Chinese

恢复原始私钥(Hard Key Recovery)

适用场景

Cobo MPC Co-Managed Custody 发生不可抗力因素导致无法再为客户提供服务。

这时,客户可以通过自身及其委托的第三方所管理的两个私钥分片,恢复出 MPC 钱包对应的 MPC 根扩展私钥( MPC Root Extended Private Key),并且基于此根扩展私钥推导出 MPC 钱包内所有地址的私钥。恢复每个地址的私钥需要依赖下方所述的准备工作,如果客户在平时正确完成了准备工作的内容,整个私钥恢复过程是完全不需要 Cobo 参与的。

条件要求

  • 客户及其委托的第三方维护的两个 TSS Node 的 secrets.db 数据文件及密码

  • 完成下列前期准备工作

前期准备工作

  • 恢复原始私钥(Hard Key Recovery)所使用的恢复工具为开源项目,名为 cobo-mpc-recovery-kits,链接地址为 https://github.com/CoboCustody/cobo-mpc-recovery-kits 。打开链接后,阅读工程 README.md,下载或编译私钥恢复工具 ​​cobo-mpc-recovery-tool ,客户可前往 https://github.com/CoboCustody/cobo-mpc-recovery-kits/releases 下载最新发布的版本。

  • 在三方协同生成 MPC 私钥分片之后,记录下本企业账号的 MPC 根扩展公钥(MPC Root Extended Public Key)。注意,根扩展公钥一旦生成后则不会改变,因此记录一次即可。

  • 实时或者定时保存 MPC 钱包内的地址信息。可以通过三种方式获得地址的详细信息:

  1. 通过 API 的 generate_addresses 接口生成地址时,在返回的 AddressDetail 里有 hd_path 信息,客户需要将其和新生成的地址一并保存

  2. 通过 API 的 list_addresses 接口,获取所有地址的 AddressDetail 信息,其中含有每个地址对应的 hd_path 信息

  3. 通过 Cobo Custody Web 的导出按钮,人工导出 MPC 钱包下的所有地址信息,如下图红框所示:

上述步骤中的第 1 、2 步都是一次性的,第 3 步则是在每个新地址生成后都需要进行一次,请客户结合自己的业务场景合理执行准备工作。

恢复过程

  • 准备恢复环境

客户需确保其管理 TSS Node 的主机均处于离线或者安全的网络环境下,并且操作员及其操作电脑、显示器等操作设备也都处于安全的环境内。准备好 TSS Node 软件包与数据库文件,TSS Node 的目录结构如下:

cobo-tss-node-generic
├── configs
│   └── cobo-tss-node-config.yaml.template
├── db
│   └── secrets.db
├── recovery  (导出私钥分片所在的文件夹,无需手动新建)
└── tss-node.sh

  • 确认私钥分片正确性

进入操作目录 cobo-tss-node-generic,获取 Group 信息

sudo ./tss-node.sh info group

示例:

$ sudo ./tss-node.sh info group
Container started: bc5e54bc4675a46b3edc9bbabc76ebb7d3918260fe8aeb09bbd60375ae26438c
Wait a few seconds ..................
INFO[2022-12-14T09:51:28+08:00] Total number of groups: 1, from db/secrets.db
INFO[2023-01-16T09:04:12+08:00] Group info: 
    Group ID: OoQGkknsPdPjLCmSuuSf
    Created Time: 2023-01-09 17:42:21.391854 +0800 HKT
    Root Extended Public Key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak
    ChainCode: 0xb74087d551e44ef8d3a1270accb1977fd373c29fe6e235bc681c59a2137e1334
    Share ID: 914259450665435839517029445012417071559
    Share Public Key: 0x023633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d
    Type: 1
    Curve: secp256k1
    Threshold: 2
    Local Node ID: cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs
    Other Node IDs: [coboBP97RpWKD2WGKhUUtZ1iu6uyWL7MjY4S8MpTUHDiwvRni cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4]
    Participants: 3
      (1) Node ID: coboBP97RpWKD2WGKhUUtZ1iu6uyWL7MjY4S8MpTUHDiwvRni
          Share ID: 751341643106997665517612415491881522730
          Share Public Key: 0x02ad8728dce88aa210645cff8dea474114376796d81e4b4df76bfa3ea847131b57
      (2) Node ID: cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs
          Share ID: 914259450665435839517029445012417071559
          Share Public Key: 0x023633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d
      (3) Node ID: cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4
          Share ID: 997493310528521058725882883276549657588
          Share Public Key: 0x02a233d2d37297bcfc3092ea65997a29b72931b5ca343db5cd608c85a306be5994

