How to Send your Wallet with no Risk of Theft
Some cryptocurrency wallets are designed in such a way that you can send us the wallet without actually putting the Bitcoin in the wallet at risk. This means that even if we recovered your password AND wanted to steal it, we couldn’t.
How It Works
Bitcoin wallets — and the wallets of alt-coins that are close Bitcoin cousins — contain many different addresses to receive Bitcoin. Typically a wallet may store Bitcoin at a few of these addresses, but not all of them. However, all of the addresses are secured with the same password.
If you have a qualifying wallet, you can extract the portion of the wallet responsible for authentication (the Master Key and the Salt) and a couple of the Bitcoin addresses which do not contain Bitcoin. We can then test passwords against the Master Key.
Wallets which allow 100% secure password recovery:
- bitcoin-core
- bitcoin-qt
- bitcoind
- dogecoin
- litecoin
- many other alt-coin wallets
Wallets which do NOT allow 100% secure password recovery:
- Armory
- BIP38 encoded wallets
- BitGo
- Blockchain.info
- Electrum
- Ethereum wallets
- Multibit
Instructions
Prepare for some geekery. 🙂
Pre-Requisites:
- Download and Install Python 2.7
- Python for Windows
- Python for MacOS
- Python for Linux (source code)
- Download and install pywallet.py
Run pywallet:
python pywallet.py –dumpwallet –wallet=/home/test-user/wallet.dat > partial-wallet.txt
The final part of that command line (” > partial-wallet.txt”) will copy the output into a text file named partial-wallet.txt
Open the file partial-wallet.txt in a text editor.
You will likely see a couple of thousand lines of text.
Search within the file for the key-value section named “mkey”, which looks like this:
"mkey": { "encrypted_key": "2e2c3b9b58e9b33c9599b4472e83c136e6246120c45e390daa6a57476e7fbe4f57d83f79d75f9b4c1db680fe5a846cb8", "nDerivationIterations": 67908, "nDerivationMethod": 0, "nID": 1, "otherParams": "", "salt": "4593aff5639179c7" },
You want to send us that entire mkey section, plus several of the address sections that are not funded. (That is, that have the “reserve” key set to “1”).
Here’s an example:
{
"addr": "1DTqhoX4pP3tRHmWYpdtzp297TKLy4Dhiv",
"compressed": true,
"encrypted_privkey": "9fb55a49934e66092e6f61208c528398785ffc108ad804b92f30bfd799a56e1464b590adebdaffacb3eda0f6b50974d1",
"pubkey": "03f8eb49e0b4c70cfdd28d4cdd4ec0c927575f88d51c70185f01a4397e198c4dd2",
"reserve": 1
},
{
"addr": "1JEtNGakiSeeZDdzGNTrbvBoKp19vhe4Q6",
"compressed": true,
"encrypted_privkey": "ccb73a94081a82c8f98f036028f60b10ec80867c9f2665305ba26768778b1325ed18e85ac841995d52f87da0f3229ecc",
"pubkey": "03f9f8a4df244752c6c9f52fa1fe06747e6e632dc2d03f70aaea8f045865dda707",
"reserve": 1
}
Be sure to delete any of the address blocks that contain funds (ie those with a “label” key instead of a “reserve” key).
Send us the resulting text file.
