064ef4eed0 | ||
---|---|---|
.. | ||
README.md | ||
hashed_mnemonic_sha256_electrum_cakewallet_bitcoin_with_usage_sorted_version1_2023_11.txt |
README.md
Cake Wallet - Weak Bitcoin Wallets
This folder is about vulnerable versions of Cake Wallet
which used the insecure Random::Random()
PRNG of the Dart
programming language to generate Bitcoin cryptocurrency wallets, resulting in extremely weak wallets.
Unlike other wallet software, the used mnemonic standard is Electrum
, not BIP39
, and the public usage is (to our knowledge) Bitcoin-specific.
See also:
- https://milksad.info/posts/research-update-6/
- https://milksad.info/posts/research-update-9/
- https://milksad.info/posts/research-update-10/
(incomplete article list)
Data
Hashed Mnemonic Seed of Discovered Wallets
A collection of hashes over the mnemonic secrets for all vulnerable wallets we discovered at the time of data set creation.
- Creation date: around 2023-11-24
- Detection: confirmed Bitcoin Mainnet usage of a
bc1
address on at least one of the sub-accounts, checked until #79 - Bitcoin Mainnnet address database from ca. early 2023-11
- Entry format: SHA-256 hash computed over the lowercase space-separated seed string without leading spaces, trailing spaces or newlines
- File format: newline-separated ASCII entries, sorted
- Additional comments: 12 word Electrum seed, "100" segwit prefix
Data example
Mnemonic: ensure finish energy title soccer frame audit ahead swim fee course shoe
Hash result: f56599f4353c6f5d4d01cf9a9c2548cc2a70d3684c127962515b681692ab2b3e
The example is a valid mnemonic but was unused at the time, and is therefore not included in the data set itself.
Publication Details
We provided the 11/2023 version of this data set to the Cake Wallet
vendor on 2023-11-24 for public adoption into patched new app versions. The data allows for client-side checks in the application to spot and warn of a continued use of known-vulnerable wallets.
They merged it via https://github.com/cake-tech/cake_wallet/pull/1238/files on 2023-12-18.