benma
commented
3 weeks ago First commit is from https://github.com/BitBoxSwiss/bitbox02-firmware/pull/1223
Closed benma closed 3 weeks ago
benma
commented
3 weeks ago First commit is from https://github.com/BitBoxSwiss/bitbox02-firmware/pull/1223
benma
commented
3 weeks ago Rebased now that the other PR is merged.
In a BIP-44 keypath
m/purpose/coin/account/{0,1}/addressIdx, we disallow addressIdx >= 10000 when verifying receive addresses to mitigate ransom attacks (attacker as victim verify an address at a very high index, so the victim cannot find the funds).The same check is applied to change outputs in transactions for the same reason.
We also had the same check for inputs in the transaction, but there, the check is not necessary. We want to be able to spend UTXOs that were received on high indices.