Release new address data, documentation improvements
This commit is contained in:
parent
064ef4eed0
commit
fa1c1ec540
|
@ -0,0 +1,12 @@
|
||||||
|
# Mersenne Twister 32 bit seeding => bx consumption pattern => BIP32 derivation
|
||||||
|
|
||||||
|
This is a special and unusual way of generating keys from PRNG output using BIP32, but not BIP39.
|
||||||
|
|
||||||
|
See [libbitcoin-explorer bx-hd-new](https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-hd-new) for details.
|
||||||
|
|
||||||
|
Victims could have used a combination of `bx seed` and `bx hd-new` to generate weak keys in this range.
|
||||||
|
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
* We only investigated usage with Bitcoin.
|
||||||
|
* Compressed pubkeys
|
|
@ -0,0 +1,4 @@
|
||||||
|
14CVYqJgJa8AUx1T9TWEyno8pMSaGTnSZp
|
||||||
|
15pX86rnerqKLm3g996DTkmTajkuFSwtRV
|
||||||
|
1BnkSifZC7DZ5i2rJQ4whPBBHdKLdEPSQn
|
||||||
|
1H4F5AWH38fpfLDkBfQjjxTQznUWcPKyN1
|
|
@ -1,4 +1,4 @@
|
||||||
# Mersenne Twister 32 bit seeding | bx consumption pattern | BIP39
|
# Mersenne Twister 32 bit seeding => bx consumption pattern => BIP39
|
||||||
|
|
||||||
|
|
||||||
## Example private keys without victim funds
|
## Example private keys without victim funds
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
# Mersenne Twister 32 bit seeding => bx consumption pattern => direct elliptic curve key
|
||||||
|
|
||||||
|
This is a special and unusual way of generating keys directly from the PRNG output without any BIP39 or BIP32 hashing or derivations.
|
||||||
|
|
||||||
|
See [libbitcoin-explorer bx-ec-new](https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-ec-new) for details.
|
||||||
|
|
||||||
|
Victims could have used a combination of `bx seed` and `bx ec-new` to generate weak keys in this range.
|
||||||
|
|
||||||
|
|
||||||
|
## Observed Usage
|
||||||
|
|
||||||
|
* We only investigated usage with Bitcoin.
|
||||||
|
* Compressed and uncompressed pubkeys
|
||||||
|
|
||||||
|
## Writeups
|
||||||
|
|
||||||
|
* See [research update #1](https://milksad.info/posts/research-update-1/).
|
|
@ -0,0 +1,81 @@
|
||||||
|
12qsEmUXKQFrz9R3WPXvvkNLDDXRTnoUT6
|
||||||
|
12uUAHFzNAqavozbenBiEq87LZJ8XsaWi6
|
||||||
|
12vEJUPD7gY9RMvjzuYunhUwNzXmu4vG9x
|
||||||
|
139sqEGdwWUd2hfvVgoWGMB2r3XLpPbmvt
|
||||||
|
13jVu7B3vKhYAjhFZjjFiMMZGo2tgycCxy
|
||||||
|
13zhcRa2FShzpNikQ6DLNPBhCBLxuPbyaF
|
||||||
|
146aAM8DcfMxyCKqCvnTLZ65EvNiVBw1or
|
||||||
|
147kKTHvBBfutd7JusnitgVvgGJqb4Y7bC
|
||||||
|
14bYYdD34hbEWex84kt4pqZ3BCAUorn4CE
|
||||||
|
14gtuDCRj8D4rvduRJKrdQeffjHJZh8VtT
|
||||||
|
14nVTqSyR6DscckH1q1yL5gJWfKveYT8NS
|
||||||
|
14RvY8CKXw6ra13UNivcHuTqsT1gc72Zoz
|
||||||
|
14rZ1ioYwzDnLZhA6AUMdgc4TtoAsFcJXU
|
||||||
|
14ytvyfhB2bcZJc4Y3hYSBBcjB8zstUDxb
|
||||||
|
155J4gua2523wRSS4B9WsQeBjxckqA16jE
|
||||||
|
15Eyzg8qnVhiyohZ1oDCnkCmSfup4VVjNP
|
||||||
|
15gzYFBkLR1v1HccoxGTbHHKKcWDfqrqyR
|
||||||
|
15msLr5kttG1EeSYfaqBXWYnw5mfhN3QUd
|
||||||
|
15qAqYLUrieN4icVgNxqvQKkSy5VE8Zz7P
|
||||||
|
16Yu9uuX5j2uqy64kWGvH3HnzCrLhT9vF9
|
||||||
|
17hBo91VUUY8csWWenN2xnK8EnuwDPcga2
|
||||||
|
17ntGo6sPnZY4vUfbsn9dy8xQgKzDiCxpp
|
||||||
|
17vfTecEQVZLw2M7CNhKy4qmxERrbwhR7R
|
||||||
|
17yZW73Wu4FvQ97jy9skykwf9NyP6795Jy
|
||||||
|
18bTpLo8BPEgfamwevfHhtVtprrk2x9jqc
|
||||||
|
18HU5eJcjRE8u5HoLywSvQ61dwab1q6Ejd
|
||||||
|
18NuofNRfegV5wkfPBuHsYyxTApFSkhEwu
|
||||||
|
18rwuZSe9HCrdXKTPXGCPeZnRPsrsy2EYa
|
||||||
|
18TJobuwoNCjF1anuoAmYx1w6u7Ruzhw9c
|
||||||
|
19aeCYtFVHn9xz6uy962ftrYHX4aeEMunH
|
||||||
|
19hpokcanwqTJZwVSrQiBZudeD6A9xMCw3
|
||||||
|
19so7XzTJCjpymcN7FJ51hgS1GXRQDYje8
|
||||||
|
1A3MvQpsQKfyf9AMbzo1Epaqp9TUfDCCQ9
|
||||||
|
1AAsi215Bx6UFQg7xYEi1ThB4PgATpbE1x
|
||||||
|
1AYTbjbTmsGYX64LfKPBFP9aXPr9aTUEn3
|
||||||
|
1BDXhZ4JzLZXwjiYtRLXZD8H1me2NLEfe3
|
||||||
|
1Bg4eipv7DsWZ9LJQhu9fn8hJ7iKLxRxbD
|
||||||
|
1BmWvs5vFZGAoPfGE6Cduqjd3zXiLNpx8P
|
||||||
|
1Bo6uGUsHnjvbdrPnnHaBf8esmB74EQ2Dh
|
||||||
|
1Br2hHFPpg6y7S7abzjQX2t2eES3yM4MR2
|
||||||
|
1BtnWdyjjgMZxVYsM7fSgMqkPcqRkWvmM7
|
||||||
|
1BudhdYDD7KJud3MiNi6udUSKvYWRmBvVq
|
||||||
|
1CCi52thxALuybL6qWcsBMyZeCPxpwXpTL
|
||||||
|
1CeuzQcb5pmM1PmyoDgV5rfPsJDkAY8ScR
|
||||||
|
