diff --git a/ch04.asciidoc b/ch04.asciidoc index 38be5e83..b078369f 100644 --- a/ch04.asciidoc +++ b/ch04.asciidoc @@ -555,7 +555,7 @@ include::code/ec-math.py[] [NOTE] ==== -The example above uses +os.urandom+ which reflects a cryptographically secure random number generator (CSRNG) provided by the underlying OS. In the case of UNIX-like operating system such as Linux, it draws from +/dev/urandom+ and in the case of Windows calls +CryptGenRandom()+. If a suitable randomness source is not found, +NotImplementedError+ will be raised. While the random number generator used here is for demonstration purposes, it is not appropriate for generating production-quality bitcoin keys as it is not implemented with sufficient security. +The example above uses +os.urandom+ which reflects a cryptographically secure random number generator (CSRNG) provided by the underlying operating system. In the case of UNIX-like operating system such as Linux, it draws from +/dev/urandom+ and in the case of Windows calls +CryptGenRandom()+. If a suitable randomness source is not found, +NotImplementedError+ will be raised. While the random number generator used here is for demonstration purposes, it is _not_ appropriate for generating production-quality bitcoin keys as it is not implemented with sufficient security. ==== [[ec_math_run]] @@ -961,6 +961,11 @@ include::code/vanity-miner.cpp[] ---- ==== +[NOTE] +==== +The example above uses +std::random_device+. Depending on the implementation it may reflect a cryptographically secure random number generator (CSRNG) provided by the underlying operating system. In the case of UNIX-like operating system such as Linux, it draws from +/dev/urandom+. While the random number generator used here is for demonstration purposes, it is _not_ appropriate for generating production-quality bitcoin keys as it is not implemented with sufficient security. +==== + The example code must be compiled using a C++ compiler and linked against the libbitcoin library (which must be first installed on that system). To run the example, run the ++vanity-miner++ executable with no parameters (see <>) and it will attempt to find a vanity address starting with "1kid". [[vanity_miner_run]] diff --git a/code/vanity-miner.cpp b/code/vanity-miner.cpp index 06112918..9b85567e 100644 --- a/code/vanity-miner.cpp +++ b/code/vanity-miner.cpp @@ -12,8 +12,12 @@ bool match_found(const std::string& address); int main() { + // random_device on Linux uses "/dev/urandom" + // CAUTION: Depending on implementation this RNG may not be secure enough! + // Do not use vanity keys generated by this example in production std::random_device random; std::default_random_engine engine(random()); + // Loop continuously... while (true) {