How do Javascript-based wallets generate random numbers and is this cryptographically secure?

Hybrid wallets and some paper wallet generators create private Bitcoin keys using Javascript inside the browser. Which source of entropy do they use? How do they make sure the PRNG is suitable for long-term security?

Answer

Most modern browsers provide a native crypto api accessible through the window.crypto object.

https://developer.mozilla.org/en-US/docs/DOM/window.crypto

It is also possible to seed random values using mouse movements and key presses.

Leave a Reply

Your email address will not be published. Required fields are marked *