Home Researcher finds vulnerabilities in popular paper wallet site
Crypto News

Researcher finds vulnerabilities in popular paper wallet site

  • The analysis revolves around WalletGenerator’s original open-source code.
  • The researcher advised removing funds from WalletGenerator-based paper wallets.

Harry Denley, a security researcher from MyCrypto.com, has recently posted a brief analysis of popular paper wallet site “WalletGenerator.net.” The core of the analysis revolves around WalletGenerator’s original open-source code. The online code matched the open-source code and it generated wallets using a client-side technique that took in real random entropy and produced a unique wallet until August 17, 2018.  

As per Denley:

“Approaching from a different angle, we then used the “Bulk Wallet” generator to generate 1,000 keys. In the non-malicious, GitHub version, we are given 1,000 unique keys, as expected.

However, using WalletGenerator.net at various times between May 18, 2019″Š-May 23, 2019, we would only get 120 unique keys per session. Refreshing our browser, switching VPN locations, or having a different party perform the same test would result in a different set of 120 keys being generated.”

Denley highly recommends moving funds off of your WalletGenerator-based paper wallets:

“We’re still considering this highly suspect and still recommending users who generated public/private keypairs after August 17, 2018, to move their funds. We do not recommend using WalletGenerator.net moving forward, even if the code at this very moment is not vulnerable.”

FX Street

FX Street

FXStreet is the leading independent portal dedicated to the Foreign Exchange (Forex) market. It was launched in 2000 and the portal has always been proud of their unyielding commitment to provide objective and unbiased information, to enable their users to take better and more confident decisions.