đź“… Original date posted:2018-01-17
đź“ť Original message:2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org>:
> After reviewing some bitcoin improvement proposals, I noticed that one of the words that can be found on the BIP39 English wordlist is “satoshi”.
> I suggest removing this word from the list so it’s less obvious that it’s a bitcoin seed when found by a malicious third party.
If a malicious third party discovers a word list that look like a
seed, they would try using it as Bitcoin seed first anyway, with or
without finding the word 'satoshi' in it. The security threat is that
a malicious third party may index what they found and test every
occurrence of 'satoshi' for a lead to a seed.
For example, a hard-disk recycling service would add this word to
their salvage tools. Any successfully hacked gmail account will be
'satoshi' tested too.
So I see this as a reasonable improvement:)
Weiwu Zhang [ARCHIVE] /
npub1sl…27640
2023-06-07 18:09:36
in reply to nevent1q…6j40
Author Public Key
npub1sllef58mzgkxawyn0x5ajw8ysyl9q5m449u3jy6r3ny5arxvecgqe27640Published at
2023-06-07 18:09:36Event JSON
{
"id": "b5bb7cabeb52f26e241d9eaab9dcbe03ce2ddbc93926928ebfd1a5a113b7dae0",
"pubkey": "87ff94d0fb122c6eb89379a9d938e4813e505375a9791913438cc94e8cccce10",
"created_at": 1686161376,
"kind": 1,
"tags": [
[
"e",
"af95054b4a9851c4be8011ad5ba948392ace95a3f2a3e739e6cb49fac5454419",
"",
"root"
],
[
"e",
"ec05bc83856b241794a0a575c5dd878d143db3e489ea3e8ea2aaac5675dcb376",
"",
"reply"
],
[
"p",
"ad88f962562a395abb4cf45039ba9fdbed788067a829391b19fb896b8bdb7009"
]
],
"content": "📅 Original date posted:2018-01-17\n📝 Original message:2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev\n\u003cbitcoin-dev at lists.linuxfoundation.org\u003e:\n\u003e After reviewing some bitcoin improvement proposals, I noticed that one of the words that can be found on the BIP39 English wordlist is “satoshi”.\n\u003e I suggest removing this word from the list so it’s less obvious that it’s a bitcoin seed when found by a malicious third party.\n\nIf a malicious third party discovers a word list that look like a\nseed, they would try using it as Bitcoin seed first anyway, with or\nwithout finding the word 'satoshi' in it. The security threat is that\na malicious third party may index what they found and test every\noccurrence of 'satoshi' for a lead to a seed.\n\nFor example, a hard-disk recycling service would add this word to\ntheir salvage tools. Any successfully hacked gmail account will be\n'satoshi' tested too.\n\nSo I see this as a reasonable improvement:)",
"sig": "de244babc607de9e1cc20c0eb419cc1a0139728d87104e4eecdc1839d0e531751edaa660db5f6a468fbf63184ecc492c4fad31205de95d255eee3f2de2972b43"
}