1CHygsU8dDKbAvcsQTEXQSQxbsQpk219HT
|
||||||
|
1CLtLS6ATxqcjNmJvsEY9UQbKNzTiLdJSF
|
||||||
|
1CUSKYar1yGBAg3MHWhC3sYhTfBQqc2sTN
|
||||||
|
1DBUWW1G1QGWMdCdE5GKM11iy5CjZfMHNd
|
||||||
|
1DGjHDmntdWjdaUHDBExhUf5BDSUmHdsxs
|
||||||
|
1DksTT2Y76iaHaL4J9dtA8M7ERWcqURMaD
|
||||||
|
1EzEBX6dgbzjanHGkAW9aC7FhVXcUD5xob
|
||||||
|
1F83zotZruCBAG5a2etyjXGdkYDE3XGnZ5
|
||||||
|
1FDJkTetnGWH8nb2xcQxEQoVr9rPm7gu3x
|
||||||
|
1FnvbpFTQgQsdP9EhKheYPu7Zpf2A4F3RR
|
||||||
|
1G2x8czwUWxRwAML7zfGkhD72uK8D51ggP
|
||||||
|
1GBwHrt4jkytVEifE1yATAKzT33noN2Z2j
|
||||||
|
1GcdzkK9Bgh2EVoQe7LGouCynkKWcnauVE
|
||||||
|
1GginVjMXsw5zJzhj8Tm4LQqmDGVCE9iA5
|
||||||
|
1GkwxuLjgNwu3vRRH4qYjT1mqqWtGQ3J8
|
||||||
|
1GtTPj6cYmDRkPYkqheGmV2HTg4Ed72D8m
|
||||||
|
1HJ21WaRVsZ4qfxiBmAtRzyT9AZHvymTSR
|
||||||
|
1Hs9b1eUAp7dGG1uxCgp5f1XU7zm6ysaN2
|
||||||
|
1JcZBRycwzVNJMHnWhr39Vkhm2p2jjsUM4
|
||||||
|
1JpzcH1eWxGnw7jMpfUi6k6pAn7sQWtsYf
|
||||||
|
1JUdUgFm7B9GZihtf4jtryCmt4YcRMaJGx
|
||||||
|
1K1Wgf7UCXdwU97SnKcbCZ1L2YRbcKmNZw
|
||||||
|
1KDUyeL6ZkB3qMbP8J2gifaWsxiRLye1X
|
||||||
|
1KJsZ2BBonQQqnY82e1z5jiCsgUFL2iJ9J
|
||||||
|
1KNUK3C6dVuiou42ZwGhduCPvw66rTvk16
|
||||||
|
1LsSkJ8NWQrDPsBU5CmFRSiVKZ1ihNA17
|
||||||
|
1M2mCnwxzyVfhtmY5rLCpYUbsh3fRoBH8S
|
||||||
|
1M3zuJ9xMgnWhiTXsZaFyarNkp5UbTXgQ5
|
||||||
|
1MapF77ARUzQS2tEoXLxUjWdTLcbwhVGSd
|
||||||
|
1MCx6SocS1iu2RPNm2JNeNGacvA3pXaqDh
|
||||||
|
1MRrkhGmZrNBPz8wwhQ73viCvuGMMwDdPx
|
||||||
|
1NLyT9QA8Uh2hmxgV3DH2SFr8HKozWvQ28
|
||||||
|
1NP33cLHZLivBZY77Cn26ZzwV2qXnGKbBj
|
||||||
|
1NuTd1F1X79PemBpctBNxmcTsnUaYWmRqQ
|
||||||
|
1PiTiTQ91LdzeRwR4bYXyHk8kc3CD3VReb
|
||||||
|
1Q8VbRyzA975EqQMHjxa4KWqF8WGfjTxd6
|
||||||
|
1SPeJFC5ebSXRH9XC7C2XfYx8DEzkbQi9
|
|
@ -1,4 +1,4 @@
|
||||||
# Mersenne Twister | Trust Wallet PRNG consumption pattern
|
# Mersenne Twister => Trust Wallet PRNG consumption pattern
|
||||||
|
|
||||||
See https://milksad.info/disclosure.html for 32 bit to 8 bit output truncation PRNG consumption pattern details.
|
See https://milksad.info/disclosure.html for 32 bit to 8 bit output truncation PRNG consumption pattern details.
