Handing Wallet Vulberability

shinichiro.matsuo · February 15, 2024, 11:41pm

FYI

https://nvd.nist.gov/vuln/detail/CVE-2024-23660

shinichiro.matsuo · February 15, 2024, 11:55pm

https://x.com/CoinDesk/status/1758240307877904787?s=20

ts1433 · February 16, 2024, 2:17am

Private keys of the Trust Wallet are made from entropy seeded with easy-to-guess time values, which is easy to brute force. Wondering if such vulnerable entropy is used for other wallets.

JBringer · February 16, 2024, 10:39am

Besides this specific vulnerability, it also highlights the challenges of handling the incident response with self-custodian wallets…

shinichiro.matsuo · February 16, 2024, 9:39pm

@JBringer
It should be a part of our discussion at the security session at Block 10.

JBringer · February 16, 2024, 11:30pm

agreed. There is also the latest initiative around whitehats emergency rescue process with pre-approval from a protocol community, from SEAL.

Topic		Replies	Views
Wallet Governance, Policy and Key Management Study Report IAM, Key Management & Privacy (IKP) non-financial-applic	4	55	July 3, 2024
FYI Announcements to the Steering Committee BGIN Operations (Ops-WG)	0	44	April 22, 2024
Request for Public Comments on ZKP study report #1 IAM, Key Management & Privacy (IKP)	5	165	November 19, 2023
Accountable Wallet IAM, Key Management & Privacy (IKP)	1	186	November 21, 2023
Approaching to World Coin IAM, Key Management & Privacy (IKP)	12	164	November 21, 2023

Handing Wallet Vulberability

Related Topics