Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Seed Phrase Bug Bounty #3127

Open
danfinlay opened this issue Jan 29, 2018 · 97 comments
Open

Seed Phrase Bug Bounty #3127

danfinlay opened this issue Jan 29, 2018 · 97 comments

Comments

@danfinlay
Copy link
Contributor

@danfinlay danfinlay commented Jan 29, 2018

As part of our commitment to the best security we can offer, the MetaMask team is planning to continuously offer a bug bounty on our seed phrase functionality, we are starting the bounty at 1 ether, but anyone is free to add to the bounty as they like.

As we have written about before #2577, and have awarded a bounty for in the past, sometimes users have reported that the seed phrase they were originally given does not restore their original accounts.

We have continued to receive rare but concerning accounts of similar experiences: #2904 #3042 #4756 #4697

The bounty will be paid to anyone who can demonstrate a condition in MetaMask's code base, either through automated tests or manual reproduction, where MetaMask would show a user a seed phrase on first setup that would not work for later restoring their accounts.

Thanks for your interest and participation, we're available to answer any questions about our key management here.

@gitcoinbot
Copy link

@gitcoinbot gitcoinbot commented Jan 29, 2018

This issue now has a funding of 1.0 ETH (1189.64 USD) attached to it.

  • If you would like to work on this issue you can claim it here.
  • If you've completed this issue and want to claim the bounty you can do so here
  • Questions? Get help on the Gitcoin Slack
  • $47191.73 more Funded OSS Work Available at: https://gitcoin.co/explorer
@ghost
Copy link

@ghost ghost commented Feb 1, 2018

I had same issue with MetaMask chrome extension, a month back, i can reproduce what happened with my account. As i have not read MetaMask's code base, my understanding of seed phrase is limited. But what happened is still a issue.

@danfinlay
Copy link
Contributor Author

@danfinlay danfinlay commented Feb 1, 2018

i can reproduce what happened with my account

If you can reproduce a problem that meets this description reliably, you'll be eligible for this bounty, no need to understand the code.

If you'd like to disclose it in secret, please submit your reproduction steps to support@metamask.io

@ghost
Copy link

@ghost ghost commented Feb 2, 2018

On reading documentation and concept of loose accounts, what happened with my account was, i had imported few accounts with "import account" option, but after reinstalling metmask extension, these imported accounts were gone, luckily i had private keys for these imported accounts, so i had to import these again. In that sense "seed phrase" will only create HD wallet, and will recover only addresses in its derivation path?(Not the previous full state of your account).

@danfinlay
Copy link
Contributor Author

@danfinlay danfinlay commented Feb 2, 2018

That's right, the seed phrase is not a password to some server we maintain, it is the secret from which we derive the accounts that you create with MetaMask. It can't help with restoring any other information.

Glad you figured it out!

@danfinlay danfinlay closed this Feb 2, 2018
@wong2
Copy link

@wong2 wong2 commented Feb 4, 2018

Why is this closed?

@ghost ghost mentioned this issue Feb 12, 2018
@vs77bb
Copy link

@vs77bb vs77bb commented Feb 13, 2018

@danfinlay Is this one still open? cc @owocki

@danfinlay
Copy link
Contributor Author

@danfinlay danfinlay commented Feb 13, 2018

Sorry, I didn't mean to close this!

@owocki
Copy link

@owocki owocki commented Feb 22, 2018

working on some issues with gitcoinbot erroneously commenting on issues... looks like it might have happened here. sorry yall, working on it!

@owocki owocki mentioned this issue Feb 22, 2018
6 of 10 tasks complete
@owocki
Copy link

@owocki owocki commented Feb 22, 2018

just put in a fix for the gitcoinbot craziness. gonna monitor for the next few hours to make sure we're all good.

@imcda
Copy link

@imcda imcda commented Feb 24, 2018

Hi @danfinlay

METAMASK is really a good wallet. I am a fresh user of METAMASK, and teach my girlfriend to use it. Last night when we use it to join an ICO campaign. We got the TERRIBLE problem. DEEP SAD! We lost our all accounts although we take down the seed prase.

the reproduce progress as below:

  1. we created an account, setted a password and took the seed prase,this is Account 1;

  2. then we created Account 2, 3, 4, 5…… it very easy and there is no seed prase or password (I think this is the important reason)

  3. then we use the address to join the ICO, but we clear all the cache of the browser (this is why my accounts lost )

  4. when we login the metamask use the seed parse and reset the password, we only find the Account 1. the other accounts lost.

