showing this error.
It could happen when doing transfers to USB drives and vice versa, and maybe he used multiple wallet files and mixed them up.
We can't know what really happens until Vlad explain himself what happened, but he did not mention anything about this issue in last few days  judging by his twitter account.
Simple solution would be to try using hardware wallet with same passphrase in native, for Trezor that would be Trezor Suite, there wont' be any error if different passphrase was used.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange

Exactly, this. The Mnemonic Words are not what is there in the beginning. OK, what I call "Seed" is the random entropy that comes in first place. See also following flow chart...

legendary
Activity: 952
Merit: 1386
I try to be consistent and accurate as follows:
Seed = huge integer, usually 2256 bits, upto ~1.15*1077 as decimal, 32 hexadecimal digits
You are confusing seed with something else called "a private key", which is an 256 (not  2256) bits long integer used to calculate a corresponding public key (point on an elliptic curve) by multiplying the generator point (G) private key times.  2256 or 1.15*1077 is the number of possible (valid) private keys (integers).

In fact it is a slightly different.
First at all, you have entropy, which could be 128... 256 bits.
Entropy could be converted into mnemonic phrase, taking into account that it requires a one extra step - calculation of checksum, which part is appended into bits from entropy. Checksum is needed to "discover" the last word, as each word from dictionary requires 11 bits known. That way for example 128 bits of entropy gives 11 words * 11 bits = 121bits, + 12th word is composed from 7 bits from entropy + 4 bits from checksum build from 128 known bits. 256 bits gives: 23 * 11 = 253 bits, so we have 23 "hard" words + 24th word created from 3 entropy bits + 8 checksum bits.
Then, mnemonic phrase "word1 word2 ... word12" is converted into seed using PBKDF2 (sha512) etc. At this moment extra words are used. Then seed is converted into master priv key, which is used to obtain child keys. That's why having master priv key, you cannot find mnemonic phrase!
legendary
Activity: 2464
Merit: 4415
🔐BitcoinMessage.Tools🔑
I try to be consistent and accurate as follows:
Seed = huge integer, usually 2256 bits, upto ~1.15*1077 as decimal, 32 hexadecimal digits
You are confusing seed with something else called "a private key", which is an 256 (not  2256) bits long integer used to calculate a corresponding public key (point on an elliptic curve) by multiplying the generator point (G) private key times.  2256 or 1.15*1077 is the number of possible (valid) private keys (integers).


Quote
Mnemonic (Seed) Words = BIP39 representation of Seed for better documentation by humans
If by seed you mean entropy+checksum then yes, mnemonic words represent this number and make it more human-friendly. But usually, the seed is produced from mnemonic words (not the other way around) by means of a key stretching function called PBKDF2. This function produces a 512-bit number - the seed.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
I try to be consistent and accurate as follows:
Seed = huge integer, usually 2256 bits, upto ~1.15*1077 as decimal, 32 hexadecimal digits
Mnemonic (Seed) Words = BIP39 representation of Seed for better documentation by humans
Mnemonic (Seed) Passphrase = optional passphrase as defined by BIP32

I concur to better not say passphrase in the context of the unlocking secret for a hardware wallet device. Unlocking secrets can be changed without affecting the HD wallet.

I don't like very much to speculate, especially when the affected user is not participating in this thread here but maybe this is what this Twitter "celeb" messes up, the distinction between wallet file encryption password, hardware wallet device PIN/password and Mnemonic Seed Passphrase. The first two don't affect the HD wallet, the latter does!
legendary
Activity: 2268
Merit: 18748
The hardware wallet device can be unlocked by a PIN or Password/Passphrase.
Slight pet peeve, but I think it's better not to use the word passphrase when discussing the hardware wallet's local unlock mechanism, and keep the word passphrase for reference to the seed phrase extension. Some of the issues that newbies have similar to this one is because they don't understand what a seed phrase passphrase is or does and confuse it with a PIN/password for unlocking their device.

I don't see how this is a recipe for coin destruction unless a user fails to safely and redundantly store the basic HD wallet details needed for proper recovery of the HD wallet, in particular the Mnemonic Words, an optional Mnemonic Passphrase and conveniently the Derivation Path.
It isn't a recipe for destruction at all. As you point out, the Electrum wallet is simply a watch only wallet. It is encrypted with the hardware wallet only for privacy reasons and to stop other people viewing your addresses, not for any security purposes and not because it contains any critical information. Even if you completely lose the Electrum wallet file, then you can just create a new one with the same addresses by using the same hardware wallet with the same passphrase enabled.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
When he creates an Electrum wallet based on a hardware device like Trezor or Bitbox02, then the Electrum wallet is something like a watch-only wallet, except that it allows to sign and transfer funds with the hardware wallet device acting as signing device.

The Electrum wallet stores the Extended Public Key to derive addresses according to the derivation path in use. It should conform to BIP39 and as far as my experience goes, the hardware device communicates relevant details to Electrum. There's not much to tweak here, when you setup such a wallet.

