milksad
/
website-public
14
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add some basic files, fix links

This commit is contained in:
Christian Reitter 2024-02-13 15:26:59 +01:00
parent 0332877048
commit 51600f7998
4 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
faq.md
View File

@ -57,7 +57,7 @@ The identified problem is limited to the entropy generation functionality. We're
---
### Is the vulnerability currently fixed in `libbitcoin-explorer`?
We are not aware of a fix. At the time of disclosure, our understanding is that the Libbitcoin team considers this not to be a vulnerability. See [this section](disclosure.html#libbitcoin-vendor-response) in our disclosure.
We are not aware of a fix. At the time of disclosure, our understanding is that the Libbitcoin team considers this not to be a vulnerability. See [this section](/disclosure.html#libbitcoin-vendor-response) in our disclosure.
**Update**: `libbitcoin-explorer` [3.8.0](https://github.com/libbitcoin/libbitcoin-explorer/releases/tag/v3.8.0) fixed the issue by removing the problematic entropy generation command.

BIN
favicon.ico Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

2
index.md
View File

@ -32,7 +32,7 @@ A practical explanation of how weak entropy can ruin your day - and your savings
- Popular documentation like "[Mastering Bitcoin](https://bitcoinbook.info)" suggests the usage of `bx seed` for wallet generation.
- Secure cryptography requires a source of large, non-guessable numbers. If the random number generator is weak, the resulting cryptographic usage is almost always compromised.
- For technical people: in this case, practical wallet security is reduced from 128 bit, 192 bit or 256 bit to a mere 32 bit of unknown key information.
- A 32 bit key space is 2^32, or 4,294,967,296 different unique combinations of derived [BIP39]((https://en.bitcoin.it/wiki/BIP_0039)) mnemonic phrases or other key formats ([BIP32](https://en.bitcoin.it/wiki/BIP_0032)). Spoiler: That's not as many combinations as it sounds.
- A 32 bit key space is 2^32, or 4,294,967,296 different unique combinations of derived [BIP39](https://en.bitcoin.it/wiki/BIP_0039) mnemonic phrases or other key formats ([BIP32](https://en.bitcoin.it/wiki/BIP_0032)). Spoiler: That's not as many combinations as it sounds.
- With enough optimizations, a decent gaming PC can do a brute-force search through 2^32 wallet combinations in less than a day.
- Since `bx` has a configurable output length and can be used in several ways, there are a few variations the attacker needs to test for each case. This slows down practical attacks to a few days.
- Once an attacker finds a match of a wallet candidate with an actual wallet used on a blockchain, they are in full possession of the private keys and can steal remaining funds, trace all previous wallet history and sign messages.

1
robots.txt Normal file
View File

@ -0,0 +1 @@
User-agent: *