Cracking the Uncrackable – Background

Last time, I explained the backstory for why I’m treading down this bizarro path in the first place. If I can’t find my Bitcoin and it’s nearly impossible to turn a profit from mining as a hobby, I’ll try to buy my way into wealth instead.

The very first step forward is to acquire a wallet with sufficient funds to make the journey worth it and sufficient information about the password to give me a head start. But before we dive into that, let’s discuss why it’s possible to “recover” a Bitcoin wallet in the first place.

Bitcoin Keys

To understand Bitcoin wallets you have to first understand Bitcoin keys. Bitcoin, like most modern cryptographic systems, is built atop a protocol that uses public key cryptography. You hold one key known only to you and publicize another key folks can use to communicate with you.

In the world of Bitcoin, your private key is a 256-bit number. More specifically, this key is a number valid in the Secp256k1 curve used for elliptic curve cryptography.

Your wallet’s public key is another number derived from that fixed private key. With a public key anyone can verify the balance you hold, while only the holder of the private key can cryptographically sign transactions on behalf of your account.

When you transfer money from your account to another, you use your private key to sign the transaction and publish this transaction and signature to the public ledger – the blockchain. Miners will then verify the block containing your transaction, making it part of the public blockchain and immutable.

If you lose your private key, you lose the ability to transfer, spend, or otherwise to anything with your Bitcoins.

What About Random Guessing?

Humans aren’t very good at imagining big things. When I tell you a Bitcoin private key is a 256-bit number you see the “256” and think it’s relatively small. In reality, 256 bits means 2256. There are that many possible private keys.

Expanded out, 2256 is:

115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,
665,640,564,039,457,584,007,913,129,639,936

That is an unfathomably large number. To put it in context, this number is actually larger than the total number of atoms in the known universe.

Said another way – even picking a million random numbers per second, the chances that someone could guess at random the same number you use as a private key is infinitesimally small. There is no real chance anyone could guess the private key of an already existing Bitcoin wallet containing value.

Bitcoin Wallet Encryption

Keeping track of a private number is relatively easy. Some people even write it out on a piece of paper to keep things entirely offline. Using that private number to sign transactions, though, is hard unless you use a tool to do the signing.

Bitcoin Core is a free, cross-platform application that will keep track of your private key, track your balance and transactions over time, and facilitate sending/receiving Bitcoin on the blockchain. By default it doesn’t encrypt anything, which means anyone with access to your computer has access to your wallet.

But Bitcoin Core has a feature to set a password on your wallet. Your password is used to create an encryption key, which is then used to encrypt a completely random master key, which is then used to encrypt your Bitcoin private key. Without your password, Bitcoin Core can still display your balance and transaction history (and facilitate receiving funds) but cannot send funds anywhere.

Bitcoin Core uses AES-256 for encryption, meaning it’s also using 256-bit cryptographic keys. It would be just as likely for someone to randomly guess your Bitcoin private key as it would be for them to randomly guess the master key used by the software to encrypt it.

Guessing the password you used to encrypt the master key, however, is far more reasonable. And that’s where we’ll pick up in the next piece of this series.