Algorithm to hash spending password

Somebody can explain about algorithm make spending password in Daedalus? by Javascript, Python, or PHP
I have 12 words and 1 password: 123456789
I found the hash password in SQL Lite

12 words + password + algorithm = hashed password

Well, are you certain the words are involved ? I mean if you refer to the words used to «derive» the private key, i.e. mnemonics, then the algorithm involved to convert the mnemonics into «raw bytes» should be BIP-39 as mentioned here. As for the hash type identification, maybe you can use a tool like hashid to find it, or at least get a list of potential candidates. Then it should be easy to get the algorithm after that. With a bit of luck you could even find a RFC describing it :wink:

1 Like

Do you know where I can find the hash password in SQL lite ? I see a table name “private_key”

Another, I installed the Daedalus Wallet. Next, I install Carnado Wallet to work with API, but /v2/wallets emty from Canado Wallet API. How can I connect Carnado Wallet with Daedalus Wallet? Really thank you so much.

Which is true ? Unless you found it, then you forgot about it…

You’ll have to be more precise, but in case you’d want to use cardano-cli with Daedalus node, this answer on cardano.stackexchange.com could be useful :

Sorry, I’m wrong, I see some hash strings in private_key and wallets table (SQLLite), but I don’t know which is the password of the wallet.

Well, if you want to confirm that one of them (or none of them) is the spending password hash, then it shouldn’t be harder than computing the hash yourself (since you know your password) and comparing the result. That being said, I doubt the password hash would be stored as-is since it would make it prone to a simple dictionary-based (or brute-force) attack, unlike storing an encrypted key. Private keys are mainly random data, so any potential private key is equally likely to be chosen. Let’s imagine your key is on 256 bits, then you’d have close to 2^256 possibilities, i.e. somewhere under 115792089237316195423570985008687907853269984665640564039457584007913129639936 possible keys. Not exactly that, because a few numbers are known to produce weak keys for ECC, without even mentioning human or implementation-induced weaknesses. By the way, this old thread on Cardano Forum seems to give hints toward answering your first question: