Harvest entropy from the 'verify download' step

BenWestgate / Bails

Bails is a Bitcoin solution protecting against surveillance, censorship, and confiscation. It installs Bitcoin Core on the encrypted Persistent Storage of Tails, creates and recovers Bitcoin Core wallets from Codex32 (BIP93) seed backups, and creates backup Bails USB sticks and shareable blank Bails USB sticks. Learn more in README.md.

MIT License

39 stars 7 forks source link

Harvest entropy from the 'verify download' step #75

Closed BenWestgate closed 3 months ago

BenWestgate commented 11 months ago

A variable can store the yes/no choices to the verify procedure for several bits of entropy that can be added to the seed later.

Other dialogs that loop themselves if closed with the "X" or Esc key can also append their return codes to this variable.

The passphrase from early setup may be used as well but that likely is better to unset and store a KDF hash of instead.

BenWestgate commented 11 months ago

perhaps /etc/passwd or /etc/shadow are readable to amnesia user

BenWestgate commented 3 months ago

This doesn't make sense to do because the entropy of mouse clicks and user selection was already gathered by the kernel and made its way into the xprv Bitcoin Core generated.