In the early days of Bitcoin, back in 2011, a visionary group led by the British-Iranian anarchist developer Amir Taakia embarked on a journey to create a viable alternative to the famed Bitcoin Core. This alternative software, christened Libbitcoin, has since grown into an indispensable library, providing tools for essential functions like interfacing with the Bitcoin blockchain and crafting cryptographic keys.
Remarkably, this software found itself in the spotlight of Bitcoin educator Andreas Antonopoulos’s seminal book “Mastering Bitcoin.” Its reputation was solid, its importance unquestionable. However, recent events have shaken the once-presumed safety of Libbitcoin, raising concerns about its security.
The intricate tale began to unravel through an insightful report on milksad.info, detailing the revelations of Distrust, a security firm that, in collaboration with independent contributors, unearthed a vulnerability in July. It was a revelation that shook the cryptocurrency realm.
Evidently, in May, cunning hackers exploited an obscure flaw concealed within a range of wallets generated by Libbitcoin’s explorer known as BX. Dubbed “Milk Sad,” this vulnerability derived its name from the first two words of the compromised wallet-recovery seed phrase. Seizing the opportunity, hackers stealthily drained funds from unsuspecting users.
The most devastating of these heists transpired on July 12, culminating in the loss of 29.65 bitcoins valued at a staggering $870,000 at prevailing rates. The tally of pilfered assets across multiple blockchains stood at no less than $900,000, impacting around 2,600 Bitcoin wallets that fell prey to the vulnerability.
Surprisingly, hardware wallets such as Trezor and Ledger managed to evade this breach, but numerous wallets remain perilously exposed. The complete extent of the plundered funds remains uncertain, as highlighted in an August 8 tweet by Anton Livaja, a Distrust team member.
The root of this menace lies in the BX command named “bx seed.” This command utilizes the computer’s clock to produce a seed phrase for generating a wallet. The flaw, however, lies in the resultant phrase’s inadequate randomness. A malicious actor armed with a potent gaming PC could feasibly crack a user’s seed phrase through brute-force methods within a single day.
Regrettably, this issue extends beyond Bitcoin, impacting prominent blockchains including Ethereum, Zcash, Solana, and even the playful Dogecoin. Similar albeit distinct vulnerabilities were also identified in Cake Wallet and Trust Wallet, both renowned multi-chain wallet applications.
Delving into the technicalities, traditional seed phrases are produced using a generator with an expansive “key space,” offering a vast array of unique word combinations. This key space typically involves binary digits raised to the power of 128, 192, or 256, yielding billions of possibilities. However, BX’s seed generator disappointingly possesses a mere 32-bit key space, capable of generating a paltry 4.3 billion unique combinations.
Eric Voskuil, the lead developer behind BX, acknowledged the insecurity of the seed generator while vehemently asserting the absence of any software bug. In his defense, he highlighted a cautionary note in the application’s GitHub documentation, underscoring the misuse of the bx seed command.
While Voskuil attempted to attribute the issue to reckless wallet development, dissenting voices emerged from within the Bitcoin community. Cryptographers questioned this viewpoint, advocating for a more holistic assessment of the situation.
In essence, the saga of Libbitcoin’s vulnerability serves as a stark reminder that even within the sophisticated realm of cryptocurrencies, a single flaw can lead to substantial losses, unraveling the dreams of secure decentralized finance.