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,14 @@
|
||||||
|
# Mersenne Twister 32 bit seeding => Trust Wallet PRNG consumption pattern => direct elliptic curve key
|
||||||
|
|
||||||
|
This is a special and unusual way of generating keys directly from the PRNG output without any BIP39 or BIP32 hashing or derivations.
|
||||||
|
|
||||||
|
We're not aware of a specific wallet software with this weak generation pattern.
|
||||||
|
|
||||||
|
## Observed Usage
|
||||||
|
|
||||||
|
* We only investigated usage with Bitcoin.
|
||||||
|
* Compressed and uncompressed pubkeys
|
||||||
|
|
||||||
|
## Writeups
|
||||||
|
|
||||||
|
* See [research update #2](https://milksad.info/posts/research-update-2/).
|
|
@ -0,0 +1,96 @@
|
||||||
|
12GR12ZZnJvP21khgrxM3GgKK7kvXoRGz7
|
||||||
|
12oMLxE5hVYqCS6uwG3WFYwgKLXvzzQPE5
|
||||||
|
12W54invTqR53jsa5USySPW2BNbKtyFgoT
|
||||||
|
12z5eH8qpzVi3LJKVG7f7UHHMdeRotxcfZ
|
||||||
|
133LaBpNP8XYfeUMhWXT8PDDCn2oMHDktn
|
||||||
|
139FLadt5jiuNVDs9PgvCdFomijCwkKtoY
|
||||||
|
13jALR6S35CqKrvRCKCz5uBGcj9dCXcPYX
|
||||||
|
13oyFdhFHP3aTmiWsMJsP6m28VRDqcgkZc
|
||||||
|
13SUUZq7fUMW3yaQwJH3kyaAVPSKzkbWm6
|
||||||
|
13V112j5UA87UQjbG3Sux6zQjCmSZH29h8
|
||||||
|
146bsJWNuvUbncZw8G3CzvxbEeZawzbmaZ
|
||||||
|
14Bdc89eZHi4s5zAMuvxdvQWSGDTtHpcb6
|
||||||
|
14KeEhpALVqhoqfNZpnnF2stfiEZhQ5qAY
|
||||||
|
14vxPouuVw3NcBBgKzHAi7uLvSFXk7hmsS
|
||||||
|
14YCULo2TTgYatgmmKPGRDjCd2LUffkNF1
|
||||||
|
152iLEC6Y396ZnAjsYEAP4pFnFwN2p3P5T
|
||||||
|
152kTxweAgJjdYNoX1aZJL9kMiUuskUQ2Q
|
||||||
|
15j5eFjdTJrciiDqRWRvRiM93Qgkxm3ebb
|
||||||
|
15KJzn2AzrL8hkyfvrGWf2qKpEyR5U8u3Z
|
||||||
|
15y5TwwjHbQ8z74TQHoSswU1iGwR4CdGWN
|
||||||
|
15yp5RwkGBt3x7F7A8cyBu2SkdTghcU3in
|
||||||
|
1685iFHWXEV8BtvPvg58MTN35iNz7M6p44
|
||||||
|
16CSsw3kyDpgT4A9cYP51q1YHqvV5QNNSf
|
||||||
|
16gdnxBtKn915wMgfXUYcJ8odpt4N5izNC
|
||||||
|
16HdaM2EnSphsFiAD7GGwTBLs4gKrB1qCP
|
||||||
|
16xUCauV7N3nWJ6LioUUHdoJGXsHEAf1Dr
|
||||||
|
173S6R3rRagamztdSe2pkcmzuuj8D7wjEt
|
||||||
|
17WM2EQ8NNs2pyAxfPSb1XuyxrZMCYKP9r
|
||||||
|
17Xq55J1Z4Hqn4EoeoZ2LqFWaD6ojCHkCk
|
||||||
|
17yJUKGTEViDu4eoy8QC9Yq6kyvcio5CkR
|
||||||
|
183f6vSvpY1gZdZTxZTDdeDi7xDBHrAbbY
|
||||||
|
18UB9NvHg3NSkn2RrtMh2MR5Twt2sosUWe
|
||||||
|
19mzdTdshpYHRhXxqBaxBDiuyBvmkZizSR
|
||||||
|
19Q2RuE3DHSeAtr7XTKmYRmVB7Ssh1b1My
|
||||||
|
19X37f3e4Ujo1yMqXBQy9AnmLDE9kdk4qE
|
||||||
|
1A4tVtK6CfjRgSAMvstD6PAmBkoWmH43wV
|
||||||
|
1ABCeARehTVfdPwQE5Sy1u7JWJP3xnUMu3
|
||||||
|
1Aq4HLY3xMrDrMW75hkngYgPYWcLBJ6MEQ
|
||||||
|
1B2vUVJLYUTknqXezGqFeF96EdYWExrjmX
|
||||||
|
1BKzriiWN9dbCbARR9jojFoU2znVt3g2Pk
|
||||||
|
1Bvic5SizriWELujVvSdJiHY8r8k1Wt3Ys
|
||||||
|
1BXRZ7wSiBjRXTrgWPZ2pC642CSodTMY44
|
||||||
|
1C57NvRHDPTYVcdEJn5ckqNu61zpcwvxaF
|
||||||
|
1Ck747seh3FjrhgofetAN25LXmqKdPVtQG
|
||||||
|
1CnGDBCsVNZnavBNqQPPWMSRDFdbZNHYyA
|
||||||
|
1CRvqbNwPPXB3ic2GunHA1WwRTdLyWDLc8
|
||||||
|
1D3b6McG7DitHifivfAYNyM8LMEhQFdVyr
|
||||||
|
1D3HW1hqfzo89jGn8z6LihR9E8V7qmsu7F
|
||||||
|
1DiHuowD26PCeMnq8Uz4XeFevDiWq4aXJN
|
||||||
|
1DoMjnPxHhdrA2YhMdTBRRML48NmYwmpUp
|
||||||
|
1EejBeKLrkkpAfcUGMN74isCw8m2sSjWSc
|
||||||
|
1EKPYQDXpCrsTCVQ9FkwAQ9GqriycyDFgs
|
||||||
|
1EoEjREXaBKS2g1DMktaZPM8SVadPRNWQ7
|
||||||
|
1EWHu2cQtCDxJ66Hwx7g4R7RfMnGzGTosW
|
||||||
|
1FBRZgVZsk1NxaF4QNxgomyNqUGB8Af8ta
|
||||||
|
1FfxqebGSKg9iLgDPVGvXJsN3hP5eGu9j2
|
||||||
|
1FVmXmvsZMK8T941iuDicay9bFr1dwi8RB
|
||||||
|
1GLHHNUosWXEgVu417VbjDPbxiFsQ2uxC
|
||||||
|
1GQUqhrmTwqNEs7uzLkFgU8qTk4wKxnsQ1
|
||||||
|
1Gt2qYGiPEkFcm9PET9fko1sqxNQsvDt7k
|
||||||
|
1GVg4wufTSfBvHr6FoshucSSmL7VLxobTQ
|
||||||
|
1H6WFN1xH4gXQM3feZSKJyXUNkPyhAmYs6
|
||||||
|
1H8bDaZrVwmqYzTbYtCbLVPyujwh8KoxMQ
|
||||||
|
1HATMxJvJqqSmKGnsWgsAUi9Y1qsWtAYKB
|
||||||
|
1HuUVgjyHYn5Hrvzkf9mpQXFdw3djGvSrg
|
||||||
|
1JeBPVy6Lxi6ZcWeFs8SWrB4czXmFBNnSq
|
||||||
|
1JeRQRa1fnGKCFVQcxTRno5LMPjzfRDRbC
|
||||||
|
1JSMHvKLFYprj1AmN24ZEaajgSUbg2eHA9
|
||||||
|
1JZndiWahUGK4tED7W7getDuRLUrdHPRkW
|
||||||
|
1KaX3zXGW8P9DrihWxjUtptBwn8oD6brz2
|
||||||
|
1KKwSW4Rn5HtX6khzLZGVtqTTNH2gTX9TT
|
||||||
|
1KnpxMY8kquX89EDYERFpUUffJDEvutmm1
|
||||||
|
1Kp7ExkXbSMkBfisZYb7q5UfnrZGKW1Uxc
|
||||||
|
1KqB1g43BWHVMWVt9YSZu1wDNRBw3BfpBH
|
||||||
|
1L7g7mpwAuT6LkGR15ATbF1TqW9T5rs4tK
|
||||||
|
