Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Bitcoin Technical Support
Merits 8 from 4 users
Topic OP
Derivation path for brute forcing "25th word" on a multisig wallet
by
asdfghj
on 26/11/2021, 19:17:17 UTC
⭐ Merited by o_e_l_e_o (4) ,LoyceV (2) ,nc50lc (1) ,ETFbitcoin (1)
So I added a 25th word to my seed, forgot it, and am (after 6 months of on and off guessing) relegated to brute force (3rdIteration/btcrecover).

Succinct question: what derivation path should I specify in the --bip32-path argument?

  • - Hardware: Original Trezor
  • Wallet creating software: Electrum in 2017
  • Wallet setup: 2o3
  • Wallet current software: Electrum in 2021
  • the mpks are known

Electrum 2021 shows:
  • script type, p2sh
  • cosigner 1 [HW] trezor1 m/45'/0
  • cosigner 2 [HW] trezor2 m/45'/0
  • cosigner 3 unknown unknown.
  • addresses, previous sends, balance (though maybe these are stored and not derived??)

I am trying to crack cosigner 2.

It is possible I copied the mpk from an old wallet so I am questioning the guarentee that m/45'/0 is the correct derivation path.  This is a multisig wallet. In electrum the walletinfo pane lists a derivation path of m/45'/0. Is this a derivation path I can use to crack my xpriv > xpub? Or is this misleading me and is instead a derivation path from xpub x 3 > multisig addresses (in this case my xpriv > xpub path could be anything)?

I've gone through most of the character spaces which I think my passphrase could occupy so I am hoping I am doing something wrong or the transition from 2017 to 2021 electrum has introduced a variation I have missed.

Any tips on what to double check? Notably [this][1] post lists m/44'/0/


  [1]: https://bitcoin.stackexchange.com/questions/51989/what-bip32-derivation-path-does-electrum-use-for-multisig?rq=1