search

1200wd / bitcoinlib

Bitcoin and other Cryptocurrencies Library for Python. Includes a fully functional wallet, Mnemonic key generation and management and connection with various service providers to receive and send blockchain and transaction information.
http://bitcoinlib.readthedocs.io/
GNU General Public License v3.0
601 stars 199 forks source link

restore wallet #140

Closed benlvovsky closed 3 years ago

benlvovsky commented 3 years ago

This is new to me, sorry for the question. I want to use this for my wallet to collect payments and then pay from it to others. I want to automate it thats why I cannot use existing mobile or web wallets. For mobile wallets if I delete them fro mobile I always can restore them anywhere I want with a backup phrase. So if I create the wallet using your library how can I recreate it if it is closed in one of my applications. I want to reuse same wallet for different applications I use. Actually I want to use them across various apps I have at the moment. I saw there bitcoinlib.mnemonic but not sure if I can use that to recreate it in different apps and use same wallet and be confident that money don't disappear.

benlvovsky commented 3 years ago

I think I found out how to do it:

def restore_wallet_by_mnemonic(phrase: str):
    hdkey = HDKey().from_passphrase(phrase)
    w = HDWallet.create(name='Wallet', key=hdkey)
    w.scan()
    logger.debug("hdkey = {hdkey}, wallet = {wallet}")
    return w

Is this a proper and a safe way and I will not loose the wallet if I have mnemonic phrase saved?

mccwdev commented 3 years ago

Yes with the mnemonic passphrase you can recreate the wallet with all keys and transaction.

So it's safe in the sense that you don't loose your wallet, but please keep in mind that anyone with this phrase/private key has access to your funds. For more safety you could create a read-only wallet with the public master key, to check for incoming transactions. Or you could use a setup with a multisignature wallet.

benlvovsky commented 3 years ago

Thank you very much for the answer. Read only or multisignature wallet won't allow me to programmatically use it to transfer money out of it. I think to hash sha256 with message digest saved outside the app and store hash in the app config. Do you think it is a good idea?

mccwdev commented 3 years ago

Thats depends on the amount of security of the device, the number of transactions and value involved and the time you have for a single transaction. Someone who gains access to your device easily gets access to the funds, the private keys are stored unencrypted in the database and memory for example.

You could also password protect the key, but this would require you to fill it in everytime you create a transaction or store in the app as well with the same risk.