1LBn7CAFEXhpiFaoJ5AU1QDE9DYaZvLFnD
|
||||||
|
1LC6Q4YgHKHRmTvVBAFKvEeCi6cyrVrFhf
|
||||||
|
1Ly4hhPxBspidbvdSoTtQS4BE4kkHuhaxd
|
||||||
|
1Mbzs5m2gaW4CQMDdBerZanKwCfn7oVBUg
|
||||||
|
1Me8RptgbbbB6cQW9jQVv649LhL9Se6JcA
|
||||||
|
1MoRU6cPfdkTQMbKDXdFq3GwWJf7Q2jEAk
|
||||||
|
1MPp8zEPfs95iKAPQiWudM2R7TDSagDtLJ
|
||||||
|
1Mw7htnsykxcMFteeMFEF9RuoY3QLLhU8N
|
||||||
|
1MyNtumgtu96ZyrAGSubHrFQSRyL77ZNaj
|
||||||
|
1NFQguif28R3V753XqfrQAaCJCrzjERJdK
|
||||||
|
1Ngu4ZiwmHmG1MF9TcwFcsDAgAhrm9zQcp
|
||||||
|
1NNg6FeqTUxFpGDFiW5VFpq99LAqch9vyp
|
||||||
|
1NvNWEVsd3eeWXkjixJdz31BR2Z8r2ouNU
|
||||||
|
1PBGqj2y2Gr9fRp2TDCZwsq7WThRH1me7q
|
||||||
|
1PkUo9Zk3DydcySwQQH7iYKzxtVTDzioUH
|
||||||
|
1PN1Zeti5uN3tjddZtSkk14HzWuivAvTFj
|
||||||
|
1PUY18167Hx2LRMdwSGwCVpJrX1PuyCKyd
|
||||||
|
1Q6AdbCBDLRshV5bgdXhZixZX3b9FLE77i
|
||||||
|
1QC7krU5qeQX8oddgtBPnUZfB5oZAcrd4v
|
||||||
|
1QD38EBTpgiKk7MFuKjS23aGtA2x7nRtzM
|
||||||
|
1YDVvTyMHgosUKpeyAZjQ9vgxfc9vxbwJ
|
|
@ -19,7 +19,7 @@ A collection of hashes over the mnemonic secrets for all vulnerable wallets we d
|
||||||
|
|
||||||
* Creation date: around 2023-11-24
|
* Creation date: around 2023-11-24
|
||||||
* Detection: confirmed Bitcoin Mainnet usage of a `bc1` address on at least one of the sub-accounts, checked until #79
|
* Detection: confirmed Bitcoin Mainnet usage of a `bc1` address on at least one of the sub-accounts, checked until #79
|
||||||
* Bitcoin Mainnnet address database from ca. early 2023-11
|
* Bitcoin Mainnet address database from ca. early 2023-11
|
||||||
* Entry format: SHA-256 hash computed over the lowercase space-separated seed string without leading spaces, trailing spaces or newlines
|
* Entry format: SHA-256 hash computed over the lowercase space-separated seed string without leading spaces, trailing spaces or newlines
|
||||||
* File format: newline-separated ASCII entries, sorted
|
* File format: newline-separated ASCII entries, sorted
|
||||||
* Additional comments: 12 word Electrum seed, "100" segwit prefix
|
* Additional comments: 12 word Electrum seed, "100" segwit prefix
|
||||||
|
|
Loading…
Reference in New Issue