vusi
| Crates.io | vusi |
| lib.rs | vusi |
| version | 0.2.0 |
| created_at | 2026-01-13 15:07:01.222063+00 |
| updated_at | 2026-01-16 20:02:56.281787+00 |
| description | ECDSA signature vulnerability analysis library and CLI |
| homepage | |
| repository | https://github.com/oritwoen/vusi |
| max_upload_size | |
| id | 2040391 |
| size | 103,858 |
Ori (oritwoen)
documentation
README
vusi
ECDSA signature vulnerability analysis library and CLI tool.
Features
- Nonce Reuse Detection: Identifies signatures using the same nonce (k value)
- Private Key Recovery: Recovers private keys from vulnerable signatures
- Multiple Input Formats: Supports JSON and CSV input
- Flexible Output: Human-readable or JSON output formats
Installation
cargo install --path .
Usage
Analyze signatures from file
vusi analyze signatures.json
Analyze from stdin
echo '[{"r":"...","s":"...","z":"..."}]' | vusi analyze
JSON output
vusi --json analyze signatures.json
Input Format
JSON
[
{
"r": "6819641642398093696120236467967538361543858578256722584730163952555838220871",
"s": "5111069398017465712735164463809304352000044522184731945150717785434666956473",
"z": "4834837306435966184874350434501389872155834069808640791394730023708942795899",
"pubkey": null
}
]
CSV
r,s,z,pubkey
6819641642398093696120236467967538361543858578256722584730163952555838220871,5111069398017465712735164463809304352000044522184731945150717785434666956473,4834837306435966184874350434501389872155834069808640791394730023708942795899,
Exit Codes
0: No vulnerabilities found1: Vulnerabilities detected2: Error (invalid input, etc.)
Library Usage
use vusi::attack::{Attack, NonceReuseAttack};
use vusi::provider::load_signatures;
let signatures = load_signatures("signatures.json")?;
let attack = NonceReuseAttack;
let vulnerabilities = attack.detect(&signatures);
for vuln in vulnerabilities {
if let Some(key) = attack.recover(&vuln) {
println!("Recovered key: {}", key.private_key_decimal);
}
}
Development
Run tests
cargo test
Build release
cargo build --release
License
MIT