A critical vulnerability within the Libbitcoin Explorer (bx) 3.x library has exposed over 120,000 Bitcoin (BTC) wallets worldwide to potential compromise, making their funds susceptible to brute force attacks. This long-standing flaw, first identified in November 2023 and dubbed the "Milk Sad Case," poses a significant risk to non-custodial wallets generated between 2017 and 2023.
The Core of the Vulnerability
The root cause of this widespread vulnerability lies in the weak random number generation (RNG) used by specific versions of the Libbitcoin Explorer (bx) 3.x library. Instead of a robust cryptographic solution, the library employed the Mersenne Twister-32 algorithm, seeded solely by the system's time. This method created a highly limited seed space of only 2³² possible values. Such a small seed space drastically simplifies the process for malicious actors, who can use a high-performance personal computer to enumerate all possible seeds within days. This allows them to predict private keys generated at arbitrary time points, enabling large-scale theft from affected wallets, including those created directly with Libbitcoin Explorer (bx) 3.x and certain versions of Trust Wallet.
Essential Steps to Secure Your Funds
To safeguard assets from this exploit, users of non-custodial Bitcoin wallets created with the vulnerable tooling must take immediate action. The primary recommendation is to transfer all funds from potentially compromised addresses to new storages that utilize Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) technology. Additionally, generating new seed phrases, particularly those adhering to BIP 39 rules, can significantly enhance wallet security. It is also crucial to audit any existing paper or hardware wallets for potential exposure to this vulnerability. For software wallet users, consistently updating to the latest versions of both the wallet application and the operating system is vital to ensure maximum protection.
