User story: Hidden in plain sight

Over the course of our operation, we've seen a lot of people who found various, creative ways to obfuscate their seed phrases. A few days ago we received an email from Dan regarding an Electrum seed phrase he had hidden within a bunch of other decoy words back in 2017, using some sort of pattern that he was positive he'll remember. The reason he used this method was because he believed that it would increase the security of his seed phrase and that this will allow him to store it online in his email account. We could not disagree more.

The list is about 600 words long, 350 of which are in the Electrum (and BIP39) English word list. Electrum seeds follow a different generation process, you can read more about it here. After exchanging some emails with Dan, we gathered that:

1. He had used a pattern, most likely a constant space between each word in the list
2. He did not mix up the order of the words - If the first seed word was written in index 36, the second word could only be in index 37 or above.
3. He remembered that he started entering the real seed words after about 250 decoy words.

What we had to do in order to crack this one open is to create a small tool that:

1. Loops through the provided word list, starts with spacing = 1 and increases the spacing variable every time. Each iteration checks to see if a valid Electrum seed is produced for the given spacing limit.
2. Gather the valid seeds and use common derivation paths to generate the first few Bitcoin addresses.
3. Check for any activity on those Bitcoin addresses.

Since Dan didn't have any information regarding the receiving addresses that were used, and since we wanted to make sure we are not missing anything, for every valid Electrum seed we generated several addresses for common derivation paths and had to check to see if there was any activity on those addresses. If we had prior information regarding an address that was used to receive funds for the lost seed, we could skip this compute intensive task and simply compare the generated addresses for each derivation path to the address we had information for and greatly reduce the time it took to check each valid seed phrase.

After a short period of time, we managed to find the lost seed and recover Dan's coins which we then transferred to a fresh BTC address only he owns.

Need help recovering your seed phrase?

We at Brute Brothers have special software and hardware to help recover partial seed phrases for all wallet types. Contact us for more details.