RowboTony
commented
3 weeks ago Update - I tried this with a new vault, and 3 new non-password protected .vult shares, still no response from the UI.
Open RowboTony opened 3 weeks ago
RowboTony
commented
3 weeks ago Update - I tried this with a new vault, and 3 new non-password protected .vult shares, still no response from the UI.
SxMShaDoW
commented
3 weeks ago I also struggled to get it to work - so I ported it over without the webassembly and instead just run the CLI after its uploaded. https://github.com/SxMShaDoW/Vultisig-Share-Decoder/ if you want to take a look at it.
RowboTony
commented
2 weeks ago > I also struggled to get it to work - so I ported it over without the webassembly and instead just run the CLI after its uploaded. https://github.com/SxMShaDoW/Vultisig-Share-Decoder/ if you want to take a look at it.
Thank you! https://github.com/SxMShaDoW/Vultisig-Share-Decoder/ Worked great! This was easy to download, run, and use locally, and was more in line with my expectations of the original included Web Recovery UI.
For further discussion. Can you help me understand the keys I'm seeing? I don't want to risk funds, so what is actually happening when I decode all 3 of a 2of3 Vault? I don't see anything in block explorers that say "address created on x/y/z". With my naive undersnating imaging my exciement when I saw the xprv key for JP Honeypot vault, 🤣!
Why do I see differnt Private keys for each file and again for the combined files?
Do I need only 2of3 to recover the proper xprv key for accessing funds?
The web page instuctions explicitly state > This is a one-way function;
... but is it really? Is this key created temporarily for me on the screen when I run the program? Once the screen is clear the key isn't recoverable or hackable unless I have saved it somewhere? I can regenerate it anytime with the tool.
Can I still use my regular vaults as before?
At what point does the Vault become unusable - only when I transfer funds out using the xprv key?
Lastly, am I correct in that SOL isn't currently supported by this tool?
The ultimate goal is keeping control of my funds, in the event of a full Vultisig failure/collapse - I can use the local tools to combine my shares, create/recover a xprv key, and load it into Sparrow wallet or some such.
Thank you! --Tony
SxMShaDoW
commented
2 weeks ago so what is actually happening when I decode all 3 of a 2of3 Vault?
You get a set of private keys per chain. The private key for the given chain can be imported into a respective wallet (ex. Metamask for ETH or Unisat for BTC) and it will share the same address as what you see in Vultisig.
Why do I see differnt Private keys for each file and again for the combined files?
You can think of each share as a different point on the same curve. If you have enough points on the curve, you can determine the correct private key. Each point, by itself, can also be a private key. That is why the JP Honeypot shows a private key, but not the correct one.
The fancy over my head stuff would be like:
each party collaborate to generate a random polynomial of degree 1, Pol . Each party (1, 2, 3) P_i only knows Pol(i), and the private key is Pol(0)Do I need only 2of3 to recover the proper xprv key for accessing funds?
Yes. You need the majority threshold.
The web page instuctions explicitly state. This is a one-way function;
... but is it really? Is this key created temporarily for me on the screen when I run the program? Once the screen is clear the key isn't recoverable or hackable unless I have saved it somewhere? I can regenerate it anytime with the tool.
It is a one-way function because you can't take your private key and create the vult shares from it. Thus only one way: vult share to private key.
Can I still use my regular vaults as before?
Yes, but it is now technically less secure because when you create your vaults, it never generated a private key. It was never known to any system what your private key was.
At what point does the Vault become unusable - only when I transfer funds out using the xprv key?
The vaults can still be used, just less secure because you can also import that private key into a wallet and start using it without vultisig ever knowing. You can see that with the 2 shares I provided in the repo. Feel free to import them, add a little bit of money via Base and then import the eth key into metamask and spend the money.
Lastly, am I correct in that SOL isn't currently supported by this tool?
Correct. There is an open issue. Once it is incorporated in the main repo, I will port it over.
RowboTony
commented
2 weeks ago ....I continue to struggle. The concept 💯 makes sense, thank you @SxMShaDoW for the thorough explanation!
I still can't get it to work. Here's what I've done:
/mobile-tss-lib/cmd/recovery-cli
xprv keys from each toolxprv keys to
Perhaps my expectations are misguided? Here's my motivation - I don't trust backup files. I have had too many corrupt files in my many years of computer programming and general IT nerdery. I've had files that were redundant, RAID, multiple locations, still end up corrupt - yep, they're backed up, but all corrupt.
