Comments (4)
This seems like a pretty serious flaw. How do we know there aren't other frequent collisions, even when English words are used? Any comments from the developers?
from carbonwallet.github.io.
Had the same issue :(.
from carbonwallet.github.io.
i.e.: 1GnLr6yus9VrDYvycPUJF43iPEE62JrH88 for passwords: "1 2 3 4 5 6 7 8 9 10 11 12" and "a b c d e f g h i j k l"
from carbonwallet.github.io.
its splitting the words at the " " and then using indexOf() on the word list. Of course this will return -1 for every word that is not in the word list, so all 12 word phrases that do not happen to contain any word from the list will be identical!
quick fix: display an error when someone uses non-wordlist words, tell the user to withdraw all coins immediately!
final fix: hash the entire string instead if any of its words result in -1
from carbonwallet.github.io.
Related Issues (19)
- Display Master Public Key (MPK) HOT 4
- Open Wallet with md5 hash or md5(passphrase) HOT 9
- "Change" addresses not generated when entering passphrase from Electrum HOT 2
- no longer works HOT 3
- Add txid
- Allow base64-encoded passphrases in URLs HOT 1
- Chrome extension install problem HOT 1
- WARNING about instawallet style URL _posts / 2013-06-20-you-can-now-access-your-carbon-wallet-by-a-web-link.textile HOT 1
- "Open wallet" is highlighted after 11 words
- Transferred Bitcoins from Coinbase to CarbonWallet Address, bitcoins are not showing up HOT 1
- Bitcoin.Util.numToVarInt HOT 1
- Bitcoin Fee HOT 1
- HTTPS on http://carbonwallet.com/ HOT 2
- Add your own keys HOT 2
- Bad request
- adding new coin?
- testnet support?
- Unable to send out my Zcash HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from carbonwallet.github.io.