You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+9-5Lines changed: 9 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -55,14 +55,18 @@ Unfortunately, this isn't a silver bullet.
55
55
Often, Javascript itself is working against us by bypassing these counter-measures.
56
56
57
57
Problems in [`Buffer (UInt8Array)`](https://github.com/feross/buffer), for example, can trivially result in catastrophic fund loss without any warning.
58
-
It can do this through undermining your random number generation, accidentally producing a duplicate `k` value, sending Bitcoin to a malformed output script, or any of a million different ways.
58
+
It can do this through undermining your random number generation, [accidentally producing a duplicate `k` value](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L14), sending Bitcoin to a malformed output script, or any of a million different ways.
59
59
Running tests in your target environment is important and a recommended step to verify continuously.
60
60
61
-
Finally, **adhere to best practice**. We aren't an authorative source for best practice, but, at the very least:
61
+
Finally, **adhere to best practice**.
62
+
We are not an authorative source of best practice, but, at the very least:
62
63
63
-
* Don't re-use addresses. Privacy is important, but, .... TODO
64
-
* Don't share BIP32 extended public keys. They are a liability, and [as shown in our examples](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L68), it only takes 1 mistake until **catastrophic failure**.
* Don't share BIP32 extended public keys ('xpubs'). [They are a liability](https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/test/integration/crypto.js#L68), and it only takes 1 misplaced private key (or a buggy implementation!) and you are vulnerable to **catastrophic fund loss**.
66
+
*[Don't use `Math.random`](https://security.stackexchange.com/questions/181580/why-is-math-random-not-designed-to-be-cryptographically-secure) - in any way - don't.
67
+
* Enforce that users always verify (manually) a freshly-decoded human-readable version of their intended transaction before broadcast.
68
+
* Don't *ask* users to generate mnemonics, or 'brain wallets', humans are terrible random number generators.
69
+
* Lastly, if you can, use [Typescript](https://www.typescriptlang.org/) or similar.
0 commit comments