add a warning regarding exposing the keys

arsenische · Jun 4, 2016 · 3ab6063 · 3ab6063
1 parent 34a7a89
commit 3ab6063
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/app/views/arguments/show.html.slim b/app/views/arguments/show.html.slim
@@ -18,6 +18,14 @@
         =form_tag(argument_signatures_path(@argument.id), {remote:true, id:"signature_form"}) do |f|
           =text_area("signature", "signature", {style:"font-size:1.5em;width:100%;", placeholder:"Please copy the above statement, sign it with your bitcoin address and paste the signature here", class:"submit_on_edit"})
           =button_tag "Submit", class:"btn btn-lg btn-success pull-right"
+          .alert.alert-warning
+            | Warning:
+            a href="https://www.reddit.com/r/btc/comments/4mhjh3/psa_bitcoinocracycom_signatures_expose_your/" rel="nofollow"  Bitcoin signatures expose your public keys
+            |  (that shouldn't be a problem until
+            a href="https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm" rel="nofollow"  ECDSA
+            |  is broken). Moreover address reuse with a faulty random number generator
+            a href="http://www.nilsschneider.net/2013/01/28/recovering-bitcoin-private-keys.html" rel="nofollow"  may leak your private keys
+            |.
           =hidden_field("signature", "negation", {value: @is_doubt, autocomplete: false})
 
     div#signature_status style='display:none'