Recovering Bip 39 passphrase?

[tom9000]

Hello,
I know my BIP39 24 word Mnemonic and I know the public key / address that I need to access. It's an Ethereum address.
I need to find out the BIP39 passphrase.
Can I use btcrecover to search through passphrase variations?
Thanks

[gurnec]

I realize it's been a while, but I've recently been working on this, and it should be completed within the next couple of days.

Do you know what BIP-32 path your wallet uses (or do you recall which wallet software you were using)?

Can your wallet software create more than one address, and if so, is the address you have the first address in your wallet, or an address created later?

[tom9000]

Nice one. I am still looking for my passphrase by the way...

I created the wallet on a Ledger Nano S.

Actually, to be precise, I created the Mnemonic on the Ledger itself which created a first wallet and Ether address. But then I used a python script provided by Ledger to add a passphrase to the Mnemonic. They discuss the script here:

https://medium.com/@Ledger/a-short-guide-to-nano-s-firmware-1-2-features-16b1a8fa9087

This script creates a new, passphrase protected wallet, which can also have multiple addresses. The address that I need to access was the first one created by the script above. So I believe the address will be at the first path.

Ledger recommend this tool for recovery https://iancoleman.github.io/bip39/. Ledger said that it is likely that the address will be at the first BIP44 path. Ie it will be at: m/44'/0'/0'/0/0.

But it could also potentially be at one of the later paths.

I don't know if it's possible that it could be on one of the BIP32 paths like m/0/0 ??

Look forward to seeing what you come up with - thanks!

[gurnec]

Ledger said that it is likely that the address will be at the first BIP44 path. Ie it will be at: m/44'/0'/0'/0/0.

Did Ledger tell you m/44'/0'/0'/0/0, and did you ask them specifically about the path for Ethereum addresses?

I haven't looked at their code, but from what I could find, the Ledger uses the (somewhat non-standard) path m/44'/60'/0'/x with x=0 for the first address in Ethereum wallets.

Also, a second question, do you have a Ledger Nano that you can test with?

[tom9000]

Yes, in the last email I got from them they said: "To find your address ethereum you have to use the BIP32 with the derivation path 44'/60'/0' and this is the first address. Please join the slack dev to get more information on your questions : http://slack.ledger.co/"

Yes I do have a Ledger Nano S, I can use it for testing.

[gurnec]

I just uploaded a not-well-tested version which might do what you're looking for.

There are no docs yet, so here's what you need if you'd like to give it a test.

1. Install the same requirements for seedrecover as listed here.

2. You'll also need to install pysha3:

   • Linux: run sudo pip install pysha3
     If you don't already have pip, you may need to install it first; try: sudo apt-get install python-pip
   • Windows (my mistake, the first two steps are not required, ignore them):
     1. Download and install the MSVC 2008 SP1 Redistributable, either vcredist_x64.exe for 64-bit Python or vcredist_x86.exe for 32-bit Python.
     2. Download and install the MSVC++ Compiler for Python 2.7.
     3. Open a command prompt, and type: C:\Python27\Scripts\pip install pysha3.

Next, use the Ledger to create a temporary passphrase-protected wallet, and get its address. Place the passphrase into a tokens.txt file along with one or two other words (just so btcrecover has something to test), and then run this from the command line (replacing the address below with your test address):

C:\Python27\python btcrecover.py --tokenlist tokens.txt --wallet-type ethereum --bip32-path "m/44'/60'/0'/" --addrs 0x4daE22510CE2fE1BC81B97b31350Faf07c0A80D2 --addr-limit 1 --mnemonic-prompt

(FYI you can add multiple addresses after the --addrs option if you're not sure which is the right one; also the addr-limit is 1 because you said you were sure you used the first address in the wallet, but you can increase this if you think it might not be the first.)

If this works, you should head over to the Tutorial to learn how to use btcrecover (skipping the Installation), just be sure to remember to add all of the options starting with --wallet-type above to your command line.

Please let me know how it goes, and good luck!

[tom9000]

Ok that sounds great, thanks for the notes.
I'm going to try this out on my Windows system within the next week-ish, I will post back.

[tom9000]

Hey, congratulations <name redacted>, happy to hear that. Maybe you could also transfer 5% to me because I made the feature request above?! :)

[gurnec]

<name redacted> That's great, I'm glad you got your ETH back! (and that you managed your way through the long-winded docs...!) And of course, thank you so much for your very generous contribution!!

[tom9000]

I have successfully tested it using Windows 10.

I ran the test by creating a new wallet using this tool which is recommended by Ledger: https://iancoleman.github.io/bip39/

http://support.ledgerwallet.com/knowledge_base/topics/restoring-your-ethers-eth-or-etc-without-a-ledger-nano-s

I have previously confirmed that Iancoleman's code converter tool is compatible with real wallets generated by my Ledger Nano S.

Having read the documentation, btcrecover seems like a great, fully featured program.

I am looking forward to running it on my real wallet that contains the funds. If successful I will definitely make a donation to help support this project.

Thanks for creating this functionality.

[gurnec]

Thanks for testing it out with the Ledger!

I uploaded a new version about a week ago which replaces the Armory ECC library with coincurve; this results in roughly doubling the passphrase-per-second rate.

If you have a version older than a week old, you should grab the most recent version and follow the updated install instructions before you get started for "real". You can also remove Armory.

Good luck!

[tom9000]

Are there any other options for --mnemonic-prompt?

Can you put the mnemonic into a text file or into the command at all?

[gurnec]

There's no command-line option which accepts the mnemonic, this is intentional. If there were, the mnemonic would be easily viewable when running ps, and it would also get saved to the command history file, both of which are "bad".

There are several ways to "trick" it though. You could store the mnemonic in a file, and do this:

cat /tmp/mnemonic.txt | python btcrecover.py --mnemonic-prompt ...

(note that files in /tmp/ don't persist across reboots)

or this to immediately delete the file after using it:

(cat /tmp/mnemonic.txt && rm /tmp/mnemonic.txt) | python btcrecover.py --mnemonic-prompt ...

or this to do it without a file, temporarily disabling the command history:

set +o history
echo these are the mnemonic words | python btcrecover.py --mnemonic-prompt ...
set -o history

(All this assumes Linux or OS X and the bash command shell (the default for OS X).)

[gurnec]

Just an FYI if you're still using this... the version of seedrecover I uploaded about 3 weeks ago (0.7.1) had a fairly significant bug in it. If you used it and failed to find a seed, I'd suggest upgrading to 0.7.2 and trying again. Sorry about that...

[patrickwolf]

This command line worked amazingly well!!!

C:\Python27\python btcrecover.py --tokenlist tokens.txt --wallet-type ethereum --bip32-path "m/44'/60'/0'/" --addrs 0x4daE22510CE2fE1BC81B97b31350Faf07c0A80D2 --addr-limit 1 --mnemonic-prompt

Would be super import the sample into the docs for others to use!!