A user needs to understand some basic HD wallet and hardware wallet device details. The hardware wallet device can be unlocked by a PIN or Password/Passphrase. For convenience and ease of entry usually a PIN is used. You're usually allowed to enter only a few tries for PIN entry before the device resets itself. I consider this safe enough as long as you use no stupid PIN (I'd recommend at least 6 digits and no trivial numbers like 123456 or similar brain-dead combos).

The HD wallet is determined by its Seed, represented in safely human readable form as Mnemonic Words, maybe an optional Mnemonic Passphrase (any unique Mnemonic Passphrase derives an unique HD wallet) and Derivation Path. With these details you can usually recover the HD wallet and every user should safely check if this works. This isn't very easy if you care about proper safety but it's no rocket science either.

You can choose to have the Electrum wallet be encrypted by the hardware wallet device. I don't see how this is a recipe for coin destruction unless a user fails to safely and redundantly store the basic HD wallet details needed for proper recovery of the HD wallet, in particular the Mnemonic Words, an optional Mnemonic Passphrase and conveniently the Derivation Path.
This is basic HD wallet 101 or should be...

The fact that the hardware wallet shows him there might be something wrong with the passphrase makes me think that it is not a standard BIP39 passphrase (which cannot be "wrong") but some encryption key that scrambles the metadata inside a wallet file. If he is trying to recover a wallet in an incorrect way using this encryption key as a BIP39 passphrase, it is no wonder that he gets a completely different set of keys and addresses.
It's not the hardware wallet device that shows the error this Twitter dude sees, it's Electrum. I have no idea what you mean by "not a standard BIP39 passphrase". How exactly Electrum derives the wallet file encryption key from the hardware wallet device is something which might need to be checked with Electrum devs or by simply inspecting the Electrum wallet code for those capable of reading and understanding the code.

I have such a Testnet Electrum wallet encrypted by my PiTrezor. The Electrum wallet file looks like any fully encrypted Electrum wallet file. The Electrum wallet encryption key was never shown or exposed to me. The PiTrezor "wallet" is BIP39 of course by default and I use a Mnemonic Passphrase for safety reasons as the PiTrezor can't protect secret wallet data due to its data storage concept on unencrypted microSD card.
When I want to open the Electrum wallet, I have to connect the PiTrezor, unlock it with the PIN and then I'm asked to enter the Mnemonic Passphrase and confirm it on the PiTrezor. Provided no input errors have been made which I could've spotted at the confirmation step the Electrum wallet gets unlocked and opened. I'd assume it's the same with a Bitbox02.

As far as I remember, I tested that I can reset the PiTrezor, recover the HD wallet with saved Mnemonic Words and Mnemonic Passphrase and the PiTrezor still be able to unlock my PiTrezor encrypted Electrum wallet. But even if that wouldn't work because some specific serial no. of the particular hardware wallet device is mangled into the Electrum wallet encryption key (which is never exposed to the user in such a setup): no problem, no coins lost as you can create a new Electrum wallet file based on your hardware wallet device and the saved HD wallet details in it. (You might loose transaction comments/labels and active LN channels are an issue, so you may loose some Sats due to LN channel recovery/closing).
legendary
Activity: 2268
Merit: 18748
What is the benefit to such a complex set up anyway? Maybe to tell the Feds: "Sorry, I cannot access these bitcoins" or to confound them during the recovery process?
Which doesn't really make sense. Something doesn't need to be complex in order to forget it. Simply saying "I've forgotten my PIN and have no seed phrase" is probably more believable than "I've created a needlessly complex system I don't really understand and now can't figure it out".

The fact that the hardware wallet shows him there might be something wrong with the passphrase makes me think that it is not a standard BIP39 passphrase (which cannot be "wrong") but some encryption key that scrambles the metadata inside a wallet file.
I think it is still a BIP39 passphrase. If you have already created an Electrum wallet paired to a hardware wallet which has a BIP39 passphrase, and then try to open that Electrum wallet file with the hardware wallet attached but with a different passphrase enabled, then you get this error. You can reproduce this on Ledger and Trezor devices too. It's just Electrum's error message of saying whatever wallet is open on the hardware wallet does not match the Electrum wallet file, and therefore it cannot be decrypted. This would also fit with the fact that he said he tried a different passphrase or no passphrase at all and received the same error when trying to open the existing Electrum wallet file, and also that he could create a new Electrum wallet file paired with his hardware wallet but it was showing a bunch of empty unused addresses.
legendary
Activity: 2464
Merit: 4415
🔐BitcoinMessage.Tools🔑
The wallet he is talking about is a BitBox2.

He also says he can unlock the hardware wallet, but cannot decrypt the Electrum file. When he unlocks the hardware wallet and generates a new Electrum wallet file, he is shown zero balance.

