miracle2k
commented
5 years ago The ecdsa library used supports deterministic signatures (the ones suggested to be safe), but those are not used here. Instead, it seems the nonce is computed using randrange(). I opened a ticket with the library to ask for guidance:
Recently discovered security issue. See more here: https://ripple.com/dev-blog/statement-on-the-biased-nonce-sense-paper/