Cracking partial hex seed for Ethreum Presale
#11
that's good that you mention this fact/doubt about the private key vs seed, chick3nman

I assumed that the OP (uprising_bike) is sure that s/he has (part of) the seed, not the private key instead (the first post says "I have 59 of 64 hex bytes that I think are a backup of the seed").

The difference is this:
Code:
private key: keccak (seed)
vs
Code:
bkp: keccak (seed . "\x02")

if you have parts of the seed, you could verify if you can come up with the correct/complete seed with the "bkp" checksum.
If you have parts of the private key instead, you would need to generate the public key and ether address and match it against the ethereum address instead !

These are 2 very different situations and you should know or at least find out what you have and what you don't have. private key is different from seed. the initial post here says that parts of the seed are known.

If parts of the private key are known (which could be indeed the case because the keccak output is always 64 bytes of course, while the seed might/should be much longer as already mentioned, but this depend on when the json file was generated) it's a little bit more complicated to validate (not supported by hashcat) which one is the correct key because it requires some elliptic curve (public-private key) cryptography steps. note: you can't go back from the private key to the seed because the keccak hashing is of course a one-way operation.

Again, I would not recommend to use other tools to test the cracking by generating new wallets but only use the very same web page/tool that you used for your target file (the seed generation could be very different, maybe other parts too). Fortunately, it's all open source software and even the presale website is still on github etc.

Therefore, again, I would suggest making sure that you use the exact same tool/page and even version of it (you should know the data from the json/UTC file or date of the presale order confirmation mail) to generate test wallets and (I wouldn't recommend using some random tool you find on the internet like pyethtool.py, they might be slightly different) .... and I would also recommend testing the cracking on sample wallets generated with the original tool that also generated your presale wallet (each and every of this tools is and always was open source!).

You need to either remember if you backed up the private key or seed etc... or you need to find it out with the tool by running it and observing where the private key or seed can be downloaded and how long it is.

You didn't really answer this questions... but you at least need to consider these question: when did you get the presale wallet? how did you generate/get the presale wallet? are you sure that there was an option to download the seed? ... or are you sure there was an option to download the private key? Did you use the ethereum presale web page and got a confirmation mail with the json file attached (my guess is yes, because it seems kind of everybody involved used this page to generate their wallets)? etc
(btw: you do not need to answer all these questions here if you do not feel comfortable to answer these maybe sensitive questions, but you should know what you have and what you did at that time otherwise there are too many doubts)

On one hand it would make sense that the private key was somehow downloadable/displayed at that time because that's the most important information besides the "encrypted" content within the json file (which includes the encrypted seed!!!).
On the other hand, since the private key is a one-way checksum of the seed (keccak (seed)) it would make sense to (also) have/download/get the raw seed, otherwise you couldn't find out the seed just by having the private key (because of the one-way hashing algorithm).

I'm not sure what you have and how you got/generated the wallet, therefore I can't say for sure... but it should be kind of easy to figure it out by knowing the date and tool/page that you used at that time.