Password Recovery
8 minute read

How to Recover your Unencrypted Paper Wallet, or your BIP38 encrypted Paper Wallet

Published on
March 16, 2023
How to Recover your Unencrypted Paper Wallet, or your BIP38 encrypted Paper Wallet
TABLE OF CONTENT
Subscribe to our newsletter
Read about our privacy policy.

How to Recover your Unencrypted Paper Wallet, or your BIP38 encrypted Paper Wallet

The very first Bitcoin wallets weren’t particularly concerned with security. They were written to be run on internet-connected computers, and the first wallet, Bitcoin core, didn’t even give its users the option of protecting their wallet with a password.

That’s because in early 2010, Bitcoin had almost no value – and it was much more important to introduce people to Bitcoin than to secure it.

However, by 2011, Bitcoin thefts were beginning to be reported. One early reaction to the risk of remote Bitcoin thefts was paper wallets. Paper wallets were an early form of “cold” wallet, and they essentially stored the private key of a wallet on paper. The paper could then be put in a safe location, far from the prying digital hands of a remote hacker. Depending on which sources you read, paper wallets were popular from roughly 2010 - 2016.

What is a Bitcoin paper wallet?

Before we cover the topic of paper wallets, we have to talk a bit about what Bitcoin is, and what actually gets stored in a Bitcoin wallet.

A Bitcoin is simply a string of numbers and letters stored in a log of transactions called the Bitcoin blockchain. “Owning” a Bitcoin means that you have the tool that lets you transfer or spend it. This tool is called a “private key”, and it’s actually just a very, very large number. This private key can sign transactions and broadcast them to the network. In a practical sense, your private key is a sort of combination of a username and a password.

A Bitcoin wallet is a secure way to store your private key, and it typically provides functionality to make it easier to send and receive Bitcoin.

The simplest version of a paper wallet is to write your private key on paper, delete any online versions, and then simply store that piece of paper somewhere safe. No remote hacker can access the private key, because it isn’t available anywhere online.

(A simple analogy in the fiat world would be to store your money as cash in your mattress.  No one can steal your funds by stealing the login to your bank account, because your money is stored offline.)

Editor’s note: In a sense, writing your 12- or 24-word seed phrase on a piece of paper is also creating a paper wallet. However, this is not what people mean when they talk about paper wallets.

However, generating a private key by hand is complicated and if you incorrectly write down even a single letter, you risk losing any funds controlled by that private key for all time. 

As a result, in 2011, several online tools were created to make it easier (and more secure) to randomly generate a private key, and print it on paper – so that there was no risk of writing the key incorrectly. These tools are called paper wallet generators.

One example is BitAddress.org. It was created in such a way that users could load the wallet creation page, then disconnect their computers from the internet, generate a paper wallet, and then print it out before reconnecting to the internet.

But, simple paper wallets left some security issues – for example, what if someone found your paper wallet?  They could simply import the private key into a new wallet and steal your funds.

So, why not assign a password to your paper wallet?

What is a BIP38 encrypted Paper Wallet?

Beginning in 2013, the BIP38 protocol offered a way to add an additional layer of security to a paper wallet by encrypting the private key with a password.

To create a BIP38 encrypted paper wallet, a user would first generate a new set of public and private keys using a software program or online service. Once the keys were generated, the private key was encrypted using the password chosen by the user. This encrypted private key was then printed on the paper wallet, along with the public key and the address to which the funds could be sent.

To access the funds stored on a BIP38 encrypted paper wallet, the user would enter the password to decrypt the private key and then import that key into a digital wallet.

What Can Go Wrong with Paper Wallets?

Paper wallets mitigate the primary risk of an online or “hot” wallet – that a hacker can remotely steal your private key, and thereby all of your funds.

But, paper wallets share some of the same risks as hot wallets:

  • Fire: in the same way that a fire can destroy a desktop or laptop computer that stores a “hot” wallet, a fire can easily destroy a paper wallet.
  • Flood / water damage: this risk can be overstated – for both computers and paper wallets. Many times, wet hard drives can be recovered, and paper wallets can be dried without the ink disappearing.  But, long term exposure to water can certainly destroy a hard drive and it can do the same to paper.
  • Human error: unless you take care to keep your wallet in a safe location, you can throw it away while cleaning out your office or moving homes.
  • Forgetting your password: this is problematic for both hot wallets and bip38 encrypted paper wallets.

And, paper wallets have one risk that hot wallets don’t share: ink fades over the course of a few years, and paper wallets can become unreadable.

Probably the single biggest risk of paper wallets, though, is that people have often used widely available tools to create them – but some of these tools have come under scrutiny for having backdoors that make them insecure.

Here are two examples:

Is it Possible to Recover a Lost Paper Wallet?

In many cases, the answer is “Yes”, these paper wallets can be recovered.  But, it depends on how and why they were lost.

