In this segment of Down the Rabbit Hole, I want to talk about a particular problem that occurs fairly often with new users who are trying to either
recover or migrate a wallet from one wallet to another. For example, from a smartphone wallet to another smartphone wallet, or from a smartphone wallet
to a hardware wallet, or from a hardware wallet
to another hardware wallet, or any combination of the above. Now, we have a standard that
has actually made such things much, much more interoperable. This is where I put on my grandpa voice, and I go, "In the old
days, back three years ago, "when we didn't have BIP39." Yeah, and that standard is BIP39, and it makes life a lot easier, but it does have some weaknesses. As part of BIP39, which is
the mnemonic phrase standard, which allows you to move
a whole tree of keys from one wallet to another using just the English
word mnemonic phrase, as part of that standard
and the related standards, there are some nuances
that often cause problems with newbies.
The underlying standard is called BIP32, which is hierarchal deterministic wallets. Hierarchal deterministic wallets define a system of wallets that are organized in a hierarchy that looks like a tree, where you have a root key that is generated from the mnemonic phrase, or can be generated and these days is almost always generated from the mnemonic phrase, the BIP39 mnemonic phrase, and that root key can then be used through a series of hashing operations to derive billions, and billions, and billions, and billions, and billions of potential private keys that can each derive an address, and this works across different cryptocurrencies, and it works with different other systems. It can generate entropy for things, et cetera, et cetera, et cetera. Now, within that system, there is a further specification, which is called BIP43, and a further specification called BIP44, that tell you how to find where your keys are hanging on the branches of this tree.
Now, if you think about it, the reason this is complex is because the tree itself at the first level has 4 billion branches. Each one of those 4 billion branches has 4 billion branches coming out of it, and so on, and so forth to an infinite depth. Ah! And, of course, that gives us a lot of flexibility, but it also means that if you don't know which branch your keys are on, you could be searching for centuries. Almost all wallets, like 90 plus percent of them, put all of their keys on a very specific branch.
For Bitcoin wallets, that would be the M 44 prime, zero prime, zero prime branch, and what that stands for is 44 prime designates that this is compliant with the BIP44 branch derivation path scheme, zero prime specifies that this is a Bitcoin wallet, and you can have others, one prime, two prime, et cetera, which are other wallets for other cryptocurrencies, and then zero prime after that means the first sub-account, the zeroth sub-account because it's a multi-account system. Now, if your money is on that path, M 44 prime, zero prime, zero prime, then you can find it fairly easily. Most wallets are gonna look there first when you import them. But what if your wallet was weird and put it somewhere else? Or what if the wallet you're importing to is weird and is looking somewhere else? Well, then it will come up with a different address, and it's going to find zero money at that address, which if you're a newbie causes the following reaction, "AAAHHHHH! Where's my money?" And then, you go to Reddit, and a lot of people will tell you, "Use this website or use this tool." And that's when the problems really start because a lot of people will go in and type their seed into a web page and lose their money promptly because they went to the wrong place.
People are squatting on typos of web addresses. They're compromising generators. They're building software that they're launching on the Android and the App Store and storing as ZIP files and executables all over the web for you to stumble across these, think they're the legitimate or original software you were looking for, type in your seed, and promptly watch your money be taken away. Don't worry, they know how to find the derivation path where your money is very, very quickly. So, one of the things I've been thinking about is how do we fix this problem, and I came up with an idea, and then I funded this idea as a software bounty, and just about a week ago, a developer finished building this, and I'm very excited 'cause I'm hoping that it's actually going to be merged into a very popular piece of software called the Electrum wallet.
Now, the Electrum wallet is a desktop wallet that runs on Mac, Linux, and Windows. It's cross platform and it's very, very featureful. I use it for a variety of my own activities. By keeping it on your desktop, it's not as perfect as other security mechanisms, but you can also combine it with a hardware wallet, in which case your keys are safe and safely stored in a hardware wallet.
Electrum, however, expects you to know where your derivation path is. So if you give it a seed, or if you simply attach it to a hardware wallet and say, "Look, my seed is on there. You can't see it, but you can talk to it and ask about the master public keys." Then, it needs you to tell it where the derivation path is. And the bounty that I funded was a bounty to create a wizard that scans the most popular derivation paths of the most popular wallets. Now, this is based on another great project called walletsrecovery.org that's managed by Janine Romer and Robert Novak who have, and I hope I got those names correct, NVK and J9Roem.
That website has basically a table that lists hundreds of wallets and all of the derivation paths they've been known to use in different versions and iterations of that software. And most of them are M 44 prime, zero prime, zero prime, but some are some very weird alternative options. And, yeah, so that plugin will basically go scan, it will look through and see if it can find money hanging on various branches that have been previously identified as popular ones, and by investigating 20 or 30 branches and picking an address from each to see if it's been used, it can basically say, "Hey, there's actually some money hanging off these three branches.
Which one would you like to import?" And that way you don't need to know your derivation path. I'm really excited about this because I think it actually gives newbies a much more secure way to do that search. And, in fact, just yesterday, I helped a friend figure that out and recover some money for their father who did not know how to import from a derivation path that was unknown. Luke Childs is the developer who developed this particular feature.
