Ethereum Vanity Address Tool Exposes User Funds
In today's edition of YIYL (You Invest, You Lose), we take a look at the mother asshole from which all shitcoins are birthed, the land of ultra-sound money Ethereum. A network where what's cool is more important than what is secure and when you see stories like this, you can only shake your head in secondhand embarrassment.
I feel like Eth is the place where all ideas are tried and pushed live and no one stops to think if its a good idea or not it's all just about adding more features and not considering the possible trade-offs of those features.
When you have a look at how long it takes to even propose a change to bitcoin, or create something on top of bitcoin, it gives you enough time to battle test an idea before pushing it live.
Sadly with ETH, it's not the case and it only creates and an endless list of cockups.
Eth heads don't like privacy
In bitcoin, we focus on not re-using addresses, to protect your privacy, we have coin control to ensure you can manage your addresses so you could have one wallet but keep all your other balances private but in ETH you have morons who think having an address with butthole.eth is a cool idea.
So vanity addresses while privacy doxing are now a thing, you'll see it online all the time people with .eth, .crypto, .nft and you can immediately see they are all a few hashes short of a brain.
Victims of vanity
While vanity addresses are privacy doxing even more than your standard static ETH address it's not the only issue. Recently the 1inch Network disclosed a vulnerability that some of their contributors had found in Profanity, a tool used to create "vanity" wallet addresses by Ethereum users.
Although most wallet addresses are fairly random-looking, some people use vanity address generators to land on a wallet address like 0xdeadbeef52aa79d383fd61266eaa68609b39038e those using services like ENS, unstoppable domains and Profanity, or some other address issuer can adjust it by adding a routing path ontop of to something the user thinks looks cool.
So while the underlying string address remains, you have an alias that is human readable that would route the payment or communications to that wallet.
Reverse into your purse
Profanity Launched in 2017, is a tool that allows Ethereum users to generate “vanity addresses,” as it became all the rage amount ETH heads.
While ENS and Unstoppable domains use an NFT structure and smart contract to create vanity addresses, the Profanity tool-generated addresses are different, researchers discovered that it was fairly easy to reverse the brute force method used to find the keys, allowing hackers to discover the private key for a wallet created with this method.
Attackers have already been exploiting the vulnerability, with one emptying $3.3 million from various vanity addresses. 1inch wrote in their blog post that
"It’s not a simple task, but at this point it looks like tens of millions of dollars in cryptocurrency could be stolen, if not hundreds of millions."
The report goes on to state:
"Your money is NOT SAFU if your wallet address was generated with the Profanity tool. Transfer all of your assets to a different wallet ASAP," 1inch wrote.
The maintainer of the Profanity tool removed the code from GitHub as a result of the vulnerability. Someone had raised a concern about the potential for such an exploit in January, but it had gone unaddressed as the tool was not being actively maintained.
Rug pull finder zachxbt also did some deep diving into wallets using profanity and how they've been drained.
https://twitter.com/zachxbt/status/1570927217840132097
ETH is always good for a laugh
When I read these stories, considering the fact that people claim ETH will be the future of the space and it will flip bitcoin and make it btc a forgotten boomer coin and network part of me rolls my eyes so hard.
Ethereum reminds me of a bunch of kids who place their parent's money into a circle made of rocks and place incantations on this circle of rocks and dares anyone to go and take it. And when someone walks over the rocks, picks up the money, and walks away, they act surprised.
Sources:
Have your say
What do you good people of HIVE think?
So have at it my Jessies! If you don't have something to comment, "I am a Jessie."
Let's connect
If you liked this post, sprinkle it with an upvote or esteem and if you don't already, consider following me @chekohler and subscribe to my fanbase
| Earn Free bitcoin & shop | Earn Free Bitcoin & shop | Claim Free Bitcoin & Shop |
|---|---|---|
 |  |  |
Posted Using LeoFinance Beta
I agree, how can ETH be safe when there is an unlimited max supply, and when it has become so centralized after the Merge?
Posted Using LeoFinance Beta
Eth was centralised the way before the merge wit its 70% premine and bloated blockchain that doesn't allow you run a full archival node, what s the point of it?
Hey there! Remember to use the tag 'ethereum' so your post populates the ethereum community page! This is important especially because your posts are very, very good and entertaining :D
Great post and congrats on getting a decentralized curation vote this past week, keep this kind of posts coming!
We invite you to check out the latest initiatives by @leogrowth:
Posted Using LeoFinance Beta