That's quite terrible! We lost many tokens which cost us a lot. And I didn't find a good way to get back the account. Maybe never. It really a big BUG, and Why don't you alert users to avoid it? Some advices as below:

  1. Alert all the user one seed parse can only recover the first Account.
  2. if you clear the cache of the browser, you will lose all the accounts.
  3. you should download or takedown every acoount's private key.

Good product but with quite big BUG for fresh users. Hope others good luck. :( a sad day for me.

@DanielRX
Copy link

@DanielRX DanielRX commented Feb 25, 2018

EDIT: @DavidFnck if you press create account it will restore the rest, only account 1 shows but the rest will be there if you create account again

One thing to note, when I clear cache and use the password, it claims to be wrong (it was copied from a text file for testing) so I had to use the seed phrase to restore

@BinaryQuasar
Copy link

@BinaryQuasar BinaryQuasar commented Feb 25, 2018

@DavidFnck The accounts should be restored one-by-one when you perform "create account" in the fresh MetaMask.

EDIT: @DanielMReed edited their comment to say this as well.

@BGzetro
Copy link

@BGzetro BGzetro commented Feb 27, 2018

I'm offering up to 20% of my account balance as a bounty if I can gain access to my original address again after being effected by this bug. The bounty I'm offering is worth than the bounty of this issue no (#3127) alone. The issue I created is no #3258 it has been closed but not solved and is the same issue as this one.

@BGzetro
Copy link

@BGzetro BGzetro commented Feb 27, 2018

My original address balance can be seen here and is where I'll pay the bounty out from on regaining access:

https://etherscan.io/address/0xbc70688f0394d98c6016f670d2e2515d0ef63533

@BGzetro
Copy link

@BGzetro BGzetro commented Feb 27, 2018

If the balance increases in value so does the bounty I'm offering i.e 20% of whatever my address is worth at the time of gaining access.

@wazdevelopment
Copy link

@wazdevelopment wazdevelopment commented Nov 8, 2018

Popup of connect request appears every time when browser restarted even if the website have been accepted before. during payment on meta-mask must refresh to Rinkeby and then main eth network to confirm payment.

@wazdevelopment
Copy link

@wazdevelopment wazdevelopment commented Nov 9, 2018

Issue Status: 1. Open 2. Started 3. Submitted 4. Done

Work for 10.0 ETH (2166.02 USD @ $216.6/ETH) has been submitted by:

  1. @wazdevelopment

@danfinlay please take a look at the submitted work:

Popup of connect request appears every time when browser restarted even if the website have been accepted before. during payment on meta-mask must refresh to Rinkeby and then main eth network to confirm payment.

how do i find out if i get bounty paid for the work ? thanks

@bdresser
Copy link
Contributor

@bdresser bdresser commented Nov 12, 2018

@wazdevelopment this bounty is specifically for issues related to MetaMask's seed phrase logic, so your bug report does not qualify.

Thanks for pointing this out, though! Please file as a separate issue with additional details (browser, MM version, etc) so we can address it.

@DunnCreativeSS
Copy link

@DunnCreativeSS DunnCreativeSS commented Nov 12, 2018

@bdresser was there any word whether my submission was worth part of the bounty? It doesn't point out an issue with the seed phrase logic or code, however it addresses some of the most common issues faced with seed phrase recovery.

Thanks,

@bdresser
Copy link
Contributor

@bdresser bdresser commented Nov 13, 2018

hey @DunnCreativeSS, thanks for opening your issue and pointing out a reasonable UX improvement. But as the original bounty states, we're looking for

a condition in MetaMask's code base, either through automated tests or manual reproduction, where MetaMask would show a user a seed phrase on first setup that would not work for later restoring their accounts.

@logvik
Copy link
Contributor

@logvik logvik commented Nov 21, 2018

This issue does not reproduce. Tested on Windows Firefox and Chrome with version 5.0.3

@hatgit
Copy link

@hatgit hatgit commented Nov 26, 2018

I noticed 12 dependencies with the word "stream" in https://github.com/MetaMask/metamask-extension/blob/develop/package.json and sharing this out of caution in case MetaMask isn't already aware in case it applies, with regard to the exploits found in the event-stream NPM package (which I just saw headlines that bitpay/copay wallets were affected): dominictarr/event-stream#116

@tmashuang
Copy link
Contributor

@tmashuang tmashuang commented Nov 26, 2018

@hatgit as FallingSnow has mentioned, reverting/updating/pinning to event-stream@3.3.4.

metamask-extension [develop] :> npm ls event-stream flatmap-stream
metamask-crx@0.0.0 /Users/Desktop/metamask-extension
├─┬ gulp-livereload@4.0.0
│ └── event-stream@3.3.4
└─┬ shell-parallel@1.0.3
  └─┬ ps-tree@1.1.0
    └── event-stream@3.3.4  deduped

Thanks for the report and we are continuing to monitor these packages that have the dependency.

