Harry Denley Finds Wallet Vulnerability That Issued Same Key To Users
WalletGenerator.net, online cryptocurrency paper wallet creator ran on code that caused private key/public key pairs to be issued to multiple users. The vulnerability was described in an official blog post by security research Harry Denley of MyCrypto on May 24th, 2019.
The post said the bad code was in effect since August 2018, and was only recently patched out as of May 23rd. The live code on the website is reportedly supposed to be open source and audited on GitHub, but there were differences detected between the two. After researching the live code, Denley concluded that the keys were deterministically generated on the live version of the website, not randomly.
In one of MyCrypto’s tests between May 18–23, they attempted to use the website’s bulk generator to make 1,000 keys. The GitHub version returned 1,000 unique keys, but the live code returned 120 keys. Running the bulk generator always reportedly returned 120 unique keys instead of 1,000 even when other factors were tweaked, including browser refreshes, VPN changes, or user changes.
Randomness is needed to generate the key pairings in order for the paper wallets to be secured. According to the post:
“ELI5: When generating a key, you take a super-random number, turn it into the private key, and turn that into the public key / address. However, if the ‘super-random’ number is always ‘5,’ the private key that is generated will always be the same. This is why it’s so important that the super-random number is actually random…not ‘5.’”
WalletGenerator patched the determinism problem after MyCrypto reached out during the middle of its investigation. WalletGenerator purportedly responded afterward saying that the allegations could not be verified.