Electrum 2.0: non-BIP39/32 standardisation complicates matters immensely. Why?

3

2

Electrum 2.0 has been causing me some frustration, insofar as it seems to be a non-standard implementation of BIP32/BIP39 (HD wallets, mnemonic seed, respectively). The wallet in question is a 2of2 multisig wallet (all P2SH), with the 2nd extended public key being created in pybitcointools using

bip32_privtopub( bip32_master_key( sha256("a password") ) ),

then imported into Electrum.

Given the 13 word seed, which itself is non standard since the last word is a checksum, it's proven impossible to export the xpriv key from Electrum.

How is a mnemonic seed converted to a BIP32 standard extended private key (given the client itself won't allow it)? : EDIT1: with great difficulty, see my answer below

(REFOCUSED) QUESTION: *why does Electrum:

  • stray from BIP0039?
  • make exporting the master BIP32 private key impossible?
  • return partially signed P2SH hex Txs which are malformed?

Wizard Of Ozzie

Posted 2015-04-09T01:40:31.337

Reputation: 4 535

Answers

2

There is an alternative way to extract the master extended private key (xprv): in the Electrum console, simply type this:

wallet.get_master_private_key('x/', gui.password_dialog())

Or for the master private key of a wallet created with Electrum 1.x, it's:

wallet.get_seed(gui.password_dialog())

Warning

Don't ever type your password or a private key into the console. In other words, don't do this:

wallet.get_seed('my-password')

Everything you type into the console is temporarily stored inside your wallet file unencrypted to make the command history feature (accessed via the up-arrow) work.

Christopher Gurnee

Posted 2015-04-09T01:40:31.337

Reputation: 2 263

Where on earth did you find that?! Nice work!Wizard Of Ozzie 2015-04-25T15:15:45.177

Thanks! Someone on Bitcointalk was asking how to do this today, and I thought I'd dig around the Electrum source a bit to see if I could figure out a better way to do this before responding. Afterwards, it made sense to update this answer and get rid of the not-so-safe method that was here before.Christopher Gurnee 2015-04-25T16:24:30.907

wallet.get_master_private_key('x/', None) with no password FWIW, not ""Wizard Of Ozzie 2015-04-25T17:15:27.120

3

Thomas Voegtlin , the developer of Electrum explains the reasoning in the first 10 minutes of this interview. I think he also posted same thing to Bitcoin dev mailing list some time ago.

https://letstalkbitcoin.com/blog/post/epicenter-bitcoin-69-thomas-voegtlin-electrum-spv-wallets-and-bitcoin-aliases

His main point against BIP39 is that it doesn't include a version number, and the requirement of the word list dictionary in order to implement it.

kaykurokawa

Posted 2015-04-09T01:40:31.337

Reputation: 1 902

2

Note: July 2017, Electrum v2.8.3... the command is now:

getmasterprivate()

The password dialog box will automagically pop up ;)

HCP

Posted 2015-04-09T01:40:31.337

Reputation: 21

1Hi HCP, welcome to Bitcoin.SE, and thanks for the update! We usually try to fully address the question in each answer, so, if you could add a little more explanation that would be great. If you just want to update a small part of an existing answer, you can also suggest an edit on it.Murch 2017-07-11T05:05:07.493

0

I just found this over at /r/Bitcoin:, so apparently there's an exe to do this, but I'm not exactly game, since downloading the link got flagged by chrome.

It appears Electrum uses: m/0/0 for wallet addresses and m/1/0 for change addresses.

EDIT: A pull request has been submitted for code which extracts the root seed from the Electrum 2.0 seed phrase:

def electrumv2_extract_seed(words, password=''):
    """Takes Electrum v2.0 13 word mnemonic string and returns seed. Only works on English for now"""
    # clean-up unicode characters
    mnemonic = words[:]
    try:
        mnemonic = unicodedata.normalize('NFC', unicode(' '.join(words.lower().strip().split()))).encode('utf-8') # a string of 13 words
    except Exception as e:
        raise Exception(str(e))
    rootseed = pbkdf2.PBKDF2(str(mnemonic), str('electrum' + password), 2048,  macmodule=hmac, digestmodule=hashlib.sha512).read(64)
    return rootseed

def electrumv2_mnemonic_to_mprivkey(words, password=''):
    return bip32_master_key(electrumv2_extract_seed(words, password=''))

This is for use with pybitcointools as from bitcoin import * in Python 2.7

Wizard Of Ozzie

Posted 2015-04-09T01:40:31.337

Reputation: 4 535

Asked: 2015-04-09T01:40:31.337

Viewed: 1 771 times

Active: 2017-07-11T04:49:16.990