Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Project Development
Merits 5 from 2 users
Re: Are dices for generating seed words fair?
by
larry_vw_1955
on 23/10/2022, 00:16:15 UTC
⭐ Merited by o_e_l_e_o (4) ,vapourminer (1)
Quote from: o_e_l_e_o on October 22, 2022, 07:23:04 AM
They are bouncing off each other in the bag. If a dice is weighted to roll a 6 more frequently than it should otherwise, it doesn't matter if you are bouncing it off the floor, a table, the inside of a cup, other dice in a bag, dropping it down some stairs, or launching it in a trebuchet - it will still be more likely to roll a 6.
ultimately it is something that must be tested statistically. by doing alot of trials. i see what you're saying but i'm still not sure that other factors might play a greater role such as the randomness by which fingers would go into the bag and how they would grip a particular die. but i'm not willing to dismiss the entire thing as yet. for example, i had read somewhere that flipping a biased coin and catching it produces unbiased results. as long as you catch it and dont let it land. that was unexpected but someone was making that claim.

but then we get into other questions such as "what is an acceptable level of bias in an experiment where you perform it some number of times, be that 1000, or more?" I don't think anyone has a good answer for that. and i don't also think that anyone has a really good way to measure randomness. you can do a histogram of how many times each number is landed on but that doesn't mean they happened in a random order. for example: 111122223333444455556666.


Quote
Neither their Android nor their Apple apps are reproducible from their published code:
https://walletscrutiny.com/android/com.cakewallet.cake_wallet/
https://walletscrutiny.com/iphone/com.fotolockr.cakewallet/
Cool I was looking for that website, I had seen it once and then forgot its name  Cheesy

Quote
Still, that error is horrendous. They are falling back on a function which the documentation specifically says is not suitable for cryptographic purposes, which apparently also defaults to a 64 bit number: https://devoncarew.github.io/papyrus.dart/dart.math.html#Random

Completely amateur mistake. Yet another reason that people should stop using all these random wallets which keep popping up and just stick to the tried and tested ones.

what's even more horrendous is how no one ever called them out on it until people started losing money. Huh it's not like they were hiding the insecure code. apparently it was sitting there right on github for all to see. but no one did.