You can see the pull request on the Electrum GitHub repository. I am delighted this worked out, and I'm also really excited about the possibility of helping newbies with this little problem that happens with not knowing your derivation path and trying to migrate wallets. And that's my little Down the Rabbit Hole. The section where I ask myself a question about something that I'm interested in. In this particular case, something I'm really excited about because it just finished.
And then, I talk about it. If you enjoyed this video, please subscribe, like, and share. All my work is shared for free, so if you want to support it, join me on Patreon. patreon.com/aantonop.
The underlying standard is called BIP32, which is hierarchal deterministic wallets. Hierarchal deterministic wallets define a system of wallets that are organized in a hierarchy that looks like a tree, where you have a root key that is generated from the mnemonic phrase, or can be generated and these days is almost always generated from the mnemonic phrase, the BIP39 mnemonic phrase, and that root key can then be used through a series of hashing operations to derive billions, and billions, and billions, and billions, and billions of potential private keys that can each derive an address, and this works across different cryptocurrencies, and it works with different other systems. It can generate entropy for things, et cetera, et cetera, et cetera. Now, within that system, there is a further specification, which is called BIP43, and a further specification called BIP44, that tell you how to find where your keys are hanging on the branches of this tree.
Now, if you think about it, the reason this is complex is because the tree itself at the first level has 4 billion branches. Each one of those 4 billion branches has 4 billion branches coming out of it, and so on, and so forth to an infinite depth. Ah! And, of course, that gives us a lot of flexibility, but it also means that if you don't know which branch your keys are on, you could be searching for centuries. Almost all wallets, like 90 plus percent of them, put all of their keys on a very specific branch.
For Bitcoin wallets, that would be the M 44 prime, zero prime, zero prime branch, and what that stands for is 44 prime designates that this is compliant with the BIP44 branch derivation path scheme, zero prime specifies that this is a Bitcoin wallet, and you can have others, one prime, two prime, et cetera, which are other wallets for other cryptocurrencies, and then zero prime after that means the first sub-account, the zeroth sub-account because it's a multi-account system. Now, if your money is on that path, M 44 prime, zero prime, zero prime, then you can find it fairly easily. Most wallets are gonna look there first when you import them. But what if your wallet was weird and put it somewhere else? Or what if the wallet you're importing to is weird and is looking somewhere else? Well, then it will come up with a different address, and it's going to find zero money at that address, which if you're a newbie causes the following reaction, "AAAHHHHH! Where's my money?" And then, you go to Reddit, and a lot of people will tell you, "Use this website or use this tool." And that's when the problems really start because a lot of people will go in and type their seed into a web page and lose their money promptly because they went to the wrong place.
People are squatting on typos of web addresses. They're compromising generators. They're building software that they're launching on the Android and the App Store and storing as ZIP files and executables all over the web for you to stumble across these, think they're the legitimate or original software you were looking for, type in your seed, and promptly watch your money be taken away. Don't worry, they know how to find the derivation path where your money is very, very quickly. So, one of the things I've been thinking about is how do we fix this problem, and I came up with an idea, and then I funded this idea as a software bounty, and just about a week ago, a developer finished building this, and I'm very excited 'cause I'm hoping that it's actually going to be merged into a very popular piece of software called the Electrum wallet.
Now, the Electrum wallet is a desktop wallet that runs on Mac, Linux, and Windows. It's cross platform and it's very, very featureful. I use it for a variety of my own activities. By keeping it on your desktop, it's not as perfect as other security mechanisms, but you can also combine it with a hardware wallet, in which case your keys are safe and safely stored in a hardware wallet.
Electrum, however, expects you to know where your derivation path is. So if you give it a seed, or if you simply attach it to a hardware wallet and say, "Look, my seed is on there. You can't see it, but you can talk to it and ask about the master public keys." Then, it needs you to tell it where the derivation path is. And the bounty that I funded was a bounty to create a wizard that scans the most popular derivation paths of the most popular wallets. Now, this is based on another great project called walletsrecovery.org that's managed by Janine Romer and Robert Novak who have, and I hope I got those names correct, NVK and J9Roem.
That website has basically a table that lists hundreds of wallets and all of the derivation paths they've been known to use in different versions and iterations of that software. And most of them are M 44 prime, zero prime, zero prime, but some are some very weird alternative options. And, yeah, so that plugin will basically go scan, it will look through and see if it can find money hanging on various branches that have been previously identified as popular ones, and by investigating 20 or 30 branches and picking an address from each to see if it's been used, it can basically say, "Hey, there's actually some money hanging off these three branches.
Which one would you like to import?" And that way you don't need to know your derivation path. I'm really excited about this because I think it actually gives newbies a much more secure way to do that search. And, in fact, just yesterday, I helped a friend figure that out and recover some money for their father who did not know how to import from a derivation path that was unknown. Luke Childs is the developer who developed this particular feature.
You can see the pull request on the Electrum GitHub repository. I am delighted this worked out, and I'm also really excited about the possibility of helping newbies with this little problem that happens with not knowing your derivation path and trying to migrate wallets. And that's my little Down the Rabbit Hole. The section where I ask myself a question about something that I'm interested in. In this particular case, something I'm really excited about because it just finished.
And then, I talk about it. If you enjoyed this video, please subscribe, like, and share. All my work is shared for free, so if you want to support it, join me on Patreon. patreon.com/aantonop.