Doesn't work with vaults from iOS (Or any mobile platform)
3rdIteration opened this issue · 21 comments
Documentation suggests that this should work with vaults from iOS, but that doesn't seem possible. Basically I'm looking to add the ability to use BTCRecover for Metamask Mobile wallet password recovery. (It currently supports desktop only) and wanted to ask before I spend the time running the mobile app from source and getting to the bottom of exactly what is going on.
There are (at least) three reasons for this:
- Mobile vaults are encrypted with a different scheme, as per here: https://github.com/MetaMask/metamask-mobile/blob/develop/app/core/Encryptor.js (Less PBKDF2 rounds and apparently different AES mode)
- Mobile vaults don't base64 encode the IV
- Mobile vaults store the encrypted data in "cipher" rather than "data"
Basically the vault decryptor is currently hard-coded to handle the scheme that the desktop app uses... (Rather than look for unique things like the "lib:original" or presence of "cipher".)
Even with these changes I have still yet to be able to get a mobile test wallet to successfully decrypt. (In either Python or tweaking your tool)
For reference I am using this vault here:
{"cipher":"oyvzsghbruyPSrkcEv0B+qfkODclFQNIPWuvWHSgIMr26dcVDcsj+sBjzMrJ0mWP0jZQ1xhKt1bAp3v8+rLPauI8OsJ/1uoImqAcBRBu1ORUHmwk2kYIiYLC+qgqvf6OHZGmhF3OAT4Fpt4TSZIP5kVI12DHLNO0yLZDkBliXhQSmuhmY8CCpE13IaTrBWipe/E5lblr5zQWvgfz6lBzrxzE87eY4bAGJ5bh4P/5Nxc=","iv":"9ec290a383a4c4cf5fcae9137455dc72","salt":"ywv4d3UyjBtjVQ0gip0Swg==","lib":"original"}
The password is btcr-test-password
Alternatively, a password for the demo wallet that you offer here: https://metamask.zendesk.com/hc/en-us/articles/360018766351-How-to-use-the-Vault-Decryptor-with-the-MetaMask-Vault-Data would be great too
Please don't paste your vault data publicly, especially in combination with your password, as this exposes your SRP to everyone. You should edit your comment and migrate your assets to a different SRP as soon as possible. If you really to share your personal data, then please do so with our support team.
It's a test wallet that was generated for this and is exposed on purpose. It will also be bundled with BTCRecover along with the password and be part of the automatic CI tests...
In the context of development, it's important to have some reproducible test vectors like this, bit I couldn't don't any provided in the Metamask repo.
If you can get it to decrypt then that would be great, but I'm quite sure this tool, as it stands, can't be used for mobile wallets.
Okay, whew
Your findings make sense. Based on the support article, it does appear that this tool was created to work with data that the extension stores, thus it does not properly account for mobile. I think it would definitely be more helpful for users if this were changed to automatically detect the source that the encrypted data came from, extension or mobile, and decrypt it accordingly. Unfortunately we don't have the bandwidth to do this right now, but we would gladly take a PR!
Great, just wanted to confirm this and will have a more in depth look over the next few weeks.
Added Metamask-Mobile wallet support for brute-force recovery, vault extraction and vault decrypt/dump to BTCRecover as of: 3rdIteration/btcrecover@bbabff4
Might look at bringing a PR to this repo at some point, but in the mean time, as an FYI for anyone who is interested:
Differences to desktop vaults are are:
- Mobile vaults store the encrypted data in "cipher"
- PBKDF2 5000 iterations
- PBKDF2 uses SHA512
- PBDKF2 uses the base64 encoded salt as-is. (So just treats it like a string as opposed to converting it back from Base64)
- AES uses AEC-CBC
- AES IV is stored as a hex-string
Great, thanks for the pointers!
Hey apologies as I tried following along the YouTube videos but didn’t appear to find an answer. I have my cipher phrase and what I think to be the password. Is there a fix that allows me to decrypt that? Similar to the earlier comment this is mobile vault data. Appreciate any help and insight!
Appreciate the quick reply! I’ll sit and wait for a fix then haha one day
Hey apologies as I tried following along the YouTube videos but didn’t appear to find an answer. I have my cipher phrase and what I think to be the password. Is there a fix that allows me to decrypt that? Similar to the earlier comment this is mobile vault data. Appreciate any help and insight!
BTCRecover supports extracting and decrypting both the desktop and mobile vaults now, so basically you can use the Metamask docco to get the persist-root file and then just decrypt/dump with BTCRecover. (Process is the same for decrypt/dump desktop wallet once you have the wallet file)
Great, yes I already have the persist root file so I’ll give it a try! Thanks
@3rdIteration Hi i'm attempting to install BTCrecover as we speak and I'm at the 5min mark in the YouTube video. The code that you copy and paste under next steps does not appear to be populating for me. Everything appeared to successfully install up until that point. Any help is appreciated, thanks again!!
