Great research and security disclosure by nostr:npub1j8d6h8mzvc8f2fvysrf09nlkmn7m2ylj32zl5na4tm5e8fd5dqysrg26k2 nostr:npub1xh897wvhn93tda0zws94mdyc7eagc8qm0798clp7x48zh6kjwazq29gst6 and Robin Linus. Here's what you need to know about the "Dark Skippy" vulnerability:

1. Hardware signing devices insert random values called 'nonces' every time they sign Bitcoin transactions.

2. Weak nonces (values that are not sufficiently random) can allow an attacker to mathematically brute-force the private key from the signatures alone, just by analyzing transactions on the public blockchain.

This is a well-known class of attack. "Dark Skippy" is a new technique which makes it easier to grind the private key from weak nonces.

What are the conditions required for the attack? The attack requires either:

1. Loading malicious firmware onto the device, which generates weak nonces.

2. A bug in the vendor's official firmware that produces weak nonces.

How do I protect myself from this type of attack?

1. Order hardware signing devices straight from the vendors, if possible. The more direct, the lower the likelihood of tampering.

2. Use hardware vendors that have tamper-resistant mechanisms in place, such as tamper-evident sealed bags, firmware attestation, etc.

3. Use hardware where you can easily verify the integrity of the source firmware and its updates.

4. Use hardware that follows security standards in generating nonces. One such standard is RFC6979 (deterministic nonces).

5. Verify the authenticity of the firmware every time you upgrade. (Tip: bookmark the vendor website to avoid phishing).

6. Avoid updating firmware unless you absolutely have to. Use another device if you want to experiment with firmware features that you don't actually need for your main stash.

7. Use multisig, preferably multi-vendor multisig. This alone significantly increases the difficulty of executing the attack.

Multisig versus Anti-exfil

You might have heard that "anti-exfil" is a way to prevent the above attack. In short, anti-exfil describes a security technique which combines entropy from the hardware signing device with entropy from a SECOND DEVICE (typically the host of the companion software wallet) to generate the nonces.

However, there are 2 downsides to this approach. First, there is currently no anti-exfil standard, so you'd have to trust that the vendors implement anti-exfil correctly. Secondly, since anti-exfil changes the way a signature is generated, i.e., asking for a nonce from a second device for every single transaction, it is not compatible with the way most Bitcoin wallets work today, and therefore introduces a UI/UX challenge.

Until anti-exfil has a well-defined standard and wider wallet compatibility, we recommend multisig as the more practical approach. Fundamentally, multisig achieves the same goal as anti-exfil: it also requires entropy from a second device to authorize each Bitcoin transaction. Multisig can also add entropy from more than just 2 devices, if you so choose (3-of-5 multisig, for example). Last but not least, multisig has been used for 10+ years in Bitcoin, battle-tested (securing hundreds of billions worth of Bitcoin), and at this point has been very well standardized (PSBT, BSMS, Output Descriptors, to name a few standards).

Hence, use multisig if you are concerned about Dark Skippy.

In conclusion, while the "Dark Skippy" vulnerability highlights potential risks in hardware signing devices, users can significantly mitigate these risks by following best practices in device procurement and usage, and by implementing multisig setups. Stay informed, verify your devices and firmware, and consider multisig for enhanced security of your Bitcoin holdings.

P.S. A common question is: “Does adding a passphrase to my seed phrase protect me against Dark Skippy and similar types of attacks?” The answer is no. Since nonce-based key grinding works against the master private key, not the seed phrase, adding a passphrase will NOT protect you against this class of attack.

nostr:note1ra4j0uct37w8ntapl90x0jvt0nl3axxxf25h4plr6guzp69zujfqjgk7md

Nostr amplifies builders

X amplifies haters and grifters (and some builders)

nostr:note16uc4f3673vf69v7ledd8x99r9ej2sgfrxg56mqn98yfelq66a05qdkw4up

Thank you!

Blue Eye Samurai is dope!

👀

nostr:note1x6gtvxvaq97qjzv2czx5klw5ctf0z5s2mw6g3rmzep430lz7j5psj3sz69

💪🏻🙌🏻

Contrary to popular belief, we deeply believe that the future of Bitcoin self-custody will be on mobile. The modern phone is a lot more secure and more accessible than desktop, and going forward it will be the preferred computing platform for billions of people around the world.

With that in mind, we are excited to share that Nunchuk has entered a partnership with TwentyTwo, headed by Alekos who built BDK, to bring more self-custody solutions to mobile devices!

Read more about our partnership here: https://nunchuk.io/blog/nunchuk-twentytwo

thank you!

Yes! Both Sparrow and Nunchuk support BIP329 (common Bitcoin standard for labels).

Introducing Automated Wallet Rollover with Advanced Coin Control

We are excited to introduce a significant update to Nunchuk: the new Wallet Rollover feature. This powerful tool provides a comprehensive solution for migrating from an old wallet to a new wallet while maintaining your preferred coin management strategy.

A Leap Forward in Wallet Management

Until now, migrating from an old wallet to a new wallet has been a largely manual process, requiring users to carefully manage transactions and coin control themselves. Nunchuk’s Wallet Rollover feature automates much of this process, dramatically reducing the potential for errors and saving time. Moreover, our advanced coin control management is unparalleled in the Bitcoin wallet space, offering a level of granularity and privacy preservation techniques previously unavailable to users.

Independent Rollover Feature

The Wallet Rollover feature operates independently and can be utilized in various scenarios that require fund transfers between wallets, including key replacement processes.

