Deep dive: How solid is the randomness in Bitgem’s new wallet generator?

[Vetaliy]

Just took a look at Bitgem’s new wallet generator and I’m side-eyeing their entropy source. Has anyone actually audited the RNG or are we just trusting them blindly? Feels like we need to crack this open and verify if it’s truly random before trusting it with real funds.

 

[pispis]

I've been following Bitgem's dev thread and they claim to be using a hardware entropy source, which is a major plus for randomness. However, I'm still a bit skeptical about their implementation, anyone else dug into the code to see how it's being utilized?

 

[дарья 080690]

Not sure what to make of this since I haven't had chance to thoroughly test it yet, but I did notice that they use a combination of the Fortuna PRNG algorithm and a cryptographically secure hash function. It sounds like they've definitely done their due diligence in terms of randomness generation.

 

[romi4]

Honestly, I wouldn't trust it until a third party audits the entropy source. Client-side generation can be super tricky, so better safe than sorry with your stack.

 

[lesj]

Solid analysis, but I’m still skeptical until we see a third-party audit. The math might check out, but implementation bugs are where people usually get rekt.

 

[*ictor]

Solid breakdown, OP. I’m still a bit wary about the client-side entropy though—did you catch if they’re mixing in mouse movements or just relying on standard OS noise? Definitely running a few test vectors before I trust it with any real bag.

 

[Shon94]

Honestly, unless they’re using the OS native CSPRNG and have had a full audit, I’d steer clear. Rolling your own randomness is usually where these projects fail.

 

[Светлана М]

Nice breakdown. The entropy sources look legit on paper, but I'm still waiting for a third-party audit before I trust it with my cold stack. Better safe than sorry.

 

[abay]

Thoughts on best practices?

 

[TonyCash]

Anyone experienced with opportunities?

 

[lexlegion]

Thoughts on new trends?

 

[Remazil]

Thoughts on latest news?

 

[1947]

Nice work, OP. The RNG looks legit for a hot wallet, but I wouldn't keep my whole stack on it until we get a third-party audit. Curious to see if they harden it further in v2.

 

[Oledjigames]

I've been digging into the wallet generator and so far it seems to use the Fortuna PRNG which is considered secure for generating random numbers. That being said, it's always good practice to test the randomness of any generator, especially one used for something as sensitive as wallet creation. Does anyone have results from testing the generator's randomness?