Bitcoin Explorer: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
sigh
m Protected "Bitcoin Explorer": author removed important warnings about funds loss ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))
 
(7 intermediate revisions by 2 users not shown)
Line 1: Line 1:
= WARNING USE OF THIS SOFTWARE WILL RESULT IN YOUR FUNDS BEING STOLEN =
==WARNING: FUNDS LOSS==


'''WARNING: The use of this library to generate seeds, contrary to the author's own following suggestions that include no warnings whatsoever, WILL RESULT IN YOUR FUNDS BEING STOLEN as per:'''
The use of specific versions of this tool to generate wallets has been [https://milksad.info/disclosure.html documented in CVE-2023-39910] to have already resulted in significant funds loss due to the inexplicable removal of the inclusion of OS randomness and replacement thereof with mere time-based seeding. The author's implication that the use of OS randomness is cryptographically equivalent to low-entropy time-only based seeding is inaccurate.


'''[https://milksad.info/ CVE-2023-39910 aka Milksad] archive here: [https://archive.is/KbdGI Milksad Archive]'''
'''DO NOT USE THIS TOOL TO CREATE WALLETS NOR RECEIVE FUNDS.'''


'''WARNING: The author is taking zero responsibility for participating in the use of his code in critical reference materials and has taken to blaming the people who used his code to create seeds as per his own examples, in spite of this code being used widely in many non-wallet programs, examples, a widely-read book, and in suggestions in many places on Reddit.'''
[https://news.ycombinator.com/item?id=37057601 Additional write-up by Greg Maxwell describing some of the extent of the damage done]<br>
[https://archive.ph/BvGH7 Author inexplicably asserting the broken bx seed command is working as intended]<br>
[https://archive.is/YlwCQ Author inexplicably asserting that tdryja pointing out his error is just part of the 'core playbook']<br>


'''For reference, the following is instructive:'''
'''The following page is preserved for archival purposes.'''
-----


* [https://github.com/libbitcoin/libbitcoin-system/commit/6d5a06e283d81260165e0eab95175069bf03b408 git commit where the author wrote vulnerable RNG code without any warnings and described it as "optimal"]
Bitcoin Explorer (bx) is an advanced command line application that is included as part of [[Libbitcoin_Explorer|libbitcoin-explorer]]. [https://github.com/libbitcoin/libbitcoin-explorer/wiki Extensive documentation] and [https://github.com/libbitcoin/libbitcoin-explorer/wiki/Download-BX signed binaries] for Linux, OSX and Windows are available on GitHub.
* [https://news.ycombinator.com/item?id=37057601 Additional write-up by Greg Maxwell describing some of the extent of the damage done]
* [https://archive.is/TVGrU Author asserting a 32-bit non-entropic seed to a seen gen is working as intended]
* [https://archive.is/BvGH7 Similar, "working as intended"]
* [https://archive.is/YlwCQ Author asserting it is all a part of a core conspiracy against him]


'''WARNING: The following is being left as-is for historical reference.'''
==Entropy==
In versions prior to 3.8.0 bx included the '''seed''' command, which was explained in the [https://github.com/libbitcoin/libbitcoin-explorer/wiki/Random-Numbers/897620743e329ca9ae8926cba5e717122619f439 Random-Numbers] topic:


== FOR HISTORICAL REFERENCE ONLY ==
With the exception of cert-new, any BX command that requires a random number obtains that value as an argument. This places the responsibility of ensuring random number strength on end-users and also helps them understand the potential for problems... The seed command is provided as a convenience, and is the only command that generates randomness.


Bitcoin Explorer (bx) is an advanced command line application that is included as part of [[Libbitcoin_Explorer|libbitcoin-explorer]]. [https://github.com/libbitcoin/libbitcoin-explorer/wiki Extensive documentation] and [https://github.com/libbitcoin/libbitcoin-explorer/wiki/Download-BX signed binaries] for Linux, OSX and Windows are available on GitHub.
and was itself [https://github.com/libbitcoin/libbitcoin-explorer/wiki/bx-seed documented] with the following warning:
 
Generate a pseudorandom seed.
WARNING: Pseudorandom seeding can introduce cryptographic weakness into your keys. This command is provided as a convenience.
 
Despite this documentation, it [https://github.com/libbitcoin/libbitcoin-explorer/wiki/CVE-2023-39910 has been determined] that the command may have been used for live wallet seeding. Consequently the command has been [https://github.com/libbitcoin/libbitcoin-explorer/pull/729/commits/5281cfb370614716aa7dd1e099def193401da6f3 removed].


