Re: BtcIO - Open source, cold, BTC wallet

Quote from: pooya87 on March 02, 2021, 04:07:05 AM

You might want to warn people that you are using a very weak RNG (System.Random) to generate their keys[1] and it is not safe to use this method to get a true random bitcoin private key to be used for real bitcoins.
Also you are using your own defined word list to generate the "seed" which you end up computing its SHA256 only as a "secure" entropy[2]

https://github.com/avadhuta/BtcIO/blob/3f67b5657733370e99078c7345a1e46a27d993c5/BtcWalletTools/Tech.cs#L75-L82
https://github.com/avadhuta/BtcIO/blob/3f67b5657733370e99078c7345a1e46a27d993c5/BtcWalletTools/WalletTools.cs#L255

You are absolutely right, my logic for generating the passphrase is made elementary, although it is dangerous to use any software RNG for this, especially in open source.

An intelligent user can create seed himself or add any of words and symbols as entropy.

As an option, I will add the ability to use any arbitrary file as a seed, and multiple hash (>100000) to slow down brute-force, this will be really reliable, I believe.

Quote from: NotATether on March 02, 2021, 09:21:13 AM

It is more secure, in that method, to use the System.Security.Cryptography.RNGCryptoServiceProvider class than Random and then use it's GetBytes method to get a byte value which OP then takes the modulus of words.Length. For example:

Code:

using System.Security.Cryptography;

# ...

public static String RandomSeed() {
   RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider();
   byte[] randomNumber = new byte[1];
   string res = "";
   for (int i = 0; i < 12; i++) {
   rngCsp.GetBytes(randomNumber);
   int r = (int) randomNumber[0] % words.Length;
   res += words[r].ToLower() + (i < 11 ? " " : "");
   }
   rngCsp.Dispose();
   return res;
}
# ...

Note: I did not test this code for syntax errors.

Thanks for the code, but I don't think that a more complex RNG will change anything in this case, especially in open source, manual entropy is needed.