Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: How does getting the private key and nonce from a nonce reuse work?
by
fairmuffin
on 02/04/2025, 17:10:33 UTC
Quote from: nc50lc on Today at 04:48:09 AM
Quote from: fairmuffin on April 01, 2025, 06:29:54 PM
Code:
    tx_hash1 = "223d80bffcb8cc519f23d6e7795693c5c0b25a1f3c477a96632f875c067d2439"
    tx_hash2 = "8b044016b8307dd8aefe5dcb61cfac97c01122f578fc7e4192472c45405e0a74"
    -snip-
    # Convert transaction hashes to integers
    z1 = int(tx_hash1, 16)
    z2 = int(tx_hash2, 16)
This wont fix the core issue but just a pointer:

Those "tx_hash" aren't the Transaction IDs of the inputs that has the same R-value.
Since the code is pertaining to those as "z1" and "z2", it's meant to be the "message hash" (Z-value) of each transaction.

Thanks for looking! I can see that the address in question isn't as input but rather output; however, I am a bit at loss here since this address was reported as compromised back when the vulnerability was discovered. So far, it repeated the R value from another address where the address in question was as output. Not sure what specific transactions they may have used then, to report this one as compromised.