Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Altcoin Discussion
Re: Recover wallet passphrase - special circumstance?
by
DeathAndTaxes
on 26/06/2014, 18:19:39 UTC
Quote from: lorddamax on June 26, 2014, 05:05:34 PM
I'd imagine it would have to be... otherwise you'd need to enter the password to re-lock it.

Neither the password nor the password_derived_key is stored in memory.   It is only used temporarily to decrypt the master_key.  The encrypted version of the master_key is stored in the wallet and it is just a random number.  When the wallet is "unlocked" it means the master_key (not password or password_derived_key) is in memory.  The client uses the master_key to decrypt individual private keys but only as needed.  So most of the time even when "unlocked" everything in the wallet is encrypted, it just means the master_key is in memory so individual elements can be decrypted.  Even if you recover the master_key it won't be the same master_key on any other wallet even if that wallet has the same passphrase. When a client decrypts an individual private key it deletes the decrypted version when it done using it (i.e. after signing a transaction).  When the wallet application closes or the unlock times out then the master_key is deleted from memory as well.  This is a pretty common arrangement.  It allows one to change the password without changing the master_key.  If the master_key was changed when the password changes, it would require decrypted and re-encrypting every single private key.

Pseudocode of how it all fits together:
PRNG -> random 256 bit number -> master_key **
Wallet Password -> Key Derivation Function (involves millions of SHA256 operations) -> password_derived_key

master_key ** -> AES_Encrypt(w/ password_derived_key) -> encrypted_master_key
encrypted_master_key -> AES_Decrypt(w/ password_derived_key) -> master_key

individual_private_key -> AES_Encrypt(w/ master_key **) -> individual_encrypted_private_key*
individual_encrypted_private_key*-> AES_Decrypt(w/ master_key **) -> individual_private_key

* stored in the wallet.dat
** stored in memory while wallet is unlocked (deleted when wallet locks or the application terminates)
The password, password_derived_key, and decrypted individual_private_keys are only kept in memory temporarily and deleted as soon as they are no longer needed.

Quote
I got some help on reddit and have been doing some testing and it's not looking good.
If someone on reddit told you that you can recovery from memory something which isn't there then it wasn't "help".