47 lines
1.9 KiB
Markdown
47 lines
1.9 KiB
Markdown
|
# bx seed walker for BIP39 mnemonics
|
||
|
|
||
|
Optimized proof-of-concept program to derive all possible `2^32` weak mnemonics for `CVE-2023-39910` on a given key length without the need for slow `bx` calls.
|
||
|
|
||
|
Basic operation:
|
||
|
* Walk over all possible PRNG seeding states
|
||
|
* For each PRNG configuration:
|
||
|
* simulate the `bx seed` behavior to derive the corresponding weak seed
|
||
|
* simulate `bx mnemonic-new` to construct a BIP39 mnemonic
|
||
|
* output the resulting data on stdout
|
||
|
|
||
|
This program does not perform any filtering of the recovered mnemonics by any criteria.
|
||
|
|
||
|
With some modifications to the PRNG consumption pattern, this program should also be able to generate mnemonics for `CVE-2023-31290`, although we didn't test this.
|
||
|
|
||
|
## Usage
|
||
|
|
||
|
* Build: see `Makefile`.
|
||
|
* Parameters set at build time using build variables.
|
||
|
* Output to stdout.
|
||
|
* Warning: when directed to the file system, the output files for a complete key range will be large (several 100 GiB).
|
||
|
|
||
|
## Status
|
||
|
|
||
|
This is experimental, unmaintained code. Use only as research inspiration.
|
||
|
|
||
|
This program was helpful as a quick proof-of-concept implementation during early experimentation and research in July 2023. It remains in an experimental state.
|
||
|
|
||
|
## License
|
||
|
|
||
|
This folder contains adapted code from multiple sources, as well as derived code. See the file headers for more information.
|
||
|
|
||
|
Due to the derivative usage of libbitcoin code, the primary license is `GNU Affero General Public License` in version 3 or later.
|
||
|
|
||
|
Other code snippets fall under different licenses, namely some versions of CC BY SA.
|
||
|
|
||
|
## Credits
|
||
|
|
||
|
Written by Christian Reitter. Based on code from libbitcoin and other authors.
|
||
|
|
||
|
## Tests
|
||
|
|
||
|
Example to compare output with stock `bx` behavior for a given `FAKETIME` value == PRNG seed id:
|
||
|
```
|
||
|
LD_PRELOAD=/usr/lib/x86_64-linux-gnu/faketime/libfaketime.so.1 FAKETIME_FMT=%s FAKETIME=4.294967294 ./bx-linux-x64-qrcode seed -b 256 | ./bx-linux-x64-qrcode mnemonic-new
|
||
|
```
|