History

Christian Reitter 743631f7ce Publish new research data on direct PRNG to secp256k1 key usage		2025-01-14 22:12:17 +01:00
..
BIP39	Correct BIP32 and direct usage observations	2025-01-14 21:24:23 +01:00
direct	Publish new research data on direct PRNG to secp256k1 key usage	2025-01-14 22:12:17 +01:00
README.md	Research note	2025-01-09 15:55:58 +01:00

README.md

Description

Vulnerable wallet range of Trust Wallet on iOS with CVE-2024-23660.

See https://milksad.info/posts/research-update-5/ for details.

Anomaly

One used wallet in the "B" range is also present in the "A" range, and therefore its addresses are in both victim lists.

This is an anomaly of the PRNG behavior, which generates a very simple entropy output (consisting of just all binary zeros) at a certain PRNG index. The output happens to be identical with a well-known BIP39 example mnemonic, explaining its usage. In other words, this weak wallet is not unique to this specific weak range.

PRNG seed id	Mnemonic
`2147483647`	`abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about`