Author

Topic: How secure is this code to generate Address-Key pair? (Read 242 times)

sr. member
Activity: 334
Merit: 275
Is there any specific reason you want to use that libary instead of https://github.com/bitcoin/bitcoin/tree/master/src/secp256k1?

Unless there is a specific reason that you have not currently given I do not see any reason why you would use that instead of the above libary especially when it considering trust and the issues that a untested libary might bring up.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
You need to audit security/cryptography expert to know how secure is it. I can't find anything that mentions audit on both source code and GitHub's issue feature.

If there's no particular reason to use that library, consider use https://github.com/bitcoin/bitcoin/tree/master/src/secp256k1
legendary
Activity: 3472
Merit: 10611
Also, what if I keep $extra = 'FSQF5356dsdsqdfEFEQ3fq4q6dq4s5d' at L:852 as is? Will it be possible to re-generate the Address-Key pair if I dont change this?
that "extra" is used while generating a random key, with or without it you won't be able to re-generate the same key. it is used as some sort of extra entropy to be appended to the entropy generated by OpenSSL (according to the method name) and then hashed using SHA256.
but usually these extra entropies are generated on the fly not hard coded.
full member
Activity: 214
Merit: 278
https://github.com/BitcoinPHP/BitcoinECDSA.php/blob/master/src/BitcoinPHP/BitcoinECDSA/BitcoinECDSA.php

Also, what if I keep $extra = 'FSQF5356dsdsqdfEFEQ3fq4q6dq4s5d' at L:852 as is? Will it be possible to re-generate the Address-Key pair if I dont change this?
Jump to: