Doomsday Explorer

Early‑warning security system for Bitcoin wallets

Early‑Warning Defensive System for Your Hardware Wallet

Protect Bitcoin, Ledger, Cardano and other hardware wallets from deterministic‑RNG attacks. Independent, open‑source, military‑grade security.

Explore the Project

Key Benefits

Independent Early‑Warning

Runs locally or in a p2p cluster (trustless protocol), and signals any entropy‑related weakness before wallet gets compromised.

Hardware‑Wallet Friendly

Supports Ledger, Trezor and emerging secure‑enclave devices. Plug‑in architecture lets new wallets integrate with a single line of code.

Universal Entropy Protection

The same TRNG‑audit engine that safeguards hardware wallets can be applied to any system that depends on randomness. By analysing the entropy source you can detect weak‑randomness attacks on:

🔐 TLS/SSL certificates – stop forged HTTPS keys.
🏦 Traditional banking systems – protect transaction‑signing RNGs.
🪙 Bitcoin Core mnemonics, pass‑keys & password managers – guarantee truly random master‑secrets.
📱 Secure‑messenger privacy – ensure end‑to‑end encrypted chats (Signal, WhatsApp, Wire, etc.) are seeded with high‑entropy RNGs.
🕸️ Anonymity networks – protect TOR and Nostr relay keys from weak‑randomness attacks, keeping your anonymity intact.
🆔 Government‑issued IDs (e‑IDs, digital and chipped passports).
🚀 Military command & control (e.g., nuclear‑launch code generation).
💰 Open‑funds & grant‑program security – the cryptographic guarantees that protect research‑grant money, nonprofit‑fund disbursements and the 🇺🇦freedom‑rights ecosystems that depend on them.

In short, any critical workflow that relies on a **True Random Number Generator** can be audited and hardened with the Doomsday Explorer platform.

Open‑Source & Auditable

Full source code on GitHub, signed releases, and a transparent profit‑sharing model for contributors.

About Dmytró “Matt” Kondratiuk

Software Engineer / Security Researcher with more than a decade of experience in cryptography, distributed systems and financial‑tech. Author of several peer‑reviewed papers on random‑number generation and blockchain security, and the creator of the Mega‑Peers Bitcoin Oracle.

I have worked closely with Ledger, the Bitcoin and Cardano on hardware‑wallet hardening, security design and independent audit tooling. My research is driven by a single principle – *your private keys must remain private*.

Contact: mtkndr@proton.me

Mailing address: 30 Oorgat, Edam, 1135CR, Netherlands

Education: Master of Science in Computer Science, University of Stuttgart (Ukrainian division), 2011

Support with SEPA/iDEAL: NL49 ABNA 0137 1662 14 (profit sharing available)

Support with Bitcoin: bc1qekvmkczge3hxrvwdf2lj3yyvgjnparn3fdf9lg (automatic profit sharing)

EU Horizon PIC: 863479548

Partners & Sponsors

Ledger

Bitcoin Foundation

Cardano

Trusted Reviews

“The most thorough entropy‑audit I’ve seen. A must‑have for anyone who treats their private keys as sacred.”

Joseph K., CryptoSec Labs

“Our partnership with the Explorer platform gave us early insight into hardware‑wallet weaknesses that would otherwise have gone unnoticed.”

Anna L., Ledger R&D

“A critical defensive layer for the entire Cardano ecosystem – proof that open‑source security works.”

Charles H, Cardano Foundation

“Matt is a reliable, smart, and extremely skill‑full engineer. I have repeatedly relied on his technical judgment and integrity during critical projects, and his work always exceeds expectations”

Idan Zalzberg, Israeli Defense Forces (IDF)

“Dmytró has excellent scientific common sense. His ability to spot conceptual flaws early in a research project saved Marlowe team months of development time, and his rigorous approach consistently raised the quality of the work.”

Prof. Simon Thompson, University of Kent

Get In Touch

Ready to integrate a trustworthy early‑warning system into your product? Or simply want to discuss research?
Email: info@doomsdayexplorer.online 💬

Doomsday Explorer

Anti‑Scanner TRNG Audit Tool – Bitcoin‑only, open‑source, white‑hat.

View on GitHub

Check out presentation

Official page

BitcoinTalk (project)

BitcoinTalk ("replay noise" attack)

⚡️ Quick Overview

What

A PoC audit framework that shows how low‑entropy / predictable TRNGs can compromise Bitcoin wallets.

Why

“Noise is NOT secure random”. The project demonstrates a real‑world attack surface that many RNG specs hide.

How

`npm install` → download address dump → `node ingest.js` → `node enumerate.js replica_name`.

Ledger Deterministic Replica:

∀ spectra (exhaustive). `avalanche noise (first power-on)` → `SHA-256` → `entropy seed` → `thermal noise` → `XOR-fold + SHA256` → `wallet seed`.

📽️ Demo & Screenshots

^ Dashboard

^ what AI admits...in response to childish inqury

^ Clock is ticking...

🚀 Getting Started

# 1️⃣ Clone the repo
git clone https://github.com/dk14/crypto.git
cd crypto/chats/btc-audit

# 2️⃣ Install dependencies
npm ci                # reproducible install

# 3️⃣ Pull the latest address dump (≈ 600 k addresses)
curl -L https://addresses.loyce.club/addresses.zip -o addresses.zip
unzip addresses.zip -d .

