Bitaps 1 BTC Puzzle

Bitaps Shamir Secret Backup Scheme Bug Bounty

The New Bug Bounty program for Shamir Secret Backup Scheme starts at the international cybersecurity conference ZeroNights X, which will be held on 25 August 2021 in Saint Petersburg, Russia. You can submit your bug reports starting from June 10, at the conference we will reward participants who have found flaws and vulnerabilities in the implementation of this scheme. Also, if you can hack the scheme completely, then the main reward is already waiting for you at the bitcoin address.

To submit a bug report, open an issue on GitHub in a specific implementation in the PyBTC Python library or the JsBTC Javascript library.

Main reward

Zpub:
zpub6qdEDkv51FpxX6g1rpFGckmiL46vV8ccmtEgPAkj3qj8N4ZZHyXDRA9Rwp
TiFK2Kb8vRaDmSmwgX6rfB4t2K8Ktdq8ExQ6fumKpn2ndJCqL

 

Bug rewards

An additional 1 BTC will be paid for disclosing the attack method, which allowed to compromise the presented implementation of the secret sharing scheme.

0.1 BTC – Any bug in the implementation of the presented secret sharing scheme that can lead to loss of access and the inability to recover the original mnemonic phrase.

from 0.05 BTC – Any other significant implementation bug. The exact reward amount is determined after analyzing the significance of the bug.

Challenge

The 12-word original mnemonic code was split using the Shamir Secret Sharing scheme with 3 out of 5 threshold schemes were used. This means that any three shares are sufficient to restore the original mnemonic code. The goal is to break the Shamir Secret Sharing scheme or break the implementation of software for SSSS. We publish 2 of 3 shares needed to restore the original mnemonics.

Share 1:
Share 2:

 

In case of success  1 BTC will waiting for  at m/84’/0’/0’/0/0 path. We use this mnemonic tool to split code.

 

Help & Documentation

Details about used implementation of Shamir secret scheme you can find here:

 

Click/Scan QR

 

 

 

Exact software implementation you can find here:

 

Click/Scan QR

 

 

Click/Scan QR

 

 

 

Additional information

Few additional links for related vulnerability

 

Click/Scan QR

 

 

 

 

Click/Scan QR

 

 

HTC Exodus phone shamir scheme vulnerability:

 

 

Click/Scan QR

 

 

 

 

Click/Scan QR

 

 

Bug report 

 

 

Click/Scan QR

 

 

 

 

Click/Scan QR

Total
0
Shares
Comments 2
Leave a Reply

Your email address will not be published. Required fields are marked *

Prev
Bitcoin Black Lives Matter Puzzle

Bitcoin Black Lives Matter Puzzle

Next
Pywallet

Pywallet

Pywallet is the bitcoin wallet

You May Also Like