I wanted to find out how hard it is to manipulate the @SeedSigner
. It was easy as expected. Never give it out of hand! Simple swap to a manipulated sd-card and it logs your seed to it. Later the attacker can collect the sd-card and get your seed words.
Total lines added to the code are six.
Needless to say, it writes the seed also to sd-card if you scan your backup seed.
https://void.cat/d/PueU99b53Bd6ccoZ3AAQ2p.MOV
https://void.cat/d/D5bMpBoUBK6KyFUXqHLMet.MOV
emzy / Emzy
npub1ft…dv5jq
2023-03-06 14:34:41
Author Public Key
npub1ftd5lukuw2alrak6r87ppyqg5fgp8jpheacjq95h97kszkce2yls5dv5jqPublished at
2023-03-06 14:34:41Event JSON
{
"id": "67a09a6dba6c9f799adae12f4e93b5cb54e6c883e385626ca9440382a8bb1862",
"pubkey": "4adb4ff2dc72bbf1f6da19fc109008a25013c837cf712016972fad015b19513f",
"created_at": 1678113281,
"kind": 1,
"tags": [],
"content": "I wanted to find out how hard it is to manipulate the @SeedSigner\n. It was easy as expected. Never give it out of hand! Simple swap to a manipulated sd-card and it logs your seed to it. Later the attacker can collect the sd-card and get your seed words.\n\nTotal lines added to the code are six.\n\nNeedless to say, it writes the seed also to sd-card if you scan your backup seed.\n\nhttps://void.cat/d/PueU99b53Bd6ccoZ3AAQ2p.MOV\nhttps://void.cat/d/D5bMpBoUBK6KyFUXqHLMet.MOV",
"sig": "ef1a0a65639bf87349bb32b3ff2cae6ce0f221a5f327537d00a22c73a8bbca70844a0599df632425fa0fa0800db011e67610531ac23b066d5d6f1fd97d40dbdc"
}