BIP32: CExtKey::SetSeed missing validation of seed bit-length #35308

issue kuliq23 opened this issue on May 17, 2026
  1. kuliq23 commented at 5:27 PM on May 17, 2026: none

    Current behaviour

    CExtKey::SetSeed does not check the seed bit-length constraints defined in BIP32

    Generate a seed byte sequence S of a chosen length (between 128 and 512 bits; 256 bits is advised) from a (P)RNG.

    I don't see a reason for not adhering to the spec in this case. Weak seeds used for master key generation can & have been exploited.

    Found using the bitcoinfuzz tool.

    Expected behaviour

    CExtKey::SetSeed should provide bit-length (or byte-length) checks for the parameter seed e.g.,

    void CExtKey::SetSeed(std::span<const std::byte> seed)
{
    if (seed.size() < 16) return; // or throw
    ...
}

    Steps to reproduce

    Added a testcase in key_tests.cpp and ran the tests:

    BOOST_AUTO_TEST_CASE(extkey_setseed_empty)
{
    CExtKey key;
    
    // Test with 0 bytes
    std::vector<std::byte> empty{};
    key.SetSeed(empty);

    // Test with 1 byte
    std::vector<std::byte> one{std::byte{0x01}};
    key.SetSeed(one);
    
}

    Running 8 test cases...

*** No errors detected

    How did you obtain Bitcoin Core

    Compiled from source

    What version of Bitcoin Core are you using?

    master@ed1795a

    Operating system and version

    Ubuntu 24.04.3 LTS

  2. sedited closed this on May 17, 2026
  3. sedited reopened this on May 17, 2026
  4. bitcoin deleted a comment on May 18, 2026
Contributors
kuliq23
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-19 06:51 UTC