0 sats \ 0 replies \ @A_HODL_Bitcoin 16 Feb \ on: Stop trying to use dice-rolled seeds unless you're an expert ❌ bitcoin
Open-source generators… you mean like the “BX seed” command in LiBitcoin?
“The Milk Sad Vulnerability and What It Means for Bitcoin
Bitcoin MagazineAug 28, 2023
In the newest episode of Bitcoin Magazine’s "Bitcoin, Explained,” hosts Aaron van Wirdum and Sjors Provoost discuss the ramifications of a newly discovered exploit dubbed “Milk Sad,” affecting Bitcoin users attempting to run the alternative Bitcoin implementation Libbitcoin when connecting to the network.
Revealed earlier this month, the issue of an insecure Bitcoin command called "BX Seed" in the Libitcoin library has made it vulnerable to attacks, potentially allowing adversaries to guess private keys and access Bitcoin funds.
As profiled, the insecure command produces only 32-bit random seeds, significantly reducing the number of possible seeds and making it relatively easy to guess a target user’s private keys. …“
You don’t know what you don’t know, and most people hardly know anything at all. Trusting a hardware wallet is still trusting a third party. Most people can’t read computer code, so how can they verify that the code isn’t malicious, and produces seeds from an adequately random number generator?
I know that a good seed mnemonic is comprised of 23 seed words produced in a truly random way, +1 word calculated from a bit more entropy and the prior 23 words.
Keep It Simple Stupid — print, and then cut out, all 2048 possible seed words onto tiny slips of paper, put all the papers in a bucket, make sure they’re all well separated and not stuck together. Shake the bucket, reach in without looking and pick one slip of paper. Write it down, return the paper to the bucket, and repeat 22 more times. Use SeedSigner and a coin to get the 24th word.
Simple and effective.
Most modern books are easy to read and comprehend. It’s the older books that are difficult. I read the first 1/3rd of von Mises’ The Theory of Money and Credit several years before I discovered Bitcoin. It was very difficult. It seemed like most sentences required that I read it multiple times, and think it through to really understand and follow his train of thought. I then might have to re-read the full paragraph to keep track of where he was going and what he was trying to explain.
GENESIS