Ninjastic
PostEdited versionsQuotes to this post
Next scheduled rescrape ... never
Version 1
Last scraped
Scraped on 18/04/2025, 08:09:46 UTC
Quote from: Stalker22 on April 17, 2025, 09:23:12 PM
I just came across some worrying information that I wanted to bring up here to talk about and spread awareness.  Looks like some researchers discovered a new security flaw that could impact crypto hardware wallets that use the ESP32 chip, which is super popular and frequently found in less expensive hardware wallets.  

Are All Bitcoin Hardware Wallets in Danger? Critical Vulnerability Discovered

The way I understand it (please correct me if you know more details!), the vulnerability comes from how the ESP32 was designed or how its commonly set up in wallets.  The specifics are still fuzzy, but I read that some hackers showed they could actually drain a hardware wallet by taking advantage of this bug.  Anybody know which hardware wallets use ESP32 and could be at risk here?


This chip seems to have a bunch of design flaws that  may result  into security nightmares for users. Previously found backdoor in the WiFi and Bluetooth module seen in Espressif products. Now  there's the issue with the RNG  which appears to be fundamentally weak and not even dependent on the specific manufacturer.

Thankfully, my Passport Core uses Avalanche based source for SEED generation, so I’m not worried about the security of my stash. But it does raise a serious question  about the security of other users who might be relying on this  ESP32 with flawedpoor RNG without even knowing it.

Regarding hardware wallets with use of ESP32. Look at  this topic.

Original archived Re: Critical vulnerability discovered in ESP32 chip
Scraped on 18/04/2025, 08:04:46 UTC
Quote from: Stalker22 on April 17, 2025, 09:23:12 PM
I just came across some worrying information that I wanted to bring up here to talk about and spread awareness.  Looks like some researchers discovered a new security flaw that could impact crypto hardware wallets that use the ESP32 chip, which is super popular and frequently found in less expensive hardware wallets. 

Are All Bitcoin Hardware Wallets in Danger? Critical Vulnerability Discovered

The way I understand it (please correct me if you know more details!), the vulnerability comes from how the ESP32 was designed or how its commonly set up in wallets.  The specifics are still fuzzy, but I read that some hackers showed they could actually drain a hardware wallet by taking advantage of this bug.  Anybody know which hardware wallets use ESP32 and could be at risk here?


This chip seems to have a bunch of design flaws that  may result  into security nightmares for users. Previously found backdoor in the WiFi and Bluetooth module seen in Espressif products. Now  there's the issue with the RNG  which appears to be fundamentally weak and not even dependent on the specific manufacturer.

Thankfully, my Passport Core uses Avalanche based source for SEED generation, so I’m not worried about the security of my stash. But it does raise a serious question  about the security of other users who might be relying on this  ESP32 with flawed RNG without even knowing it.

Regarding hardware wallets with use of ESP32. Look at  this topic.