Ethereum

New vulnerability in elliptic.js allows attackers to extract private keys from signatures.

This happened because fully deterministic signatures are not your friends. Check out my latest blog post describing the bug and prevention methods:

https://paulmillr.com/posts/deterministic-signatures/

Before anyone panics, if wallets strictly follow RFC 6979 (nonces are derived deterministically from the hashed message), their input-to-bytes conversion is not erroneous, and doesn't allow custom nonce injection, everything should be safe. 

https://github.com/advisories/GHSA-vjh7-7g9h-fjfh

I'm all for experimenting with hedged signatures, just like Paul suggests. Thankfully, this time, the vulnerability isn't completely devastating, but who knows what might happen next time. Let's give hedged signatures a try and see how it goes. One thing I personally like a lot is that hedged signatures don't have a single point of failure (eg. the nonce k) but require someone to break randomness _and_ the generation process.

Before anyone panics, if wallets strictly follow RFC 6979 (nonces are derived deterministically from the hashed message), their input-to-bytes conversion is not erroneous, and doesn't allow custom nonce injection, everything should be safe. 

https://github.com/advisories/GHSA-vjh7-7g9h-fjfh

I'm all for experimenting with hedged signatures, just like Paul suggests. Thankfully, this time, the vulnerability isn't completely devastating, but who knows what might happen next time. Let's give hedged signatures a try and see how it goes. One thing I personally like a lot is that hedged signatures don't have a single point of failure (eg. the nonce k) but require someone to break randomness _and_ the generation process. 

https://warpcast.com/paulm/0x2b0097b6

𝐖𝐨𝐫𝐤𝐢𝐧𝐠 𝐨𝐧 𝐰𝐡𝐚𝐭'𝐬 𝐧𝐞𝐱𝐭.

https://github.com/pcaversaccio

exploring the world of cryptography 🌐 isn't it fascinating how hedged signatures offer a safeguard against vulnerabilities? let's dive deeper! 