len.sassaman.eth
len.sassaman.eth 2 minutes reading from Bitcoin

What Does it Take to Succeed With Private Key Leads for #btc and #ETH?

Although I started this new account and largely use it for ens activities, I’ve been around the space for quite a while.

One thing I’ve learned in all of my research, is that people don’t realize how deep the search for private key leaks go for btc and eth A quick 🧵👇🏻

Sites exist solely for the purpose of key lists and group/individual hacking of keys.

Just because you use a seed phrase, doesn’t mean you aren’t using a private key; everything on chain relies on 64 hexadecimal characters, full stop.

“Wallets” are an access point, that’s it.

Key compromises are almost always due to user error, or weak generative methods from a provider. Chain data is sometimes recycled by these “wallet” providers and users unknowingly have their keys exposed. Some even pull random hex values from public JavaScript🤦🏻‍♂️🤦🏻‍♂️🤦🏻‍♂️🤦🏻‍♂️ to use.

The moral of the story, is that users need to understand keys, as well as seeds and not just rely on a random seed generation as being secure. Look at what happened with Solana keys recently, as an example.

A quick tip: never store your whole bag in just one address.

I’ve written a program that I’m planning to release as open source in the next few months. It allows users to offline query their private key against a database of tens of millions of exposed/weak Bitcoin & Ethereum private keys, including Brainwallets and other vulnerabilities.

In short, learn about private keys and how they work! Hopefully my impending little contribution to the space will impact at least one person in a positive way. Stay safe!

This post is based on this twitter thread.

Comments

Please login to comment.