joinmarket icon indicating copy to clipboard operation
joinmarket copied to clipboard
verified publisher icon JoinMarket-Org

How to get a list of unused wallet addresses?

Open dreboli opened this issue 8 years ago • 4 comments

Trying to get a list of new, unused addresses (about 500 addresses for every mixdepth). I see there are xpub keys when using the wallet-tool.py but could not find a way to derive addresses probably because of compatibility issues with other standards. Any easy and secure way?

dreboli avatar Apr 02 '17 22:04 dreboli

The xpub keys in joinmarket use the m/i path.

So let's use the addresses on the wiki page as examples.

Take xpub6Btm9LzaCFjWozatijp1sQ68a9eTAzfv2MS2SGei8NTyhCMc8UkqENm8xagcukVtZwDecgeBzn5zA4CKqq887Pp5u7F4ZG9S1DaDXH64dQT and put it into http://bip32.org/, put the xpub into the BIP32 Extended Key field and scroll down to choose Derivation Path to be Simple m/i. Then when choosing Keypair Index (i) to be 0, 1, 2, 3, etc you'll get the same addresses printed there of 1JPFmg1RSa2gtzcsow9fBjwdvWPsxcP3eX, 1AaCpeMit59ExfSvP3M3bTnMkhXgecSPeY and so on.

chris-belcher avatar Apr 03 '17 11:04 chris-belcher

You can get that list from the code with something like this, assuming you put it in a python script and run it from the directory above bitcoin/ (which the main joinmarket directory serves ok for):

import bitcoin as btc

#insert your required data here, xpub can be the one for the specific (mixdepth, external/internal) shown in wallet-tool
xpub = "tpubDDW8p879uJT4nzbxdLS2Vu5AtoPBMtcKtbDfh4jmZGzQBLSkD8qADG9zFzEkAVEw4Sb4bB8o4pegEb5i3myQnkJThqjGZJ6gWE1iGjy8LMU"
num_needed = 500
for i in range(num_needed):
    #remove ,0x6f if you're doing mainnet (then will be xpub not tpub above)
    addr = btc.pubkey_to_address(btc.bip32_extract_key(btc.bip32_ckd(xpub, i)), 0x6f)
    print addr

Needless to say be very careful playing around with this stuff if you're not sure what you're doing.

AdamISZ avatar Apr 03 '17 12:04 AdamISZ

Thanks for the script, it worked. Could you elaborate on the dangers? Some dangers that I can think of:

  • if an attacker gets my xpub and any priv key under that, then every address on that branch is compromised.
  • an address with balance might not show up with wallet-tool.py if the gap limit is too low.
  • might also need to do a rescan in case the coins doesn't show up in an address

Is there anything else?

dreboli avatar Apr 03 '17 20:04 dreboli

@dreboli I wasn't thinking about it too much, just simple stuff like you end up with the wrong list of addresses :) But yes your first bullet point is a big one (if you know that you're probably in a reasonable place with all this).

AdamISZ avatar Apr 04 '17 12:04 AdamISZ