You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -65,7 +65,7 @@ We are not an authorative source of best practice, but, at the very least:
65
65
* Don't share BIP32 extended public keys ('xpubs'). [They are a liability](https://bitcoin.stackexchange.com/questions/56916/derivation-of-parent-private-key-from-non-hardened-child), and it only takes 1 misplaced private key (or a buggy implementation!) and you are vulnerable to **catastrophic fund loss**.
66
66
*[Don't use `Math.random`](https://security.stackexchange.com/questions/181580/why-is-math-random-not-designed-to-be-cryptographically-secure) - in any way - don't.
67
67
* Enforce that users always verify (manually) a freshly-decoded human-readable version of their intended transaction before broadcast.
68
-
* Don't *ask* users to generate mnemonics, or 'brain wallets', humans are terrible random number generators.
68
+
*[Don't *ask* users to generate mnemonics](https://en.bitcoin.it/wiki/Brainwallet#cite_note-1), or 'brain wallets', humans are terrible random number generators.
69
69
* Lastly, if you can, use [Typescript](https://www.typescriptlang.org/) or similar.
0 commit comments