Leaked Nonce Part in Lattice attack | Bitcointalksearch.org

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

I don't know of a way to detect RFC6979 nonces in your transactions because it is using irreversible SHA256 many times, but I talk about how to find the use of a constant nonce here.

krashfire

member

Activity: 127

Merit: 14

Life aint interesting without any cuts and bruises

Quote from: ?? on ??

It sounds like XY problem. If you don't want your Bitcoin stolen, it's suggested to use popular open source software/hardware which likely already audited by security/cryptography expert.

Quote from: krashfire on September 30, 2022, 02:04:31 PM

Dearest Experts...

How do I know if any of my transactions have a weak/leaked nonce in the signatures?
How do I spot a weak or leaked nonce? In lattice attack, it requires us to give the kp. What are the known bits in a signature??

Lazy answer: Study/learn to be an expert or hire an expert.

U studied. U still are no expert. Stop responding and act you know the answer to this.,😂😂

HeRetiK

legendary

Activity: 3122

Merit: 2178

Playgram - The Telegram Casino

If you're a regular user and use one of the many established wallets (e.g. Bitcoin Core, Electrum or hardware wallets like Trezor or Ledger) without trying anything weird like handcrafting a Bitcoin transaction you don't need to worry about lattice attacks. The last time such attacks have happened to regular users was (afaik) in 2013 when one of the Android wallets didn't use a proper RNG leading to a predictable k which in turn made the private key derivable. All other cases seem to be mostly companies and developers either rolling their own crypto or working with signature generation in an unsecure manner that a regular user usually does not get in touch with.

For reference:
https://media.ccc.de/v/gpn20-66-lattice-attacks-on-ethereum-bitcoin-and-https

citb0in

hero member

Activity: 630

Merit: 731

Bitcoin g33k

ehm, excuse me ?