tl;dr

Both US Presidential candidates are attempting to burnish their crypto credentials, though neither in a particularly impressive way. Dark Skippy is attacking hardware wallets, and it is a scary attack.

Market Snap

Market Wrap

The sideways chop continues. It has been four months since we last saw a 70-handle and though short-volatility keeps on taking out leveraged players, it has mostly been four months of grind. Alt coins are getting more sensitive to movements in the price of BTC, particularly on stronger days like today. That narrative that Q4 2024 will be a monster is never far from the surface.

Curious Cryptos’ Commentary – US politics

Kamala Harris, in a vain attempt to draw attention away from her personal plan to charge CGT on unrealised gains – an idea which is a leading candidate for dumbest proposal ever award at the year-end CC prize giving ceremony – has been lunching with crypto advocate Mark Cuban.

Mark is generally flattering about Harris’ recent pivot to cryptos, though the team at CC Towers remains sceptical that it has any actual weight to it. Mark claims that he has been thoroughly questioned by Harris’ team about cryptos and that he “… takes that as a good sign.”

Over lunch he reiterated his constant criticism of Gensler and the SEC’s regulation by enforcement approach, in particular contrasting the regulation of centralised exchanges in Japan – which require customers’ assets to be held in segregated storage – to the lack of concern by the SEC about US clients using a fraudulent exchange such as FTX.

We do hope Harris has been listening.

…

Meanwhile Trump takes the populist route of repeating his desire to free Ross Ulbricht on day one of his presidency. Ulbricht is serving two life sentences plus forty years with no possibility of parole for running the darknet marketplace Silk Road.

Some believe that his sentence was somewhat harsh, a by-product of Operation Choke Point 2.0. I cannot comment, but he has a lot of fanatical supporters to whom Trump is unashamedly appealing to, with a promise to overturn the judicial system. This cannot be a good thing.

Curious Cryptos’ Commentary – Dark Skippy

Another new scam, and one which is aimed at holders of hardware wallets such as Ledger or Trezor. A video demonstration and the maths behind the attack can be found here:

https://darkskippy.com/walkthrough.html

The brief explanation is malware loaded onto your hardware device uses a low entropy signing function that incorporates the seed phrase into the hash of the signed transaction. Because of the low entropy, a brute force attack on the hash of the signed transaction can reverse engineer the seed phrase, giving the attacker full access to any and all private keys derived from that seed phrase.

Scary stuff, indeed.

The authors of this report usefully add some ways of mitigating the risk including some technical suggestions to improve the signing process.

But the key takeaway is that it is your responsibility to ensure that malware is not loaded onto your hardware wallet in the first place by only ever updating the firmware using the official app relevant to your wallet.

If you have any doubts about that, then I am afraid just wiping your hardware wallet clean isn’t the answer, for your seed phrase may already be out there, whilst the attacker waits for your crypto stash to grow. The only way to be safe if your hardware wallet has been infected, is to set up a brand-new one, and move your cryptos there.