vapory-staging / eth-keys

MIT License
0 stars 0 forks source link

Fixed relation between K and D msg hash. #1

Open vgulaev opened 2 days ago

vgulaev commented 2 days ago

https://github.com/vapory-staging/eth-keys/blob/042aff9d3b6977ffafba1f3d57ea5c280c75254f/eth_keys/backends/native/ecdsa.py#L63

From this code look that on the same private key for same msg you got the same signature.

Look like security issue cause all transaction generated by this code has fixed relation between K, D and msg.

Can you explain why you don't use secure random?

marlonhanks commented 2 days ago

In your analysis, did the private key become exposed publicly or otherwise?

vgulaev commented 1 day ago

Your question is not the answer for my question. We explore this lib as part of web3 for make Etherium transaction and during audit we try to identify your's security reasons for apply exactly this algorithm. From first sing we assume that it is the RFC 6979, and our next explore found that in 6979 should be the while loop section. So we still has question about reasons particular this way of generation K.

https://datatracker.ietf.org/doc/html/rfc6979#section-3.2

photo_2024-10-30_14-52-17

vgulaev commented 1 day ago

https://github.com/AntonKueltz/fastecdsa/blob/80a106620bb02a4ab9a5cda99c245bac60dc425a/fastecdsa/util.py#L58

image