Dinoizzy Posted April 7, 2019 Share Posted April 7, 2019 Morning all, I am holding a small amount of XRP using the TrustWallet app. When setting the wallet up you are provided 12 words as your recovery back-up. I am not techy in the slightest so any explanation/help given here will need to be basic please. I understand about keeping these words safe, not online, sharing with no one etc. But it occurred to me if TrustWallet suddenly ceased to exist, can these 12 words be actually used to access my funds or are they app specific and irrelevant elsewhere - and if so, how? I read a recent blog by @TiffanyHayden which explained it well for me to understand but the secret key she used in the example wasnt a list of words is was a long sequence beginning with an 's'. Any explanation and advice greatly appreciated. Link to comment Share on other sites More sharing options...
Guest Posted April 7, 2019 Share Posted April 7, 2019 2 hours ago, Dinoizzy said: if TrustWallet suddenly ceased to exist, can these 12 words be actually used to access my funds The answer is probably Yes, but unfortunately there are a few exceptions. There a simple test that will give you some idea of whether or not your concern is justified. Below, I provide links to published tools that can convert word-lists to other formats inside a web page. But I'm a random stranger on the internet, so you should be sceptical of what I tell you! I therefore suggest that you download the linked page and play with it on a computer that's disconnected from the internet. If it correctly extracts your XRP address from your word-list, you will know it's OK (and for maximum paranoia, you can switch off your computer after you've checked). The word-list conversion tool is Ian Coleman's Mnemonic Code Converter. In your offline copy of that page, you want to enter your 12 words in the BIP39 Mnemonic box. Then scroll down to the Coin box and use the dropdown list to switch from “BTC - Bitcoin” to “XRP - Ripple”. Having switched from BTC to XRP, you should see, further down the page, a section called Derived Addresses, and one of these (the first one perhaps?) should be identical to your XRP address (string of letters and numbers beginning with “r”). If the above is successful, you know that you have a Plan B for when Trustwallet ceases to exist. If it doesn't work, you might surmise that Trustwallet is using a different Derivation Path. Ian Coleman's converter lets you change the derivation path, but it's an esoteric subject. The Abra app uses a non-standard derivation path, and Abra haven't disclosed it — so their users are risking the scenario that you describe. Some background information Inside your wallet, the word-list gets converted into a public/private keypair. You might never see these, but behind the scenes, they're important. Your outgoing transactions are valid if you sign them with the private key (which is why you don't want anyone else to get hold of it); and the XRP network uses your public key to prove that your signatures are genuine. Ian Coleman's converter displays your private key on the screen (two columns to the right of your address), so you can transfer it into other wallets. For instance, @ripplerm's in-browser wallet can import private keys (again, download the page and experiment on a disconnected computer before you try to use it for real). The secret that @TiffanyHayden mentioned works in a similar way to your word-list. Some wallet software converts such a secret into a public/private key pair. Hence word lists (like yours) and secrets (like Tiffany's) are two alternative starting points from which public/private keys (and addresses) can be derived. They're conceptually similar, but I don't think you can convert one to the other. An alternative You may get the same functionality out of BitHomp Tools, but it's more recent and I've not looked closely. If you try it, remember to experiment first with a downloaded copy on a disconnected computer for maximum security. Link to comment Share on other sites More sharing options...
Warbler Posted April 7, 2019 Share Posted April 7, 2019 3 hours ago, Dinoizzy said: Morning all, I am holding a small amount of XRP using the TrustWallet app. When setting the wallet up you are provided 12 words as your recovery back-up. I am not techy in the slightest so any explanation/help given here will need to be basic please. I understand about keeping these words safe, not online, sharing with no one etc. But it occurred to me if TrustWallet suddenly ceased to exist, can these 12 words be actually used to access my funds or are they app specific and irrelevant elsewhere - and if so, how? I read a recent blog by @TiffanyHayden which explained it well for me to understand but the secret key she used in the example wasnt a list of words is was a long sequence beginning with an 's'. Any explanation and advice greatly appreciated. Bithomp tools: https://bithomp.com/tools/ are working with 12 words mnemonics. It's based on the same libraries as https://iancoleman.io/bip39/ to work with mnemonics. You can download it here: https://github.com/Bithomp/bithomp-tools You just need one file (index.html) transfer it to offline PC. (better if this PC will never be online). With this tools you can set a regular key, therefor you will be able to control your wallet with the secret key, they one which starts with 's'. 1) You can download https://github.com/Bithomp/bithomp-tools (index.html) and https://github.com/Bithomp/generate-xrp-wallet (you need all folder), transfer it offline PC. 2) on offline PC start index.html in generate-xrp-wallet, generate a key pair (xrp address and secret). 3) Backup your secret, use https://cryptosteel.com/ or generate and print a paper wallet: https://github.com/Bithomp/xrp-paper-wallet (download, move to offline PC, generate on offline PC, print) keep it save and private. 4) when you have your secret key saved, you can setup regular key on your address with mnemonic: a) start bithomp-tools on offline pc, choose offline mode, enter 12 words mnemonic, choose "settings" --> regular key. Enter a XRP address which you generated earlier (for example from paper wallet), which starts with 'r'. Sign transaction, and submit it as it says in instructions. If successful, you will able to control your wallet with old mnemonic and with new secret key. You will be able to use offline mode of bithomp-tools, enter secret key, and then choose "sign as", and enter your main xrp address for which regular key was set. You'll be probably able to use many other tools, like ToastWallet, which supports secrets of Regular keys. P.S.: using 12 words (mnemonic) you will be able to remove or change regular key at anytime. Dinoizzy and MemberBerry 1 1 Link to comment Share on other sites More sharing options...
