If you are using a compromised wallet then you are using a compromised wallet. No “mining” required.
You can verify this by only using open source wallets and also generating a matching address list in multiple softwares
(BlueWallet and Sparrow for example)
I am assuming a hardware wallet that is not compromised, with software that is compromised.
That is exactly what I do-- generate and compare lists. But I think the clever attack vector would be to wait for several months before the attack. Let the user start trusting the software, as they use up those first 20 or so addresses they compared.
I'm sure it's not a common attack vector. But I'm curious about the math of generating/mining similar addresses, how feasible it is and how much time and power it takes.
reply