@hatgit
Copy link

@hatgit hatgit commented Nov 26, 2018

@hatgit as FallingSnow has mentioned, reverting/updating/pinning to event-stream@3.3.4.

metamask-extension [develop] :> npm ls event-stream flatmap-stream
metamask-crx@0.0.0 /Users/Desktop/metamask-extension
├─┬ gulp-livereload@4.0.0
│ └── event-stream@3.3.4
└─┬ shell-parallel@1.0.3
  └─┬ ps-tree@1.1.0
    └── event-stream@3.3.4  deduped

Thanks for the report and we are continuing to monitor these packages that have the dependency.

Great! Just saw this: 486f993

@gitcoinbot
Copy link

@gitcoinbot gitcoinbot commented Feb 6, 2019

💰 A crowdfund contribution worth 0.00500 ETH (0.54 USD @ $107.31/ETH) has been attached to this funded issue from @treebeard.💰

Want to chip in also? Add your own contribution here.

@andriytyurnikov
Copy link

@andriytyurnikov andriytyurnikov commented Mar 20, 2019

Guys this is just a hoax - while bug reporters tell all kinds of stories - mentioned accounts are empty this days. So you place a bounty on a bug which does not exist and more and more people waste more and more time in this blackhole, as there is no evidence on blockchain to support existence of the bug - please consider closing the issue, and consider not having bounties of such nature.

Like check this out final comments of #3258 , sure humans are humans and we all make mistakes, but as it costs nothing to create a ticket - people do it for all sorts of reasons.
Another example - dude in comments offering 20% of his balance as a bounty - guess what is a balance this days - correct - zero.

@BGzetro
Copy link

@BGzetro BGzetro commented Mar 20, 2019

@andriytyurnikov

My address shows 0 funds as I discovered what the bug caused to happen so was able to retrieve my funds by myself that is why I did not give away the 20%.

If my funds were freed by someone discovering how I could then I would have.

I gained nothing from raising a ticket other than I got my funds back during the process on my own.

So please tell why It is a hoax if I gained nothing from it?

I believe the bug has not been fixed but am aware of what is needed to be done to get funds back if it occurs again.

@BGzetro
Copy link

@BGzetro BGzetro commented Mar 20, 2019

There have been reports of people having had the same issue as me.

They gained nothing from comments and raising tickets if they did not recover their funds, so are they a hoax to?

@andriytyurnikov

@andriytyurnikov
Copy link

@andriytyurnikov andriytyurnikov commented Mar 20, 2019

You got funds back because you used wrong 12 words, dude!
And other reports are coming from dudes as [censored]... wrong as you @BGzetro

@BGzetro
Copy link

@BGzetro BGzetro commented Mar 20, 2019

Where is the palm face emoji when you need one??

@andriytyurnikov
Yes in my case technically the seed phase I was shown upon new account creation was the wrong seed phase to recover the funds of the addresses originally shown tied to that account, although that should not have been the case! That is why I entered it to try to recover my funds as it was suppose to be the correct one.

The 12 word seed phase I enter to recover my funds of my new account addresses, was the 12 word seed phrase shown upon account creation from an old account, which I had not used in a long long time.

If anyone else has had the same issue as I had, I recommend trying to enter the 12 word seed phase of your previous metamask account to recover your funds, if the seed phase you were shown on new account creation did not recover the correct addresses supposedly tied to your new seed phrase.

@andriytyurnikov
Copy link

@andriytyurnikov andriytyurnikov commented Mar 20, 2019

@BGzetro in this thread you are OFF TOPIC as this particular ticket is about bounty program, and i've highlighted moral issues with topics of such nature:

The bounty will be paid to anyone who can demonstrate a condition in MetaMask's code base, either through automated tests or manual reproduction, where MetaMask would show a user a seed phrase on first setup that would not work for later restoring their accounts.

@BGzetro
Copy link

@BGzetro BGzetro commented Mar 20, 2019

@andriytyurnikov
I'm only off topic because you were referring to my comment in another ticket.

I've never looked a meta mask's code base, and only have little skill with programming, so have not attempted to look into the code base. I have not been able to reproduce the bug either on one attempt I've made.

I don't plan on trying to reproduce it either. I'm not looking for no bounty payment. Life is too busy for me. I'm just happy I have my funds now.
I have not used meta mask since withdrawing my funds and don't plan to use it again in the near future.

@pacamara
Copy link

@pacamara pacamara commented Mar 30, 2019

@danfinlay: Hi!

