BlueWallet Password Recovery — Bitcoin & Lightning Wallet Guide

Q: Where does BlueWallet store its encrypted wallet data?

BlueWallet uses React Native's AsyncStorage, which on iOS stores data as SQLite in the app sandbox, and on Android uses RocksDB or SQLite. The most practical extraction path is via the app's built-in 'Export Wallet' or 'Create Backup' feature, which generates a JSON file containing the encrypted seed material.

Q: What encryption does BlueWallet use?

BlueWallet uses AES encryption with a password-derived key to protect wallet seeds at rest in local storage. The app also supports importing BIP39 seeds. For Lightning Network wallets, BlueWallet uses LND (Lightning Network Daemon) with AEZ encryption v0.4.0. The wallet JSON export contains the encrypted seed which can be attacked offline with custom scripts.

Q: Can I recover a BlueWallet password without the wallet file?

Only if you have the 12 or 24-word BIP39 seed phrase written down. BlueWallet stores encrypted data in the mobile app sandbox which is inaccessible without root/jailbreak. Always use the Export Wallet feature to back up the encrypted JSON to a safe location.

Q: Does BlueWallet support Lightning Network?

Yes. BlueWallet has full Lightning Network support via embedded LND nodes. Lightning wallets use AEZ encryption for the channel state and are separate from the on-chain Bitcoin wallet encryption. Recovering Lightning funds adds additional complexity because channel state must also be recoverable.

Q: Is BlueWallet password recovery realistic?

Yes, if you have an exported wallet JSON backup. The encryption uses standard AES with PBKDF2. GPU acceleration is possible with custom scripts. Success strongly depends on having a usable backup file and good password hints. On-device-only storage without export is effectively unrecoverable without root access.

BlueWallet is one of the most popular mobile Bitcoin wallets, supporting both on-chain transactions and the Lightning Network. It is available for iOS and Android. Because it is a mobile-first wallet, the encrypted seed material lives inside the app sandbox — which makes extraction significantly harder than desktop wallets. However, BlueWallet's Export Wallet feature provides a path to obtain an encrypted JSON backup that can be attacked offline.

Before you spend any money: If you have your 12 or 24-word BIP39 seed phrase written down, simply uninstall and reinstall BlueWallet, choose "Import Wallet," and enter the phrase. The password on the old installation only protected local storage. With the seed phrase, you can restore your on-chain Bitcoin on any compatible wallet.

About BlueWallet

Developed by BlueWallet Services, BlueWallet is an open-source, MIT-licensed mobile Bitcoin wallet. It was one of the first mobile wallets to integrate Lightning Network support through embedded LND nodes. Key characteristics:

React Native — cross-platform mobile framework (iOS and Android)
BIP39 seeds — standard 12 or 24-word recovery phrases for HD wallets
Lightning Network — embedded LND nodes with AEZ-encrypted channel state
AsyncStorage — React Native's persistence layer (SQLite on iOS, RocksDB on Android)
End-to-end encrypted vault — wallet seeds encrypted at rest with user password

BlueWallet encryption details

Parameter	Details
Storage	React Native AsyncStorage (SQLite / RocksDB)
On-chain wallet encryption	AES-256-CBC + PBKDF2
Lightning wallet encryption	AEZ v0.4.0 (LND)
Seed format	BIP39 (12 or 24 words)
Export format	JSON with encrypted seed field
Hashcat mode	Custom (no official mode)
Best recovery path	Export Wallet JSON backup → offline attack

Extracting the wallet data

Unlike desktop wallets, BlueWallet's data is locked inside the mobile app sandbox. There are three extraction paths, listed from easiest to hardest:

Method 1: Export Wallet (recommended)

If you can still open BlueWallet (you remember your PIN / Face ID but not the wallet password), navigate to Settings → Wallets → Select a wallet → Export Wallet. This creates a JSON file containing the encrypted seed material. Save this file to cloud storage or email it to yourself.

# Exported BlueWallet JSON structure (example)
{
  "label": "My Bitcoin Wallet",
  "type": "bitcoin",
  "derivationPath": "m/84'/0'/0'",
  "encryptedSeed": "U2FsdGVkX1...base64...",
  "encryptedMnemonic": "U2FsdGVkX1...base64...",
  "masterFingerprint": "a1b2c3d4",
  "network": "mainnet"
}

# The encryptedSeed and encryptedMnemonic fields contain
# AES-256-CBC encrypted data with the password-derived key

Method 2: iCloud / Google Drive backup

BlueWallet optionally backs up encrypted data to iCloud (iOS) or Google Drive (Android). If enabled, you can restore the backup to another device and then export the wallet JSON. This is useful if your phone is lost or damaged but you still have cloud backup access.

