Topic: wallet.dat and co - page 2. (Read 1264 times)

A couple posts above, you gave following answer:

I do speak a reasonable amount of French (eventough you are not allowed to post non-english posts outside the regional subforum). But what i'm seeing here is that you named your wallet wallet222.dat. So, if there is no wallet.dat @c:\python27, the command will fail...

Maybe you could try:

Just on a sidenote, this debate has been going on for days, and i sometimes feel like we're going around in circles on this one... Is there anybody you trust for 100% that's tech-savvy and is able to help you with this task? Even if you're tech-savvy yourself, it wouldn't hurt to have a second pair of eyes looking at this thread while having physical access to your system (and the wallet-file itself).

Well ...
Another problem.
I write the correct command line. The one below:

C: \ Python27> python pywallet.py --dumpwallet --wallet = C: \ Python27 \ wallet.dat> wallet.txt.

And it is written "every time":

"Warning: root: pycrypto or libssl bit found, decryption may be slow Error: root: couldn't open wallet.dat / main. Tu quitting bitcoin and running this again."

do you have the solution to the problem, please?

Maybe there's nothing left on it? That's what I think

Yes... I should have mentioned that you're not likely to see any errors, but all the output will go to wallet.txt file.

In wallet.txt you might see a few hundred lines of weird errors like "Wallet data unknown" or something similar at the start... then you should see all the keydata output similar to this:

The private keys in WIF format are highlighted above... in the "sec" field... you need to import those into the wallet of your choice.

Can I ask why you keep putting "spaces" in your posts? It's kinda confusing and difficult to tell if you're copy/pasting things which are "incorrect" or if it's just the way you're typing your posts!

Anyway... try and copy/paste this entire command exactly as it is shown:

Based on what you've written, the command (with proper spacing) should be:

NOTE: This command should be used in the folder where pywallet.py is located!

Also, is the wallet file actually called "walletfile.dat"? or is it the standard "wallet.dat"? Obviously, it's very important you type the correct filename! If you don't use the correct filename for the --wallet argument you will indeed get the error:
As, obviously, the script will be unable to locate the file


If you tell me:

1. The folder where Python.exe is located
2. The folder where pywallet.py is located
3. The folder where "wallet.dat" is located
4. The actual name of your wallet.dat

I will be able to give you the commandline to run that should dump the wallet contents for you.

So, there I uninstall python38
(it says that it is not in the machine but it is marked in control panel and I cannot uninstall it completely, but all the files are in the recycle bin),
i reinstall python27, found pip and redirected it to python27.
1) I installed ecdsa and yet still the same errors ...
"ecdsa package is not installed pywallet won't be able To sign / verify messages."
2) There I tried again it seems that there is no more the ecdsa error .. !!! I am happy !!! Yes!

But again and again this message below
"Error: root: couldn't open wallet.dat / main. Tu quitting bitcoin and running this again."

It disgusts me...

After the sentence you whispered in my ear. I type entry I tone on that every time.

"Warning: root: pycrypto or libssl bit found, decryption may be slow Error: root: couldn't open wallet.dat / main. Tu quitting bitcoin and running this again."

As a reminder of the sentence or command line:

C: \ python27> pywallet.py --dumpwallet --datadir = C: \ DirWallet --wallet = walletfile.dat

"In search of the miracle x)"

You shouldn't attempt to run PyWallet with Python 3.8 (Python 3.x introduced a LOT of non-backwards compatible changes that can break a lot of scripts that were written for Python 2.x)... Note that Pywallet was written for Python 2.7.

So, I'd recommend uninstalling Python 3.8 (assuming you don't need it for anything else), and then installing the latest version of Python 2.7 for your OS from here: https://www.python.org/downloads/release/python-2718/

Once you have Python 2.7 installed, if you continue to get errors relating to "ecdsa", you need to install the "ecdsa" package using "PIP":

NOTE: pip.exe should be located in the "Scripts" folder where python.exe is located (by default, Python 2.7 installs to C:\Python27... so pip would be in C:\Python27\Scripts)

No worries, glad to (hopefully) be of some help... please do keep us updated whether you are successful or not. It's nice to know what the final result was!

Good Luck!

Then it seems that PyWallet was not able to recover anything useful... it found 6 objects (while scanning the first 8gigs of F: drive) that it thought might be wallet.dat files, but was unable to actually retrieve any keys from these objects.

That could be caused by PyWallet only finding a small fragment of the wallet.dat file on the disk, or possibly that an incorrect wallet passphrase was used when trying to recover.

If dumpwallet (or the hex editor method) is allowing you to export the keys, then you're probably better off just ignoring the "--recover" option in PyWallet for now and just get to importing those private keys manually.

You can speed up the process by either:

1. when using importprivkey in Bitcoin Core, use the "false" value for the "rescan" argument... so:

Until you get to the very last key... then use true... that way, Bitcoin Core will only run a rescan once for all the keys, rather than running rescan every time you run importprivkey (which can take a very long time!)

or

2. You can bulk import the WIF private keys into an SPV wallet like Electrum... it'll load and scan all the private keys in a matter of minutes.