Key Capabilities:

1. Transfer between any wallet types (single-sig to multi-sig, vice versa, or between different multi-sig configurations).

2. Preserve coin segregation strategy during transfers.

3. Enhance privacy further through randomized broadcast of the rollover transactions.

Nunchuk is the first Bitcoin wallet to offer this level of automation and granular control in wallet transitions.

Advanced Coin Control During Rollover

This feature enables users to preserve their coin segregation strategy when migrating to a new wallet. Whether you segregate your coins for privacy, accounting, or any other purpose, you can now maintain this organization during a wallet transition.

Key Benefits Include:

* Preservation of existing tags and collections, maintaining the separation of coins based on origin, purpose, or other criteria.

* Enhanced privacy by preserving your original coin management strategy.

Important Details:

* To maintain your coin segregation strategy, the rollover feature may create multiple transactions.

* For enhanced privacy, we recommend broadcasting these transactions at random intervals rather than all at once. This practice obscures the connection between the newly created coins and the old and new wallets.

* Subscribers benefit from an automatic randomized broadcasting feature, further enhancing transaction privacy.

Why This Matters

1. Seamless Key Replacement: In case of a lost or compromised key, you can quickly transition to a new wallet setup while maintaining your preferred coin organization, minimizing disruption and stress.

2. Evolving Security Needs: As your Bitcoin holdings grow or your security requirements change, you can easily transition between different wallet types (e.g., from single-sig to multi-sig) without the hassle of manual transfers.

3. Privacy Enhancement: By preserving your coin segregation strategy and using randomized broadcasting, you can significantly improve onchain privacy during wallet transitions.

4. Flexibility for Various Use Cases: Whether you’re setting up an inheritance plan, adjusting business wallet structures, or simply reorganizing your funds, this feature adapts to your specific needs.

5. User Control: You retain full control over your bitcoin throughout the entire process, adhering to the principles of self-custody while benefiting from advanced automation.

It’s important to note that while preserving coin segregation strategy offers privacy benefits, it may result in multiple transactions, potentially increasing on-chain fees. Users can weigh this trade-off based on their specific privacy needs and cost considerations.

How to Use Wallet Rollover

To initiate a wallet rollover, navigate to: The wallet you want to migrate from > View wallet config > More menu > Roll funds over to another wallet.

Looking Ahead

At Nunchuk, we are committed to pushing the boundaries of Bitcoin self-custody. This update represents a significant leap forward in wallet management flexibility and user control. We’re excited to see how our users leverage these new capabilities to enhance their Bitcoin security and wallet management strategies.

Stay tuned for more innovations as we continue to evolve the Nunchuk ecosystem. Your financial sovereignty is our top priority, and we’re dedicated to providing you with the tools you need to maintain complete control over your bitcoin.

https://nostrcheck.me/media/c301f13372c8f0d9bc8186d874fa45fa33aede13e66f4187a3bd22ee41c95b2a/cced801c11b59638a5bedddc7853d5ccbb61ecb88197fc90ba902ee947f48bba.webp

https://nostrcheck.me/media/c301f13372c8f0d9bc8186d874fa45fa33aede13e66f4187a3bd22ee41c95b2a/7a16bb69952f71345e0e37e7b6f964b204ff29e45ad560e34c914eacdc4eed2d.webp

https://nostrcheck.me/media/c301f13372c8f0d9bc8186d874fa45fa33aede13e66f4187a3bd22ee41c95b2a/b44d6875de0d6b8087b766e65b9f127e1ab2356ea4f1176c35fc4c93dc39840f.webp

Introducing Finney: The Bitcoin Wallet For Families

We are thrilled to unveil Finney—a revolutionary Bitcoin wallet designed for families seeking security and financial autonomy. Say goodbye to third-party dependencies!

Why Finney?

Unlike traditional solutions like Unchained, Casa, BitGo, or Bitkey, which rely on third-party involvement to hold a backup key, Finney puts complete control in your family's hands, ensuring total safety and autonomy.

Usage Scenarios:

* One Person, One Key: Equal rights & responsibilities for all family members.

* Majority Owner: Central control with familial support, ideal for families with a clear primary manager.

* Blind Co-Signer: Privacy with selective transaction visibility, perfect for maintaining discretion.

* Observer: View-only access for auditors.

Highlighted Features of Finney:

* Flexible Multi-Sig Options: Choose between 2-of-3 or 3-of-5 setups for enhanced security.

* Key Health Checks: Regular functionality checks ensure all keys remain operational and reliable.

* Device Support: Compatible with over 10 types of hardware keys, accommodating various user preferences and technical expertise.

* Privacy: Disappearing messages for secure intra-family communications.

Celebrate Hal Finney’s Legacy:

To honor https://twitter.com/halfin

's pioneering contributions to Bitcoin, we are excited to offer one year of free Finney subscription to 1,000 users—a total giveaway value of approximately $500,000! Dive into the future of Bitcoin self-custody with us.

Write & Win: Review Finney and Win a Honey Badger Wallet!

Share a detailed review of https://twitter.com/hashtag/Finney?src=hashtag_click, and you might qualify to win our flagship Honey Badger wallet service FREE for a year!

How to Participate in Giveaways:

* Like & Retweet this post.

* Follow us for updates.

* Publish your review or stay tuned: We’ll DM winners of both promotions!

Discover how Finney can enable financial sovereignty and honor a Bitcoin legend. Join us, secure your family’s future today!

Read our blog post for full details: https://nunchuk.io/blog/finney