Minimal Python address generator | Bitcointalksearch.org

deepceleron

legendary

Activity: 1512

Merit: 1036

Quote from: andytoshi on September 12, 2014, 06:03:31 PM

It looks like the program itself wisely ignores all this and simply uses OpenSSL's random keygen functionality. So for example the function `generate` is 14 lines long but only the very last one is actually ever used, the rest is just there to compromise your security in case you call the function wrong.

I hadn't seen this before, but I am agreed. What's on the repo just uses "EC_KEY_new_by_curve_name" to have whatever ssl library happens to be on the system generate a random number for the curve. There's lots of functions that are never reached. Hopefully the system library still gives back a secp256k1 curve for NID 714. Even if you trust a 10 year old Microsoft library to do what it's supposed to without NSA backdoors in the RNG, it could have been altered or replaced by a virus or rootkit.

Since this thread got a bump, I'll refer people to https://bitcointalksearch.org/topic/ann-python-paper-wallet-generator-with-strong-randomness-361092 for making strong random addresses, or https://github.com/vbuterin/pybitcointools for Python functions that include all the EC math that Bitcoin needs.

weex

legendary

Activity: 1102

Merit: 1014

Quote from: andytoshi on September 12, 2014, 06:03:31 PM

The majority of the python code is "classic Joric" address-from-user-passphrase generation, defaulting to a single round of SHA256 to coerce a passphrase into a key. It looks like the program itself wisely ignores all this and simply uses OpenSSL's random keygen functionality. So for example the function `generate` is 14 lines long but only the very last one is actually ever used, the rest is just there to compromise your security in case you call the function wrong.

Are you saying you wouldn't consider this safe to use if you modify it to use the passphrase AND the passphrase has 160+ bits of entropy?

andytoshi

full member

Activity: 179

Merit: 156

-

The majority of the python code is "classic Joric" address-from-user-passphrase generation, defaulting to a single round of SHA256 to coerce a passphrase into a key. It looks like the program itself wisely ignores all this and simply uses OpenSSL's random keygen functionality. So for example the function `generate` is 14 lines long but only the very last one is actually ever used, the rest is just there to compromise your security in case you call the function wrong.

Remember remember the 5th of November

legendary

Activity: 1862

Merit: 1014

Reverse engineer from time to time

Quote from: smokeyrd on September 12, 2014, 07:29:31 AM

Im more than a bit late to this thread but... I am just starting out on python and see where the script defines the functions but for whatever reason I do not see where the functions are actually called I know there's some way to trace the program and will look into that but wanted to post here to see if anyone is able to assist my nubness.

Which functions arent called?

smokeyrd

newbie

Activity: 8

Merit: 0

Im more than a bit late to this thread but... I am just starting out on python and see where the script defines the functions but for whatever reason I do not see where the functions are actually called I know there's some way to trace the program and will look into that but wanted to post here to see if anyone is able to assist my nubness.

Stardust

full member

Activity: 189

Merit: 100

Great tool Grondilu. Well I was a fan before this addition of the bitcoin bash tools.

weex

legendary

Activity: 1102

Merit: 1014

I get that all the time. Wink

You should thank Joric though as he's the one that really put it together.

dunand

hero member

Activity: 637

Merit: 502

Nice tool Grondilu.

weex

legendary

Activity: 1102

Merit: 1014

I did not consider that as I couldn't find it when I searched. As mentioned in my second feature, I would like windows users to be able to run it fairly easily. Python is a bit easier to install than bash(using cygwin is what comes to mind) on Windows.

grondilu

legendary

Activity: 1288

Merit: 1080

It is not python but have you considered using my bitcoin bash tools?

Code:

$ . bitcoin.sh
$ newBitcoinKey
---
WIF: 5KFtidLNEgFicv1QWGjMUECprKEQdLEqDGA7V5F8PJDZxaazRG7
bitcoin address: 1NZunrMgUVoe7H46GZW3x1NUxGPSyJUCSL
public key: 048EB823CBA7A29B9E8DE312E1F7516333D2754C2A7C480218C4E16E0CAB0E782EFFA715E5AB89426C948827A384CF32ECE0E8DE8625F2B124F40630CCA720997A

It only requires openssl and dc.

weex

legendary

Activity: 1102

Merit: 1014

For a project I'm working on I wanted a tool that would create a new address and print it out with a private key. The goals are:

* Minimal so it's as easy (as such a thing can be) to read and audit
* Runs on any machine with minimal setup
* Runs locally, not web-based.

Obviously bitaddress.org does much more but as I intend to recommend this for the most secure storage scenarios, I prefer a simpler script rather than a full interface.

Joric in #bitcoin-dev was kind enough to throw something together and I've made a couple minor tweaks to simplify it.

It is hosted at my github at https://github.com/weex/addrgen

My hope is that for simple generation of random/non-vanity addresses in secure scenarios that this can be used and recommended.

Please recommend ways that this script or any process that used it can reduce the chance of the private key being stolen.

Thanks,

weex

Topic: Minimal Python address generator (Read 5850 times)