How to Derive Private Keys from a Brainwallet in Graphene Based Blockchains

in #blockchain6 years ago

This applies to Bitshares,Steem,Peerplays,EOS, and other blockchains that use the same base code.

<h1>Getting a brainkey <p dir="auto"><img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmPEptCwARYt9Sa8mJD4S5e3iMRNKmKNqQB8VsuEXNf4DQ/suggest_brain.png" alt="suggest_brain.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmPEptCwARYt9Sa8mJD4S5e3iMRNKmKNqQB8VsuEXNf4DQ/suggest_brain.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmPEptCwARYt9Sa8mJD4S5e3iMRNKmKNqQB8VsuEXNf4DQ/suggest_brain.png 2x" /><br /> The 16 words will hash into the owner private key, all keys can be derived from this key. It's similar to how hardware wallets like the Trezor or Ledger work, using a seed. <h1>Understanding how Private keys are hashed <p dir="auto">64 octet hex Private Key = Sha256 ( Sha512 (Password + Index)) <h1>Create an account from a brainkey <p dir="auto"><img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmS8ZEwmEAxuhxmxbwVSamENRz28BkLo9fDDsJVvkDvxTs/create1.png" alt="create1.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmS8ZEwmEAxuhxmxbwVSamENRz28BkLo9fDDsJVvkDvxTs/create1.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmS8ZEwmEAxuhxmxbwVSamENRz28BkLo9fDDsJVvkDvxTs/create1.png 2x" /><br /> Syntax for creating an account with a brain key. We need the 16 words, an account name, and a faucet<br /> <img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmReaufph1rvn7sRzX847nnQ9AR6pUZCUYRsxLKwgyMfoU/create2.png" alt="create2.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmReaufph1rvn7sRzX847nnQ9AR6pUZCUYRsxLKwgyMfoU/create2.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmReaufph1rvn7sRzX847nnQ9AR6pUZCUYRsxLKwgyMfoU/create2.png 2x" /> <p dir="auto">We now get presented with the results and this is where the problems come in, we now have an active key and a memo key, but we didn't get those private keys in our wallet!<br /> <img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmfUd728RhVW9yQ75FSYx7vEj6P1TRM7k34hmLuH4RUvGx/OAMkeys.png" alt="OAMkeys.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmfUd728RhVW9yQ75FSYx7vEj6P1TRM7k34hmLuH4RUvGx/OAMkeys.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmfUd728RhVW9yQ75FSYx7vEj6P1TRM7k34hmLuH4RUvGx/OAMkeys.png 2x" /> <p dir="auto">In order to get these private keys we must derive them from our owner key which we were given earlier.<br /> <img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmUJwfedBZF8PzdXDdQozitpTsHbZXrMyvoE8FU4N24ohu/ownerkey.png" alt="ownerkey.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmUJwfedBZF8PzdXDdQozitpTsHbZXrMyvoE8FU4N24ohu/ownerkey.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmUJwfedBZF8PzdXDdQozitpTsHbZXrMyvoE8FU4N24ohu/ownerkey.png 2x" /> <p dir="auto">Lets put that in the derive shell script attached at the end of this post<br /> <img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmNRKA4GWcY4HWETLUraZkQCt8NZpSCqAaaDdwtgYr7Ya3/derive.png" alt="derive.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmNRKA4GWcY4HWETLUraZkQCt8NZpSCqAaaDdwtgYr7Ya3/derive.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmNRKA4GWcY4HWETLUraZkQCt8NZpSCqAaaDdwtgYr7Ya3/derive.png 2x" /><br /> Here we derive two keys, the first is the owner key at index 0, which is our active key, then we take the private key of the active key to derive the memo key. Additionally if you plan to be a witness/block producer, we can also derive our block signing key by using the active key at the index 1. If we have multiple witness nodes we can choose to derive more block signing keys from either the active key or from our block signing keys. <p dir="auto">Now lets import the keys into our wallet under our account, and we can double check by dumping the private keys<br /> <img src="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmW7BE9QGCJijy8xRzpJn6UReBuu3SuguNoCRpoaEtZ9L2/importdump.png" alt="importdump.png" srcset="https://images.hive.blog/768x0/https://cdn.steemitimages.com/DQmW7BE9QGCJijy8xRzpJn6UReBuu3SuguNoCRpoaEtZ9L2/importdump.png 1x, https://images.hive.blog/1536x0/https://cdn.steemitimages.com/DQmW7BE9QGCJijy8xRzpJn6UReBuu3SuguNoCRpoaEtZ9L2/importdump.png 2x" /><br /> Looks good, we now have the active key and the memo key added. It is a good security practice to not import the owner key and to keep it offline. By only importing the active and memo keys we can be sure if our wallet computer is compromised, we have not lost the owner key to the attacker. We can then use the owner key to change the accounts active and memo keys. <h1>The Linux Shell Script <h2>derive.sh <pre><code>#!/bin/bash PASSWORD=$1 SHA512=$(echo -n $PASSWORD|openssl dgst -sha512 -binary|xxd -c 512 -p) echo "SHA512:$SHA512" SHA256=$(echo -n $SHA512|xxd -r -p|openssl dgst -sha256 -binary|xxd -c 256 -p) echo "SHA256:$SHA256" EXTKEY="80$SHA256" CHECKSUM=$(echo -n $EXTKEY|xxd -r -p|openssl dgst -sha256 -binary|openssl dgst -sha256 -binary|xxd -c 256 -p|head -c 8) echo "CHECKSUM:$CHECKSUM" WIF=$(echo -n $EXTKEY$CHECKSUM|xxd -r -p|base58) echo "WIF:$WIF"
#cryptocurrency #peerplays #peerplays-witness #steem
6 years ago in #blockchain by
$5.52
  • Past Payouts $5.52
  • - Author $4.38
  • - Curators $1.14
7 votes
Reply 3
Sort:  
  • Trending
    • [-]
     6 years ago  

    Congratulations @bitcoinsig! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

    <table><tr><td><span><img src="https://images.hive.blog/768x0/https://steemitimages.com/60x70/http://steemitboard.com/@bitcoinsig/votes.png?201812090850" srcset="https://images.hive.blog/768x0/https://steemitimages.com/60x70/http://steemitboard.com/@bitcoinsig/votes.png?201812090850 1x, https://images.hive.blog/1536x0/https://steemitimages.com/60x70/http://steemitboard.com/@bitcoinsig/votes.png?201812090850 2x" /><td>You made more than 15000 upvotes. Your next target is to reach 16000 upvotes. <p dir="auto"><sub><em><a href="https://steemitboard.com/@bitcoinsig" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">Click here to view your Board of Honor<br /> <sub><em>If you no longer want to receive notifications, reply to this comment with the word <code>STOP <p dir="auto"><strong><span>Do not miss the last post from <a href="/@steemitboard">@steemitboard: <table><tr><td><a href="https://steemit.com/steemitboard/@steemitboard/5jrq2c-steemitboard-saint-nicholas-day" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link"><img src="https://images.hive.blog/768x0/https://steemitimages.com/64x128/http://i.cubeupload.com/mGo2Zd.png" srcset="https://images.hive.blog/768x0/https://steemitimages.com/64x128/http://i.cubeupload.com/mGo2Zd.png 1x, https://images.hive.blog/1536x0/https://steemitimages.com/64x128/http://i.cubeupload.com/mGo2Zd.png 2x" /><td><a href="https://steemit.com/steemitboard/@steemitboard/5jrq2c-steemitboard-saint-nicholas-day" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">Saint Nicholas challenge for good boys and girls <blockquote> <p dir="auto">Support <a href="https://steemit.com/@steemitboard" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">SteemitBoard's project! <strong><a href="https://v2.steemconnect.com/sign/account-witness-vote?witness=steemitboard&approve=1" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">Vote for its witness and <strong>get one more award!
    $0.00
      Reply
      [-]
       6 years ago  

      Congratulations @bitcoinsig! You received a personal award!

      Happy Birthday! - You are on the Steem blockchain for 2 years!

      You can view your badges on your Steem Board and compare to others on the Steem Ranking

      Do not miss the last post from @steemitboard:

      The Steem blockchain survived its first virus plague!
      Vote for @Steemitboard as a witness to get one more award and increased upvotes!
      $0.00
        Reply
        [-]
         4 years ago  

        Congratulations @bitcoinsig! You have completed the following achievement on the Hive blockchain and have been rewarded with new badge(s) :

        <table><tr><td><img src="https://images.hive.blog/60x70/http://hivebuzz.me/@bitcoinsig/upvotes.png?202008080116" /><td>You distributed more than 22000 upvotes. Your next target is to reach 23000 upvotes. <p dir="auto"><sub><em>You can view <a href="https://hivebuzz.me/@bitcoinsig" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">your badges on your board And compare to others on the <a href="https://hivebuzz.me/ranking" target="_blank" rel="noreferrer noopener" title="This link will take you away from hive.blog" class="external_link">Ranking<br /> <sub><em>If you no longer want to receive notifications, reply to this comment with the word <code>STOP <p dir="auto"><strong><span>Do not miss the last post from <a href="/@hivebuzz">@hivebuzz: <table><tr><td><a href="/hivebuzz/@hivebuzz/pudresponse"><img src="https://images.hive.blog/64x128/https://i.imgur.com/805FIIt.jpg" /><td><a href="/hivebuzz/@hivebuzz/pudresponse">Feedback from the last Hive Power Up Day
        $0.00
          Reply