@3rdIteration Hi i'm attempting to install BTCrecover as we speak and I'm at the 5min mark in the YouTube video. The code that you copy and paste under next steps does not appear to be populating for me. Everything appeared to successfully install up until that point. Any help is appreciated, thanks again!!
Best bet is to ask BTCRecover specific support questions in the YouTube comments for that video rather than here.
@3rdIteration sounds good! Appreciate your assistance
I'm going to close this issue as there's nothing in the Zendesk article that indicates that this tool can be used for the mobile app (there is a different process detailed for mobile). Maybe that's something we could add at some point, but we currently have no plans for doing so. If there's anything we can do to clear this up in the support article then let us know.
The Zendesk article indicates that it should work with iOS 3/4 of the page, so at the very least that part should be removed for now.
Ah. Would it be less confusing if this article were renamed to something like "Recovering Your Secret Recovery Phrase"? Then the only mention of the vault decryptor should be limited to the first section that covers the extension.
I think the information about extracting vaults from iOS should be at the very least adjusted, as right now it explicitly states that the extracted iOS vault data can be used with the web based vault decryptor. (This is exactly why the original issue opened with a question as it made me wonder if there was some other version of the tool that the Zendesk article author had access to)
Do you mind pasting the part that explicitly states this? I've gone over this article multiple times and can't find it. It's possible I'm missing something.
Heading:
This article provides instructions for Secret Recovery Phrase recovery on the desktop (MetaMask Browser Extension) and MetaMask Mobile on iOS. We are currently working on a solution for Android; as soon as it is available, we will post it here.
You can read below how to copy your Vault data from Chrome-based browsers (including Chrome, Brave, Edge, and Opera), and further down, instructions for Mobile on iOS.
Further down the page
MetaMask Mobile on iOS:
In order to recover your vault data, you will need:
The password that was used on MetaMask Mobile when the vault was created (or restored on that device)
MacOS running on a separate computer or laptop, other than the mobile device in question
An app capable of displaying JSON data in a readable fashion. You may need to download one, for example: https://imazing.com/download/macos
A WiFi connection or the appropriate cable to sync your phone and your computer
Procedure
Connect the mobile device to computer, either via wifi or a physical cable, so that the mobile device appears in your Finder.
Back up the mobile device as per the instructions [here](https://support.apple.com/guide/iphone/back-up-iphone-iph3ecf67d29/ios) under 'Back up your iPhone using your Mac'. We recommend using the encrypted option, and making a note of the password for later.
Select Manage Backups
Show in Finder
Drag backup folder into iMazing app, or whichever app you're using to read the backup. This is the point at which you'll need your password if you encrypted the backup.
In the backup tool, navigate to Apps->MetaMask->Documents->persistStore->persist-root
Open the persist-root file. It will be a lengthy file in JSON format.
Search for the word "KeyringController"
Copy and paste that JSON object into a new document. It will look something like this:
{\\\\\\\\\\\\"cipher\\\\\\\\\\\\":\\\\\\\\\\\\"JaX8Z80QMzzqA4XMgPsUuleNLIuxvchXZ5q1SO9GO1kuNUmokUke06op9EF0ZU4WXsILfUZ0yKI5kjzYY9H12t5aGb43BOAWJwlKuC8neXWeL5enoD/L05eDC9tzZEBupLwF7cGG6JdPHHQKdRDWWbQM+TUo6EvZv7LClPZQVJ17uowGvPMPB0UwfPea7DP/dE5DYleHmX1rhxAJr1YN4HUPAYpCCReU4W4/2QsaM+E=\\\\\\\\\\\\",\\\\\\\\\\\\"iv\\\\\\\\\\\\":\\\\\\\\\\\\"dcabe6ed590ae3ee8e056c7844c58047\\\\\\\\\\\\",\\\\\\\\\\\\"salt\\\\\\\\\\\\":\\\\\\\\\\\\"h6IkHlWjloB9c9+KiGgYvQ==\\\\\\\\\\\\",\\\\\\\\\\\\"lib\\\\\\\\\\\\":\\\\\\\\\\\\"original\\\\\\\\\\\\"}
Modify the object to reflect the example below (manually remove all \\\ and ensure there are no white spaces):
{"cipher":"JaX8Z80QMzzqA4XMgPsUuleNLIuxvchXZ5q1SO9GO1kuNUmokUke06op9EF0ZU4WssILfUZ0yKI5kjzYY9H12t5aGb43BOAWJwlKuC8neXWeL5enoD/L05eDC9tzZEBupLwF7cGG6JdPHHQKdRDWWbQM+TUo6EvZv7LClPZQVJ17uowGvPMPB0UwXPea7DP/dE5DYleHmX1rhxAJr1YN4HUPAYpCCReU4W4/2QsaM+E=","iv":"dcabe6ed590ae3ee8e056c7844c583d7","salt":"h6IkHlWjloBgc9+KiGTYvQ==","lib":"original"}
**This should get you to a point were you can copy the vault into the the mobile application!**