IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [cryptocurrency]

A cryptocurrency is a digital currency that uses cryptographic methods to secure and verify transfer of given currency. Tag should be used when talking about the security of, and surrounding, the implementation and use of cryptocurrencies.

A cryptocurrency is a digital currency that uses cryptographic methods to secure and verify transfer of given currency. Tag should be used when talking about the security of, and surrounding, the implementation and use of cryptocurrencies.

For more help regarding the actual technology involved see the Cryptography SE

14 questions
3
votes
2 answers

How do companies manage & store cryptocurrency private keys?

For an individual, I see a some options for storing private keys, such as printing them on paper in a vault, using a hardware wallet, encrypting and storing on the machine, using AWS Secret Manager, and so on. However, I have a need to create a few…
kdeva
  • 31
  • 2
1
vote
1 answer

Is Binance API Key part of RSA key pair?

When we generate an API key in Binance there is a generated secret key too. I could not find any reference that those are RSA key pairs. They could be just random unrelated numbers. Is the Binance API Key the public key of RSA key pairs?
Ahmet Arslan
  • 849
  • 1
  • 5
  • 9
1
vote
1 answer

How seriously should we take this commentary from John McAfee? If it's serious, what do we do?

This question refers to this YouTube video of John McAfee Because videos can disappear, I've provided a screenshot and transcript (transcribed by me, so please forgive errors) What John is saying sounds pretty serious, but to what degree is it just…
Stewart
  • 343
  • 1
  • 3
  • 8
1
vote
0 answers

Copay cryptocurrency wallet attack: why did hackers rewrite module source file?

There was the notorious attack on the Copay cryptocurrency wallet in 2018. To recap it briefly, the JavaScript based wallet depended on a library, event-stream. Using social engineering, hackers gained ability to change this library and publish its…
Ilya Loskutov
  • 111
  • 1
1
vote
1 answer

How are hardware wallets and other hardware-based security devices audited?

One selling point of the Trezor crypto currency wallets is that they are, supposedly, "open source". It is not clear to me exactly what assurance this provides, since I do not know what relationship exists between the published open source code that…
kjo
  • 1,043
  • 2
  • 9
  • 15
1
vote
1 answer

Is there a downside to using a Ledger Nano S or X as both a crypto wallet and a 2FA key?

Newbie question, I guess. I want to get a cold wallet for increased security. I also want to start using hardware 2FA (e.g. for e-mail). I see that Ledger advertises 2FA capabilities ('FIDO U2F') on their Nano range. Is there a downside to e.g.…
legatrix
  • 113
  • 3
1
vote
0 answers

Securing BIP39 Phrases and Password Manager Master Password

I am looking for a review of the solution to store my Ledger Nano S BIP39 recovery phrase as well as my password manager usage. This solution is mostly based on this video. Few points that I think require explanation Emergency access process for…
Andrey
  • 111
  • 1
0
votes
1 answer

Is a one-time, paper wallet Bitcoin transaction anonymous if you never link personal info? Can one begin with anonymity/end with anonymity too?

Say I buy bitcoins from someone with cash (no bank, name, trace, etc.) and have them send it to a paper wallet/offline address. Yeah, there's a "trace" but to WHAT/WHO? It's bought with cash, etc. With this offline address I receive it and send it…
Ergo Not
  • 1
  • 1
0
votes
1 answer

How do centralized crypto exchanges store seed phrases and users' private keys?

Say I'm trying to develop a CEX, hence I will hold custody of users' keys. How would I go about doing that and ensuring safety and security? From what I know, I can generate the users' keys from a seed phrase and store the path used to generate the…
whitebat 199
  • 1
0
votes
0 answers

How crypto token in metamask wallet get stolen by hacker?

My crypto token which runs in BSC network has just been stolen few hours ago. I looked at the transaction history in my metamask wallet, nothing new in there. So it must be executed remotely. I do not think the hacker got my secret phrase. I never…
us2018
  • 101
0
votes
2 answers

Is not Electrum's Seed Word Autocomplete a Theoretical Security Risk?

As the image below shows, when you try to restore an existing wallet from a seed (a sequence of 12 words), the program offers some autocomplete suggestions. Though I'm sure the risk is purely theoretical – in the sense that the number of…
user218666
0
votes
0 answers

WordPress, a Security Risk for Bitcoin Application?

Asked this question on Bitcoin SE was told to post it here. I'm developing a custom Bitcoin service. Besides for the core application (which is written in PHP) I'm going to install a blog for updates and news. Although I would never try to tweak…
Design X
  • 1
0
votes
0 answers

Someone is Cryptomining from my Google Compute Engine Instance

I run an airflow instance which python process scheduler, which is used to trigger different python ML process which has no relation to crypto mining. This is the process which is running this dockerized process…
isht3
  • 1
  • 1
0
votes
2 answers

How secure is Libra considering Visa and Mastercard are behind it?

Libra is the upcoming cryptocurrency by Facebook which Facebook claims is supported by variety of tech companies including but not limited to Mastercard, Paypal and Visa. Facebook also enforces a real name policy, and at this stage we all know that…
Thesnake123
  • 89
  • 7