If you import secret.key without password setting, an error will occur at the time of remittance

It seems that an error will occur when remittance when importing secret.key without password setting.
I thought it was just me, but there are several.

What can I do to resolve this? ?

I don’t have a recovery phrase.

I have all the files of daedalus0.14.

thank you.

Id recommand to submit a ticket here https://iohk.zendesk.com/hc/en-us

1 Like

Failing to move funds for a wallet created by an imported secret.key means:
That the derived signing key(s) are not related for the address(es) holding the fund(s).

How can this be happened?
The esk has 3 parts

64-byte de/encrypted master/root secret key 32-byte non-encryted master/root public key 32-byte non-encryted length chain code

The following cases can be assumed:

esk / passwordHash empty pw hash non-empty pw hash
non-encrypted sk Valid1 Invalid2
encrypted sk Invalid3 Valid4/Invalid5
  1. The master secret is not encrypted and passwordHash says the same i.e., it’s (the passwordHash) based on an empty password. fund can be recovered if the esk was not altered
  2. The master secret is not encrypted but passwordHash says otherwise i.e., it’s (the passwordHash) based on an some non empty password. fund can be recovered if the esk was not altered
  3. The master secret is encrypted but the passwordHash says it’s not i.e., it’s (the passwordHash) based on an empty password. funds can only be recovered if the password is known and the esk was not altered
  4. The master secret is encrypted and the passwordHash based on the same password as the master secret was encrypted by. fund can be recovered if the pasword is known and the esk was not altered
  5. The master secret is encrypted but the passwordHash based on a different password than the master secret was encrypted by. funds can only be recovered if the encryption password is known or gueassable and the esk was not altered

What do I mean the esk was not altered, I meant if that 3 parts of the esk was not manually modified and the decrypted sk can regenerate the same public key stored in esk.

I know, it seems complicated, but not really.

Check KtoRZ repo, it has some good tools to figure out what has happened.

1 Like

Thank you. I guess I have to find the password type. I tried to restore wallet from ikar with private key and password hash. The password hash is “null”, but the wallet cannot be restored as it is. By setting it to “”, I was able to restore it to Daedalus, but since Daedalus requires a password, I couldn’t send money. How do I send money using my private key and password hash (“null”)?

It won’t unless you have the password the master secret key was encrypted, because the address your fund is stored, can only be derived from the unencrypted mastercsecret key or the master public key (which is never encrypted) but only unlocked/send if you can decrypt the encrypted master secret key with the password it was encrypted. But why u can see that address and fund in Daedalus?

Becase for the Byron addresses, they are determined buy scanning all UtXOs (because they have random index and the some part of address is encrypted with the root master public key) and they would not be found otherwise) and checking whether the address was encrypted by the root public key).

That is why u can see it but never spend it until u have the proper password to decrypt the encrypted master secret key despite it has an empty password based password hash.

So, do not try to send it without knowing the real password as it would not go through (and that means also that you do not understand/know what you are doing). Also, if you have a situation that you exactly know the password then use the tools I linked above as it wont go through with Daedalus at all (when the esk is encrypted, but the passwordHash is based on an empty password)

1 Like

Dear _ilap,

Thank you for your reply.

Check KtoRZ repo, it has some good tools to figure out what has happened.

I succeeded in obtaining “encrypted-root-private-key” using the above,
I don’t know what to do next.

In particular,

Using the above tool, I got the following result.

yarn inspect-keystore {$MY_SERCRET.KEY}

[
    {
        "encrypted-root-private-key": "root_xsk1...",
        "root-public-key": "root_xvk...",
        "source": "_usKeys",
        "is-empty-passphrase": true
    }
]

From the above result, you can see that the encrypted private key and transmission password are not set.
I don’t understand the process from here to using the wallet.

Do you have any advice for me?


Also, for reference, I will describe how to restore the wallet that I have been doing so far.

This time, the above “encrypted-root-private-key” and another “encrypted-root-private-key” were displayed.
I knew how to use the following, but I got a signature error when transferring funds.

Based on the above issues, using the following tool
I have restored the wallet.

/export-wallets --mainnet --wallet-db-path ~/.local/share/Daedalus/mainnet/Wallet --keyfile {$MY_SERCRET.KEY}

[
    {
        "encrypted_root_private_key": "75bea....",
        "name": "MY OLD WALLET",
        "passphrase_hash": null
    }
]

If you restore the “encrypted_root_private_key” obtained above using Backend API(Cardano Wallet Backend API Documentation), you can create a wallet on Daedalus,
Funds cannot be transferred.

