Bitcoin transactions are basically public ECDSA signed statements.
As others have painfully verified, ECDSA is a dangerous scheme to implement, as failing to provide new randomness for each signature will directly leak the private key.
In this presentation, we will analyze the blockchain looking for such errors, use them to recover wallets’ private keys, try to link some cases to known implementations flaws and release the tools I used to do this. Finally, I’ll illustrate how and release patches to avoid these risks by performing safer deterministic ECDSA operations.