Electrum wallet reddit
By day, a simple software engineer. By night, also a software engineer. The night was June 9th, It was a typical Friday night for me. I was watching Netflix and checking reddit partying with cool kids. This reddit user had just done something very dangerous. They posted their Sia wallet seed online.
I was pretty sure they did make a mistake writing it down. But I was hoping that they only made one mistake. I needed to do this quickly. Indeed it was not. That led me to the entropy-mnemonics Github project, which contained this dictionary of possible seed words:. That way, if I found that one of 29 seed words they posted was missing from the dictionary, that would obviously be the incorrect word.
Then I could quickly figure out the seed just by looking for words in the dictionary similar to the absent word. I needed a way of finding all the words in that dictionary that were one copying error off from the seed that got posted to reddit.
I realized that Levenshtein distance could help me here. The Levenshtein distance is the number of letters you need to add, delete, or replace to get from one word to another. To discover possible seeds, I could write a script that finds words in the entropy dictionary that had a Levenshtein distance of 1 from the words in the incorrect seed.
I first downloaded the dictionary locally and stripped out all characters except a - z:. Then I installed the python-Levenshtein library and wrote a hacky little Python script to dump out the possible seeds:.
This code is better for demonstration. Fortunately, my script reported that there were only 12 seeds that had a Levenshtein electrum wallet reddit of 1 from the incorrect seed:. There were few enough possibilities that I could just type them into Sia manually.
I tried the first possible seed, created by replacing wise in the incorrect seed with wife:. That was to electrum wallet reddit expected. I kept trying each potential seed until I got to the seed that replaced tonic with ionic:. Electrum wallet reddit I the one being fleeced somehow? While I would have loved to sit and ponder the strange balance I was seeing, time was of the essence.
It was time to steal the Siacoin. Someone else is after the treasure. Of course someone else is after it. I quickly sent the full balance to my own Sia wallet.
Now that the coins were secured, it was time to figure out just what was going on here. The last transaction in the list is the withdrawal. The transaction of 0. I was interested in electrum wallet reddit first transaction in the list. That line showed that this wallet had only ever received one deposit of This was a new, interesting problem. I decided to just write a batch script to keep transferring money from the exposed wallet to my own wallet.
Eventually, I churned out this fine piece of batch scripting:. It goes from 1 to in increments of 0, so it loops forever. While the wallet continues to have zero balance, this command will just fail to no effect. I chose 2, SC because a relatively low electrum wallet reddit was safer. I was effectively playing by The Price electrum wallet reddit Right rules. But in the end, I decided I had to do the right thing and return the Siacoin to the user who posted their seed.
Still, the discrepancy between the amount I found and the amount they lost could potentially make things awkward. I explained how I had recovered their seed and taken the money to keep it safe from less scrupulous users who could have recovered it as well. I electrum wallet reddit they give me a Siacoin address not associated with the leaked seed so that I could return the Siacoin balance electrum wallet reddit them.
Hours electrum wallet reddit, then days, and I heard nothing back. I noticed they had deleted the post to reddit exposing their seed. Finally, on Monday morning, the victim of my heinous crime got back to me. They explained that shortly after making their post, they realized that their money was still on the electrum wallet reddit and electrum wallet reddit never reached their wallet I knew it!
They were able to move the money to a separate wallet whose seed was secure. They were delighted that I had recovered the seed because I had solved their mystery of what went wrong with the passphrase. They had correctly written down ionic but they kept mistakenly reading it back as tonic because that was the more familiar word to them.
The user even offered to let me keep the full amount, but I felt I would come off better in this blog post the coins rightfully belonged to the user who lost them. I insisted, and they finally relented and sent me an address so I could return the Never post your Sia wallet seed online.
As we see from this tale, even an incorrect or partial version of the seed can completely compromise your wallet. This applies not only to Siacoin but to cryptocurrencies in general. On February 1st, I electrum wallet reddit.
It was because they refused to buy me a Christmas present. With no electrum wallet reddit what I was doing, I hired a cartoonist to illustrate my blog. The results were surprisingly positive. Silly Bits Blog About Projects. Michael Lynch By day, a simple software engineer.
A seedy reddit post The night was June 9th, Hacking by hand I began by examining the words in the incorrect seed: That led me to the entropy-mnemonics Github project, which contained this dictionary of possible seed words: Could not electrum wallet reddit wallet from seed: Wallet initialized and encrypted with seed. Encrypted, Unlocked Confirmed Balance: Be the first to know when I post cool stuff Subscribe to electrum wallet reddit my latest articles by email.