I could be wrong, but I remember reading somewhere that bitcoin core has already addressed the duplicate nonce issue... something about forcing it to increment... you cannot use a nonce equal to or less than the last one your key used to sign a tx?
Or is this different from the k value?
Bitcoin Core and all other up to date software use RFC-6979, which essentially derives the k value by hashing the private key and the hash of the message to be signed, so that the output is a deterministic and verifiable, but still random (or as random as the hashing algo).
If you use an incrementing nonce, if somebody can guess it or guess where you started, they can get your private key. Better to use RFC-6979.
The vulnerability mentioned before was basically that the software used a bad RNG to make random k values, and as mentioned, repeating the k value *even just once* means your private key is leaked. So RFC-6979 was made so that there's a good standard for deriving a random unique k value.
You can even scan the blockchain yourself for repeated k values. Look for signatures from the same address (address re-use), and if the r value -- the first part of the signature -- is the same, that means the k value was re-used, and that private key can be gotten. This happened a few years ago on a lot of Android wallets because the Android RNG was bad and the wallets re-used addresses.