■ How to restore the wallet

curl --cacert "$HOME/Library/Application Support/Daedalus Mainnet/tls/client/ca.crt" \
  --cert "$HOME/Library/Application Support/Daedalus Mainnet/tls/client/client.pem" \
  https://localhost:$port/v2/byron-wallets -H "Content-Type: application/json" \
  -d '{"encrypted_root_private_key":"$encrypted_root_private_key","name":"My Old Byron Wallet","passphrase_hash":"$passphrase_hash","style":"random"}'

It’s probably the same as the Daedalus restoration method, but it seems that there is an error in signing the transaction.

■ Error details

TxValidationErrorInMode (ShelleyTxValidationError ShelleyBasedEraAlonzo (ApplyTxError [UtxowFailure (WrappedShelleyEraFailure (MissingVKeyWitnessesUTXOW (WitHashes (fromList [KeyHash \"ffe...\"]))))])) AlonzoEraInCardanoMode"}

`


Sorry for my poor English. I would appreciate it if you could confirm

You should use mine repo, as Matthias has not merged my PR into his repo.
My PR has more validation options, see an example here:

    {
        "encrypted-root-private-key": "root_xsk1...",
        "root-public-key": "root_xvk1fv6wc376lxm7h34akurxyfskg5wqqr59h2quw3y6usm23jal824e3ewvwpyh00g3hv9634d42ud8q4cyewfnf5n6qjzn9645nf5cctg4d3elm",
        "source": "_usKeys",
        "is-empty-passphrase": false,
        "has-valid-encryption": false,
        "encryption-password": ""
    },

This means that the master secret is encrypted despite the passwordHash is null.
In this case I would not bother with the tool above, but I would use the OpenWall’s John the Ripper.

They merged my PR into their beeding-edge branch so you could use it.

An (by-heart) example of using it (based on your expoorted wallet)

#################################################################################
# 1. Download and build john
#################################################################################
$ git clone https://github.com/openwall/john.git
Cloning into 'john'...
...
$ cd john/src/
$ ./configure 
$ make -sj4
# If it's build go to the run directory
$ cd ../run
# test it
$ ./john --test --format=cardano
...
# if all good then

#################################################################################
# 2. Use the built john for your exported wallet the MY_SECRET.KEY.
#################################################################################
$ sed '/encr/!d;s/^.*encr.*: *"\(.*\)",.*/$cardano$1$\1/' "/full/path/to/your/$MY_SERCRET.KEY" | tee wallet.john
"$cardano$1$75bea........."
$ cat <<EOF> wordlist.txt
Paswrod1youthinkisright
passw@rd2
anortherpasswordyouthinkgwouldwork
EOF

$ ./john --wordlist=wordlist.txt wallet.john
# If you're lucky you will see whether your password candidates could decrypt the encrypted master secret key.
# If not you are out of luck, and do not try anything else until you could find the proper encryption password. 
# As bruteforcing the encryption password without clue what it could have been is only just a waste of time. 
# Why? Because if it would work then all financial systems in the earth could be cracked very easily.

So, if you’re lucky then I can give you the instructions how to transfer your fund.
As I do not want to waste my time for writing it down now, when there is no point of it.

1 Like

@_ilap

Dear _ilap,
Thank you for your reply.

I installed the the OpenWall’s John the Ripper and built the environment, but there is something unclear about the sample when I run it.

$ sed ‘/encr/!d;s/^.encr.: "(.)",.*/$cardano$1$\1/’ “/full/path/to/your/$MY_SERCRET.KEY” | tee wallet.john
“$cardano$1$75bea…”

Which file path should I enter for the part corresponding to $MY_SERCRET.KEY above?
Daedalus’ sercret.key is a binary file, so you can’t pick up the characters with the “sed” command.

$ cat < wordlist.txt
Paswrod1youthinkisright
passw@rd2
anortherpasswordyouthinkgwouldwork
EOF

What should be written in the above list (wordlist.txt)? Would you like to list 3 points as a sample?

I apologize for taking up your precious time.
I would appreciate it if you could answer.

This one the 75bea... is your encrypted master secret key.
Or you just can create a simple file that contains this:

$cardano$1$75bea.....

The password or passwords you think was/were used to encrypt the master secret key. Usually, they referring to it as spending password so all your passwords you could remember you used for spending password in Daedalus in the past.

1 Like

Dear _ilap,
Thank you for your reply.

I’ll try it later.

I didn’t set a remittance password when I created the wallet. Setting a password was optional.

If so, is the master key encrypted by an empty hash? ?

If i set a transfer password later in the Daedalus update,
I have password suggestions.

It means that the master secret key was encrypted along the updates when you set the spending password.

Also, hopefully it has not been encrypted multiple times (with the same or different spending passwords) along the updates, because in that case your chance is much lower for decrypting it and it needs different method to try.

1 Like

I got this result when I used your tool.

