A security researcher from MyCrypto.com, Harry Denley, has posted a detailed - and damning - analysis of paper wallet site WalletGenerator.net.
The core of the analysis hinges on WalletGenerator's original open-source code, available here.
Until August 17, 2018 the online code matched the open-source code and the entire project generated wallets using a client-side technique that took in real random entropy and produced a unique wallet.
The result? The very real possibility that WalletGenerator is giving the same keys to multiple users.
"Approaching from a different angle, we then used the"Bulk Wallet" generator to generate 1,000 keys.
In the non-malicious, GitHub version, we are given 1,000 unique keys, as expected.
"However, using WalletGenerator.net at various times between May 18, 2019 - May 23, 2019, we would only get 120 unique keys per session. Refreshing our browser, switching VPN locations, or having a different party perform the same test would result in a different set of 120 keys being generated."
"We're still considering this highly suspect and still recommending users who generated public / private keypairs after August 17, 2018, to move their funds," the researcher says.
"We do not recommend using WalletGenerator.net moving forward, even if the code at this very moment is not vulnerable."
You can read the entire report here, but Denley recommends moving funds off of your WalletGenerator-based paper wallets.
Researcher Discovers Serious Vulnerability in Paper Crypto Wallet Site
gepubliceerd op May 27, 2019
by Coindesk | gepubliceerd op Coinage
Coinage
Recent nieuws
Alles zien
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.