Follow

Nadia Henninger et al on "biased nonce-sense" - basically with lattice attacks they scanned and found a small number of repeated signatures with weak nonces leading to privkey extraction (almost no money in them, but still) - use RFC6979 wallet devs ...

eprint.iacr.org/2019/023.pdf

There are some really interesting details .. this one in particular was quite unexpected:

the old darkwallet donation address (anyone remember the vid where they showed making the 3 of 5), which still has 110kUSD in it(?!), had one of its 5 keys compromised by a weak nonce. Chalk one up for multisig I guess!

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!