Bitcoin phrase wallets

Trinitron · November 29, 2022, 3:59pm

Does anyone remember when it was common to generate a bitcoin wallet from any possible phrase? Like you would take a sentence from a favorite book and use that as your key.

I remember a story in 2017 or so that it appeared someone had ran the majority of written history through a scraper and drained many such wallets.

I can’t find a wallet generator like that anymore, maybe they have all gone offline now that it’s known to be insecure. But there were some fun ones to check like if you just entered “bitcoin” as the seed phrase people would be running transactions through that wallet as a public pot game.

Trinitron · November 29, 2022, 4:20pm

It looks like maybe these were “deterministic wallets”.

And here’s one generator but I’m not sure if it was a standard or if different generators worked differently.

https://keybase.io/warp/warp_1.0.9_SHA256_a2067491ab582bde779f4505055807c2479354633a2216b22cf1e92d1a6e4a87.html

Trinitron · November 29, 2022, 4:42pm

I think it would be fun if we could do these in grin.

NicolasFlamel · November 30, 2022, 12:59am

You could use the SHA-512 hash of any possible phrase as the extended private key for a Grin wallet and it would work most of the time, but, as you already pointed out, this is a bad idea due to people not being very good at thinking up random phrases.

Trinitron · November 30, 2022, 1:15am

Perfect, anyone know of a relatively easy way to get a 512 key into any of our current wallet apps?

NicolasFlamel · November 30, 2022, 2:15am

I don’t know Rust, so take this with a grain of salt. You can replace this line in grin with hasher.append_sha512("any possible phrase".as_bytes()); to hardcode a passphrase into it. I think that will work without breaking too much else.

Then you’d need to change these files in grin-wallet to use your modified grin repo:

Don’t use this on mainnet I can send you some Grin testnet coins if you really want to try this.

Trinitron · November 30, 2022, 2:25am

Nice. I need to insert that before building grin wallet right? And then any ideas what to do once it’a built to execute that?

NicolasFlamel · November 30, 2022, 2:36am

Here’s the generalized steps that you’d need to do.

Download the grin source code: git clone https://github.com/mimblewimble/grin.git
Edit this line in grin with your hardcoded passphrase.
Download the grin-wallet source code: git clone https://github.com/mimblewimble/grin-wallet.git
Edit the Cargo.toml files in grin-wallet to use the package that you modified step 2.
Build the grin-wallet that you modified in step 4: cargo build
Run the compiled grin-wallet program to create a Grin wallet: ./target/debug/grin-wallet --testnet init

Trinitron · November 30, 2022, 3:14am

Thanks I’ll give that a try sometime.

tromp · November 30, 2022, 7:34am

To make a seed from a seedphrase, it is crucial that you use an extremely costly transformation.
One possibility is to use the seedphrase to seed siphash and try solve the corresponding cuckatooN graph, where N > 32. For any long enough cycle, its cyclehash will make a good masterkey.

This follows the basic idea of key stretching/strengthening [1].

[1] Key stretching - Wikipedia

Trinitron · November 30, 2022, 1:20pm

Is the idea that this cost would prevent the scraper and other attacks? The “bitcoin” wallet would still be easy to guess right?

tromp · December 1, 2022, 8:08am

Yes, the scraper and brute force attacks are not very effective when taking gigabytes of memory and multiple seconds (or even minutes) per guess.

Topic		Replies	Views
Vanitygen for Grin Development and Technical Discussion	8	751	June 12, 2023
First GRIN Paper-Wallet with pre-loaded seed	17	1653	December 8, 2019
Opinion: seedphrases are terrible UX Rants & Flames	2	342	October 2, 2022
Grin wallet (for dummies) Tech Support	11	1949	January 28, 2019
Solved: Failed to Restore a 24 word seed on grin++	5	389	April 23, 2021

Bitcoin phrase wallets

Related topics