So... I had look at bitcoinpaperwallet.com and walletgenerator.net sites' javascript code and did some interesting findings. They are concerning to say the least. Both of the sites use the exact same javascript code and are thus likely operated by the same person/persons.
When paper wallets are generated on these sites (online or offline), their public addresses are not created using the seed or private key provided by the user. Instead there is a list of 60 pregenerated (base64 encoded) public addresses embedded in the javascript code which is loaded with the site. The list's contents change with every reload of the page so the public addresses are apparently generated by the server before the page is sent over. If the user saves the page and goes offline, the list of public addresses is also saved and used offline as well.
What does this mean? I believe there is a high risk that any paper wallet created using these sites have public addresses printed on them which belong to wallets controlled by whoever controls the servers of these sites. There is a generated private key on the paper wallet as well, but it simply does not match with the public address. Anyone sending bitcoin to the public address will be sending money to someone else only to find that his/her wallet is empty (and always was) once trying to use the wallet.
I would appreciate if someone else technically minded would check whether I'm right about this. Save the html and the search for 'eckey_test' (you might wan't to prettify the javascript code though, https://beautifier.io/). This is the list of suspicious pregenerated public keys.
Edit: A correction to my analysis. Actually there seems to be 60 public-private key pairs embedded in the code (see 'eckey_test'). If you simply go to the site and generate a wallet you are served one of these pairs (after Base64 decoding). But they are still seemingly pregenerated server side which is dangerous (the whole moving your mouse thing does nothing to change the list). The above-mentioned case where you end up with an invalid pair happens when you try to provide your own private key. You'll end up with a wallet with correct private key and invalid (and dangerous) public key.
[link] [comments]
No comments:
Post a Comment