Method 3: Device extraction (advanced, root required)

On a rooted Android device, you can pull the AsyncStorage database directly via ADB:

# Android (rooted) — pull BlueWallet storage
adb root
adb pull /data/data/io.bluewallet.bluewallet/databases/react-native-database

# iOS (jailbroken) — locate the SQLite database
# Usually at: /var/mobile/Containers/Data/Application/[UUID]/Library/Preferences/
# File: io.bluewallet.bluewallet.plist or react-native database

# The data is encrypted at rest — you still need the password

Attacking the exported wallet JSON

Once you have the exported JSON, the encrypted seed field can be attacked with a custom Python script. BlueWallet uses AES-256-CBC with a password-derived key. The exact KDF parameters depend on the app version:

# Custom Python attack on BlueWallet exported JSON
pip install pycryptodome

python3 << 'PY'
import json, base64, hashlib
from Crypto.Cipher import AES

with open("bluewallet-export.json") as f:
    data = json.load(f)

# The encrypted seed is typically in "encryptedSeed" or "encryptedMnemonic"
enc_data = base64.b64decode(data["encryptedSeed"])

# BlueWallet uses OpenSSL's EVP_BytesToKey with MD5 for key derivation
# Salt is the first 8 bytes of the encrypted data
SALT_MAGIC = b"Salted__"
if enc_data[:8] == SALT_MAGIC:
    salt = enc_data[8:16]
    ciphertext = enc_data[16:]
else:
    # Some versions use raw PBKDF2
    salt = enc_data[:32]       # first 32 bytes = salt
    iv = enc_data[32:48]       # next 16 bytes = IV
    ciphertext = enc_data[48:]

with open("wordlist.txt", encoding="utf-8", errors="ignore") as f:
    for line in f:
        pw = line.strip()
        if not pw:
            continue
        try:
            # Try PBKDF2-SHA256
            key = hashlib.pbkdf2_hmac("sha256", pw.encode(), salt, 20000, 32)
            cipher = AES.new(key, AES.MODE_CBC, iv)
            pt = cipher.decrypt(ciphertext)
            pad = pt[-1]
            if 1 <= pad <= 16 and pt[-pad:] == bytes([pad]) * pad:
                print(f"PASSWORD FOUND: {pw}")
                break
        except Exception:
            pass
PY

Lightning Network recovery — additional complexity

If you used BlueWallet's Lightning Network feature, recovery is more complex than on-chain Bitcoin. Lightning wallets have two components that must both be recovered:

On-chain wallet — recovered from the BIP39 seed phrase or the encrypted seed field
Lightning channel state — stored in the LND data directory with AEZ encryption

Even if you recover the BlueWallet password, Lightning channel state is encrypted separately with LND's AEZ scheme. The practical path for Lightning recovery is:

Recover the on-chain wallet (password or seed phrase)
Use LND's chanbackup or SCB (Static Channel Backup) to restore channels
If no SCB exists, each channel must be force-closed individually — requiring the channel state file

Recovery feasibility

Feasible

• Exported wallet JSON is available
• Short password with known patterns
• On-chain Bitcoin only (no Lightning)
• You remember the password structure

Very Difficult

• No wallet export (data only in app sandbox)
• Long random password from password manager
• Lightning funds with no SCB backup
• Phone was wiped without backup

Step-by-step recovery guide

If the app still opens, export every wallet JSON via Settings → Wallets → Export Wallet. Save each JSON file to a secure location.
Extract the encryptedSeed field from each JSON file. Identify the KDF parameters based on file structure (look for "Salted__" prefix or explicit salt/IV fields).
Build a candidate wordlist from your remembered password habits and any hints.
Run a custom Python attack or use btcrecover if a BlueWallet module is available.
If Lightning funds are involved, check for Static Channel Backup files in any app backup. Without SCB, Lightning recovery requires the LND channel database file.
If all else fails, submit the exported JSON files to a professional recovery service.

Need BlueWallet recovery help?

Share your exported wallet JSON files and our team will run custom AES decryption attacks with GPU acceleration. You pay only if we recover the password.

Submit BlueWallet export Free format check

Related guides

Electrum wallet password recovery — desktop Bitcoin wallet with better extraction options.
Bitcoin Core wallet.dat recovery — older but more standard file format.
Phantom wallet recovery — another mobile-first wallet with similar challenges.

Frequently asked questions

Where does BlueWallet store its encrypted wallet data?

In React Native AsyncStorage (SQLite on iOS, RocksDB on Android), protected by the mobile OS sandbox. The safest extraction path is the app's Export Wallet feature that generates a JSON backup.

What encryption does BlueWallet use?

AES-256-CBC with PBKDF2-derived key for on-chain wallets, and AEZ v0.4.0 for Lightning Network LND channels.

Can I recover a BlueWallet password without the wallet file?

Only via the BIP39 seed phrase. If you have the 12 or 24 words, restore into any compatible wallet. Without the seed and without an exported JSON, recovery is impossible from the sandbox alone.

Does BlueWallet support Lightning Network?

Yes. Lightning wallets require separate recovery consideration. Channel state is AEZ-encrypted in LND storage. Always maintain Static Channel Backups.

Is BlueWallet password recovery realistic?

Yes with an exported JSON backup and good password hints. Without an export, the mobile sandbox makes extraction difficult. GPU-assisted custom scripts can test millions of candidates.