Build A Better Bitcoin Wallet: Security Researcher Calls For Developers To Use Safer ECDSA Operations
One of the biggest fears of Bitcoin users is that one day they will wake up and find their virtual currency wallet emptied, signaling that someone, somehow, has managed to uncover the user’s private key. A Bitcoin private key is a secret number that acts as a kind of identifying “ticket,” allowing coins from the corresponding wallet to be spent.
Since 2010, an estimated $500 million worth of Bitcoin has reportedly been stolen with approximately 6.6% percent of all Bitcoin in circulation being in the possession of someone who stole it. With statistics like this, it is natural for Bitcoin users to be concerned about the safety of their private key.
In a talk at HITB 2014 in Malaysia, security researcher and cryptographer, Filippo Valsdora explores how weak signatures lacking randomness values, if found in the Bitcoin blockchain, can be used to uncover the private keys of unsuspecting Bitcoin users. The talk highlighted not only how the glitch in signatures can and has been exploited, but also ways Bitcoin wallet providers can design their services to prevent ECDSA failures in the Bitcoin blockchain, reducing the chances of private key leaks. He also offered a list of Bitcoin wallets which have proven to be the safest, based on their use of safer deterministic ECDSA operations.