How to obtain the private key of any address
This post has to be considered educational and is intended to show how mnemonic seeds work, how to manage private keys and what considerations to make when disposing a transaction. Always be careful when managing seeds, especially with devices connected to the Internet.
Many wallet clients do not allow users to see the private keys of their addresses, which could be useful, for example, to spend coins only from the desired address. Even if the addresses are derived from the same seed, they are not bound together and, from the outside, each address is an autonomous entity with its private key. Maybe we used addresses to receive funds from different sources and spending these together could compromise our privacy or correlate funds that we want to keep separate. Indeed, as seen in this post, it is very simple to correlate addresses spending funds in the same transaction.
How to solve this?
Private keys are rarely revealed by our clients, especially if we are using hardware wallets but usually we have access to the mnemonic seed phrase, that is needed to restore access to a wallet. Through a hierarchical-deterministic process, private keys, public keys and public addresses are derived from this sequence of words, but we usually see only our addresses.
How could we do that?
Let's see an example procedure, carried out with AnuBitux, to obtain the private key of a specific address, minimizing the risks of handling our mnemonic seed thanks to the fact that we are using a live working environment.
For example, let's say we are interested in the private key of a specific address that we usually manage with our Blockstream Green Wallet, like the following one.
To know the related private key we also need to know our mnemonic seed, in this case: stand tree close slice beauty alert stereo green beauty verify fatal since brown pig impact zone snap measure obtain fun often neither rough elevator.
Handling our mnemonic seeds has always to be considered a very dangerous operation. We should only do that in safe places, preferably alone, and store it in a safe place when it is not needed anymore.
To derive all the information from this seed, we can use the Ian Coleman's tool, integrated into AnuBitux in the "WalletTools" menu.
Before starting the tool, it is recommended to safeguard our security by putting the operating system offline. To do that, we can click on the proper desktop shortcut and provide the root password, which is set to anubitux.
Now we can start the tool and type the seed in the proper box. The tool will automatically derive the desired information (the "Auto compute" box must be checked).
Scrolling down the page, we can see all the derived addresses. By default, the tool derives Bitcoin legacy addresses (those starting with 1). In this case, we are interested in bech32 Bitcoin addresses, derived with the BIP84 derivation path. To see them we have to click on the proper button.
Continuing to scroll the page, we will find all the bech32 addresses derived from our mnemonic seed, with the related public and private keys.
Now we can store the desired private key in a text file and close our browser. The browser in AnuBitux has been set up to lose all the information when it is closed, so we do not need to reboot the system to be safe and we do not have to store the private key on an external memorization device.
At this point we can import the private key in Electrum, using the procedure shown in this tutorial. It is important to specify the correct format of the private key when importing it, in this case typing "p2wpkh:" before the key.
Finally, we have control of our address through the Electrum client and we could spend the available coins as we want.
We need to remember to turn our working environment online, through the proper desktop shortcut, to be able to see the addresse's balance and send transactions to the Bitcoin network.
This procedure can be used also to obtain private keys of addresses related to other cryptocurrencies, like Ethereum. After providing the seeds, we only need to choose the desired coin from the proper menu.
Now, at the bottom of the page, there will be the addresses and the private keys derived starting from the same seed, but with the derivation path related to another coin.
Another way
The same result could have been obtained by importing the seed into Electrum.
First of all, we need to import the seed in Electrum. When typing it we have to click on the "Option" button and select the "BIP39 seed" option.
Now we have to specify the derivation path we want Electrum to use to derive our addresses, in our case "native segwit" corresponding to BIP84 (m/84'/0'/0').
Now we can see that we have many Bitcoin addresses available, including the one of which we want to find the private key.
To obtain the private key of the desired address and also of all the other derived addresses, we have to click on the "Wallet" menu, then on "Private Keys" and on "Export".
After providing the wallet's password, that we have set up when we imported the seed, we will obtain all the private keys. We can also export the list to a CSV or a JSON file.
Final thoughts
The shown procedure should be used only to test how mnemonic seeds and private keys or for specific purposes, like spending coins only from the desired address when using clients that do not support "coin selection" features.
Before using this procedure for real needs, it is recommended to do an online search about our client, checking if it allows us to see the private keys of our address with some kind of hidden menu. In this way, we will not need to access our backup seed and leave it safe in the place we have chosen to store it.
In any case, these procedures are intended to be used with wallets used as "hot wallets". It is not recommended to manage seeds related to cold storage in that way unless we are intended to move all the funds.