My thinking is that, if I can every six months or so, run this tool on my .vult shares to see the xprv key, check the balance, then I know my funds are safe. The end result is to ensure that normal human family members can recover the funds in multiple ways that are not too technically obtuse. That said - kindly let me know if there are other support sites, forums, or articles I can reference to improve my understanding of this concept.
Or, if there's a better recommended way to ensure these backup files are not corrupt, I'm open learning.
Respectfully, --Tony
SxMShaDoW
commented
2 weeks ago Couple quick questions:
is the address (the public one) that they produce in the output match the address you expect? It is weird you get 2 different private keys. That is definitely wrong and I may have broken something on my app if that's the case. I've been trying to add more chains recently.
have you tried the (2) sample vaults I provided in my repo? I believe one of them has some small amount of ETH on base to play with.
The ETH private key isn't an xprv - it should be in a different format than what BTC has before importing it Metamask. I can spin up my example for you if you like.
Are all the Share information that I provide in my tool make sense? They are different parts/device names?
RowboTony
commented
1 week ago @SxMShaDoW Thank you again for the info. Here's where I'm at:
The shares provided in your repo, Test-part1of2.vult and Test-part2of2.vult, work fine in both your web tool and the /mobile-tss-lib/cmd/recovery-cli ✔
The .vult shares I have for my 2of2 and 2of3 Vultisig wallets also corroborate the following:
.vult files. ✔ hex encoded private key for ethereum: works to recover in Metamask ✔address: all match and show the on-chain assets on BTC, ETH, BASE, and THOR block explorers. ✔Bitcoin is not working for me, user error? Neither the extended private key full: xprv... or the private key for bitcoin: xprv... work to recover a Bitcoin wallet in any of the software I've tried - Sparrow, Bluewallet, Electrum. ❌ This tool even provides QR codes for other wallets to import (https://iancoleman.io/bip39/) ...no success, I see only empty zero wallets.
I've even written a python BIP32 generator script that compares the xprv key with the thousands of bc1... addresses it can derive, and I've not found any matches to the bc1.....zc address I see in my Vultisig UI wallet within the first 1,000,000 address derivations. My thinking was that the derivation was something such as m/84'/0'/0'/0/{index}....ok so the wallet isn't at index{0} through {1,000,000} according to my script.
So.... ETH and other assets are confirmed recoverable with this tool... but how can Bitcoin be recovered? My understanding of wallets is still elementary. Thank you again for this discussion.
--Tony
SxMShaDoW
commented
1 week ago Things that I have tested:
Things I haven't tested:
SxMShaDoW
commented
1 week ago Alright @RowboTony . Reporting back:
So what you can do is take the WIF key from the output and put p2wpkh: infront of it and import it into Electrum (File > New/Restore > Name wallet > Import Bitcoin Addresses or Private Keys).
Haven't tested the other bitcoin-like networks but that works for BTC.
I made it cleaner in my tool. I updated my current PR to make it easier to find for other people
RowboTony
commented
1 week ago Alright @RowboTony . Reporting back:
So what you can do is take the WIF key from the output and put
p2wpkh:infront of it and import it into Electrum (File > New/Restore > Name wallet > Import Bitcoin Addresses or Private Keys).Haven't tested the other bitcoin-like networks but that works for
BTC.I made it cleaner in my tool. I updated my current PR to make it easier to find for other people
THANKS! 🚀 Yes - now I can recover my Bitcoin wallet in electrum with this method: add p2wpkh: in front of the WIF key while importing to Electrum wallet..... but man that's gnarly, no non-technical people will be able to figure that out with these tools as-is.
I am also able to WIF sweep the funds into Sparrow wallet (in case of emergency), unfortunately Sparrow doesn't allow importing the WIF key as Electrum does. Electrum allows WIF import and observe without affecting the UTXOs.
In either case, this is progress! I hope the tool can improve with this information, and help others in the future.
Thank you!
Hello, I tried this on Windows WSL Ubuntu 22.04 as per instructions here:
https://docs.vultisig.com/threshold-signature-scheme/emergency-recovery#option-1-web-ui-version
I was able to
makeand access the local web host, I added my keys, clicked the [Recover Key] button, nothing happens.Could this be because VultiSig email .vult backup required a Vault save password? (Windows or iOS did not require a password for the .vult backup.) I couldn't proceed to send the .vult to my email without adding a password. Does the Web Recovery decrypt a .vult file with a user set password?
Let me know how I can help debug. Thanks. --Tony
Windows - Create New Vault Share (cannot (skip) password creation)
Files selected:
Click [Recover Key] button, no joy.