FrankChen021
commented
6 years ago the private key should be exported by mnemonics indirectly with passphrase equals to empty
for mnemonics, see: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
store SymmetricEncryt ( privateKey, userId ) on server when registering a user
generate mnemonics(privateKey) and show it to user after register
to get back private key, first verify client via email/sms,
input mnemonics, get private key, generate a value which is E(privateKey, userId)
verify the encrypted value is matched with the value pre-stored in the server
if is matched, reset the password