Here are some examples of “recoverable” lost paper wallets:

  • Private keys that were not encrypted, but the owner isn’t exactly sure what every character in the private key is. This can happen for a few reasons:
  • They printed the private key, but a few of the characters are no longer readable
  • They hand-wrote the private key, and made a mistake, either leaving out characters, writing unreadable characters, etc.
  • Private keys that are encrypted, but they have an incorrect password. In this case, it’s important that the owner have good guesses about what the password likely is.

Crypto Asset Recovery may be able to help you recover your paper wallet in many of these scenarios – please contact us for more information.

Frequently Asked Questions about Paper Wallets

How can you tell whether you have an encrypted or an unencrypted paper wallet?

BIP38 encrypted private keys always begin with the string “6P”, and it will be 58 characters long.  For example, here’s a BIP38 encrypted private key: 6PYKNsNn1Fq1QrAG581zP1t1KdmPDoncTeeXnHvugPdFvxvkJWjH1DRNX1

Unencrypted private keys will never start with the number “6”.

Unencrypted private keys will start with 5, K or L.

What Characters can be included in a Paper Wallet Private Key?

Private keys are typically printed in Base58.  

Base58 is an “alphabet” that has 58 characters: 

  • The digits 1 - 9 (it excludes zero)
  • All the upper and lowercase letters, with the exception of uppercase “O”, uppercase “i” and lowercase “L”. 

It’s very easy to confuse “0” and “O”, and it’s easy to confuse “I” and “l” – so Base58 simply skips them.

To say that differently, if you’re confused by the letters in your private key, you can be confident that there are no zeros, uppercase “o”, uppercase “i” or lowercase “L”.

Do paper wallets have 12 word recovery phrases?

No, we’re not aware of any paper wallets that generate private keys from 12- or 24-word recovery seeds.

This means that you can’t recover your paper wallet with a 12 word recovery phrase – because the private key stored in that paper wallet never had a recovery seed.

The “backup” method of a paper wallet was essentially to make copies of the wallet.

If you wrote down your unencrypted private key incorrectly, what steps can you take?

Essentially, you need to try many variations of your private key, until you find one that opens your wallet.

Let’s say that you have your entire private key printed out, but you can’t quite read your handwriting, and  you aren’t sure if one of the characters is a “4” or a “9”.

You could download a wallet like Electrum, open a new wallet, type in all the characters (assuming that the confusing character is a “4”), and then see if Electrum opens your wallet.  If it does, you’ve recovered your wallet, and you can send the funds to another wallet.

If that doesn’t open your wallet, then you can try the same thing again, this time substituting a “9” for the confusing character.

However, what happens if you hand-wrote the characters in your private key, and you discover that you only wrote 51 of its 52 characters? You accidentally skipped a character when writing your private key? Now, you have to try 58 different possible characters in 52 possible places.  And you have to open the wallet each time at the end, to see if you found the right combination.

That’s hard to do on your own – but, we can do it with software.  Contact us for more information.

If you have the correct encrypted private key, but an incorrect password, what can you do?

The answer really depends on what you know about the password. If you believe that the password was a long (10+ character), randomly generated string, then your only real strategy is to find a backup for that password. Perhaps you wrote it in an email, or a notebook, stored it in a password manager, etc. If you can’t find it, store the encrypted private key and your notes about the password safely, in the hopes that in the future it might be able to be recovered.

However, if you aren’t sure what the password is, you can try passwords that you commonly used in the past, in the hopes that you used one of those passwords for this wallet. In addition, Crypto Asset Recovery can turn those commonly used passwords into millions, billions or more password variations, and test them against you private key until we find the correct password.  Contact us for more information.

If you divided your private key into parts, then lost one or more of the parts, what can you do?

One strategy people have tried to improve the security of their private keys is to divide the key into several pieces, and store them in different locations.

Imagine you had the following private key:

KywKMv5eCKwPWTbdmLLKx6eqvJvw5fmSCHStv1RoV4RHKyDmb2jk

Now, imagine you wrote the first 26 characters on one piece of paper, and the second 26 characters on another:

  1. KywKMv5eCKwPWTbdmLLKx6eqvJ
  2. vw5fmSCHStv1RoV4RHKyDmb2jk

Anyone that found one of the pieces of paper would be out of luck – they would need both to take funds.

It’s true that this strategy is quite secure against theft – the problem is that you have doubled your chances of losing access to your funds – because if either half is lost, it’s currently impossible to recover the 2nd half.

(It’s probably practical to recover 5 missing digits, but not 26)

So, if this is your situation, my only advice is to safeguard the half that you still have – perhaps there will be a revolutionary computing advance at some point that would allow you to brute force the remainder.

Did some Wallets provide Paper Wallets as a backup?

Yes, StrongCoin.com, a online, browser-based self-custody wallet, provided a paper wallet as a backup. That wallet included an encrypted version of the user’s private key – although it did not use the encryption scheme documented in BIP38.

Crypto news and insights, delivered weekly

All the Latest on Crypto news, Wallet Security, and DeFi in 10 Minutes or Less
We care about your data in our privacy policy.
Stay up to date
We care about your data in our privacy policy.
© 2023 CryptoAssetRecovery.com, LLC. All rights reserved.