*************************************************************************** *** DEMONSTRATION HOW AN ADDRESS GETS COMPROMISED *** *************************************************************************** A. Initial situation: Alice wallet address 0: 500 B. Bob and Eve both wants to pay Alice 2500 IOTA. C. Alice gives address 1 to both Bob and Eve and does not attach address 1 to the Tangle. Alice wallet address 0: 500 address 1: not attached to Tangle In this step Alice makes two mistakes: - Alice should create 2 addresses (address 1 for Bob and address 2 for Eve) and both addresses should be attached to the Tangle. D. Alice sends 100 IOTA to Charlie Alice wallet address 0: 0 address 1: 400 Note: - Because address 1 was not attached, it is used for the unspent 400 IOTA. E. Alice sends 100 IOTA to Dave Alice wallet address 0: 0 address 1: 0 address 2: 300 Note: - 100 IOTA is sent from address 1, 50% of address 1 private key (randomly) is revealed. F. Bob sends 2500 IOTA to Alice using address 1 Alice wallet address 0: 0 address 1: 2500 address 2: 300 G. Alice sends 100 IOTA to Karl Alice wallet address 0: 0 address 1: 0 address 2: 300 address 3: 2400 Note: - Again 100 IOTA is sent from address 1, and again 50% of address 1 private key (randomly) is revealed. - Address 1 is used twice for outgoing transactions, step E and step G. Address 1 is now compromised. H. Eve sends 2500 IOTA to Alice using address 1, while Alice goes on holiday. Alice wallet address 0: 0 address 1: 2500 address 2: 300 address 3: 2400 Note: - In step G, address 1 was compromised and now address 1 has a balance. - By brute force computing hackers can try to find the complete private key and thus stealing the tokens from address 1. - There is no 100% guarantee that the hacker will succeed, it all depends on how much of the private key is revealed and the computer power used. - The seed and other addresses are SAVE. Only address 1 is compromised.