Wallet backup & encrypted question | Bitcointalksearch.org

o_e_l_e_o

legendary

Activity: 2268

Merit: 18586

Quote from: nc50lc on February 23, 2023, 04:04:52 AM

Changing the passphrase won't refresh the wallet's 'hdseed'.

Which, when you think about it, I'm not sure that makes much sense.

If you are changing the password on your wallet file, then the vast majority of times it will be because you think the old password is either too weak or has been (or is at risk of being) compromised. Not that many people rotate passwords just for the sake of it. And so if you are changing the password, then you presumably want all future keys to not be able to be generated from any old back ups using the old password, since they are at risk of compromise.

But perhaps this would encourage people not to just create a new wallet if they think their wallet may be compromised, which is of course the best option.

nc50lc

legendary

Activity: 2394

Merit: 5531

Self-proclaimed Genius

Quote from: HCP on February 22, 2023, 05:24:38 PM

-snip-

You probably already know this (but misused a term?): It's not applicable in "passphrase change" but only once after encrypting an unencrypted wallet.dat.
Changing the passphrase won't refresh the wallet's 'hdseed'.

HCP

legendary

Activity: 2086

Merit: 4314

Quote from: odolvlobo on February 21, 2023, 06:55:33 PM

I get it now. That is quite different from a typical HD wallet where the mnemonic phrase is the backup.

Technically, it offers some "extra" protection in that if one of your older backups is compromised, only keys (and their attached coins) generated prior to the passphrase change are at risk. Which could, theoretically, minimise your losses if you tend to move coins to newer addresses on a regular basis and you regularly change your passphrase.

I suspect for most people, it isn't really of much use and just causes extra work because they then have to refresh all their offline/offsite backups whenever they change the passphrase or they face the prospect of losing coins attached to newly generated keys if the in use wallet file is corrupted/lost etc.

odolvlobo

legendary

Activity: 4298

Merit: 3209

Quote from: o_e_l_e_o on February 21, 2023, 05:21:55 PM

Quote from: odolvlobo on February 21, 2023, 04:56:20 PM

So, does that mean that if you have bitcoins in an unencrypted wallet that is not backed up, then you would lose those bitcoins when you encrypt it?

No. As I said above, any addresses you have already generated are saved to the wallet, so even after you encrypted it all previously generated and used addresses are still there and able to be used. For a legacy wallet it simply saves any previously generated key pairs as it normally would, but changes the hdseed for all future key pairs. For descriptor wallets your old descriptors (along with their xprvs) are still stored in the now encrypted wallet and simply marked as inactive, so they are still there and can be used to regenerate any addresses they previously generated.

I get it now. That is quite different from a typical HD wallet where the mnemonic phrase is the backup.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18586

Quote from: odolvlobo on February 21, 2023, 04:56:20 PM

So, does that mean that if you have bitcoins in an unencrypted wallet that is not backed up, then you would lose those bitcoins when you encrypt it?

No. As I said above, any addresses you have already generated are saved to the wallet, so even after you encrypted it all previously generated and used addresses are still there and able to be used. For a legacy wallet it simply saves any previously generated key pairs as it normally would, but changes the hdseed for all future key pairs. For descriptor wallets your old descriptors (along with their xprvs) are still stored in the now encrypted wallet and simply marked as inactive, so they are still there and can be used to regenerate any addresses they previously generated.

Encrypting a wallet still saves everything the wallet has done up until that point. It is only from the point of encryption forward that all future keys will be different to an unencrypted back up. Although obviously it is better to just encrypt a wallet right from the start and not run in to this problem at all (or the problem of some of your keys being stored in unencrypted back ups).

Quote from: hosseinimr93 on February 21, 2023, 05:18:32 PM

o_e_l_e_o, correct me if I am wrong, please.

You are correct.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: odolvlobo on February 21, 2023, 04:56:20 PM

So, does that mean that if you have bitcoins in an unencrypted wallet that is not backed up, then you would lose those bitcoins when you encrypt it? I have never had to worry about it because I have never used an unencrypted wallet, but that seems like a problem.

I feel you didn't understand o_e_l_e_o correctly. You don't lose your bitcoin just because you encrypted your wallet.

Let's say you have an unencrypted wallet and have generated n addresses till now. You just backed up your wallet and now you want to encrypt your wallet. You encrypt your wallet and you have two backups now. One is the backup of the unencrypted wallet and the other one is the backup of the encrypted wallet.
The encrypted wallet will include all the n addresses generated by the unencrypted wallet, but the (n+1)th address generated by the encrypted wallet will be different from the (n+1)th address generated by unencrypted wallet.

So, if you have bitcoin on each of the first n addresses, you can use each of the backups for recovering your fund. If you have bitcoin on the (n+1)th address of the encrypted wallet, you can't use the backup of the unencrypted wallet for recovering your fund.

o_e_l_e_o, correct me if I am wrong, please.

odolvlobo

legendary

Activity: 4298

Merit: 3209

Quote from: o_e_l_e_o on February 21, 2023, 04:36:07 PM

Quote from: odolvlobo on February 21, 2023, 03:56:36 PM

Does it generate the new addresses by using a different path?

No, the derivation path is unchanged.

For legacy wallets, it clears the keypool, rotates to a new hdseed, and then refills the keypool from the new seed.
For descriptor wallets, it rotates the key in each descriptor to a new one.
In both cases, all previously generated addresses are saved, and it is only future ones which are changed.

You can try this yourself by creating a wallet, using either getwalletinfo or listdescriptors to see the hdseed or the descriptor keys, then encrypt your wallet. Repeat the command. In the first instance, you'll see the "hdseedid" has changed. In the second instance, you'll see all your previous descriptors marked as "active": false, and new descriptors have been generated.

So, does that mean that if you have bitcoins in an unencrypted wallet that is not backed up, then you would lose those bitcoins when you encrypt it? I have never had to worry about it because I have never used an unencrypted wallet, but that seems like a problem.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18586

Quote from: odolvlobo on February 21, 2023, 03:56:36 PM

Does it generate the new addresses by using a different path?

No, the derivation path is unchanged.

For legacy wallets, it clears the keypool, rotates to a new hdseed, and then refills the keypool from the new seed.
For descriptor wallets, it rotates the key in each descriptor to a new one.
In both cases, all previously generated addresses are saved, and it is only future ones which are changed.

You can try this yourself by creating a new unencrypted wallet, using either getwalletinfo or listdescriptors to see the hdseed or the descriptor keys, then encrypt your wallet and repeat the command. In the first instance, you'll see the "hdseedid" has changed. In the second instance, you'll see all your previous descriptors marked as "active": false, and new descriptors have been generated.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: odolvlobo on February 21, 2023, 03:56:36 PM

Is this still true? Does it generate the new addresses by using a different path?

That's still true.
Take a look at the following image. It's the message displayed by bitcoin core after I added a passphrase to an unencrypted wallet.

odolvlobo

legendary

Activity: 4298

Merit: 3209

Quote from: o_e_l_e_o on February 18, 2023, 11:02:54 AM

When you change the password on a Bitcoin Core wallet.dat file, the keypool is refreshed. This means that all existing key pairs and addresses will remain the same, but any new ones you generated with the encrypted wallet file will be different to those generated by the non-encrypted wallet file.

Is this still true? Does it generate the new addresses by using a different path?

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: o_e_l_e_o on February 18, 2023, 11:02:54 AM

You can use the non-encrypted file to spend any coins from addresses which are common to the two wallet files, but any addresses you generated in the encrypted wallet will not be reproducible in the non-encrypted wallet.

Correct. And the ~~only~~ easiest way to find out, is by letting both wallets sync.

hosseinimr93

legendary

Activity: 2380

Merit: 5213

Quote from: OmegaStarScream on February 18, 2023, 10:33:58 AM

IIRC, Bitcoin core still requires taking regular backups, right?

In the current version of bitcoin core, you don't have to back up your wallet regularly.
In the very old versions of bitcoin core, you had to back up your wallet again, once you generated the 101st address.
Versions prior to 0.13.0 of bitcoin generated 100 random addresses and once they were all used, it generated anther 100 addresses.

In the case OP has used a version prior to 0.13.0 and has generated more than 100 addresses, it's possible that the first backup doesn't include all the addresses.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18586

Quote from: olvin on February 18, 2023, 10:22:37 AM

Now I have fogot the password of encrypted wallet.dat file. So can i backup and use the old un encrypted wallet.dat file and do recover coins for doing transcations?

The wallet files will be the same up to the point where you added the password to one of them.

When you add a password on a Bitcoin Core wallet.dat file, the keypool is refreshed. This means that all existing key pairs and addresses will remain the same, but any new ones you generated with the encrypted wallet file will be different to those generated by the non-encrypted wallet file. You can use the non-encrypted file to spend any coins from addresses which are common to the two wallet files, but any addresses you generated in the encrypted wallet will not be reproducible in the non-encrypted wallet. Your only solution for any such addresses will be to bruteforce your password.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: hosseinimr93 on February 18, 2023, 10:31:22 AM

You have a wallet and you have two backups of that. One is encrypted and the other one is unencrypted. Am I getting you correctly?
If so, you can use your unencrypted file and make transaction without any need to enter a passphrase.

IIRC, Bitcoin core still requires taking regular backups, right?

If so, then he should make sure to take another unencrypted copy, especially if he has been using his wallet for all "these years" he mentioned.

UchihaSarada

full member

Activity: 434

Merit: 141

Quote from: olvin on February 18, 2023, 10:22:37 AM

One is same old file which was not encrypted with password.
Another one which i did encrypted with password phrases after few years.

Encrypted or not encrypted wallet file, it stores your private keys and the encryption is to protect that file better, prevent hackers to easily access your keys. Encryption does not change your private keys in that wallet.

Quote

My question is-
Now I have fogot the password of encrypted wallet.dat file. So can i backup and use the old un encrypted wallet.dat file and do recover coins for doing transcations?

If the unencrypted wallet file is usable, you can access private keys inside and can make transactions.
With encrypted wallet file, you must have that wallet password to access keys and make transactions.

Quote

Since its a same wallet.dat file, therfore if I backup un encrypted wallet.dat will it ask me for password phrase.

Password phrase, do you mean it is a password to encrypt that wallet?

It is confusing because you are talking about unencrypted wallet file, not encrypted wallet file. Why do you need a wallet password phrase?

hosseinimr93

legendary

Activity: 2380

Merit: 5213

You have a wallet and you have two backups of that. One is encrypted and the other one is unencrypted. Am I getting you correctly?
If so, you can use your unencrypted file and make transaction without any need to enter a passphrase.

Edit:
As mentioned by o_e_l_e_o below, the unencrypted file is useless if you want to recover an address generated after the encryption.
If you haven't used your wallet after the encryption, you should be able to access your fund using the unencrypted wallet.

olvin

jr. member

Activity: 35

Merit: 4

I got a backup wallet.dat file having couples of satoshi.
Of the same wallet file. I created two wallet.dat files.
One is same old file which was not encrypted with password.
Another one which i did encrypted with password phrases after few years.

My question is-
Now I have fogot the password of encrypted wallet.dat file. So can i backup and use the old un encrypted wallet.dat file and do recover coins for doing transcations?
Since its a same wallet.dat file, therfore if I backup un encrypted wallet.dat will it ask me for password phrase.

Topic: Wallet backup & encrypted question (Read 208 times)