Weiwu Zhang [ARCHIVE] on Nostr: đź“… Original date posted:2018-01-17 đź“ť Original message:2018-01-09 19:20 GMT+08:00 ...
đź“… Original date posted:2018-01-17
đź“ť Original message:2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org>:
> After reviewing some bitcoin improvement proposals, I noticed that one of the words that can be found on the BIP39 English wordlist is “satoshi”.
> I suggest removing this word from the list so it’s less obvious that it’s a bitcoin seed when found by a malicious third party.
If a malicious third party discovers a word list that look like a
seed, they would try using it as Bitcoin seed first anyway, with or
without finding the word 'satoshi' in it. The security threat is that
a malicious third party may index what they found and test every
occurrence of 'satoshi' for a lead to a seed.
For example, a hard-disk recycling service would add this word to
their salvage tools. Any successfully hacked gmail account will be
'satoshi' tested too.
So I see this as a reasonable improvement:)
đź“ť Original message:2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org>:
> After reviewing some bitcoin improvement proposals, I noticed that one of the words that can be found on the BIP39 English wordlist is “satoshi”.
> I suggest removing this word from the list so it’s less obvious that it’s a bitcoin seed when found by a malicious third party.
If a malicious third party discovers a word list that look like a
seed, they would try using it as Bitcoin seed first anyway, with or
without finding the word 'satoshi' in it. The security threat is that
a malicious third party may index what they found and test every
occurrence of 'satoshi' for a lead to a seed.
For example, a hard-disk recycling service would add this word to
their salvage tools. Any successfully hacked gmail account will be
'satoshi' tested too.
So I see this as a reasonable improvement:)