Default wallet should be random #8
Comments
|
thanks for your story. i feel sorry for you. the non-randomness was actually on pupose from my side as it allows to easily verify if you get the same address every time. i'll ask around and depending on the outcome update either the codebase as suggested - or - add a more explicit warning to the readme. i'm also in the process to switch to a more recent repository [1] for the same functionality. please check it out if you're interested. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi. Sad story short. In the beginning of this year (2021) I was new in crypto world. I've found this repository to create my first ethereum wallet in offline mode. I use MacOS. I've run command
I already do not remember all details but somehow it gave me the wallet file. Then I mined there for 3 months with one low-end GPU on 2miners (0.1 eth) and later on ethermine (0.01 eth) pools. Then I changed my wallet on new one (because I've bought couple mid-range new GPUs) and haven't used this wallet for a while. Today I remembered that I have some Ethereum money/coins and wanted to send it to my second wallet and here I've found out the saddest thing ... the wallet that was generated is wallet as the wallet on main page (readme) - my password wasn't used but default one as on screenshot. And someone has generated the same wallet/password/privatekey and used it to transfer my ethereum to another wallet, it can be seen on etherscan (https://etherscan.io/address/0x47f71c6ee2e7d538c7554ec650bd7e536dc9057b).
This is my fault for sure. To prevent this for happening seems there should be added some randomness when password is not provided or empty, or something unexpected has happened.
This is not my main account, just didn't want that my colleagues see how stupid I was )
Thank you.
The text was updated successfully, but these errors were encountered: