where are the private stored on Electrum and Jaxx (Debian) ?

matt313

newbie

Activity: 20

Merit: 0

I have got quickly an answer of the Exodus support :

Quote

Thanks so much for getting in touch with us here - I'd be happy to help you locate your seed files in Exodus!

Just like Electrum, they're in a hidden folder on your Home directory - the full pathname is:
/home/username/.config

The seed itself is located in a file called seed.seco within the exodus-wallet folder. If your aim is to back this up manually, Seb, you'll probably want to copy the entire directory just in case.

However, Seb, backing up wallet files containing private keys in this manner is a relatively outmoded way of doing things and is really only applicable in full node/QT style wallets. The best way to back up and restore your wallet will usually be via your 12 word seed phrase, which has been part of BTC since BIP39 and has since been added to most other coins

matt313

newbie

Activity: 20

Merit: 0

Hi!
I'm now using Exodus. Jaxx was only "secure" with a PIN code... Sad

I have the same question with Exodus : where the software is storing my private keys ??

I'm searched on the internet and the only answers I found is something like:

Quote

« Locally Stored Private keys: Your private keys for Exodus are stored locally on your computer, at no moment are they stored online on any server »

or

Quote

« The Exodus backup system only backs up encrypted metadata (transaction data) - no keys are ever stored on any servers. In addition, this metadata is encrypted so the backup remains secure to you with your password. This is another way of saying your backup files are useless to anyone else, only you with your password, can read and use your data.

If your computer breaks, you can use the Exodus backup system in conjunction with a secure link in your email to restore your wallet. This link is protected by both your passphrase and an Exodus 'key' »

https://support.exodus.io/article/46-where-are-my-private-keys-stored

So... how and where is it stored? I'm using Linux. The idea is to copy the file offline in case of keylogger...

HCP

legendary

Activity: 2086

Merit: 4363

Quote from: matt313 on November 21, 2017, 01:29:22 AM

The file default_wallet is currently stored in plain text. Do I have to secure it more? What's the use of the electrum's password?

Plaintext just means that your wallet file is not encrypted. However, an Electrum wallet can have THREE states:

1. Unencrypted file, unencrypted data - EVERYTHING is in plain text (including private keys/seed)
2. Unencrypted file, private keys/seed encrypted - File is in plain text, but important data like private keys/seed is encrypted using wallet password
3. Encrypted file, encrypted data - Entire file AND important data contained with in are both encrypted using wallet password.

Quote

Is it just encoded in base64 or both encoded and encrypted? (base64 is not an encryption protocol). And if encrypted, is the line "seed": "...", the result of the encryption of the set of the words with my electrum password?

If you have a wallet password set, then the private keys (and seed) WILL be encrypted... the file itself is only encrypted if you tick the "encrypt file" box when setting a password.

Quote

On the software, I did Wallet > Export my private keys.

Then, Electrum generate 32 lines like that :

"19RMXtXmXFuF2wgYigLRZswN9Jcw60qdt3" "5H45CGM8rMjxEXxiPuD5BDxh9ZxSdrM4q9qM6wiuGBdioGYMqGW" (those are not mine ^^)

(https://en.bitcoin.it/wiki/Wallet_import_format)

Does it mean that the set of 12 words is able to generate multiple private keys?

Yes, if you have 12 words, you have an "HD" wallet... these are designed to generate an "infinite" number of private keys from the seed that is able to be restored from your 12 words... The same 12 words will always generate the same list of private keys.

matt313

newbie

Activity: 20

Merit: 0

Thanks a lot for those links and informations. I understand quite better how it works...

Quote

in both cases if you have encrypted your wallet fully, you can not see the JSON format at all. if it is only key encryption you will see the JSON but in front of the keys or seed or xprv (the sensitive information) you will see a base64 string which is the encrypted version of each one.

The file default_wallet is currently stored in plain text. Do I have to secure it more? What's the use of the electrum's password?

Quote

your seed is a base64 string because it is encrypted, if you remove the encryption from your wallet you will see a set of words which are the only things you need to backup and you will be able to restore your wallet using these words.

Is it just encoded in base64 or both encoded and encrypted? (base64 is not an encryption protocol). And if encrypted, is the line "seed": "...", the result of the encryption of the set of the words with my electrum password?

On the software, I did Wallet > Export my private keys.

Then, Electrum generate 32 lines like that :

"19RMXtXmXFuF2wgYigLRZswN9Jcw60qdt3" "5H45CGM8rMjxEXxiPuD5BDxh9ZxSdrM4q9qM6wiuGBdioGYMqGW" (those are not mine ^^)

(https://en.bitcoin.it/wiki/Wallet_import_format)

Does it mean that the set of 12 words is able to generate multiple private keys?

pooya87

legendary

Activity: 3472

Merit: 10611

the "mpk" is your "master public key", you can use that to get all your addresses only (no private key). it is used for offline-online pair wallet where you create a wallet offline which has private keys and another with your mpk online which only has addresses.

your seed is a base64 string because it is encrypted, if you remove the encryption from your wallet you will see a set of words which are the only things you need to backup and you will be able to restore your wallet using these words.
the type is saying old because you are probably using an old version of Electrum (anything before 2.0) or your wallet/seed was created with an old version and because of that you are seeing 12 words instead of the new 13

you can read more about Electrum Seeds on the wiki here: http://docs.electrum.org/en/latest/seedphrase.html

matt313

newbie

Activity: 20

Merit: 0

Thanks pooya87 !

I haven't found "xprv", "xpub" (neither "keypairs").

In the electrum wallet, I see :

"keystore": {
"mpk": "", <-- 128 hexadecimal numbers
"seed": "", <-- 88 alphanumerical caracters
"type": "old"
}

Is this seed able to generate the private key from the Master Public Key ? (btw, what is the mathematical link between the private key and the 12-words seed?)

pooya87

legendary

Activity: 3472

Merit: 10611

in Electrum, yes private keys are stored in your wallet file in a "JSON with formatting" format. different wallet types may contain different JSON keys. for example if you have a normal wallet with seed you will have

Code:

"keystore": {
"seed":....
"type":....
"xprv": ....
"xpub":...

in an HD wallet like electrum you don't need individual private keys, you have a "master key" which is the seed or the xprv line.

and if it is an imported wallet with imported private keys you will have

Code:

keystore": {
"keypairs": {...

which will contain your key pairs.

in both cases if you have encrypted your wallet fully, you can not see the JSON format at all. if it is only key encryption you will see the JSON but in front of the keys or seed or xprv (the sensitive information) you will see a base64 string which is the encrypted version of each one.

i have never used JAXX so i don't know how it stores everything.

matt313

newbie

Activity: 20

Merit: 0

Hi!
I'm using Debian Linux. I've installed Electrum for BTC and Jaxx for altcoins.

I have some security questions.

Electrum stores a "default_wallet" text file on /home/user/.electrum
I read this file (which is a clear plain text) but I've understand it well. Is the private key here? Is the key encrypted and how?

With Jaxx, I haven't found where are the private keys on my hard disk. Jaxx is only asking a 4-digits pin code.
Where are the private keys stored? Is it really secure if my private keys are encrypted with a simple pin code? Huh

Topic: where are the private stored on Electrum and Jaxx (Debian) ? (Read 851 times)