==Examples==
==Examples==
Generating a new bitcoin address:
Generating a new bitcoin address:


  $ bx seed | bx ec-new | bx ec-to-public | bx ec-to-address
  $ echo [user entropy] | bx ec-new | bx ec-to-public | bx ec-to-address
  13ua8RRSxLpL5WL5cKUDepUCvJZgGWuKh7
  13ua8RRSxLpL5WL5cKUDepUCvJZgGWuKh7


Line 82: Line 87:
* [[Libbitcoin_Explorer|libbitcoin-explorer]]
* [[Libbitcoin_Explorer|libbitcoin-explorer]]
* [[SubvertX]]
* [[SubvertX]]
= WARNING USE OF THIS SOFTWARE WILL RESULT IN YOUR FUNDS BEING STOLEN =


==References==
==References==

Latest revision as of 22:48, 14 September 2023

WARNING: FUNDS LOSS

The use of specific versions of this tool to generate wallets has been documented in CVE-2023-39910 to have already resulted in significant funds loss due to the inexplicable removal of the inclusion of OS randomness and replacement thereof with mere time-based seeding. The author's implication that the use of OS randomness is cryptographically equivalent to low-entropy time-only based seeding is inaccurate.

DO NOT USE THIS TOOL TO CREATE WALLETS NOR RECEIVE FUNDS.

Additional write-up by Greg Maxwell describing some of the extent of the damage done
Author inexplicably asserting the broken bx seed command is working as intended
Author inexplicably asserting that tdryja pointing out his error is just part of the 'core playbook'

The following page is preserved for archival purposes.


Bitcoin Explorer (bx) is an advanced command line application that is included as part of libbitcoin-explorer. Extensive documentation and signed binaries for Linux, OSX and Windows are available on GitHub.

Entropy

In versions prior to 3.8.0 bx included the seed command, which was explained in the Random-Numbers topic:

With the exception of cert-new, any BX command that requires a random number obtains that value as an argument. This places the responsibility of ensuring random number strength on end-users and also helps them understand the potential for problems... The seed command is provided as a convenience, and is the only command that generates randomness.

and was itself documented with the following warning:

Generate a pseudorandom seed.
WARNING: Pseudorandom seeding can introduce cryptographic weakness into your keys. This command is provided as a convenience.

Despite this documentation, it has been determined that the command may have been used for live wallet seeding. Consequently the command has been removed.

Examples

Generating a new bitcoin address:

$ echo [user entropy] | bx ec-new | bx ec-to-public | bx ec-to-address
13ua8RRSxLpL5WL5cKUDepUCvJZgGWuKh7

Executing a blockchain query against Libbitcoin Server via ZeroMQ:

$ bx fetch-tx 4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b
transaction
{
    hash 4a5e1e4baab89f3a32518a88c31bc87f618f76673e2cc77ab2127b7afdeda33b
    inputs
    {
        input
        {
            previous_output
            {
                hash 0000000000000000000000000000000000000000000000000000000000000000
                index 4294967295
            }
            script "[ 04ffff001d0104455468652054696d65732030332f4a616e2f32303039204368616e63656c6c6f72206f6e206272696e6b206f66207365636f6e64206261696c6f757420666f722062616e6b73 ]"
            sequence 4294967295
        }
    }
    lock_time 0
    outputs
    {
        output
        {
            address 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
            script "[ 04678afdb0fe5548271967f1a67130b7105cd6a828e03909a67962e0ea1f61deb649f6bc3f4cef38c4f35504e51ec112de5c384df7ba0b8d578a4c702b6bf11d5f ] checksig"
            value 5000000000
        }
    }
    version 1
}

Decoding Satoshi's words:

$ bx base16-decode 04ffff001d0104455468652054696d65732030332f4a616e2f32303039204368616e63656c6c6f72206f6e206272696e6b206f66207365636f6e64206261696c6f757420666f722062616e6b73 
ÿÿEThe Times 03/Jan/2009 Chancellor on brink of second bailout for banks

Posting a transaction directly to 10 nodes on the Bitcoin P2P network:

$ bx send-tx-p2p --nodes 10 0100000001b3807042c92f449bbf79b33ca59d7dfec7f4cc71096704a9c526dddf496ee0970100000069463044022039a36013301597daef41fbe593a02cc513d0b55527ec2df1050e2e8ff49c85c202204fcc407ce9b6f719ee7d009aeb8d8d21423f400a5b871394ca32e00c26b348dd2103c40cbd64c9c608df2c9730f49b0888c4db1c436e8b2b74aead6c6afbd10428c0ffffffff01905f0100000000001976a91418c0bd8d1818f1bf99cb1df2269c645318ef7b7388ac00000000
Sent transaction at 2015-May-08 12:17:09.
Sent transaction at 2015-May-08 12:17:09.
Sent transaction at 2015-May-08 12:17:09.
Sent transaction at 2015-May-08 12:17:12.
Sent transaction at 2015-May-08 12:17:12.
Sent transaction at 2015-May-08 12:17:15.
Sent transaction at 2015-May-08 12:17:15.
Sent transaction at 2015-May-08 12:17:19.
Sent transaction at 2015-May-08 12:17:20.
Sent transaction at 2015-May-08 12:17:20.

See Also

References