A newly discovered vulnerability in the widely used open source Bitcoin library has led to the leak of over 120,000 private keys, according to a report from cryptocurrency wallet provider OneKey.
This flaw dates back to the Libbitcoin Explorer (bx) 3.x series and allowed an attacker to predict a wallet’s private key, which was generated using an insecure random number method.
According to OneKey Insights published Late Friday, Libbitcoin Explorer (bx) 3.x is a command-line utility that has been used for years to create Bitcoin wallets offline. This software uses a Mersenne Twister-32 pseudorandom number generator (PRNG) that uses only system time to seed the randomness.
Since the seed space was limited to 23² possible values, hackers could easily predict random numbers or brute force wallet private keys. Anyone who knows when the wallet was generated can reconstruct the same sequence of random numbers and derive the private key to access the funds in the address.
OneKey analysis of scope of wallets affected
According to the crypto wallet service provider, this issue has been confirmed to affect several wallet implementations that integrate Libbitcoin Explorer or its dependent components, including Trust Wallet Extension versions 0.0.172 through 0.0.183, and Trust Wallet Core versions up to 3.1.1, excluding the patched 3.1.1 release.
OneKey cites analysis Security researchers discovered that the security flaw was caused by: PRNG relies on predictable entropy. An attacker could clone the same private key of a wallet generated at a specific timestamp.
The small seed space and predictable nature of the Mersenne Twister-32 algorithm allowed malicious attackers to automate the process and compromise several wallets.
OneKey explained that the flaw may have contributed to past mysterious fund losses, such as the “Milksad” incident, where victims reported their wallets were empty despite using air-gapped systems for security.
“Milk Sad” connection did not affect OneKey wallet
The Milk Sad investigation, which began earlier this year, revealed that victims were using Libbitcoin Explorer commands to generate wallets on air-gapped Linux laptops. In both cases, users utilized bx to create 24-word BIP39 mnemonic phrases, believing that the tool provided sufficient randomness.
One of the command sequences used during wallet generation is bx seed -b 256 | bx mnemonic – new. 256 bits of entropy were generated and converted into a 24-word mnemonic phrase. Due to a flaw in the random number generator, mnemonics that were thought to be safe were actually predictable.
Although the Milk Sad victims created their wallets years apart, investigators found that each was using the same version of Libbitcoin Explorer, which unknowingly generated weak private keys.
In its report, OneKey said: Due to a vulnerability in Libbitcoin Explorer, do not have Compromise the security of a mnemonic or private key That wallet. The company’s research has confirmed that its devices and software use cryptographically secure RNG that meets international security standards.
“All new generation hardware wallets are equipped with a Secure Element (SE) that incorporates a true random number generator (TRNG) for key creation. The component is hardware-based and has the globally recognized security level EAL6+ certification,” the hardware and cold wallet company confirmed.
Software wallet vulnerability assessment
OneKey also conducted an evaluation of its software products and noted that the desktop and browser extension versions utilize the Chromium-based WebAssembly (WASM) PRNG interface.
The interface operating system uses a cryptographically secure pseudorandom number generator (CSPRNG) as an entropy source. This is the same standard used in modern browsers and secure software systems.
OneKey said its Android and iOS wallets have a system-level CSPRNG API built into the operating system itself. The wallet service’s security team reiterated that the quality of randomness in wallet generation directly depends on the integrity of the device and software environment.
“Entropy sources can be weakened if the operating system, browser kernel, or device hardware is compromised,” it says.
The company advised users to choose a hardware wallet if they plan to store their coins for a long time to minimize the risk of exposure. It also warned against importing mnemonic phrases generated in software wallets into hardware wallets.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