This means he either has the wrong passphrase or the wrong derivation path. And yes, he has failed at the most basic task of ensuring he has a working back up.
Thanks for the clarification. He may have created a watch-only wallet (I mean the wallet that doesn't store any private keys) using passphrase X, generated and funded several addresses (he claims he can see balances using a block explorer), and never tried to spend from those addresses. Now he is trying to recover his encrypted Electrum wallet using something different (passphrase Y), and that is why he is seeing an error message in the old wallet and empty addresses in the newly created one. The fact that the hardware wallet shows him there might be something wrong with the passphrase makes me think that it is not a standard BIP39 passphrase (which cannot be "wrong") but some encryption key that scrambles the metadata inside a wallet file. If he is trying to recover a wallet in an incorrect way using this encryption key as a BIP39 passphrase, it is no wonder that he gets a completely different set of keys and addresses.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
What is the benefit to such a complex set up anyway? Maybe to tell the Feds: "Sorry, I cannot access these bitcoins" or to confound them during the recovery process?

It certainly looks like a setup optimized for loss-destruction (if you lose any of the pieces of info, access is lost and your wallet is effectively destroyed).
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
My vote goes for bad passphrase.
There is no such thing as a bad passphrase.
it would just create new empty unused wallet with that soil.
PIN or password is a different story.

Bad passphrase as not 100% identical passphrase like the one set at the creation of the original wallet.
Better?

Something that has just occurred to me is that electrum may trim non-printable characters (was the original wallet created with electrum?)
legendary
Activity: 2212
Merit: 7064
It seems like he's using a hardware wallet, but his backup wasn't a 12-24 word recovery phrase, but an encrypted file? I don't get it. I need someone that has far more braincells than me to please explain this LOL.
I think this twitter dude and youtuber Vlad (from Romania) recently registered account to bitcointalk forum, so you can ask him yourself if you want  what happened Smiley
Vlad BTCTKVR: https://bitcointalksearch.org/user/vlad-btctkvr-3493228

Maybe there is some issue with his hardware wallet, but he should have backup of seed words and passphrase offline, so I don't understand why he is in panic mode about this.
I would try using native application in his place, double check everything and try using different hardware wallet with his words/passphrase.

My vote goes for bad passphrase.
There is no such thing as a bad passphrase.
it would just create new empty unused wallet with that soil.
PIN or password is a different story.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
This means he either has the wrong passphrase or the wrong derivation path.

My vote goes for bad passphrase. Maybe an enter or space at the end; maybe upper case problem? I hope he can recover his funds.

Electrum doesn't ask for you to confirm your wallet when you try to access it so this seems plausible - I don't make new hardware wallets in electrum for this reason, I access them from it but don't do the original making there because of the chance of making a mistake (trezor gets you to confirm the passphrase on the device now, I'm not sure if other hardware wallets do yet).


I tried to change the passphrase, remove it entirely, still the same error message.
It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet.

This is another good competitor for what they've done - "changed" the password and assumed it "worked"/that was all that was needed.

legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
True, but the guy in question here runs a bitcoin podcast and has 11k Twitter followers. He has recently interviewed people like Peter Todd and Pavol Rusnak (co-founder of Trezor). And yet still he seems to have failed in basic bitcoin 101 of making and checking a back up, and has potentially lost his coins. How can we expect newbies to do any better when crypto "influencers" (God I hate that word) who have spent thousands of hours immersed in all things cryptocurrency don't understand the basics and are teaching bad practices. He does seem to be sponsored by a custodial wallet/centralized exchange and an anti-privacy wallet though, so make of that what you will.

So the guy has made a nice business. Very smart of him.
Unfortunately, as seen even on this very forum, even high ranked people may have no idea about certain basic topics or may be completely wrong. That's why the first thing people have to learn is to cross-check every "information" they get. (Since I have kids I got to the point I need to do this even with medics!).

Your hardware device doesn't encrypt your wallet - it is the wallet.

We know this. And I thought it's already clear that this guy has no idea Wink

It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet.

Many think that passphrase is an encryption password for the seed. It's a bit confusing, since the word passphrase is also user for multi-word passwords.
And since it's clear that this guy took "shortcuts" instead of reading and understanding what he's doing, ... I'm not that much surprised by the confusion (!).

Yeah; BitBox does offer an 'easy' backup through an encrypted file on a microSD card, but you absolutely should also do a regular seed word backup.

Yep, I've read about that somewhere. But I find it more a confusing feature than a helpful one.
As must as we hate Ledger for their mistakes, at least they've kept the things simple so the average Joe cannot make mistakes too easy.
hero member
Activity: 882
Merit: 5834
not your keys, not your coins!
The wallet he is talking about is a BitBox2.

He also says he can unlock the hardware wallet, but cannot decrypt the Electrum file. When he unlocks the hardware wallet and generates a new Electrum wallet file, he is shown zero balance.

This means he either has the wrong passphrase or the wrong derivation path. And yes, he has failed at the most basic task of ensuring he has a working back up.
Yeah; BitBox does offer an 'easy' backup through an encrypted file on a microSD card, but you absolutely should also do a regular seed word backup.
It does support it and you can even print the seed offline from that microSD card e.g. if you have a printer that is not internet-connected and which has a USB media-in port.

Laminate that paper and you're golden.

And this one:
I tried to change the passphrase, remove it entirely, still the same error message.
It sounds like he doesn't understand what a passphrase is or does. You can't just change it or remove it and expect to still access the same wallet.
That's kind of sad.. Bitcoin Twitter 'celebrity' (?) but no idea about passphrases.. *sigh*
Pages:
Jump to: