Bitcoin Forum

Is the signed transaction signature that should always be random,is that deterministically generated in electrum?

It is called the "k" value, and when the address is reused, it always generates a new one when a transaction is signed.

If the RNG is compromized, then after many key reuses the private key is compromized too.

---

Is this k value deterministically generated in electrum wallets?

bump, please answer, this is important!

I didnt know there was a BIP in it. So i have to look it up, but i`d prefer if somebody with electrum code knowledge would answer it.

There is a K value created every time a transaction occurs from a wallet. Thats how a transaction chain is formed, and it links your previous spendings from thad address to the new one.

And of course if the RNG is compromized, the K value will leak info about the private key.

---

So its imperative to have a random, yet deterministic signature for every transaction, to not rely on flawed hardware RNG


Here was a question asked 1 year ago, and back then the wallets havent got it:
http://bitcoin.stackexchange.com/questions/36127/problems-with-deterministic-ecdsa-based-on-rfc6979-in-bitcoin

Actually i found the answer:

It is called: RFC6979 implementation

And it was added in electrum 1.9 :D

https://bitcointalk.org/index.php?topic=324614.0

---

Shit I always answer my own questions :D