Yes, there is likely to be a minimum of 100 keys (That's what the old keypool minimum was)... at some point I believe the keypool was increased to 1000 keys.


I'm not sure what you mean by this exactly?

If you create a brand new wallet in Bitcoin Core, you will be able to import all the private keys using importprivkey command. It will be slow and annoying, but it will work.

Using --recover with PyWallet... should, theoretically, create a "valid" wallet.dat that you should be able to open using Bitcoin Core... Unfortunately, I do not know of an easy, realiable way to "corrupt" a wallet.dat so that I can test the "--recover" option with PyWallet and see if Bitcoin Core will then load the recovered wallet.dat

As mentioned in the other thread, if your wallet file didn't have a password, you should be able to search the file for the hexstring: 0201010420

The 32 bytes of data following that string should be a private key (in hex). You can then use other tools like bitaddress.org to convert that hex to a private key in WIF format that could be imported into a wallet.

---

I quickly downloaded a free hex editor called "WinHex"... then opened a copy of an old wallet.dat that has no password... and did a hexstring search:



We use 020101420 as the string to search for:



This finds the following location in the wallet file:



So, now we want the next 32 bytes... a "byte" is TWO hex characters, so we want to copy the next 32 pairs of characters:





In this instance, we get:


We put that into the "wallet details" tab on bitaddress.org and click "view details":



We get the following:



Now, that is just ONE key... the wallet.dat will have multiple locations of "0201010420", you need to find every instance of the hex 0201010420 in your wallet.dat and then get the 32 bytes following that and convert them to a private key.

---

---

Searching for individual hex private keys in a wallet.dat is a long, tedious process... honestly, using the PyWallet "dumpwallet" command is likely to be a lot easier:

for instance, if my wallet file was in J:\Dump\ and called "wallet.dat", and I wanted to store the output in a file called walletdump.txt, I would use the command:


NOTE: When you open the walletdump.txt file, depending on how "old" the wallet file is, you might see a bunch of warnings like this:



That's fine, you can just ignore them... scroll down until you find the line that starts "The wallet is not encrypted":



All your private keys/addresses will be displayed below that. The private key (in WIF format) is the field labelled "sec".

As mentioned in that topic... it only works if your wallet.dat had no password.

If your wallet.dat had a password set, then the private key data is stored encrypted, so you cannot simply do a search with a hexeditor to retrieve the private keys.

@Dydy94: non-english posts are only acceptable in the regional subforum... Your post will probably be deleted soon, so i tought i'd post the url to pastebin in case your post "dissapears":

https://pastebin.com/SwHLAAQT

Did you actually specify the correct values for those options? You need to specify the size of the device, what the device actually is, and where to put the output.

for example, if you were scanning a 8gig thumbdrive that was connected as F:, and you wanted to put the recovered files in C:\temp, you would use something like:


Honestly, you'd need to copy/paste the actual contents of the debug.log file for people to be able to diagnose it properly. Giving us little snippets of the debug output does not help much The debug.log file is probably quite large, so my advice would be to shutdown Bitcoin Core, delete the debug.log file, try and restart Bitcoin Core.

After it has failed and shutdown again, then open debug.log again and copy/paste the entire contents of debug.log to https://pastebin.com/ and click the "create new paste" button. It will generate a unique URL for you. Finally, copy/paste that unique URL here.

NOTE: debug.log does not contain any "secrets", so you don't need to worry about anyone being able to steal your coins or anything, but it may reduce your privacy by showing IP addresses etc.

Hello. I have used pywallet before with:

--recover --recov_size --recov_device --recov_outputdir

I don't know where this is taking me

And with :

Pywallet 2.2 which does not work very well .. I could not get anything out of it

"salvagewallet" failed then... It would appear that the wallet file is too corrupted for Bitcoin Core to be able to recover it. You will need to try an alternative method of extracting the private keys from the wallet.dat.

Unfortunately, most of the mthods available require the knowledge and use of command line tools and Python scripts like "PyWallet". These are not "start a program, click a button"-type solutions. Additionally, there is no guarantee that they'll be able to recover anything depending on how corrupted the wallet.dat is.

How much experience do you have with the commandline and Python scripts?

You'll need to have a look in the debug.log file in the Bitcoin Core "Datadir" and see what error is being logged when it shuts down... without knowing that error, no one will be able to tell you why it is doing what it is doing, nor how to fix it.

Unless you have a fully synced copy of it already available on a another trusted machine, the "fastest" way to sync it is to just let Bitcoin Core sync "naturally"... There are other tips, like use an SSD to store the blockchain/chainstate data, if you have a lot of RAM set the "dbcache" value to at least half your total RAM size etc.

Yes, it takes hours/days, but there really isn't any way to avoid it.

How can a full node of a blockchain be quickly retrieved? I don't want to wait for bitcoin-core sync to complete.

dumpprivkey is a very "slow" way to export multiple private keys... If you have a large number of private keys to export, using dumpwallet is a faster option

The full command is:

For example, on Windows... to output to a file called "Keys.txt" on your D: drive in a folder called "walletdump", you would use: