minimalist-ripple-client [Security] ripple-lib used by the client is vulnerable to ECDSA attacks

[Security] ripple-lib used by the client is vulnerable to ECDSA attacks

Open LouSparfell opened this issue 5 years ago • 0 comments

Signing software contained in ripple-lib packages published by Ripple before August 2015 use insufficiently random “nonces” and are vulnerable to "ECDSA attacks".

https://ripple.com/dev-blog/statement-on-the-biased-nonce-sense-paper/

Is it possible to upgrade the ripple-lib ?

Jan 19 '19 15:01 LouSparfell

minimalist-ripple-client minimalist-ripple-client copied to clipboard

[Security] ripple-lib used by the client is vulnerable to ECDSA attacks

minimalist-ripple-client
minimalist-ripple-client copied to clipboard