{
        "encrypted-root-private-key": "root_xsk1...",
        "root-public-key": "root_xvk1f~~~~~~~~~~~~~~~~”,
        "source": "_usKeys",
        "is-empty-passphrase": true,
        "has-valid-encryption": false,
        "encryption-password": ""
    },

I see that the remittance password is not set.
  "is-empty-passphrase": true,

If secret.key doesn't have a transfer password, what should I write here?
↓↓

$ cat <
wordlist.txt Paswrod1youthinkisright
passw@rd2
anotherpasswordyouthinkgwouldwork

I told use this

End you do not use the exact syntax, there should be two files:

  1. Wallet.john with $cardano$1$75bea….
  2. wordlist.txt with any candidate spending passwords.

Pls read carefully what I wrote already in the past posts.

1 Like

Dear _ilap,

I used john. I didn’t set a password, so I tried with “null” and didn’t get good results.

I didn’t set a remittance password when I created the wallet. Is the master key encrypted?

If i have not set a transfer password, an empty password hash is created. Is it possible to know that hash?


As a consequence, the hash of an “empty passphrase” is in reality the hash of an empty CBOR bytestring (i.e. 40 in base16).


Can the hash be used to decrypt the master key?

You did not understand what I was saying.

The master secret key is encrypted despite the fact that the password hash is based on an empty passwordHash.

The two things are very different, you need a non empty encryption (spending) password to decrypt, because if an empty password is/was used, the underlying master secret encryption function just simply copies the whole key and not encrypting it.

That means there was some non-empty password that encrypted it, as an empty password cannot encrypt/decrypt but simply copy it.

Because, that encryption tool the cardano-crypto has not changed since mid of 2017. So some non-empty password must have been used to encrypt it.

1 Like

Dear _ilap,

I may have been asked for a password when the Daedalus wallet was updated. I tried every password I could think of, but john the ripper couldn’t come up with an answer. I will try the dictionary attack.

Thank you for your response. It became clear what I should do.

Dear _ilap

I tried John to see if it works.

I used john with the private key(256 characters) and password of my current wallet. but it didn’t work. I tried it with Sherry and the Byron wallet I was riding.

run % ./john --wordlist=wordlist.txt wallet.john

Using default input encoding: UTF-8

Loaded 1 password hash (cardano, Cardano Encrypted 128-byte Secret Key (a.k.a XPrv) [PBKDF2-SHA512/BLAKE2b/ChaCha20 128/128 SSE4.1 2x])

Press ‘q’ or Ctrl-C to abort, ‘h’ for help, almost any other key for status

0g 0:00:00:00 DONE (2022-09-15 19:20) 0g/s 122.2p/s 122.2c/s 122.2C/s

Session completed.

Please investigate the function.

If you ever find out your password. I assume you generate a password hash, please tell me how to generate it.

I am always grateful for your help.
[image]

The command works as it’s expected, which means that the passwords you provided are not those what encrypted the master secret key.

So, when the valid password is used then you will have similar output:

$ ./john --wordlist=wordlist.txt wallet.john 
...
Loaded 1 password hash (cardano, Cardano Encrypted 128-byte Secret Key (a.k.a XPrv) [PBKDF2-SHA512/BLAKE2b/ChaCha20 256/256 AVX2 4x])
...
Secret1234       (?)
1g 0:00:00:00 DONE (2022-09-16 11:05) 20.00g/s 60.00p/s 60.00c/s 60.00C/s wordlist..Secret1234
...

It will say what was the password, in the case baove it was Secret1234.

No, you do not need any scrypt based password hash.
When you are able to decrypt your master key with john, then you just need to use the

1 Like

thank you for your reply.

I also tried a private key that can be decrypted with “Seacret.key1234”. Is this the encrypted master key?

b76536a4b065812aab71a472bbdd60c593c145d969a3466568ae24dab0b608b3b1b535769da29ffda313abac1bfd8309a51aa47c76799cd4df175db12744d097055b42d4a95f19cb34b516a160a306c0eaef398e70ea91da450ccb2a7819e95b8c000436b43d5de6b0dd189cbfb0fc9ff954809abcb574d994cb5fafaf56b781

Did you mean decrypted or encrypted?
it was this below, which is in the original IOG’s secret.key file. But yours has the same chaincode and publickey.

b57361ebe335fa171a260fea7d3277579c212dc74fc2a408d6cbd8a6e7a847cab3c44c5fb190705ddd2698f2d5390798893349b4321e7474b1ce06c9d410b3d6055b42d4a95f19cb34b516a160a306c0eaef398e70ea91da450ccb2a7819e95b8c000436b43d5de6b0dd189cbfb0fc9ff954809abcb574d994cb5fafaf56b781

Update

This is the 64-byte (126-chars) decrypted part of the encrypted master secret key above:
403e4a55591c9f0665437a13dda3d6ca698cb28f3ff3cfdf79d62c7156900546d963ef6126d62f71f6073d159da9e419413c5627705513f2ac645efa3171be85

1 Like