vuke 0.9.0

Research tool for studying vulnerable Bitcoin key generation practices
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

//! MultiBit HD transform - reproduces the seed-as-entropy bug.

use super::{Input, Key, Transform};
use crate::multibit::{truncate_mnemonic, MultibitBugDeriver};

/// Transform that reproduces MultiBit HD Beta 7 seed-as-entropy bug.
///
/// Takes a BIP39 mnemonic (space-separated words) and derives keys
/// at path m/0'/0/i using the buggy derivation method.
pub struct MultibitTransform {
    derivation_count: u32,
    passphrase: String,
}

impl MultibitTransform {
    pub fn new() -> Self {
        Self {
            derivation_count: 20,
            passphrase: String::new(),
        }
    }

    pub fn with_derivation_count(mut self, count: u32) -> Self {
        self.derivation_count = count;
        self
    }

    pub fn with_passphrase(mut self, passphrase: String) -> Self {
        self.passphrase = passphrase;
        self
    }
}

impl Default for MultibitTransform {
    fn default() -> Self {
        Self::new()
    }
}

impl Transform for MultibitTransform {
    fn name(&self) -> &'static str {
        "multibit"
    }

    fn apply_batch(&self, inputs: &[Input], output: &mut Vec<(String, Key)>) {
        for input in inputs {
            let mnemonic = &input.string_val;

            match MultibitBugDeriver::from_mnemonic(mnemonic, &self.passphrase) {
                Ok(deriver) => {
                    for i in 0..self.derivation_count {
                        if let Ok(key) = deriver.derive_key(i) {
                            let source = format!("{}[m/0'/0/{}]", truncate_mnemonic(mnemonic), i);
                            output.push((source, key));
                        }
                    }
                }
                Err(_) => continue,
            }
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::multibit::truncate_mnemonic;

    #[test]
    fn test_multibit_transform_basic() {
        let transform = MultibitTransform::new().with_derivation_count(1);
        let input = Input::from_string(
            "skin join dog sponsor camera puppy ritual diagram arrow poverty boy elbow".to_string(),
        );

        let mut output = Vec::new();
        transform.apply_batch(&[input], &mut output);

        assert_eq!(output.len(), 1);
        assert!(output[0].0.contains("m/0'/0/0"));
    }

    #[test]
    fn test_multibit_transform_multiple_keys() {
        let transform = MultibitTransform::new().with_derivation_count(5);
        let input = Input::from_string(
            "skin join dog sponsor camera puppy ritual diagram arrow poverty boy elbow".to_string(),
        );

        let mut output = Vec::new();
        transform.apply_batch(&[input], &mut output);

        assert_eq!(output.len(), 5);
    }

    #[test]
    fn test_multibit_transform_invalid_mnemonic() {
        let transform = MultibitTransform::new();
        let input = Input::from_string("not a valid mnemonic".to_string());

        let mut output = Vec::new();
        transform.apply_batch(&[input], &mut output);

        assert!(output.is_empty());
    }

    #[test]
    fn test_truncate_mnemonic() {
        let short = "one two three";
        assert_eq!(truncate_mnemonic(short), "one two three");

        let long = "one two three four five six seven eight nine ten eleven twelve";
        assert_eq!(truncate_mnemonic(long), "one two...eleven twelve");
    }
}