01-29-2020, 07:52 PM
I don't know what we can/should do here, but maybe somebody can do some more research and update the github issue etc...
For instance it seems that the wiki says it uses base58check:
https://github.com/Multibit-Legacy/multi...ivate-keys
https://github.com/robevansuk/BitcoinPri...8/issues/1
which links to https://en.bitcoin.it/wiki/Wallet_import_format and https://en.bitcoin.it/wiki/Base58Check_encoding
also the tool mentioned (DumpedPrivateKey.java) within that Multibit-Legacy github repository seems to say something about checksums:
https://github.com/bitcoinj/bitcoinj/blo...teKey.java
I have no clue if this is true and if multibit2john.py has support for all the bytes needed for the checksum test.
I think even with the first 2 blocks (2*16=32 bytes) of the private key, you can steal the balance quite easily.... so I don't think the output of multibit2john is really meant to give to untrusted people
https://github.com/magnumripper/JohnTheR...#L342-L344
For instance it seems that the wiki says it uses base58check:
https://github.com/Multibit-Legacy/multi...ivate-keys
https://github.com/robevansuk/BitcoinPri...8/issues/1
which links to https://en.bitcoin.it/wiki/Wallet_import_format and https://en.bitcoin.it/wiki/Base58Check_encoding
also the tool mentioned (DumpedPrivateKey.java) within that Multibit-Legacy github repository seems to say something about checksums:
https://github.com/bitcoinj/bitcoinj/blo...teKey.java
I have no clue if this is true and if multibit2john.py has support for all the bytes needed for the checksum test.
I think even with the first 2 blocks (2*16=32 bytes) of the private key, you can steal the balance quite easily.... so I don't think the output of multibit2john is really meant to give to untrusted people
https://github.com/magnumripper/JohnTheR...#L342-L344