Uh oh, I leaked my seed phrase! Crack a weak passphrase and steal my Monero! [Challenge]


One week ago, someone posted a challenge on this sub, which was solved surprisingly (or not-so-surprisingly, after reading the explanation) fast, as detailed in this post. The puzzler offered a reward for cracking a dogecoin seed, and offered some hints to it. The solver was able to brute-force it in just a few seconds.

Something about the way in which it was achieved made me wonder if the experience would be similar for the dark side of crypto: Monero. I had some disagreements in the comments and ultimately promised to make my own challenge post, for a Monero reward, in one week from that day. Here is that comment – and it has now been one week.

To lay out the challenge, I will sketch out a plausible scenario.

You’ve just been to my house for a meal, where I enthusiastically told you about recently discovering crypto and even buying myself a Ledger hardware device to secure it. I explained that it was delivered a week ago, after which I immediately set it up. Since then, I explain, I’ve stored some, specifically, Monero with it because I’d heard that “privacy is important for security”.

At some point, I had excused myself for a minute and your eye happened to catch a piece of paper sitting on my working-from-home desk. You couldn’t resist a peak, and had seen that it was my paper backup! You had hurriedly taken a photo with your phone and gone back to sit down before I noticed. Now, back at home, you look at your phone and see this written on the paper:

Ledger backup seed:

minimum nature junk elegant uncle speak suggest dream below actor thing abuse oak fall immense ticket alien market wrist dinosaur hammer unique bicycle drum

Passphrase hint: four small caps letters

Date: July 15th, 2022

Unfortunately, I had been vague about exactly when I sent the funds to the hardware storage. Was it today, or the day I set up the wallet, or somewhere in between?… You want to steal the funds, but you dare not ask me any questions, for fear that you would thereby implicate yourself.

So, the technicals, just for clarity: I had generated a random fresh BIP39 seed and used a randomly generated offset passphrase for additional security. Thank goodness for that, since I was so careless with my paper backup! However, I set the parameters to a laughably insecure level: four characters, a-z (e.g. ‘abcd’). I.e., the number of possibilities are thus 26x26x26x26 = 456 976, which is almost the same number of brute-force attempts that were necessary to crack the dogecoin wallet. I performed a blind draw to select a random day to deposit the bounty to the wallet (somewhere between wallet creation date and today).

The bounty is a modest 0.1 XMR plus the sweet taste of victory. I even left enough extra to pay for the transaction fee, so you can extract a clean 0.1 XMR (I’m a gentleman like that). I will reveal the passphrase after 72 hours (which I may extend if there is continued interest). This will retrospectively prove the amount and date of the deposit, to anyone who wishes to restore the wallet.

It is my belief that this will be more difficult than it may at first seem, because “privacy is important for security”. If I’m wrong, it’s an easy win.

Good luck!

submitted by /u/dsmlegend
[link] [comments]

Generated by Feedzy