# March 2026 Security Update

Following our successful month-long [Honeypot cracking challenge](https://hackenproof.com/programs/mybucks-dot-online-wallet-cracking-challenge) and expert reviews from **HackenProof** researchers, we have upgraded our wallet derivation architecture to provide higher resistance against specialized hardware (ASICs/GPUs) attacks. We maintain a "**Legacy**" mode to ensure backward compatibility for all wallets created before March 2026.

### What we upgraded?

#### Scrypt Parameters

<table><thead><tr><th width="350.98046875">Scrypt Parameters</th><th width="223.984375">Legacy (Pre-March 2026)</th><th>Default (Current)</th></tr></thead><tbody><tr><td>CPU/Memory Cost Parameter (N)</td><td>2^15</td><td>2^17</td></tr><tr><td>Parallelization Parameter (p)</td><td>5</td><td>1</td></tr><tr><td>Block Size Parameter (r)</td><td>8</td><td>8</td></tr><tr><td>keyLen</td><td>64</td><td>64</td></tr></tbody></table>

#### Salt Generation

* Legacy

```javascript
const salt = `${passphrase.slice(-4)}${pin}`;
saltBuffer = Buffer.from(legacySalt);
```

* Default

```javascript
const KDF_DOMAIN_SEPARATOR = "mybucks.online-core.generateHash.v2";
const encoded = abi.encode(
    ["string", "string", "string"],
    [KDF_DOMAIN_SEPARATOR, passphrase, pin],
);
const saltHash = ethers.keccak256(encoded);
saltBuffer = Buffer.from(saltHash.slice(2), "hex");
```

### Why we upgraded?

* **Hardened KDF Parameters**: Following OWASP recommendations, we recognize that memory-hardness (*N*) is a more critical defense against modern hardware attacks than parallelization (*p*). By increasing the cost factor *N* from 2^15 to 2^17 and reducing *p* from 5 to 1, we have increased the memory requirements fourfold—from **32MB** to **128MB**. This significantly raises the barrier for attackers while maintaining a similar **hashing time** on the user's browser.
* **Entropy Preservation in Salt Derivation**: Our legacy salt generation inadvertently discarded significant entropy by only utilizing the final 4 characters of the passphrase. This created a potential vulnerability where different passphrases with common endings could generate identical salts. The new mechanism now incorporates the **full passphrase** into the salt derivation, ensuring that every unique credential produces a unique, high-entropy salt.
* **Structured Encoding via abi.encode:** To prevent salt-collision vulnerabilities, we replaced simple string concatenation with `abi.encode`. This ensures that the boundary between the Passphrase and PIN is cryptographically preserved. By using fixed-length offsets and length-prefixing for each input, we eliminate the risk of "Canonicalization Attacks," where two different credential pairs could accidentally produce the same concatenated salt.
* **Domain Separation**: To prevent **cross-protocol attacks** and the unauthorized reuse of hash results, we have introduced a **Domain Separator** into the salt generation process. This ensures that the keys derived for mybucks.online are cryptographically isolated and cannot be used to compromise or spoof other services.

### User Action & Compatibility

For backward compatibility, we have added a new checkbox: '**This wallet was created before March 2026.**'

If you are creating a new wallet after **March 9, 2026**, you can ignore this checkbox. If you need to access a wallet created before the update, please ensure the box is checked.

### Deprecation of Legacy Mode

To maintain a streamlined and secure protocol, the "Legacy" checkbox is part of a temporary migration phase. We will support the Legacy derivation path for a sufficient period to allow all users to move their funds to the updated architecture.

After this migration window closes, the checkbox will be removed from the primary interface, and the **Default** mode will become the sole standard for mybucks.online.