Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Merits 1 from 1 user
Re: I REGAINED access to Bitcoins in my made-up brainwallet!
by
LoyceV
on 28/05/2024, 09:49:02 UTC
⭐ Merited by vapourminer (1)
Quote from: apogio on May 27, 2024, 06:15:56 PM
Now, seriously, were you doing an experiment (for fun) ?
Kinda Smiley

Quote
Personally, if I used something like that, I would definitely keep the phrases in paper backups
What's the fun in that? I wanted it to be more than a hypothetical "I remembered it". If I would have written it down, I would have looked at it and never known if I could recover it from memory alone.

Quote from: pooya87 on Today at 04:45:22 AM
Another flaw in this whole thing is "inventing your own method". It is never a good idea specially when it comes to cryptography related stuff. There are a lot of things that could go wrong, from small bugs that could not be reproduced when trying to recover to serious bugs that could be categorized as security flaw.
Yep, I agree Smiley
The reason I did this, was because I wanted to add heavy encryption to a brainwallet, and at the same time avoid the brute-forcers who can attack all "standard" brainwallets at the same time.
Now, there's WarpWallet for that.

Quote from: larry_vw_1955 on Today at 05:19:23 AM
but in his case it's not because it is cryptographically weak. its because after a few years, you won't remember what the
I did: I wrote down the steps, and that's not a weakness in the system. I've posted my steps here, it now serves as an additional backup of the steps I took, but doesn't help anyone to gain access to my coins.

Quote from: larry_vw_1955 on Today at 05:19:23 AM
you could have just eliminated the bip38 part since the final step was just hashing some string to get the private key. anyone else finds any other string with the same hash they don't need to reproduce your bip38 step at all  Shocked but i think your premise is you think your string is the only one that anyone could ever use to get that hash. it's an assumption.
It's a very good assumption!
You're saying anyone could use any different random number to gain access to your Bitcoin address. Duh Tongue There are about 296 valid private keys for each Bitcoin address. If anyone could find them, Bitcoin wouldn't exist.

Quote
to get even more security why not iterate this entire procedure 10 times? taking the output of step 3 as the input to step 1.
If that would be necessary, they would have included 10 more rounds in the BIP38 protocol. Adding just one more character to the BIP38-passphrase adds much more "strength" than doing 10 rounds of encryption.