this post was submitted on 10 Aug 2023
0 points (NaN% liked)

Monero

1581 readers
12 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
[email protected]
0
New seed generation exploit in faulty cryptocurrency wallets (milksad.info)
submitted 1 year ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 

Popular documentation like “Mastering Bitcoin” suggests the usage of bx seed for wallet generation.

Secure cryptography requires a source of large, non-guessable numbers. If the random number generator is weak, the resulting cryptographic usage is almost always compromised.

For technical people: in this case, practical wallet security is reduced from 128 bit, 192 bit or 256 bit to a mere 32 bit of unknown key information.

I am not an expert, but if you use a multi-coin wallet that includes Monero, then your Monero could be affected. I don't see a list of wallet software that is affected. It would not be easy to verify that closed-source wallets do not use the exploitable code library.

Q: I used bx to generate my wallets but only use it for non-BTC coins, do I need to worry?

A: Yes. All funds stored on BIP39 mnemonic secrets or BIP32 wallet seeds are affected since the underlying private keys are basically public now.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here