There are plenty of IOTA user claim that there balance in wallet was stolen, but didn’t gave develop or other user the information about there situation. This is a list for you to check that why your balance maybe gone, or it is just still there.
0x1 How do you generate your seed?
- Explain: You should *NEVER* used an online seed generator, even if the website claim the generate step is done in your browser, you won’t know if the website is hacked or not.
- Probability: You generate your seed online, then your seed may be hacked, we can not remove the possibility that if your seed is stolen or not.
- How to do correctly: Generate your seed offline. If you really need to generate your seed online, make sure you swap some of the characters in the seed.
Generate your seed on linux:
cat /dev/urandom |tr -dc A-Z9|head -c${1:-81}Generate your seed on Mac:
Open Terminal and type or paste the following then press enter:
cat /dev/urandom |LC_ALL=C tr -dc 'A-Z9' | fold -w 81 | head -n 1
0x2 Do you move your IOTA from the exchange and didn’t do any operation after that?
- Explain: In the history of IOTA tangle, it had done some *snapshot*, it will grouping several transfers to the same address into 1 record, which leads to a smaller storage requirement overall. For example:
L9SNHRCJOEPWVYJAJFEWFECM9ZK…..;5000000
OJVZTCXJJXZRLGOXSXLBGUM9HMV…..;6285624
KEXMVYRQENMDO9GXWXKAICBVF….;1347703800
EHGVFRWFUYVABR9CLEUMZVMAEK….;54000000
QOHVCRXDFJKNZXUXNVXGXBIISSYLN…..;11608748
SGTGFCHNHMYK9ZYEYCOSQGYONOXK….;394990000
It is a key-value pair separated by a semicolon, the key is the address, the value is the balance in the address.
Currently, all the snapshot is done by manual, but inside the roadmap, you can see the automated spanshotting.
- Probability: Your address have been snapshotted, means that it will not cover the transaction record, but the address still have your balance. As long as you didn’t reuse your address and your seed isn’t stolen by others, your IOTA is safe.
- How to recover: There is a 2 phase reclaim tools inside the GUI wallet 2.5.4. Please visit GUI Wallet: Phase Two of the Reclaim process to do it correctly.
0x3 Do you reuse your address?
- Explain: first of all, look at this picture and then I’ll explain:
First, let us know how IOTA prepare to send a transaction with value. The prepare is much same as blockchain tech such as BTC. We have the seed, thus we can generate multiple different addresses to receive balance from others. When we want to send a transaction with value, IOTA / BTC then will use the seed to re-generate the address, let say from 0 to 100, and iterate through these address to check if the total balance is enough to send out the transaction.
123456789101112131415161718seed = ‘YourSecretSeed’target_balance = 100total_balance = 0inputs = []send_unspend_to = None# Iterate through the address and get the total balancefor addr in iota.generate_addresses(0, 100, seed):if total_balance >= target_balance:breakif addr.balance:total_balance += addr.balanceinputs.append(addr)# Resend the unspend partif total_balance > target_balance:send_unspend_to = iota.generate_addresses(seed=seed)
After collecting enough address with its balance, IOTA will then do the PoW to sign up the whole transaction bundle. Each address that is used to spend will be signed up, AND this is the point.In technical, IOTA’s signature scheme is based on Winternitz One-Time Signatures (WOTS) with an important difference: IOTA operates on the hashes of messages instead of operating directly on messages as is done WOTS[1]. Please look at the upper picture, that means, after sign up the address, and broadcast to the tangle, it will be unsafe to reuse the address.
12345k = iota.crypto.signing.KeyGenerator(seed)for addr in inputs:priv_key = k.get_key_for(addr)priv_key.sign_input_transactions(bundle, addr.index)I’m not a crypto expert, so I can’t give you the minimal example that how WOTS will break if you reuse it. But you can take a look at Winternitz One-Time Signatures (WOTS), this post describes the WOTS.
So, please do not reuse your address after it is spend.
- Probability: You check that you generate your seed offline, you didn’t get the IOTA before snapshot, but you do reuse your address to receive, spend. Please take a look iotasear.ch to check the history of your address.
- How to do now: You learn the lesson, do not reuse your address. And a high probability that you can take back the balance.
0x4 For the most security, what can I do?
- Rule 1: Do not generate your seed online, never.
- Rule 2: Do not reuse the address to receive after it has been spent.
- Rule 3: Setup your own full-node, and let your light-wallet connect to it.
- Most of the full-node API in your GUI light wallet is http, which mean the data transfer is very easy for others to get the content. TBH, this is a bad at IRI and IOTA. You may accidentally send out your seed by a wrong copy paste to the address field, and through http, this will increase your risk.
- Setup your own full-node can somehow protect this, because your data transfer is inside your network, it is not that easy for others to capture your content.
Reference
If you are interested in how IOTA signature works, and the problem of old Curl (Abandon for the transaction, now use KECCAK hash function (also known as SHA-3)), please take a look at [1], a very important research on IOTA tech. And for the behavior of the implementation, please take a look at [2] and [3].
Leave a Reply