Is it attainable that malicious bitcoin pockets suppliers present pre-generated private-keys for customers?
We belief wallets like Ledger, Trezor, and and many others. We consider the mathematics that the randomly generated non-public keys are secure. However might or not it’s attainable that the non-public keys you thought are “generated” are literally offered and already saved within the database?
Think about I’m the chilly pockets firm, and I pre-generated like one trillion non-public keys secretly and saved them in my very own database. For every pockets chip, I rigorously select 100 non-public keys and write them into the chip, and mark the keys in my database as used. When a person acquired the pockets and tries to generate a personal key, this system within the chip simply picks one of many 100 keys I wrote in. Nobody is aware of whether or not the keys are actually generated or given by the pockets supplier.
Once I’ve already offered sufficient wallets, I can iterate all of the used non-public keys and steal all my customs bitcoins.
That sounds sensible and horrible. I’m utilizing a pockets however I can not persuade myself that my non-public key actually belongs to me. Is that state of affairs attainable? Is there any method to assure that the non-public key will not be saved by others when the pockets will not be open supply?