ByronRevovery

byron_recovery.md

Explanation

USE EVERYTHING BELOW AT YOUR OWN RISKS!

A Cardano community member has lost one word of his the 12-words menomic/"recovery phrase", and he would like to recover his wallet from these 11 words.

It is be possible based on the following assumptions:

• he knows the address the ADA is stored (he knows)
• the order of the 11 words is correct
  • if it's not correct then it's would need around 11! * 1550 = 60bn tries i.e. 1700 years:(.
• the 11 words are correct
  • no any word is changed to a very similar word that is exist in the mnemonics vocubalary (it can be mitigated by carefully analysing the known 11 word).

Note: All above means, that if he would now the 12th word then he would be able to restore his wallet, with the given word and the known word order.

Steps to recover his wallet:

1. Generate valid 12-word mnemonics from the existing and ordered 11 words
   • It will give around ~1500 valid 12-word mnemonics.
2. create a wallet based on the generated mnemonics and try to decode the address based on that wallet.
   • if it's successful the wallet is found,
   • if it's unsuccessful try the next mnemonic.

Recovery Script file

The byron_recovery.bash file is for trying to recover the wallet without Daedalus or Adalite wallet. It's much-much more quicker. Also, it uses an offical tool from IOHK, the cardano-address binary.

#!/bin/bash

temp_dir=$(mktemp -d  /tmp/byron.XXXXXXXXX)

# Change to your address
address='DdzFFzCqrht4YH5irxboFprowLYgJLddd2iCQt5mrVyQS5CZFMeZbQtzJsHf4a6YQhPPNxtqBVP3Drsy1tdjecqq1FK1m2oAR5J8EcVe'

# Change to the full path of the `node index` run.
mnem_file="./mnemonics.out"

clear_and_exit() {
    [[ -d "$temp_dir" ]] && rm -rf "$temp_dir"
    exit "$@"
}

### Main
lineCount=$(wc -l < "$mnem_file")
idx=0
while read -r recoveryPhrase
do
    idx=$(( idx + 1))

    [[ $(( idx % 100 )) == 0 ]] && echo "$idx of $lineCount 12-word mnemonics are processed."

    root_xpub=$(cardano-address key from-recovery-phrase byron <<< "$recoveryPhrase" |\
    cardano-address key public --with-chain-code)

    if cardano-address address inspect --root "$root_xpub" <<< "$address" 2>/dev/null
    then
        echo "The recover was successfull"
        echo "Use the following 12-word mmnemonics to recovery your wallet:"
        echo "\"$recoveryPhrase\""
        clear_and_exit 0
    fi

done < "$mnem_file"

clear_and_exit 0

Detailed recovery example

The following tools/utilities need to be already installed, check this:

• npm
• node.js

This detailed example used the following mnemonics from IOHK: ghost buddy neutral broccoli face rack relief odor swallow real once ecology to find the corresponding address (0H/2H): DdzFFzCqrht4YH5irxboFprowLYgJLddd2iCQt5mrVyQS5CZFMeZbQtzJsHf4a6YQhPPNxtqBVP3Drsy1tdjecqq1FK1m2oAR5J8EcVe

Note: The test mnemonics and address details can be found here

To recover you need know the valid 11 words and the address.

1. the mnemonics in index.js need to be replaced by the known 11 words.
2. the address below needs to replace the test address in the byron_recovery.bash file.

Your address is this: DdzFFzCqrht5nky3pNWNYdK6rx4kzDg3XTthN7R5RTuXYVM7Z9mvVbc3RZrspn25PTsqjs8NsZkn3aczX54ziLPdQok5SxGbugN7GF8U

Check with this https://explorer.cardano.org/address/DdzFFzCqrht5nky3pNWNYdK6rx4kzDg3XTthN7R5RTuXYVM7Z9mvVbc3RZrspn25PTsqjs8NsZkn3aczX54ziLPdQok5SxGbugN7GF8U

or with this

https://explorer.cardano.org/api/addresses/summary/DdzFFzCqrht5nky3pNWNYdK6rx4kzDg3XTthN7R5RTuXYVM7Z9mvVbc3RZrspn25PTsqjs8NsZkn3aczX54ziLPdQok5SxGbugN7GF8U

# 1. create env for the recovery
$ cd && mkdir recovery && pushd recovery
~/recovery ~

# 2. Download the official cardano-address tool
$  wget -q  -O - https://github.com/input-output-hk/cardano-addresses/releases/download/3.2.0/cardano-addresses-3.2.0-linux64.tar.gz  | tar -zxvf - bin/cardano-address
bin/cardano-address

# 4. set the PATH env variable
$ PATH="./bin:$PATH"

# 5. Create the package.json. file 
$ cat << EOF > package.json
{
  "name": "ByronWalletRecovery",
  "version": "0.1.0",
  "description": "",
  "main": "index.js",
  "dependencies": {
    "bip39": "^3.0.2"
  }
}
EOF

# 6. Create the recovery prhases generator javascript file
$ cat << EOF > index.js
const bip39 = require('bip39')

const wordlist = bip39.wordlists.EN

// This mnemonic is from the cardano-address tests
// 'ghost buddy neutral broccoli face rack relief odor swallow real once ecology'
// the 9th the real word has been taken out, note index starts from 0. 
const eleven = 'ghost buddy neutral broccoli face rack relief odor swallow once ecology'.split(' ')

// #####!!!!!! Replace these above words /w your saved eleven words !!!!!######
// Note the order is very important

for (var index=0; index<= eleven.length; index++) {
    wordlist.forEach((word) => {

        let newTry = [...eleven]
        newTry.splice(index, 0, word)

        var tryThis = newTry.join(' ')
        
        if (bip39.validateMnemonic(tryThis)) {
            console.log(tryThis)
        }
    })
}
EOF

# 7. Install the required bip39 package
$ npm i
...
found 0 vulnerabilities

# 8. Generate the valid mnemonics/recovery phrases
$ node index > mnemonics.out

# 9. Check one
$ head -1 mnemonics.out
abstract ghost buddy neutral broccoli face rack relief odor swallow once ecology
$ wc -l mnemonics.out
1593 mnemonics.out

# 10. Save the byron_recover.bash to a file and edit it accordingly
# i.e. change the address your to this:
# DdzFFzCqrht5nky3pNWNYdK6rx4kzDg3XTthN7R5RTuXYVM7Z9mvVbc3RZrspn25PTsqjs8NsZkn3aczX54ziLPdQok5SxGbugN7GF8U
$ vi byron_recover.bash

# 11. Change its permission
$ chmod +x byron_recover.bash

# 12. Run it and pray
$ ./byron_recover.bash
100 of 1593 12-word mnemonics are processed.
200 of 1593 12-word mnemonics are processed.
300 of 1593 12-word mnemonics are processed.
400 of 1593 12-word mnemonics are processed.
500 of 1593 12-word mnemonics are processed.
600 of 1593 12-word mnemonics are processed.
700 of 1593 12-word mnemonics are processed.
800 of 1593 12-word mnemonics are processed.
900 of 1593 12-word mnemonics are processed.
1000 of 1593 12-word mnemonics are processed.
1100 of 1593 12-word mnemonics are processed.
1200 of 1593 12-word mnemonics are processed.
{
    "stake_reference": "none",
    "address_style": "Byron",
    "address_root": "bd407ca194c5432dfeb71f1c87d60e33017cb503cc6923c3aa16d493",
    "derivation_path": {
        "account_index": "0H",
        "address_index": "2H"
    },
    "network_tag": null
}
The recover was successfull
Use the following 12-word mmnemonics to recovery your wallet:
"ghost buddy neutral broccoli face rack relief odor swallow real once ecology"
$ popd
$ rm -rf recover

Hello, I made the same mistake, I have 11 of the 12 words. It's a bitcoin wallet, not Cardano. Will the same code work?

Hello, I made the same mistake, I have 11 of the 12 words. It's a bitcoin wallet, not Cardano. Will the same code work?

The javascript part will work, but the bash script part is Cardano specific.
Though, you can write similar code using bitcoinjs-lib or similar.