What's under the hood at Jaxx. Entropy out of the box 128 bits
A little crumpled, recorded so as not to forget. The comments of the habrakript-community should be interesting.
I decided to check how much the Brainwallet cryptostability is, the Jaxx multicurrency wallet backup system and what the secret words at the code level mean.
To begin with, I made a copy of the newly-installed Google extension wallet into my work folder. Corrected files for editing.
Notepad ++ has wonderful functions for searching in files and plugins for formatting code, so searching and adding lines like console.warn (“bits =” + bits) helped quickly figure out what happens when a wallet is generated and restored. Also found hidden from the user functionality, probably allowing you to raise the level of cryptographic resistance to paranoid.
')
So, when creating a wallet:
1. Generated 128 pseudo-random bits with rng:
2. Calculate 4-bit checksum
3. The total bitmap is broken into pieces of 12 bits, and converted to an Integer. We get 12 indexes for the code table.
4. From the code table the size of 2225 words is going to be a string of words for the backup of the wallet.
5. Based on the choice, different wallets are created by applying different hashing algorithms to a 128-bit seed.
The thirdparty interiors contain implementations of many different algorithms; you can redraw jaxx to fit your needs.
And a lot of interesting code in which I continue to dig.
When the wallet is restored, the indexes found in the code table are supplemented with not meaning 0 to 12 bits, the checksum is checked, keys are generated from the received seed and synchronization with the blockchain is started.
For me, all this experience was a curious material for deepening acquaintance with crypto.
PS And yes, what am I doing?
Do you think that if neuro-cryptanalysis is applied to this algorithm, will it be possible to speed up the hacking of the wallet, the private key of which is encoded deterministically from the bits array and used as a seed for several wallets.
I will be glad and grateful for examples of code in python, it is curious to measure the speed of key selection on different hardware.
I decided to check how much the Brainwallet cryptostability is, the Jaxx multicurrency wallet backup system and what the secret words at the code level mean.
To begin with, I made a copy of the newly-installed Google extension wallet into my work folder. Corrected files for editing.
Notepad ++ has wonderful functions for searching in files and plugins for formatting code, so searching and adding lines like console.warn (“bits =” + bits) helped quickly figure out what happens when a wallet is generated and restored. Also found hidden from the user functionality, probably allowing you to raise the level of cryptographic resistance to paranoid.
')
So, when creating a wallet:
1. Generated 128 pseudo-random bits with rng:
function generateMnemonic(strength, rng, wordlist) { strength = strength || 128 rng = rng || randomBytes var hex = rng(strength / 8).toString('hex') console.warn('hex=' + hex) return entropyToMnemonic(hex, wordlist) } 2. Calculate 4-bit checksum
3. The total bitmap is broken into pieces of 12 bits, and converted to an Integer. We get 12 indexes for the code table.
4. From the code table the size of 2225 words is going to be a string of words for the backup of the wallet.
5. Based on the choice, different wallets are created by applying different hashing algorithms to a 128-bit seed.
var jaxx; (function (jaxx) { var Seed = /** @class */ (function () { function Seed() { } Seed.generateMnemonic = function () { return thirdparty.bip39.generateMnemonic(); }; Seed.validateSeed = function (seed) { return (thirdparty.bip39.validateMnemonic(seed)) ? true : false; }; The thirdparty interiors contain implementations of many different algorithms; you can redraw jaxx to fit your needs.
hash160: hash160, hash256: hash256, ripemd160: ripemd160, sha1: sha1, sha256: sha256 And a lot of interesting code in which I continue to dig.
When the wallet is restored, the indexes found in the code table are supplemented with not meaning 0 to 12 bits, the checksum is checked, keys are generated from the received seed and synchronization with the blockchain is started.
words=boil,matter,crawl,clean,choice,gasp,clay,defy,crew,amount,cushion,pretty
chunks=00011001000,10001001010,00110010101,00101010010,00101000001,01100000001,00101010001,00111001101,00110011010,00001000000,00110110011,10101010001
bits=000110010001000100101000110010101001010100100010100000101100000001001010100010011100110100110011010000010000000011011001110101010001
checksum=0001For me, all this experience was a curious material for deepening acquaintance with crypto.
PS And yes, what am I doing?
Do you think that if neuro-cryptanalysis is applied to this algorithm, will it be possible to speed up the hacking of the wallet, the private key of which is encoded deterministically from the bits array and used as a seed for several wallets.
I will be glad and grateful for examples of code in python, it is curious to measure the speed of key selection on different hardware.
Source: https://habr.com/ru/post/423707/
All Articles