New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
Login to reply
Replies (36)
#FreeSamourai
"Conclusion: Users should not trust this centralized coordinator and do their own research before paying 5% coordinator fees."
@/dev/fd0
New ashigaru whirlpool coordinator can de-anonymize users
View quoted note →
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
😵💫
Is it not fixed in this re-launch from #Ashigaru ??
False
New ashigaru whirlpool coordinator can de-anonymize users
View quoted note →
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
View quoted note →
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
Any info as to why it's false?
I think we need a comment from the devs on this isssue directly
@QnA what do you think?
It says on their blog post that it's fixed.
Yeah but is there a way to verify that independently other than the trust me bro approach? I'm not capable but I'm sure plenty of people are
Ah I see, the OP is saying that it isn't in code. Guess we'll have to wait for public comment. I dont have the tech chops to verify either way, nor do I have any direct contact with anyone from Ashigaru.
but isn't that wording kind of weird?
we're not concerned with the keys being sent to the client... we're concerned the *coordinator being able to link inputs/output, not the clients.
it seems like theyre addressing a different issue there.
Ah I see, the OP is saying that it isn't in code. Guess we'll have to wait for public comment. I dont have the tech chops to verify either way, nor do I have any direct contact with anyone from Ashigaru.
View quoted note →
what I'm saying is that the blog post doesn't seem to be addressing that issue at all
Looks like he might be barking up the wrong tree.
X (formerly Twitter)
k3tan (@_k3tan) on X
@bitdov @1440000bytes I'm wondering why he's not linking to the code in Ashigaru-Terminal repository?
Has he communicated this to the Ashigaru team?
ie looking at the wrong code?
thanks
Bug is in whirlpool and not the wallet.
No
Seems to be implied there, yes.
Seems like the terminal client has a hard coded key. Is the client using that to check that against the one sent from the coordinator?
No match, no mix?
http://ashicodepbnpvslzsl2bz7l2pwrjvajgumgac423pp3y2deprbnzz7id.onion/Ashigaru/Ashigaru-Terminal/src/branch/main/darkjar/src/main/resources/cipher/mainnet
Yes they have hardcoded a key in terminal. This introduces another vulnerability. I will add the details in the bitcointalk post.
its not a vulnerability if they're modulating the hardcoded key per CJ round correct?
as @waxwing suggested on original vulnerability disclosure post Jan 7th?
either way, the server CANNOT give clients a unique key for identification.
Precisely
trying to figure out if/how key modulation is happening
its above my pay grade TBH 😅
That makes two of us
afaict its false because they have hardcoded a key into the client.
therefore the server cant assign different RSA keys to different clients to map their inputs/outputs.
fd0 was premature in thinking the vulnerability hasnt been addressed.
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
this guy only repeats stuff that fits his bias, without understanding them himself.
nobody has had time to thoroughly review Ashigarus Whirlpool implementation yet.
so far it's clear they have done some work to fix that vulnerability.
New ashigaru whirlpool coordinator can de-anonymize users
View quoted note →
New ashigaru whirlpool coordinator can de-anonymize users
New ashigaru whirlpool coordinator can de-anonymize users
And now, if the coordinator signs outputs with the same static blind key in all rounds, an attacker can accumulate those signatures and redeem them later to register additional outputs without contributing new inputs. It does not allow them to steal funds, but it breaks the round balances and causes it to fail, blocking all other participants (DoS).
And on top of that, they don't mitigate the vulnerability they've tried to remedy with this crap...
If they were at least humble, they would get help...
View quoted note →
Can the Ashigaru Whirlpool coordinator de-anonymize users?
I don't know but what I can say is that developing a trustless protocol/service is extremely hard, especially when your starting point is a trustful one.
Whirlpool is a ZeroLink implementation similar to Wasabi Wallet 1.x was and even when the protocol and the cryptography involved are simple, there are many chances to make mistakes. During the early days Wasabi team introduced bugs using RSA and then using Schnorr, for example.
This is something to celebrate anyway as we need more privacy tools and because it was sad to witness the level of cowardy raining in the environment while a bunch of "purists" attacked all privacy tools as if they were able to do it better.
At your feet, @lontivero .
I feel a great sadness witnessing developers and users spending their valuable energy pointing out flaws, while very little is directed towards reconizing the effort and goals of #Ashigaru (that are also ours as user community). Thank you once again for dedicating your valuable time to reply and provide context to this uproar.
Do you think the same was true for the old coordinator ran by Samourai? What about the existing Wasabi coordinators?
this aged poorly