Tweet from @evoskuil:
"A secure PRNG is not secure without a truly random seed. Software cannot produce randomness, and hardware cannot be trusted to do so - unless maybe you build it yourself.
The true con is getting people to trust platform seeding. There is a reason people use dice rolls."
Documentation and code clearly stated devs should provide an external source of entropy. The wallet developers presumably did not read the documentation and implemented anyway.
I fail to see the issue.
u32larry
npub1d7h…0880
2024-04-20 04:45:50
in reply to nevent1q…22r9
Author Public Key
npub1d7hra747akvkya6n8qawuw9zyzkr2nzc3uf023jqmq6wh8maz8kq0y0880Published at
2024-04-20 04:45:50Event JSON
{
"id": "f927b3fcdd503eb12847a2cfae5255b6ba1b2df0996a0f26f7c3cb9bb8307265",
"pubkey": "6fae3efabeed99627753383aee38a220ac354c588f12f54640d834eb9f7d11ec",
"created_at": 1713581150,
"kind": 1,
"tags": [
[
"e",
"8d78a01a85501ea635c8c00ac3d6a944ee4966b4b2e606439a67be142e25856a",
"wss://relay.primal.net",
"root"
],
[
"e",
"24db4d55ba041dead875c151fba1521b3d50eec32b01cc0188a7e45a800610c0",
"wss://relay.primal.net",
"reply"
],
[
"p",
"84dee6e676e5bb67b4ad4e042cf70cbd8681155db535942fcc6a0533858a7240"
],
[
"p",
"6fae3efabeed99627753383aee38a220ac354c588f12f54640d834eb9f7d11ec"
],
[
"p",
"c3495ddc53079b931f8727e7f7428c93f1612266210c0adcfe092c7dea0f0a63"
]
],
"content": "Tweet from @evoskuil:\n\n\"A secure PRNG is not secure without a truly random seed. Software cannot produce randomness, and hardware cannot be trusted to do so - unless maybe you build it yourself.\n\nThe true con is getting people to trust platform seeding. There is a reason people use dice rolls.\"\n\nDocumentation and code clearly stated devs should provide an external source of entropy. The wallet developers presumably did not read the documentation and implemented anyway. \n\nI fail to see the issue. ",
"sig": "962a53b3e3048336156c9084a1b074dee6e5659427481619d2a99519c04c7b721752c1a6146212ac6bd19ec9d6ebf03891c99fdc6d649d74fb007cf8a0e8e540"
}