@crypto_trader#43xzEXrP
How about this serious security issue using brainwalletX?
brainwalletX is missing a reliable random number generator.
I have several times changed the source of brainwalletx for supporting a different coins,
but now I was not too lazy and took the time to write a universal brainwallet for all coins.
You can download test it here "CКAЧATЬ":
http://rgho.st/8hlwbSy98Also, I did thread about it:
https://bitcointalk.org/index.php?topic=2359426Just for you I did add random_seed and XOR
and also I did unlock the button "Secure random" (just found it in the source code).
Thank you!
brain.611.to updated
Maybe need to add or change anything else? Just PM me.
Without checking you code in detail:
Can you please explain how the random source works in combination with the existing code?
Where has the randomness been added?
How does it affect the restore functions to get back the private key from the keyword chain?
Hi again, Patrick!
I will try to give you answer for your questions in detail:
Can you please explain how the random source works in combination with the existing code?
There is button "secure random" for generate random bytes.
This launch activate function secureRandom and I see there is separate file with name secure-random.js
I see in this script source code there using two entropy sources:
1. Browser random (window.crypto or window.msCrypto)
var crypto = window.crypto || window.msCrypto;
this is Web Cryptography API:
https://msdn.microsoft.com/en-us/library/dn265046(v=vs.85).aspx2. And sometimes, if this is supporting - there is using nodeRandom function;
var crypto = require('crypto')
This modules is easy for include, but it can give pseudo-random values because this is the external modules.
So I did add XOR and additional value for XOR. You can find this value in the source code of the script brainwallet.js
Where has the randomness been added?
1. Secret Exponent (button). This generate value from which depended hexadecimal value of private key.
2. Root Key (for Armory and Electrum deterministic chains of wallet generators).
3. XOR tab - just for fun.
How does it affect the restore functions to get back the private key from the keyword chain?
1. Armory and Electrum is deterministic chains generators.
This can give chains of paper wallets [private_key and address].
Seed for this generators have encoded root key and chain code.
For example Armory... First two strings from seed is hex of root key (easy16 encoded). You can check it in converter tab.
Another two strings is encoded chain code hex.
Four strings seed - is backward compatible with the official brainwalletx,
and this can be checked here
https://brainwalletx.github.io/#chainsBut chaincode in official brainwalletx varies uniquely from root key and only root key is seed (two lines).
And for both values can be applied XOR.
2. If anyone generating secret exponent - he can get different values of private key in WIF (wallet import format).
This is a paperwallet for import and saving, holding and have full access to address.
3. If anyone want to remember only simply password (brainwallet)
and if it can be hacked by dictionary attack - then
this user can using his own random_seed parameter
and do XOR to get secret exponent and private_key and address
which is depended from this simple password, but with cryptographic strength.
In this case user need to download brainwallet in ZIP, unzip it,
change random_seed parameter in the file brainwallet.js
to set this his own, and use this brainwallet locally (on the USB flash for example - it is portable).
I don't see the link to this modified brainwalletX in the bottom of the page, because I don't do hosting it.
I didn't push there rghost link, because file will be deleted from this file-sharing service after some period...There is only links to official brainwalletx repositaries...
So you can upload this zip on your hosting and change this links
by found it in the bottom of the source code in file index.html
Then users can using they own random_seed values and do XOR theirself anywhere.