I wouldn't be able to accesss the bitcoins if I found the password. I would only have access to the hash, with which I can't do anything other than verify that the password I found hashes to the same value.

So far I've only tested it on password protected bitcoin core wallets, but in theory it would work on other wallets if a password hash can be extracted. The script to extract the hash is "https://github.com/openwall/john/blob/bleeding-jumbo/run/bitcoin2john.py" which I did not create. In the same repository it looks like there are scripts that can extract electrum, cardano, ethereum, and other non wallet hashes like apple notes. If there is interest, I could very easily support these other wallets. However, I haven't even gotten interest in bitcoin wallets so far, so it's not a high priority.

These scripts are written in python, and should be able to run on any system with python installed (Windows, Linux, or MacOS). I've also found a self-contained python executable for windows that doesn't require installation: https[Suspicious link removed]/releases. I would not be the one extracting the hash, that would be up to the person in posession of the wallet file.  If the wallet could be extracted from a phone, and there is a script to support it, that would work too.

My software has been tested on Windows and Linux. In theory it should run on MacOS too. I'm not using rainbow tables, I'm using GPU's to generate the hashes. Every hashing algorithm is different, and takes varying amounts of processing power. On bitcoin core wallets I can test several thousand hashes a second. This can be scaled up, but I'm paying for cloud GPU time by the hour.

Thanks for all the replies. I'm not too worried about my reddit account. I was just surprised that it was banned as soon as I posted *on my own account page* about bitcoin recovery services.

To answer some questions:
- No, I have not cracked my own password yet. I've tested the software, and it's generating passwords the way I intend it to. I'm doing small runs of 5-10 billion passwords, and modifying the parameters after each run.  The password is 20-30 characters long, so doing a straight brute force is impossible.  I'm afraid I might not ever find it, but it isn't because my software isn't working.

- The way my password recovery tool works depends on knowing pieces of the password and possible variations. It's probably not any better than other proprietary services, but it's better than anything I've found on the public internet. I'm a programmer, and trying to explain how the pieces of my password fit together felt like writing a program. So I did that instead of using a wallet recovery service. In the process I created a language/format for specifying pieces of a password with varying probabilities, and generating the ones with the highest probabilities first.

- This is currently a closed source tool for a few reasons. Without documentation, it would be completely unusable to anyone else. The translation of a password guess description into the domain specific language that the tool uses would take a bit of work and deep knowledge of how the tool works. The infrastructure to set up the password cracking would be expensive and complex. It's not just a program running on one machine. Also, I've put a lot of work into it, and I don't feel like just giving it away at the moment. Yes, I have contributed to other open source projects.

- Regarding the password hash, ABCbits is correct. The password is stored as a hash, and if you know the algorithm to generate the hash, you run as many passwords as you want through that algorithm to see if you get a match.  It's a completely different thing than the private keys. I made a guide for extracting the hash on windows without having to deal with installing anything. I'll probably post that when I find the appropriate place on the board.

I'm planning on making a post to the services board with a better write-up. Thanks for the advice and feedback. I probably need to make it clear that it's not a service to brute-force an unknown password, but a specialized algorithm for testing the best passwords based on some known information. In the meantime, if anyone wants to send me an empty wallet hash, feel free.

That's the real trick isn't it. How do you gain trust without being a regular member of a forum? I don't have a lot of involvement with bitcoin these days, but I was a major enthusiast back in 2011-2012.

My hope is that by offering a free service that doesn't require any trust (get a password back from a wallet hash) I could build some.

Obviously in this case the possible passwords would need to be far removed from anything still used for active accounts, but in that case I don't see much risk?

Like I said, I've put a lot of time into it so I'd like to use it for more than my own wallet, but I'm very aware that there are many scammers so it's not even easy to give something away for free.

I've spent the last 4-5 months working on some software to recover a bitcoin wallet I lost the password to many years ago.  It is more advanced than anything I've seen available on the public internet.  It uses hashcat on the backend, and I've currently tested about 20 billion passwords.

Since I've spent so much time setting it up, I figured why not offer to help others in my situation?  My offer was going to be send me your hash, and I'll try to crack it for free. To gain some trust, anyone could send me an empty wallet hash with less than 50 million or so possible combinations, and I'd send them the password back. If it was a 'real' wallet, I wouldn't have it anyway.

I realize there are probably a lot of scams out there, and I would be getting password information that might be related to other accounts they have. Before sending a hash, anyone should make sure all their other account passwords have been changed to something completely unrelated.

My reddit account got banned as soon as I posted a guide to my own user account page.

Is there any way I could gain trust around this? I wouldn't be able to run it for free forever as GPU time isn't cheap, but I thought asking for whatever donation the user wanted after a successful recovery could offset the costs.

Any thoughts on this?  I created a domain specific language for specifying password combinations that took months to get right.  I feel like it could be more useful than just being used for my wallet.

Anyway, I hope I'm not breaking any rules here.  Just looking for feedback.