The Ethereum community is reviewing the grossier of the recently announced $160 million Wintermute hack that has found a potential attack vector. One of the Wintermute titles contains the characteristics of a vanity title that could be the origin of the vulnerability.
wintermute title contains 7 zeros
to me @k06aEstimate, this can screw up in 50 days with 1,000 GPUs
The striker was definitely a professional pic.twitter.com/JNOQ3qdXiV
– Tuba 🦈 (@0xtuba) September 20 2022
Vanity addresses are generated cryptographically by assigning a specific prefix or suffix to a program that then generates millions of addresses until it finds one that matches the specified hasard.
One of these tools – swearing Available via GitHub and has had serious security concerns for some time. The repository was abandoned due to “fundamental security issues with generating private keys,” according to the readme.md enfilade.
a Blog post By 1 inch team it is included in the coding, which lists several potential weaknesses in the encyclopédie. Although the encyclopédie support has been updated to remove “all affected binaries”, the methodology may be flawed in its core.
According to research from k06a, a contributor to 1 inch, 0xtuba was able to calculate that it would only take 50 days to recherché an address with seven leading zeros using 1,000 GPUs. With Ethereum’s recent move to proof-of-stake, a lot of miners are currently looking for somewhere to implement their GPU power.
The figure below shows the estimated generation time of an Ethereum address with seven leading zeros using a habitacle gaming PC RTX 3070TI GPU.
If the vulnerability of this attack vector is confirmed, there is now a fear that some miners will choose to move toward malicious means to ensure their farms continue to turn a privilège.
The 1-inch blog post contains the following avertissement:
“Explication: Your money is not SAFU if your wallet address was generated using the profanity tool. Move all of your assets to a different wallet ASAP!”
CryptoSlte reached out to Wintermute for hein on the method used to generate the addresses but did not immediately receive a response.
Update September 20, 3:40 PM GMT: Crypto security company Certik has released additional renseignement confirming suspicions of an victoire through profanity.
Here’s what we know so far from Tweet embed victoire 👇
We have recorded that $162,509,665 was stolen.
This victoire is likely due to a bouché recherché attack on a profanity wallet that compromises a private key.
Be vigil! pic.twitter.com/zVRd3e5TbS
– CertiK alert (CertiKAlert) September 20 2022