How to Derive Private Keys from a Brainwallet in Graphene Based Blockchains

in #blockchain6 years ago

This applies to Bitshares,Steem,Peerplays,EOS, and other blockchains that use the same base code.

Getting a brainkey

suggest_brain.png
The 16 words will hash into the owner private key, all keys can be derived from this key. It's similar to how hardware wallets like the Trezor or Ledger work, using a seed.

Understanding how Private keys are hashed

64 octet hex Private Key = Sha256 ( Sha512 (Password + Index))

Create an account from a brainkey

create1.png
Syntax for creating an account with a brain key. We need the 16 words, an account name, and a faucet
create2.png

We now get presented with the results and this is where the problems come in, we now have an active key and a memo key, but we didn't get those private keys in our wallet!
OAMkeys.png

In order to get these private keys we must derive them from our owner key which we were given earlier.
ownerkey.png

Lets put that in the derive shell script attached at the end of this post
derive.png
Here we derive two keys, the first is the owner key at index 0, which is our active key, then we take the private key of the active key to derive the memo key. Additionally if you plan to be a witness/block producer, we can also derive our block signing key by using the active key at the index 1. If we have multiple witness nodes we can choose to derive more block signing keys from either the active key or from our block signing keys.

Now lets import the keys into our wallet under our account, and we can double check by dumping the private keys
importdump.png
Looks good, we now have the active key and the memo key added. It is a good security practice to not import the owner key and to keep it offline. By only importing the active and memo keys we can be sure if our wallet computer is compromised, we have not lost the owner key to the attacker. We can then use the owner key to change the accounts active and memo keys.

The Linux Shell Script

derive.sh

#!/bin/bash
PASSWORD=$1
SHA512=$(echo -n $PASSWORD|openssl dgst -sha512 -binary|xxd -c 512 -p)
echo "SHA512:$SHA512"
SHA256=$(echo -n $SHA512|xxd -r -p|openssl dgst -sha256 -binary|xxd -c 256 -p)
echo "SHA256:$SHA256"
EXTKEY="80$SHA256"
CHECKSUM=$(echo -n $EXTKEY|xxd -r -p|openssl dgst -sha256 -binary|openssl dgst -sha256 -binary|xxd
 -c 256 -p|head -c 8)
echo "CHECKSUM:$CHECKSUM"
WIF=$(echo -n $EXTKEY$CHECKSUM|xxd -r -p|base58)
echo "WIF:$WIF"
Sort:  

Congratulations @bitcoinsig! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

You made more than 15000 upvotes. Your next target is to reach 16000 upvotes.

Click here to view your Board of Honor
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:

Saint Nicholas challenge for good boys and girls

Support SteemitBoard's project! Vote for its witness and get one more award!

Congratulations @bitcoinsig! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 2 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Do not miss the last post from @steemitboard:

The Steem blockchain survived its first virus plague!
Vote for @Steemitboard as a witness to get one more award and increased upvotes!