Hey @nakedwinnie thanks, happy to be here!
I came to this basically ‘Seed generation owas flawed, the total entropy was only 32 bits.’
But the following acticle explains it more thoroughly, google for the following, first article on ledger blogpost: Funds-of-every-wallet-created-with-the-Trust-Wallet-browser-extension-could-have-been-stolen
And here the specific twitter message by Klever:
ssue Update 07-12-2023 20:06 GTM-3
After conducting a thorough investigation, we have determined that all the wallets that were impacted by suspicious activity on July 12th were affected by an already known exploit caused by low entropy mnemonic, like the one reported by TrustWallet explorer extension in April 2023. This algorithm, known as Random Generation used by Bip39 implementation, was previously used by numerous cryptocurrency wallet providers. The flaw in the algorithm compromised the security and unpredictability of the generated keys, potentially making them susceptible to unauthorized access or malicious activities. It is important to address this issue promptly and take necessary measures to ensure the security of your wallets and funds.
How wallets are created
Entropy generation is a complex concept that challenges scientists’ preference for reproducibility and the ability to explain phenomena through cause-and-effect principles. In general, it is difficult to intentionally generate randomness. Additionally, verifying the correctness of random numbers is a challenging task, as even a flawed random number generator can deceive an observer without being completely unreliable.
To achieve good randomness, certain characteristics are necessary. Firstly, there should be a uniform distribution of bits and bytes, as well as consistency in the size of all data chunks. This ensures that each possible outcome has an equal chance of occurring. Secondly, unpredictability is crucial. An observer should be unable to gather any information about the next part of the sequence to be generated, making it impossible to predict or anticipate the sequence.
In summary, generating true randomness is a challenging endeavor, requiring uniformity, unpredictability, and the absence of any observable patterns or dependencies in the generated sequence.
The Hierarchical Deterministic (HD) scheme has gained widespread adoption due to its convenience in key management and portability. Users can easily create backups of an extensive number of keys, thanks to the hierarchical structure, and carry them wherever they go.
One of the notable advantages of the HD scheme is signer roaming. This feature allows users to switch to another wallet seamlessly if their preferred wallet fails or fails to meet their expectations. By simply taking their mnemonic (a seed phrase used to derive keys) with them, users can retain control over their funds, maintain financial freedom, and mitigate the impact of any wallet downtime or issues.
However, it’s important to emphasize that flawless entropy generation is a crucial requirement for the HD scheme. Entropy refers to the measure of randomness or unpredictability. In the context of HD schemes, a flawless entropy source is essential for generating secure and unpredictable keys. If the entropy source is flawed or compromised in any way, it can weaken the security of the keys and expose them to potential vulnerabilities.
In summary, the HD scheme offers users the ability to easily manage and back up numerous keys, as well as the flexibility to switch between wallets through signer roaming. However, it is crucial to ensure a flawless entropy source to maintain the security and integrity of the scheme.
Issue Overview
In the incident mentioned, all the wallets involved were imported into Klever Wallet K5. These wallets had not been originally created using Klever Wallet K5, instead all the wallets were created using an old and weak pseudorandom number generator (PRNG) algorithm as their entropy source. This algorithm was commonly used in early versions of various cryptocurrency wallet providers, which relied on the Javascript platform. The use of such a weak PRNG algorithm can significantly compromise the security and unpredictability of the generated keys, potentially making them more vulnerable to attacks or unauthorized access.
