Background:
Bitcoin is an alien battlefield. [0]
Threat assessment:
An unknown entity at blockchain.com records transactions sent to their transaction publishing tool, and checks to see if transactions sent from the same address are signed with the same random entropy value. If they are, the private key can then be extracted. Any bitcoin accessible from the private key is immediately transferred to the entity's own addresses. The entity may be located in either the frontend client (e.g. poisoned javascript dependency) or the backend system (e.g. rogue employee).
Link to transaction publishing tool:
www.blockchain.com/btc/pushtx
More detail:
Friend:
I just heard that [NameDeleted] lost some bitcoin.
StJohn Piano:
yes, he did
he skimped on rolling dice.
sent 2 transactions that were signed using the same entropy value (never do this)
Apparently the first one was incorrectly formatted, and rejected by the broadcast tool, and he then constructed the second one right away, without generating new entropy.
he would have gotten away with it
but it looks like someone, somehow, was able to intercept both transactions, and extract the private key because of the same-entropy-value-reuse.
Friend:
Oh my
StJohn Piano:
could have been an attacker at any level of the codebase in blockchain.com
Friend:
Has he got the rest protected
StJohn Piano:
could even have been an employee
yes
Friend:
He's said he's gonna write up
StJohn Piano:
ah, good for him
painful lesson
but this battlefield is very unforgiving
bears some resemblance to the Old Testament God.
Lots of judgement, smiting, pain. Not big on forgiveness.
I just heard that [NameDeleted] lost some bitcoin.
StJohn Piano:
yes, he did
he skimped on rolling dice.
sent 2 transactions that were signed using the same entropy value (never do this)
Apparently the first one was incorrectly formatted, and rejected by the broadcast tool, and he then constructed the second one right away, without generating new entropy.
he would have gotten away with it
but it looks like someone, somehow, was able to intercept both transactions, and extract the private key because of the same-entropy-value-reuse.
Friend:
Oh my
StJohn Piano:
could have been an attacker at any level of the codebase in blockchain.com
Friend:
Has he got the rest protected
StJohn Piano:
could even have been an employee
yes
Friend:
He's said he's gonna write up
StJohn Piano:
ah, good for him
painful lesson
but this battlefield is very unforgiving
bears some resemblance to the Old Testament God.
Lots of judgement, smiting, pain. Not big on forgiveness.
[start of footnotes]
[0]
I got this phrasing from Jameson Lopp.
[return to main text]
[end of footnotes]