Am I screwed?

Scott, if you have found the word by trial and error, then it just means the word is one of the ~128 possibilities that can pass the checksum. If you are seeing zero balance and addresses different to what you had before, then the word you have picked is not what you originally had.

2 Likes

“Scott, if you have found the word by trial and error, then it just means the word is one of the ~128 possibilities that can pass the checksum. If you are seeing zero balance and addresses different to what you had before, then the word you have picked is not what you originally had.”

OMG seriously? What would you do at this point?
Someone mentioned writing a script to try all the possible words back before I stumbled across the one right word. I’m a developer but I wouldn’t even know how to go about writing a script that does this.

1 Like

Here is a script I wrote :slight_smile: It gives you possible words for the missing word. Not user friendly, but should do the job.

2 Likes

Isferos -
WOW thanks! I guess that is python? I’m running Windows 10 64 bit.
I hate to ask for anything from you, since you have already given so much.
The thing is, I have no idea (a) what this script does; and
(b) how to run it.
Does it automate moving focus to the Daedalus app, plug in a phrase, check balance >0, then try another phrase until it works out what that missing word is? Because that is the process I’m going through manually.
Thanks!

2 Likes

Hi,

isferos please correct me if I’m wrong.

  1. Download python for Windows here : https://www.python.org/downloads/release/python-2714/
    (Take the msi installer)
  2. Create a file BIP0039-128bit-bruteforce.py with the code and replace seed_str content by the words you remembers
  3. run python BIP0039-128bit-bruteforce.py from the terminal (you’ll need to first create the file)
  4. The script will print in the console all possible words. i.e Word was possibly: "resemble"
  5. You now need to check the balance in Daedalus for each mnemonic with each possible word you got until you find your account

:slight_smile:

3 Likes

That’s pretty much it :slight_smile:

First you plug in what you have in seed_str.
Then you change the 0 in getPossibleWord(word_list, seed_str, 0) to the position of the word you are not sure about, from 0 - 11. So in @ScotterMonkey’s case, 3rd word, so that would be 2

When you run the script you will get all the words that could fit in that gap and still pass the checksum.

1 Like

Oh wow. Thanks for laying it out easy for me, guys!
I’ll get on it!
If I recover my wallet, I’ll be askin for your ADA addresses to send you some gratitude :slight_smile:

1 Like

If this works, it will take awhile (unless one of the first word guesses works), as it’s taking about 15 minutes once the checksum passes in the wallet and I click the button that causes it to check the network to dig up my wallet. I can spend that time setting up your script…

1 Like

OK I was changing parameters on isferos’ script while Daedalus spun away at my latest word guess. And… voila! Before I could run the script, Daedalus brought up the correct wallet!!! Joy! Boobs! This muilti-day nightmare is finally over.

Will the following people please send me their ADA receive addresses (or confirm the address I have below is correct) so I can send you some ADA as gratitude for your help?

isferos
DdzFFzCqrht6sTwuD29rxiad1mLGszk7gqKh3ZiapAUh81Y7jH9rKHP3JJhKVKXHcojcQzUmQ9KJCLdNW8rwtLDjwY9R95ckydcDvRdt

louptheron
???

XZact
DdzFFzCqrhszpUNrpiNojUJKshHidjAZ3XgHPxFVbdHtxCv5z8Xm6V8QmHoZgACZTTJ84rSdtt7TqtYtMBcLgdoms3GsdnvcEo1AeCGT

2 Likes

Well done!

Thanks. Is that address correct for sending you some ADA?
And… are any of you affiliated with Cardano/Daedalus?

That is my address.

No affiliation with Cardano at all. :slight_smile:

Thank you for the :ada:!

1 Like

Great you found it!
Thank you for the proposal, but that’s ok, isferos did most of the job!

1 Like

it is kinda scary that with a little script you come close to knowing a 12 word sentence. I think the development team need to look at this with some priority.

How many times did you try the recovery phrase @ScotterMonkey?
There should be a lockout after that many retries i believe.

Actually, Cardano is secure.

All the script does, is if you already knew for sure 11 of your 12 words recovery phrase, but are unsure about 1 word, it will give you the ~128 of 2048 possible words that can satisfy the recovery phrase checksum.

Cardano uses 128 bits of entropy for wallets. Missing 1 word off the recovery phrase means that you are uncertain about 11 out of 128 bits. The 4 bit checksum narrows that uncertainty down to ~7 bits.

Brute force the recovery phrase from nothing to try to get collisions with actual wallets is infeasible.

This post on stackoverflow illustrates the point quite well:

3 Likes

I like your idea regarding charity, and I’d be happy to donate it to the first charity that accepts ada.
In regards to discussing seeds on this forum, your right it could be unwise for beginners, but I think in this context people are just trying to help ScotterMonkey recover his wallet. I also think discussing how the recovery process works, ‘what are seed phrases anyway?’ and general knowledge sharing helps to educate the community so we can learn from others mistakes, and understand how to keep our ada secure. Human error is the biggest risk, and sharing knowledge and educating others is the best way to reduce this risk.

Ok I’m having same issue I have 12 words that I thought all were right so do I do the same thing @isferos going through number by number with the scrypt just seeing which ones it accepts?

Cause I have no idea about this program and the words it brings up for say word 0 gives most same words for word 1 , am I just trying every word it comes up with hoping something sticks