Recover a Bitcoin Core wallet.
Bitcoin Core is the original, full-node Bitcoin wallet. Your coins are controlled by keys kept in a wallet.dat file on your own computer, locked behind a passphrase you chose.
Almost everyone who comes to us for a Bitcoin Core wallet has the file but has forgotten the passphrase. The coins are still there and the file is intact — Bitcoin Core just won't open it without the password.
Yes. Bitcoin Core is one of the formats that reduces to a check-only extract, so the fleet can test passwords against it safely — finding the password never exposes a key that holds funds. Bitcoin Core's lock is quick to test, so ordinary gaming GPUs churn through millions of guesses a second. You pay 15% only if we recover it, and nothing if we don't.
The Bitcoin Core extract, in detail.
Exactly what the fleet receives for this format — and why finding the password still can't move the funds.
What leaves your machine — and what never does
For a Bitcoin Core wallet, this is the entire check-only extract the fleet receives. It can test a password, but it can never be turned back into a key that spends.
$bitcoin$ - the encrypted unlock key — about 48 bytes (the value Bitcoin Core calls the "master key": an AES key that only unwraps your private keys, never one that can spend on its own)
- the 8-byte salt
- the stored iteration count
- every spendable private key — each separately encrypted by that unlock key, all kept inside wallet.dat
- the wallet addresses, labels, and transaction history
- the HD seed, if the wallet has one
The right passphrase unwraps the unlock key to data with valid padding — it comes out to exactly 32 bytes. That is enough for an operator-side match signal; final confirmation happens in Verify, where the same passphrase must decrypt a real wallet key kept outside the fleet. Because the unlock key only decrypts other keys that were never sent, recovering it still moves nothing.
$bitcoin$96$d011a1b6a8d675b7a36d0cd2efaca32a9f8dc1d57d6d01a58399ea04e703e8bbb44899039326f7a00f171a7bbc854a54$16$1563277210780230$158555$2$00$2$00 Illustrative — a public sample of this exact format (it unlocks with a known test password), not a customer wallet. Left to right: the format tag, the encrypted unlock key, the 8-byte salt, and the iteration count — exactly the fields the fleet receives.
Around 60 bytes on the wire — a ~48-byte encrypted unlock key, an 8-byte salt, and an iteration count. The keys that actually hold coins are encrypted separately and never included.
The passphrase is hashed together with an 8-byte salt, many thousands of times over. The iteration count is stored in the wallet itself — often 100,000 to 300,000+.
The right passphrase unwraps the unlock key to data with valid padding — it comes out to exactly 32 bytes. That is enough for an operator-side match signal; final confirmation happens in Verify, where the same passphrase must decrypt a real wallet key kept outside the fleet. Because the unlock key only decrypts other keys that were never sent, recovering it still moves nothing.
$bitcoin$ An open, published format. The agent checks every job matches it before running — so a real wallet can't be disguised as an extract.
See the full security model, or how a recovery works end to end.