# 4️⃣ Populate the local DB
node ingest.js

# 5️⃣ Run a test enumeration (choose one source)
node enumerate.js ledger   # Ledger‑seed brute‑force
node enumerate.js urandom  # /dev/urandom scan
node enumerate.js clock    # Clock‑drift demo

Tip: add --verbose for detailed logs or --dry-run for a quick sanity check.

🔎 Running the Audits

Command	Description	Search space
`node enumerate.js ledger`	Enumerates actually possible seeds derived from a Ledger hardware wallet TRNG.	small (millions to billions)
`node enumerate.js urandom`	Scans for wallets that used `/dev/urandom` directly as a private key.	small (millions to billions)
`node enumerate.js clock`	Reconstructs keys generated from system‑clock entropy (e.g., `time()%2^32`).	tiny (millions)

Outputs: found.json (compromised addresses + private keys) and report.md (ready‑to‑publish disclosure).

Note: the audit tool deliberately expands the search space to simulate attacks, thereby avoiding any real‑world exploitation while the Explorer Network is still under development

🔎 Explorer Protocol v0 (for PoW-like cluster)

Tool-independent. Early warning defensive system.

It meant to outrun hackers and report you keys that are dangerously close to yours.

Then you simply create a new safe wallet and send your funds there.

(any TRNG supported: Ledger, Trezor, quantum, enclaves, military)

---

IPFS submission format:

`seeds, blockchain_id, replica_id, worker_id, worker_id_pow, reward_address, version, signature`.

 - seeds is list of seeds you uncovered with your algorithm
 - worker_id is YOUR pubkey 
 - some reasonable worker_id_pow (SHA-256, CPU is enough) is recommended for Sybil-resistance, 
   - it is over your pubkey simply: `<pubkey>+<magicNo>` - where magicNo is PoW (SHA256),
 - replica_id is 0 for ledger, 1 for trezor, up to 42 - reserved, others - arbitrary 
 - blockchain_id is 0 for BTC, version is 0. 
 - JSON format. Signature is over minified JSON with signature field absent
 - reward_address is where u get ur incentives

 (`worker_id` serves as a basis for work replication an distribution)

 (work replication ensures no one is hiding seeds)

 IPFS --metadata "project:ExplorerBTCAudit"
 


Got your own private tool joining protocol?

Guidelines for white-hat converts:

 - don't overload IPFS pinning services 
  - you have to filter seeds based on metrics developed here (bitmatch as a starter).
 - CHECK that seeds don't belong to funded addresses. 
  - If they do - submit address (NO seed, no secret) in an issue here, on GitHub.

Notes: 

 - IPFS will become replaced in favor of gossip (in the future).
 - More fields (eg sampled entropy) will be added.

Network architecture:

UI design for Explorer Node (wireframe draft):

💰 Profit‑Sharing & Funding

Donate any BTC

bc1qekvmkczge3hxrvwdf2lj3yyvgjnparn3fdf9lg

Send

Instant inclusion in the Explorer Network profit‑share pool.

(revenue comes from network fees on compute rewards and other computationally intensive services)

BitcoinTalk

Bid on a Feature

Send a TXID + description – your feature is prioritized and you get a larger revenue slice. Bids are listed in CONTRIBUTORS.md.

Sponsor a Compute Node

Earn a “Node‑Sponsor” badge and a share of fees for all audits run on your hardware.

Inquire (Node-Sponsor status requires over 0.1 BTC investment)

Early bird

Earn bonuses and extra profit‑share for investing early

+ Get BRC-20 and Lightning assets proportionally to donations (~Q4 2026), with extra benefits for early investors!!11

Profit‑sharing logic lives in profit-sharing.js. Assets in issue-assets.js. Feel free to audit, fork or improve it.

🛣️ Roadmap & How To Contribute

Milestone	ETA	Description
v1.1	Q3 2026	Explorer UI. Tool integration into Explorer protocol
v1.2	Q4 2026	Ledger replica. Ledger firmware integration for risk reporting
v1.3	Q1 2027	Full “Explorer Network” – decentralized marketplace of auditors.
v2.0	Q2 2027	Other replicas (Trezor, Apple Secure Enclave, military TRNGs). Audits for public SSL certificates

Want to help?

Open an issue – bug or feature request.
Submit a PR – follow the existing code style (`eslint-config-airbnb-base`).
Donate – any amount pushes the roadmap forward.

All contributors and spendings (transparent fund tracking) are listed in CONTRIBUTORS.md. Fund contributors automatically receive a share of future revenues.

📜 Authentication

Message: "Doomsday Explorer Project for Bitcoin: https://github.com/dk14/crypto/tree/main/chats/btc-audit"

Address: bc1qekvmkczge3hxrvwdf2lj3yyvgjnparn3fdf9lg

Signature: IHdq/tIQtQeimfF92NOyOOdz2/iq2YR6qjD8vLgHWK3GGGETKX76L0e4Tvgtb1fOHrbLiW87QYIuOdCKYbSvmpA=

📜 License & Disclaimer

License – MIT (see LICENSE file).

Disclaimer – This tool is for **educational, research and white‑hat security auditing only**. Misuse to steal funds is illegal and will be prosecuted. The author disclaims any liability for damages caused by misuse.