Nostr Web Client

ECDSA is just a HMAC (hashed message authentication code), though i'm probably abusing the "formal" definition, that's what it is, and the problem with it is that due to the way it's calculated there is a fairly substantial number of different hashes that can be valid on a signature, thus it is "malleable" - put it this way, if you are hash-grinding (like mining) and you can cut the bit-size of our seed down to only like 8 bytes (64 bits) of data, it's feasible to sic a farm of machines to the task of trying out variants of that hash value that satisfy the ECDSA signature, potentially within days, or at most weaks, for a large attacker to use

schnorr is simpler than ECDSA, as well as lacking this weakness of imprecision that gives this wide scope for tampering with a message (ie transaction) that could potentially change the payee of the transaction, so you see what the problem is when you fully grasp what malleability means

it's not a weakness that a lone wolf hacker can exploit, it's a weakness that a GOVERNMENT sized hacker can exploit, and that's why it's troublesome

Comte de Sats Germain 1y ago

I have a lot to read up on, and I'll be wasting your time until i do it... I *think* what you said is that 64 bits is not enough entropy, so attackers can just roll RNG for a few weeks and be able to spend a utxo... Because multiple signatures can be valid for ECDSA. Is it 64 bits because that's the actual length of the string, or because two possible signatures cuts the real or final entropy in half?

I think I'm also hearing that part of good defense is to keep your sats in many addresses, so an attacker has to knock them down one at a time. (?)

Reply to this note

Please Login to reply.

Discussion

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

nah, if the keys never have been used they are impenetrable

the reasons for breaking your stack into separate UTXOs is about evading correlation attacks on your stack, associating them to one wallet and thus making it easier to monitor the p2p network to locate your physical location for a $5 wrench attack

Comte de Sats Germain 1y ago

Seems like any kyc btc is dangerous, regardless of where you are or wallet practices. Surveillance state isn't going to stop putting in cameras with facial recognition. You get spotted anywhere, you're toast.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, but reusing UTXOs also is bad for THEIR security, it's like them battering the keys and security protocols for their vault, because i have examined my bank deposit address, i'm not the only one using it and there is maybe nearing hundreds of thousands of dollars worth of sats passing through this address

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

or at least mainly mine, i don't think anyone else is using it

what disturbs me is that they are getting to see some scope of my total income out of this which i don't like, it makes me VERY wary of actually formally KYCing myself to get a "european payment card" when i have a "dirty gibraltar tax haven domiciled card" that works fine more than 29 times out of 30

Comte de Sats Germain 1y ago

Oh that's gross... Its not like we need to conserve addresses... I guess they want to save on fees. But it seems like any business doing that is a rug waiting to happen.

Comte de Sats Germain 1y ago

I guess they probably have a layered approach. Keep most deposits in addresses that have strict privacy rules, but be more relaxed with the more active customer facing address to save fees. Maybe.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, tell me about it... i'm acutely aware of the risk in a way that i'm distinctly privileged to understand

for the time being, their clout with the payment and banking systems keeps me from moving because finding some other option is gonna be a lot of beta testing and probably the odd bit of lost money, on top of the time

plus, they made it even worse by upping the annual fee for the account so much, unless they show some substantial improvements, like not reusing deposit addresses on chain, i'll be open to choosing a competitor

i should also mention that, thinking about it, this is partly why i have shifted to primarily using LN to do my transfers into the account, and shield myself using my WoS...

Comte de Sats Germain 1y ago

Are they on nostr? Would be nice if they could read this