|
|
|
|
|
|
by doodlesdev
1147 days ago
|
|
|
Couldn't they have used CryptMT [0] instead of MT19937 (or whatever mersenne twister implementation they had)? Saying mersenne twister should not be used is a bit misleading as it all depends on the specific implementations and needs of the application. Anyhow, they could still have used webcrypto through WASM or even through JavaScript (as they can send the data back). This is really not a problem with WASM but moreso with the stupid implementation of this wallet. edit: According to this PR they were indeed using std::mt19937 [1]. In fact I would go further ahead and say this is a general issue of C++ itself which just does not provide good PRNGs in the stdlib at all, with multiple ways of achieving different (but similarly broken) PRNG results. [0]: https://en.m.wikipedia.org/wiki/CryptMT [1]: https://github.com/trustwallet/wallet-core/pull/2240 |
|
|
The problem is what they did with that random seed once they had retrieved it (i.e. seed a non-cryptographic Mersenne Twister with only 32 bits of it).