Dinoizzy Posted April 7, 2019 Author Share Posted April 7, 2019 Thanks so much for ur help guys. Jees why does everything have to be so complicated. I guess unless i NEED to recover access to my wallet - i dont need to do all these things? Just keep my 12 word secret? Link to comment Share on other sites More sharing options...
Warbler Posted April 7, 2019 Share Posted April 7, 2019 5 minutes ago, Dinoizzy said: Thanks so much for ur help guys. Jees why does everything have to be so complicated. I guess unless i NEED to recover access to my wallet - i dont need to do all these things? Just keep my 12 word secret? Yes, just keep it save. If you want to change a wallet, It can be as easy as this: 1) Create your new wallet (Hard Wallet preferred: Ledger, Coolwallet, Secalot, Ellipal etc, or even a Paper wallet (Bithomp), have your new xrp adress ready) 2) go to https://bithomp.com/tools/ on a trusted computer. 3) enter 12 words (mnemonic), and make a payment of all your assets, including XRP to a new wallet Dinoizzy 1 Link to comment Share on other sites More sharing options...
Guest Posted April 7, 2019 Share Posted April 7, 2019 (edited) 17 minutes ago, Warbler said: 28 minutes ago, Dinoizzy said: Just keep my 12 word secret? Yes, just keep it save. Does that mean TrustWallet is using a known algorithm? The reason I ask is that Abra are using an unknown algorithm (unless you've reverse-engineered it!). Edited April 7, 2019 by Guest Source: https://www.reddit.com/r/Bitcoin/comments/87cis7/need_help_sweeping_private_key_from_abra_wallet/dyiz4fz/ Link to comment Share on other sites More sharing options...
Warbler Posted April 7, 2019 Share Posted April 7, 2019 27 minutes ago, tev said: Does that mean TrustWallet is using a known algorithm? The reason I ask is that Abra are using an unknown algorithm (unless you've reverse-engineered it!). hm.. Dinoizzy 1 Link to comment Share on other sites More sharing options...
Dinoizzy Posted April 7, 2019 Author Share Posted April 7, 2019 This is all way above my head but thanks for trying to explain and help me. 👍 Link to comment Share on other sites More sharing options...
Guest Posted April 7, 2019 Share Posted April 7, 2019 22 minutes ago, Dinoizzy said: This is all way above my head but Your best bet is to keep a safe non-electronic backup of your word list, and bookmark this thread just in case. Also, for good measure, you might want to bookmark this reddit comment, which says (promisingly):— Quote The Multicoin Wallet created within Trust uses the same BIP39 standard like almost any other HD Wallet out on the market. …and this TrustWallet help page, which tells you the Derivation Paths for some of the supported assets. Annoyingly, it doesn't include XRP, but the ones it does tell you:— VET: m/44'/818'/0'/0 WAN: m/44'/5718350'/0'/0 CLO: m/44'/820'/0'/0 GO: m/44'/6060'/0'/0 POA: m/44'/178'/0'/0 TOMO: m/44'/889'/0'/0 TT (Thunder Token): m/44'/1001'/0'/0 NIM (Nimiq): m/44'/242'/0'/0 AION: m/44'/425'/0'/0 Link to comment Share on other sites More sharing options...
Flintstone Posted April 7, 2019 Share Posted April 7, 2019 @Dinoizzy Just keep a few copies of your phrase safe, in different locations. Alternatively, for extra security, you could also create your own code by selecting a book or text and finding the words from your phrase within the book, and making a note of page number- line number- word number. E.g 17-6-8 for each word of your phrase. To crack the code, you would need to know which book or text you used. But that maybe a bit OTT if you need to make frequent payments. Link to comment Share on other sites More sharing options...
Dinoizzy Posted April 7, 2019 Author Share Posted April 7, 2019 17 minutes ago, Flintstone said: @Dinoizzy Just keep a few copies of your phrase safe, in different locations. Alternatively, for extra security, you could also create your own code by selecting a book or text and finding the words from your phrase within the book, and making a note of page number- line number- word number. E.g 17-6-8 for each word of your phrase. To crack the code, you would need to know which book or text you used. But that maybe a bit OTT if you need to make frequent payments. Hi mate. Yeh keeping it safe isn't my problem. It's if TrustWallet ceases to exist and i am left with a wallet with some XRP in with 12 words that are meaningless to any other application and i am locked out of accessing the zerps for good. Kinda reassured by the guys helping about but when i say i am non techy i REALLY mean it - it's just not my field of knowledge at all. I guess its just like the Nano - everyone might have their 24 word recovery saved all tucked up but do they know to use it if access to the Nano wallet vanishes from the face of the earth via the normal means... i wouldnt have a clue where to start. Link to comment Share on other sites More sharing options...
zenkert Posted April 7, 2019 Share Posted April 7, 2019 40 minutes ago, Flintstone said: To crack the code, you would need to know which book or text you used. But that maybe a bit OTT if you need to make frequent payments. Use this book ? ! https://www.google.com/search?q=ABC+books+for+childs&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=0ahUKEwizuKT7xb7hAhXOy6YKHR_jCVIQ_AUIDigB&biw=1366&bih=654#imgrc=4HZYesXg4vWeGM: Link to comment Share on other sites More sharing options...
Flintstone Posted April 7, 2019 Share Posted April 7, 2019 @Dinoizzy I’m not too clued up on mnemonics but member @gray had a wallet generator that had a good explanation of how they work. Ripplewarpwallet i think it is. Bithomp’s offline tools is great and Warbler is always around to help out. I recommend a RaspberryPi for all your offline needs 👍 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now