Hacker News new | past | comments | ask | show | jobs | submit login

Bitcoin Core now uses deterministic wallets by default for new users (like most other Bitcoin software), so all keys are generated from the initial seed in the wallet and a single backup is enough to cover them for all time.



Does this mean if your wallet (or backup) is stolen the hacker will be able to deterministically guess your keys for all time?


Yes.


Jesus, really? That’s awful. Are there no ways to mitigate or fix this?


You could not use a deterministic wallet instead.

But by default, non-deterministic wallets have the next 100 addresses pre-generated. That's a lot for people not making a lot of bitcoin transactions. The "protection" that non-deterministic wallets give in case you're hacked is probably no use to most people.

If you ever notice funds from your wallet are stolen, even if you were using a non-deterministic wallet, your thought should be to reinstall your OS and move any remaining funds to a fresh new wallet. Not to keep using that wallet while the attacker keeps grabbing from it and telling yourself the problem will go away 100ish transactions later.

I guess there's attack vectors where an attacker gets hold of an ancient backup of yours that a non-deterministic wallet could have helped. If you think that type of attack is likely against you, you should just manually swap out to a new wallet (synced up to your backup schedule) instead of depending on the non-deterministic wallet's keypool being depleted occasionally.


So... basically no, there isn’t. Yikes.


The case that non-deterministic wallets actually protect anyone is slim (attacker only has access to ancient backups of the victim), and outweighed by the risk to the user that their backups will silently become out of date as their wallet's original keypool is depleted. I think everyone should forget about non-deterministic wallets. They're a historical quirk with few parallels to other systems.

I find your presumption that a Bitcoin wallet's balance should be immune to an attacker who gets a copy of it to be surprising and unfair. It's the same situation with any cryptographic keys: if an attacker steals your PGP keys, then they can use them to decrypt data or sign data for all time. If you want to protect against the situation of an attacker getting your old data, then it's up to you to rotate your keys (/wallet) and update your backups.


Proper key management is a hard problem. This is a fact that the cryptocurrency scene has been relearning for years now.


If your wallet is stolen, you create a new wallet.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: