Password Recovery
9 minute read

How to Send your Wallet with no Risk of Theft

Published on
March 16, 2023
How to Send your Wallet with no Risk of Theft
Subscribe to our newsletter
Read about our privacy policy.

How to Send your Wallet with no Risk of Theft

Some cryptocurrency wallets are designed in such a way that you can send us the wallet without actually putting the Bitcoin in the wallet at risk.  This means that even if we recovered your password AND wanted to steal it, we couldn't.

How It Works

Bitcoin wallets -- and the wallets of alt-coins that are close Bitcoin cousins -- contain many different addresses to receive Bitcoin.  Typically a wallet may store Bitcoin at a few of these addresses, but not all of them.  However, all of the addresses are secured with the same password.

If you have a qualifying wallet, you can extract the portion of the wallet responsible for authentication (the Master Key and the Salt) and a couple of the Bitcoin addresses which do not contain Bitcoin.  We can then test passwords against the Master Key.

Wallets which allow 100% secure password recovery:

  • bitcoin-core
  • bitcoin-qt
  • bitcoind
  • dogecoin
  • litecoin
  • many other alt-coin wallets

Wallets which do NOT allow 100% secure password recovery:

  • Armory
  • BIP38 encoded wallets
  • BitGo
  • Electrum
  • Ethereum wallets
  • Multibit


Prepare for some geekery. :)


Run pywallet:

python --dumpwallet --wallet=/home/test-user/wallet.dat > partial-wallet.txt

The final part of that command line (" > partial-wallet.txt") will copy the output into a text file named partial-wallet.txt

Open the file partial-wallet.txt in a text editor.

You will likely see a couple of thousand lines of text.

Search within the file for the key-value section named "mkey", which looks like this:

"mkey": {
        "encrypted_key": "2e2c3b9b58e9b33c9599b4472e83c136e6246120c45e390daa6a57476e7fbe4f57d83f79d75f9b4c1db680fe5a846cb8",
        "nDerivationIterations": 67908,
        "nDerivationMethod": 0,
        "nID": 1,
        "otherParams": "",
        "salt": "4593aff5639179c7"

You want to send us that entire mkey section, plus several of the address sections that are not funded. (That is, that have the "reserve" key set to "1").

Here's an example:

"addr": "1DTqhoX4pP3tRHmWYpdtzp297TKLy4Dhiv",
"compressed": true,
"encrypted_privkey": "9fb55a49934e66092e6f61208c528398785ffc108ad804b92f30bfd799a56e1464b590adebdaffacb3eda0f6b50974d1",
"pubkey": "03f8eb49e0b4c70cfdd28d4cdd4ec0c927575f88d51c70185f01a4397e198c4dd2",
"reserve": 1
"addr": "1JEtNGakiSeeZDdzGNTrbvBoKp19vhe4Q6",
"compressed": true,
"encrypted_privkey": "ccb73a94081a82c8f98f036028f60b10ec80867c9f2665305ba26768778b1325ed18e85ac841995d52f87da0f3229ecc",
"pubkey": "03f9f8a4df244752c6c9f52fa1fe06747e6e632dc2d03f70aaea8f045865dda707",
"reserve": 1

Be sure to delete any of the address blocks that contain funds (ie those with a "label" key instead of a "reserve" key).

Send us the resulting text file.

If you run into trouble, please reach out!

Crypto news and insights, delivered weekly

All the Latest on Crypto news, Wallet Security, and DeFi in 10 Minutes or Less
We care about your data in our privacy policy.
Stay up to date
We care about your data in our privacy policy.
© 2023, LLC. All rights reserved.