请确认上述日志中打印的 MPC Root Extended Public Key 和 准备工作 中第 2 步保存的 MPC Root Extended Public Key 是一致的。

如果一个 TSS Node 管理了多个私钥分片,请找到 MPC Root Extended Public Key 正确、并且更新时间最新的一组 Group 信息。随后记录下对应的 Group ID,例如上述日志中的 OoQGkknsPdPjLCmSuuSf。

  • 将需要导出的私钥分片对应的 Group ID 和 Root Extended Public Key 提供给第三方,用于第三方核对私钥分片信息

  • 导出私钥分片

客户在管理的 TSS Node 的根路径内,执行如下命令,导出私钥分片(其中的 <GROUP_ID> 请替换成前一步中获得的 Group ID):

./tss-node.sh export-share --group-id <GROUP_ID>

示例:

./tss-node.sh export-share --group-id OoQGkknsPdPjLCmSuuSf
INFO[2023-01-16T16:57:10+08:00] Init from default config file configs/cobo-tss-node-config.yaml 
Type password: 
Please type new password to encrypt export share
Type password (at least 8 characters): 
Retype password: 
INFO[2023-01-16T16:57:20+08:00] Export group info: 
    Group ID: OoQGkknsPdPjLCmSuuSf
    Created Time: 2023-01-09 17:42:21.391854 +0800 HKT
    Root Extended Public Key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak
    ChainCode: 0xb74087d551e44ef8d3a1270accb1977fd373c29fe6e235bc681c59a2137e1334
    Share ID: 914259450665435839517029445012417071559
    Share Public Key: 0x023633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d
    Type: 1
    Curve: secp256k1
    Threshold: 2
    Local Node ID: cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs
    Other Node IDs: [coboBP97RpWKD2WGKhUUtZ1iu6uyWL7MjY4S8MpTUHDiwvRni cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4]
    Participants: 3
      (1) Node ID: coboBP97RpWKD2WGKhUUtZ1iu6uyWL7MjY4S8MpTUHDiwvRni
          Share ID: 751341643106997665517612415491881522730
          Share Public Key: 0x02ad8728dce88aa210645cff8dea474114376796d81e4b4df76bfa3ea847131b57
      (2) Node ID: cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs
          Share ID: 914259450665435839517029445012417071559
          Share Public Key: 0x023633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d
      (3) Node ID: cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4
          Share ID: 997493310528521058725882883276549657588
          Share Public Key: 0x02a233d2d37297bcfc3092ea65997a29b72931b5ca343db5cd608c85a306be5994 
INFO[2023-01-16T16:57:20+08:00] Export TSS group OoQGkknsPdPjLCmSuuSf to file: recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720

程序执行流程:

  1. 输入数据加密密码

  2. 新生成密码并重复输入,此密码用于对导出文件中的私钥分片进行加密,后续 Hard Key Recovery 过程需要输入此密码才能访问私钥分片数据;密码设置后不可修改;如果密码丢失,等同于导出的私钥分片文件失效,需要重新导出一次。请严格控制此密码的访问权限;推荐使用密码管理软件(例如 1Password)生成复杂密码,长度建议在16~32位

  3. 程序自动生成私钥分片文件,命名规则为 recovery/tss-group-<GROUP_ID>-node-<NODE_ID>-recovery-<TIME>;私钥分片文件为 JSON 格式,例如上面日志中的 recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720

  4. 导出后,需要手动核对 JSON 文件对象 “group_info” 中的键 “id” 和键 “root_extended_public_key” 的值,确认是否正确。私钥分片文件示例如下:

{
   "version": 1,
   "group_info": {
       "id": "OoQGkknsPdPjLCmSuuSf",
       "created_time": "2023-01-09 17:42:21.391854 +0800 HKT",
       "type": 1,
       "root_extended_public_key": "xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak",
       "chaincode": "0xb74087d551e44ef8d3a1270accb1977fd373c29fe6e235bc681c59a2137e1334",
       "curve": "secp256k1",
       "threshold": 2,
       "participants": [
           {
               "node_id": "coboBP97RpWKD2WGKhUUtZ1iu6uyWL7MjY4S8MpTUHDiwvRni",
               "share_id": "751341643106997665517612415491881522730",
               "share_public_key": "0x02ad8728dce88aa210645cff8dea474114376796d81e4b4df76bfa3ea847131b57"
           },
           {
               "node_id": "cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs",
               "share_id": "914259450665435839517029445012417071559",
               "share_public_key": "0x023633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d"
           },
           {
               "node_id": "cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4",
               "share_id": "997493310528521058725882883276549657588",
               "share_public_key": "0x02a233d2d37297bcfc3092ea65997a29b72931b5ca343db5cd608c85a306be5994"
           }
       ]
   },
   "share_info": {
       "node_id": "cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs",
       "share_id": "914259450665435839517029445012417071559",
       "share_public_key": "0x023633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d",
       "encrypted_share": "7Ej7pjpYN7QuZ8U0j7bBpsXWfmcQ8fS3jt7gyAgpvjH8nMBZyO8q3MGwcDkkaqzq6FdkG55KqhMXLTR6",
       "kdf": {
           "length": 32,
           "iterations": 100000,
           "salt": "0x36cba7fe220aae67e748a2fb8bb5c99d20da34321c3485f3a017ee7e73e81517",
           "hash_type": 5,
           "hash_name": "SHA-256"
       }
   }
}

  • 接收第三方导出的私钥分片,并验证所有私钥分片是否合法

第三方导出私钥的方式与客户的类似,私钥分片文件为 JSON 格式,导出后,需要核对双方文件中的 Group ID 和 Root Extended Public Key 是否一致。

接下来,验证第三方导出的私钥分片与客户导出的私钥分片是否合法。在恢复工具 cobo-mpc-recovery-tool 同级目录下新建 recovery 文件夹,将两组私钥分片文件拷贝到 recovery 文件夹下,结构如下:

├── cobo-mpc-recovery-tool
└── recovery
    ├── tss-group-<GROUP_ID>-node-<NODE_ID1>-recovery-<TIME1>
    └── tss-group-<GROUP_ID>-node-<NODE_ID2>-recovery-<TIME2>

执行命令(请替换成真实的 Group ID 与私钥分片文件):

./cobo-mpc-recovery-tool verify \
    --group-recovery-files recovery/tss-group-<GROUP_ID>-node-<NODE_ID1>-recovery-<TIME1>,recovery/tss-group-<GROUP_ID>-node-<NODE_ID2>-recovery-<TIME2> \
    --group-id <GROUP_ID>

示例:

./cobo-mpc-recovery-tool verify \
    --group-recovery-files recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720,recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4-recovery-20230109-174349 \
    --group-id OoQGkknsPdPjLCmSuuSf
INFO[2023-01-16T22:01:30+08:00] Start to verify group recovery file recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720 
INFO[2023-01-16T22:01:30+08:00] Verify all group parameters passed!          
INFO[2023-01-16T22:01:30+08:00] Start to reconstruct root public key ...     
INFO[2023-01-16T22:01:30+08:00] Use participants (no.1) (no.2)  to reconstruct root extended public key ... 
INFO[2023-01-16T22:01:30+08:00] Reconstructed root extended public key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak 
INFO[2023-01-16T22:01:30+08:00] Use participants (no.1) (no.3)  to reconstruct root extended public key ... 
INFO[2023-01-16T22:01:30+08:00] Reconstructed root extended public key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak 
INFO[2023-01-16T22:01:30+08:00] Verify to reconstruct root public key passed! 
INFO[2023-01-16T22:01:30+08:00] Start to derive share public key from share secret ... 
Enter password to decrypt share secret from recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720
Password:
INFO[2023-01-16T22:01:34+08:00] Derived share public key: 0x043633989378b01c2e66d5fd70666101546a310aaab2c08c7b5813be371d438c0d724e32e537b78ddd1cba1c38aa088aa997e4f3a47d45ac422b54518a138cb732 
INFO[2023-01-16T22:01:34+08:00] Verify to derive share public key from share secret passed! 
INFO[2023-01-16T22:01:34+08:00] Verify group recovery file recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720 passed! 
INFO[2023-01-16T22:01:34+08:00] =======================================      
INFO[2023-01-16T22:01:34+08:00] Start to verify group recovery file recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4-recovery-20230109-174349 
INFO[2023-01-16T22:01:34+08:00] Verify all group parameters passed!          
INFO[2023-01-16T22:01:34+08:00] Start to compare with group (no.1) parameters ... 
INFO[2023-01-16T22:01:34+08:00] Compare with group (no.1) parameters passed! 
INFO[2023-01-16T22:01:34+08:00] Start to reconstruct root public key ...     
INFO[2023-01-16T22:01:34+08:00] Use participants (no.1) (no.2)  to reconstruct root extended public key ... 
INFO[2023-01-16T22:01:34+08:00] Reconstructed root extended public key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak 
INFO[2023-01-16T22:01:34+08:00] Use participants (no.1) (no.3)  to reconstruct root extended public key ... 
INFO[2023-01-16T22:01:34+08:00] Reconstructed root extended public key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak 
INFO[2023-01-16T22:01:34+08:00] Verify to reconstruct root public key passed! 
INFO[2023-01-16T22:01:34+08:00] Start to derive share public key from share secret ... 
Enter password to decrypt share secret from recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4-recovery-20230109-174349
Password:
INFO[2023-01-16T22:01:37+08:00] Derived share public key: 0x04a233d2d37297bcfc3092ea65997a29b72931b5ca343db5cd608c85a306be59944e8ba3e10a2dea4f4682c2076f9ed7cc1b1a8261b6a7b4abab7a941e60f172f2 
INFO[2023-01-16T22:01:37+08:00] Verify to derive share public key from share secret passed! 
INFO[2023-01-16T22:01:37+08:00] Verify group recovery file recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4-recovery-20230109-174349 passed! 
INFO[2023-01-16T22:01:37+08:00] =======================================      
INFO[2023-01-16T22:01:37+08:00] Verify all group recovery files passed!

程序执行过程:

  1. 检查第一个私钥分片文件的每项键/值是否合法

  2. 使用第一个私钥分片文件中“participants” 对象的信息,恢复根扩展公钥,检查与文件中的根扩展公钥是否一致。

  3. 手动输入第一个私钥分片文件的加密密码,解密出分片的私钥,然后推导出对应公钥,检查与文件中分片的公钥(share_public_key)是否一致

  4. 检查第二个私钥分片文件的每项键/值是否合法

  5. 检查第二个私钥分片文件中每项键/值与第一个私钥分片文件中每项键/值是否正确匹配

  6. 使用第二个私钥分片文件中所有参与者 “participants” 对象的信息,恢复根扩展公钥,检查与文件中的根扩展公钥是否一致。

  7. 手动输入第二个私钥分片文件的加密密码,解密出分片的私钥,然后推导出对应公钥,检查与文件中分片的公钥(share_public_key)是否一致。

  • 合并私钥分片,恢复出 MPC Root Extended Private Key,推导出所有地址的私钥

准备工作第 3 步中介绍了多种记录地址信息的方式,本节以通过 Cobo Custody Web 导出的地址信息为例进行说明。如果客户计划使用自行保存的地址信息,请将地址信息按照相同的文件格式进行保存后再使用。

解压从 Cobo Custody Web 导出的压缩包后,可以看到 address.csv 文件;复制 address.csv 文件到与 cobo-mpc-recovery-tool 同级的 recovery 文件夹下,目录结构如下:

├── cobo-mpc-recovery-tool
└── recovery
    ├── address.csv
    ├── tss-group-<GROUP_ID>-node-<NODE_ID1>-recovery-<TIME1>
    └── tss-group-<GROUP_ID>-node-<NODE_ID2>-recovery-<TIME2>

执行命令(请替换成真实的 Group ID 与私钥分片文件):

