Long-iteration KDF

Bitcoin Core wallet.dat — Hashcat Mode 11300

TL;DR — Bitcoin Core wallet.dat encrypts the master key using AES-256 with a SHA-512-based KDF iterated typically 25,000-50,000 times (auto-tuned per machine at encryption time). The cipher is sound; recovery depends on password complexity. Multi-GPU clusters complete typical password searches within tractable time.

Wallet.dat structure

Bitcoin Core stores wallet data in a Berkeley DB file called wallet.dat. The wallet contains private keys (or HD seed for newer versions), addresses, transaction history, and metadata. When encrypted, the master key is wrapped with a key derived from the user passphrase.

The encryption is AES-256-CBC. The KDF is SHA-512 iterated nIterations times — Bitcoin Core auto-tunes this at encryption time based on the machine's speed (target ~100ms per attempt). On modern hardware this typically results in 25,000-50,000 iterations.

The encrypted master key is stored in a 'mkey' record inside the BDB file. Hashcat mode 11300 extracts the mkey + nIterations + salt and tests passwords against this structure.

Recovery realism

Per-password verification on modern GPUs is moderate-cost (the SHA-512 chain is non-trivial but not prohibitive). Throughput depends on hardware: high-end GPUs verify millions of candidates per hour against typical iteration counts.

Common consumer wallets from 2013-2020 used relatively short auto-tuned iteration counts. These are recoverable for most human-chosen passwords. Modern wallets on faster hardware have higher iteration counts.

Encrypted wallets in 2026

Many old Bitcoin Core wallets sit in cold storage on offline drives. Owners forgot passwords years ago. Recovery is meaningful when the original password followed a personal pattern (length, character classes, themed words).

Strong random passwords from a manager are generally not recoverable. Personal passwords often are. Run a free check first — it reveals which case you're in.

Backups and seed phrases

If you have a BIP39 seed phrase backup of the same wallet, that's a faster path than password recovery — restore from seed in any compatible wallet. Bitcoin Core wallets with HD seeds (post-0.13) should have seed-based recovery option.

Pre-HD wallets (0.10 and earlier) don't have seed phrases. The wallet.dat file is the only path.

Frequently Asked Questions

Is recovering my own wallet.dat legal?

Yes — recovering passwords for files you own is fully legal in T1 jurisdictions. Wallet ownership and authorisation must be verified before paid recovery.

What if I have the seed phrase?

Use the seed instead — it's a faster path. Import the seed into Bitcoin Core or any compatible wallet, transactions and addresses regenerate from the seed deterministically.

Can recovery time be predicted?

Approximately, given iteration count + password expectations. We don't quote specific numbers because they depend on what the password is. Free check reveals likely range.

Will my wallet still work after recovery?

Yes. Recovery extracts the password; the wallet.dat file is unchanged. After recovery you can re-import or re-open in Bitcoin Core normally.

What about old Litecoin or other Bitcoin forks?

Most Bitcoin-derived wallets (Litecoin Core, Dogecoin Core, etc.) use the same wallet.dat format. Mode 11300 typically applies — verify by inspection.

Related references

m12700Custodial-era format m26600Browser-extension vault Reference: layer 2

Have a wallet to recover?

Start with a free analysis. Encryption format is detected, free check runs first. Pay only if recovery succeeds.

Run a free wallet analysis