Ryan Castellucci, a security researcher at digital fraud firm White Ops, shared that there could be a loophole in which bitcoin passwords can be traced to steal funds. This might be possible through brainwallets, wherein bitcoin passwords are stored in the memory of the user through a long word or phrase that interacts with the blockchain.
In particular, the brainwallet password might be traced to the private key, then to the public key, and eventually to the bitcoin wallet address. Castellucci revealed his findings in the DEF CON 23 annual global hacker convention.
Traceable Bitcoin Passwords?
Brainwallet bitcoin passwords aim to add an additional layer of security to digital wallets but Castellucci says that this could expose a critical flaw.