./cobo-mpc-recovery-tool \
    --group-recovery-files recovery/tss-group-<GROUP_ID>-node-<NODE_ID1>-recovery-<TIME1>,recovery/tss-group-<GROUP_ID>-node-<NODE_ID2>-recovery-<TIME2> \
    --group-id <GROUP_ID> \
    --csv-file recovery/address.csv \
    --show-root-private-key

示例:

./cobo-mpc-recovery-tool \
    --group-recovery-files recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720,recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4-recovery-20230109-174349 \
    --group-id OoQGkknsPdPjLCmSuuSf \
    --csv-file recovery/address.csv \
    --show-root-private-key

Enter password to decrypt share secret from recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobo2Jitd83uNFZmGnvs8c4Bs1TUNjVVeBQmc82a4KpLFqdbLs-recovery-20230116-165720
Password:
Enter password to decrypt share secret from recovery/tss-group-OoQGkknsPdPjLCmSuuSf-node-cobok1nJ4P8DL1mU5SDEzh8QDA5FzdSg7gdkAZKUWK4NuviS4-recovery-20230109-174349
Password:
INFO[2023-01-16T22:54:17+08:00] Derive keys from recovery/address.csv to recovery/address-recovery-20230116-225417.csv: 
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/15 derived child private key: [child-hex-private-key-display] 
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/15 derived child extended private key: [child-extended-private-key-display]
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/15 derived child extended public key: xpub6GQqSwqQCEJ7uB2XnbrWGrRTQckfhPH1B9UoyBaHVT4cJikeQFTnUk94b9s13JfcdYY4VzQMhiDtBtVtvAQAbaqeUikAbnYzyFKpxdudyRZ 
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/14 derived child private key: [child-hex-private-key-display]
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/14 derived child extended private key: [child-extended-private-key-display]
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/14 derived child extended public key: xpub6GQqSwqQCEJ7rRKt8CLveYenF4LgKLtpy8EpUiJ95bdF6hWMHuW4pZksFE3Am9SDrsccbDxBi4P7gEHAfXbdJGJCQhqZz3dMyEYoz5vgLeh 
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/13 derived child private key: [child-hex-private-key-display] 
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/13 derived child extended private key: [child-extended-private-key-display]
INFO[2023-01-16T22:54:17+08:00] Path: 44/1/2/0/13 derived child extended public key: xpub6GQqSwqQCEJ7p3Q6AZa5KRfj5xBKCPzv4nvkPLDs7N9HoN5FwzruzFGy2qfxjSagJXvkxVahST4oFFnkbPUd6sm3UcoSoXxMHGYEZMFNsLU 
INFO[2023-01-16T22:54:17+08:00] Derive keys from recovery/address.csv to recovery/address-recovery-20230116-225417.csv completed 
INFO[2023-01-16T22:54:17+08:00] Reconstructed root private key: 0x61272be72bf74d3b9320d8019aab0fe2add5e75fcb23efde2d899ec2d3f78959 
INFO[2023-01-16T22:54:17+08:00] Reconstructed root extended private key: [root-extended-private-key-display]
INFO[2023-01-16T22:54:17+08:00] Reconstructed root extended public key: xpub661MyMwAqRbcGNFddDqGveSvN9jr1n1GMGFypyhqn34oKyMw9bvrych636CDwgBbLjdLgQRoQtmqPucPb1pZQVBZq3tuXXTQX8wP3JMWAak

程序执行过程:

  • 按提示依次输入两个私钥分片文件的解密密码

  • 根私钥合成成功后,会打印恢复出的 MPC Root Extended Private Key 和 MPC Root Extended Public Key

  • 请确认 MPC Root Extended Public Key 和准备工作第 2 步中记录的一致

  • 导入 address.csv 文件,根据文件中的 HD path 派生公钥与私钥,程序会自动生成文件 recovery/address-recovery-<TIME>.csv ,例如上面日志中的recovery/address-recovery-20230116-225417.csv

执行完成后,recovery/address-recovery-<TIME>.csv 文件内会包含所有地址的私钥明文信息。这些私钥可以直接用来管理加密资产,请妥善保管。

Previous重新生成私钥分片(Soft Key Recovery)Next参与第三方重新生成私钥分片(Third Party Key Recovery)过程

Last updated