Grin-recover.py - A Python wallet recovery tool

Development and Technical Discussion
1

grin-recover.py - A Python wallet recovery tool

I created a simple script to help recover or brute-force grin wallets.
I hope it will be useful :smile:

Motivation

I build this recovery script/tool for three reasons:

  1. I thought it would be fun to make such a tool :smile:
  2. I hope it will be useful to have this tool for the project. In the coming Bull market(s), people often find out they forgot some of their wallet passwords. This tool can help you regain access to your valuable ใƒ„ as long as you have some knowledge of your password.
  3. I wanted to showcase how easy and useful it is to have a Python library like @renzokukenโ€™s Grinventions mimblewimble-py around. At the moment there is a Funding/Donation discussion going on for this project.
    Should the CC donate to Grinvention - mimblewimble.py? - #20 by nirg

Time it took to build this tool

  • <1 hour of coding
  • 1 hour of documenting*
  • 1 hour debugging to get mimblewimble-py to work because I have too many Python versions installed on 1 PC :upside_down_face:

I hope this shows how convenient it is to have Python libraries for various Grin components laying around. Below I will paste the content of the Readme.md file from github where I showcase the tool and discuss implications.

##################################################################################

grin-recover.py - A Grin Wallet Recovery Tool

keys2
keys21600ร—800 287 KB

grin-recover.py is an easy to use recovery script/tool to unlock your lost grin wallet,โ€ฆ Alohomora!.
The scripts takes passwords printed from the console as input (STDIN) and tests if your wallet file can be unlocked.
This tool is powered by Grinventions mimblewimble-py library:

If this recovery tool was useful to you, you can thank the developer by donating to any of the following funds:

# Fund # Address # Contact
Grinvention grin1vcjsgk6rltncqh7cxjywukjfrf825d8a6xk77msfuhf9ev3r55wq7l2ng4 renzokuken*keybase.io
Grin Community fund grin1wm78wjsf2ws507hea4zqrcywxltjwhtgfrwzhdrr9l80l7tpz5fsj58lk0 Keybase grincoin#community_fund
Grin CC fund grin1jezf3lkcexvj3ydjwanan6khs42fr4036guh0c4vkc04fyxarl6svjzuuh contact Anynomous on forum or Keybase

How to use grin-recovery

Grin recovery is a Python script, to it requires you to

  1. Install Python (check your distribution, Linux comes with Python preinstalled, Window has Python in its APP store)
  2. Install mimblewimble-py
    python -m pip install mimblewimble
  3. Optionally for multi-threading install gnu-parallel, only works on bash, so on Windows I recommend installing Linux Subsystems for Windows
  4. To try different passwords combinations, download Hashcat. Note that Hashcat is not added to the path, so you have to run it from its specific directory, e.g. by pasting this script and your wallet file inside the Hashcat directory:
    hashcat - advanced password recovery

Example command to run this script.

Note that the test wallet provided with the script has the password โ€œTest123โ€`. Note that on linux you have to use python 3, which often means you have to replace โ€˜pythonโ€™ with 'python3โ€™in the commands below. Similarly for installing libraries with โ€˜pipโ€™, if it doe not work, try โ€˜pip3โ€™. If you use CMD instead of bash, you can replace โ€˜catโ€™ with โ€˜typeโ€™ which prints the output of a file.

time cat passwords.txt | python  grin-recover.py
time printf 'HelloWorld\n%.0s' {1..1000000} | python grin-recover.py

Benchmark speed/time for one million passwords

Single Core:

time printf 'HelloWorld\n%.0s' {1..1000000} | python grin-recover.py

Multi-threaded:

time printf 'HelloWorld\n%.0s' {1..10000000} |  parallel --pipe -j 16 --blocksize 10000 --spreadstdin python grin-recover.py

Benchmark results on a Ryzen 7, 8 core 16 threads:

 single core 6.700 pwds/second
 multi core 16 thread 40.0000 pwds/second

Example using hashcat output with multithreading

./hashcat.exe -a1 words.txt endings.txt --stdout |  parallel --pipe -j 16 --blocksize 100000 --spreadstdin python grin-recover.py

Help needed?

In case you cannot figure it out yourself, I can help. You can contact me as user Anynomous on https://forum.grin.mw/. Note that I will only help you if you show ample proof (such as knowledge of the password) to proof you are the owner of the wallet.
For issues with the code you can open a Github Issue.

Security implications

The above benchmarks show that on a decent CPU you can recover/brute-force a Grin wallets with 40.000 passwords per seconds. Should you be worried? No, not really. Bitcoin Core Wallets on a RTX2080-Ti GPU can be brute-forced with a speed of >10.000 passwords per second, while Electrum wallets can be recovered with a speed of close to a billion passwords per second. Having a recovery tool available is just a healthy part of any crypt-currencies ecosystem.

These benchmark results do show that you should use a reasonably safe password, e.g. two or three words, some numbers and a special character. You can use a typo or custom word to protect against dictionary attacks. Using a pin, e.g. 19261231, should be considered unsafe, it would take 8 minutes to brute force on a Ryzen 7 CPU. Obviously, you should not share your wallet.seed with anyone you do not completely trust with your funds. Since grin wallets can export the seed phrase, it is advised not to reuse a seed-phrase that you use for other wallets.

13 Likes
2

Really cool! Iโ€™m so glad to see mimblewimble-py finds use cases!

What other ideas do you have? How about recovery tool, if you fail to recover your wallet from recovery phrase (maybe part of it is damaged) this recovery tool could brute force remaining damage words until correct wallet is found. Alternatively it could explore local space of changes in case of mistake in one of the words. Once correct wallet is found it would display fixed recovery phrase.

3

Hehe, its like you are reading my mind :crystal_ball: :sweat_smile:. I guess we are like minded in our way of thinking :mage: . I had the following ideas in mind for tools to build that would use mimblewimble-py:

  1. A mnemonic seed de-shuffle or correct x mistaken words recovery tool.
  2. An efficient Python vanity address generator.
  3. A prototype for sending and receiving Grin vouchers. Mimlewimble.py for creating temp wallets, grin-wallet and grin++ API for main send and receive wallets. A bit like a plugin for the normal wallet that allows to generate and sweep temporary wallets.
  4. A custom word list mnemonic creation and sweeping tool. This one would require some changes to mimblewimble-py so I thought it would be best for you to build in the support part in mimblewimble-py.
  5. BIP39 Passphrase protected seed, wallet generation tool. I also thought this was best build by you since it requires a few changes to the main package.
  6. For the far future, not to be build by me, a Grin HW on open source hardware where the HW functions as air-gapped, QR-codes for interaction, second signing key for receiving and sending.
    See this bounty proposal. This would be a major project to build and would be a next step in contract flow transactions (See keybase discussio.I do not expect to see this realized any time soon even though I think it would be major cool to have.
1 Like
4

Good to know how secure my grin wallet is. I will chose a stronger password for any new grin wallet just to be sure.
Nice picture on the github page :slightly_smiling_face:

2 Likes