Add notes, some example keys, some addresses from writeups

2024-12-15 20:39:12 +01:00 · 2024-12-15 20:39:12 +01:00 · 29874443e8
parent 7dde9e66f9
commit 29874443e8
6 changed files with 47 additions and 0 deletions
--- a/LCG16807_MINSTD_RAND0__trezor_crypto_pattern/README.md
+++ b/LCG16807_MINSTD_RAND0__trezor_crypto_pattern/README.md
@ -0,0 +1,5 @@
+# Description
+
+Vulnerable wallet range of Trust Wallet on iOS with CVE-2024-23660.
+
+See https://milksad.info/posts/research-update-5/ for details.
--- a/mt19937__bx_pattern/BIP39/README.md
+++ b/mt19937__bx_pattern/BIP39/README.md
@ -0,0 +1,18 @@
+# Mersenne Twister 32 bit seeding | bx consumption pattern | BIP39
+
+
+## Example private keys without victim funds
+
+### 128 bit = 12 Word Mnemonic
+
+| PRNG seed id | Mnemonic |
+| - | - |
+|`0x8ec170a8`|`local chef load churn future essence type leave program weird ancient owner`|
+
+### 256 bit = 24 Word Mnemonic
+
+| PRNG seed id | Mnemonic |
+| - | - |
+|`0`|`milk sad wage cup reward umbrella raven visa give list decorate bulb gold raise twenty fly manual stand float super gentle climb fold park`|
+|`1`|`helmet worry describe able age zebra neutral load gown kitchen stomach fine galaxy shaft giant head question coyote broccoli scatter parrot session quick check`|
+|`4294967294`|`lunar stage lake brick endless quit dignity odor disagree jaguar step scan announce glide slow way response upon divorce wave amazing tonight giggle love`|
--- a/mt19937__bx_pattern/README.md
+++ b/mt19937__bx_pattern/README.md
@ -0,0 +1,5 @@
+# Mersenne Twister 32 bit seeding | bx PRNG consumption pattern | BIP39
+
+See https://milksad.info/disclosure.html for 32 bit to 8 bit output truncation PRNG consumption pattern details.
+
+The `libbitcoin-explorer` tool `bx` is very flexible and can create BIP39 and non-BIP39 keys of different key sizes. However, there may be other vulnerable software which does so.
--- a/mt19937__trust_wallet_pattern/BIP39/256bit/README.md
+++ b/mt19937__trust_wallet_pattern/BIP39/256bit/README.md
@ -0,0 +1,5 @@
+# Details
+
+Weak wallet range with extremely high value transactions in the history.
+
+See https://milksad.info/posts/research-update-7/.
--- a/mt19937__trust_wallet_pattern/BIP39/256bit/selected_addresses_bitcoin_large_transaction_amounts.txt
+++ b/mt19937__trust_wallet_pattern/BIP39/256bit/selected_addresses_bitcoin_large_transaction_amounts.txt
@ -0,0 +1,9 @@
+32vpyd3jos4mEe8CmBnreRRXJJnwLMF3Gn
+338uPVW8drux5gSemDS4gFLSGrSfAiEvpX
+34Jpa4Eu3ApoPVUKNTN2WeuXVVq1jzxgPi
+35v6FmTJSChgwcH6tgAwCwsEj315bvq3tB
+36UNrMNN3xk1dTfqCWAPmrfBXA2gykCPBK
+3J4sTPyD1g6KvNUSJxjwLs4iaPeDPqxUZr
+3JJ8b7voMPSPChHazdHkrZMqxC7Cb4vNk2
+3Pja5FPK1wFB9LkWWJai8XYL1qjbqqT9Ye
+3PWNGS2357TnjRX7FpewqR3e3qsWwpFrJH
--- a/mt19937__trust_wallet_pattern/README.md
+++ b/mt19937__trust_wallet_pattern/README.md
@ -0,0 +1,5 @@
+# Mersenne Twister | Trust Wallet PRNG consumption pattern
+
+See https://milksad.info/disclosure.html for 32 bit to 8 bit output truncation PRNG consumption pattern details.
+
+Note that Trust Wallet is our reference name for this pattern since we first encountered it with CVE-2023-31290. The vulnerable Trust Wallet software in question cannot generate all sub-ranges and key sizes listed in this group.