TLDR: Slow/unresponsive browser may skip key onboarding screens, in earlier versions of Metamask

Some versions of Metamask can be induced to skip the "Your unique account image", "Secret Backup Phrase" and "Confirm Your Secret Backup Phrase" screens during apparently successful account setup. Reproduce steps:

  • Platform: Google Chrome, Linux or Windows. For Windows, need --process-per-site option.
  • Metamask version:
    ** 5.1.0 -- skips all 3 screens
    ** 5.2.2-6.1.0 -- skips just Account Image screen
  • Install metamask; Click past welcome screen; Fill in password fields
  • Open new tab and load misbehaving page, for example a bookmarklet which spams console.warn:
    javascript: var end=new Date().getTime()+60000; do {console.warn("foo");} while (new Date().getTime()<end); alert("DONE")
  • Switch back to Metamask page
  • Click "Create"
  • After 60 seconds, close non-responding metamask page
  • Switch back to bookmarklet page and observe it's finished ("DONE" alert)
  • Open new tab
  • Open Metamask in popup mode
  • 5.1.0: Metamask will show "Terms of use", "Privacy notice", "Phishing warning", then main account screen, i.e. Account Image and seed-word related onboarding screens never shown
  • 5.2.2-6.1.0: Metamask will show "Secret Backup Phrase" screen, i.e. Account Image screen never shown.
  • User can use Metamask normally from here on, load funds, send funds, etc. Everything works normally.

Spamming console.warn is the easiest repro. But have also repro'd by spamming document.write, and just with a pure maths calculation. I.e. this issue is to do with timing and CPU load, not some pathological artifact of the console log.

It's not clear if the root cause of the issue has been fixed in the latest version 6.3.1, or whether the design changes to remove the Account Image screen from onboarding, and always displaying the full page login screen even when opened in popup mode are just masking the underlying issue.

@pacamara
Copy link

@pacamara pacamara commented Apr 23, 2019

Filed above report as separate issue #6496 for better visibility/tracking.

@dpazdan
Copy link

@dpazdan dpazdan commented Oct 3, 2019

possibly related #7246

@flood793
Copy link

@flood793 flood793 commented Jan 19, 2020

I'm having this problem here:
#7866

@Devilla
Copy link

@Devilla Devilla commented Feb 19, 2020

is it still open issue?

@Eddie-Wachowski
Copy link

@Eddie-Wachowski Eddie-Wachowski commented Mar 3, 2020

So i am pretty sure that I also have fallen victim to this bug, even if I´m on Metamask Version 7.7.2. and first Version this was reported was 4.x.x if I remember right?

Pretty much the same story as BGzetro...
I installed Metamask, transferred about 100 Euros of ERC20 tokens to Account 1 (never created any additional accounts). Next time trying to use Metamask, it shows me an empty acc. Tried to restore from my written down seed phrase, again leading to an empty account (probably the same one), with a different Address than where i have sent my tokens to.
MM Version: 7.7.2
Chrome Version: 79.0.3945.130 (Official Build) (64-Bit)
Address I sent the tokens to: https://etherscan.io/address/0x8de8c5612ae5390800e923bb0b7328ffbaf4e4fe#tokentxns

Address (Account 1) I currently have access to (but is empty): 0xa8D9b7C345A7431ed9420B2790e1B77BD71D0418

Is there a way to determine cryptographically whether these 2 addresses are derived from different seeds?

And do you see any way for me to get my tokens back (Vault hacking, even If the Vault probably would be overwritten by me restoring from the seed phrase, or something else)?

Haven't really been warned that your software is in such an "experimental" state, after all. (pls excuse my bitterness, but spoiling € 100 is not really good news for me)

I don't really know where the best place to post this issue is, so feel free to move this post or tell me where I should rather post it.

@danfinlay
Copy link
Contributor Author

@danfinlay danfinlay commented Mar 3, 2020

Is there a way to determine cryptographically whether these 2 addresses are derived from different seeds?

No, there's no way to correlate accounts just from the address.

And do you see any way for me to get my tokens back (Vault hacking, even If the Vault probably would be overwritten by me restoring from the seed phrase, or something else)?

No, if you don't have a copy of your vault in a previous state where you had this account, there is no hacking that can be done on one vault to generate another vault's accounts.

Haven't really been warned that your software is in such an "experimental" state, after all.

We have no concrete evidence that this bug ever occurred. No one has been able to produce a new hypothetical scenario where this bug would occur in two years.

I don't really know where the best place to post this issue is, so feel free to move this post or tell me where I should rather post it.

Since you aren't submitting a new possible solution to the bug bounty, you could just email support@metamask.io for any other ideas of how to try to derive the account you think you should have, but I think it's very likely that you're out of luck, sorry.

@mryellow
Copy link

@mryellow mryellow commented Mar 9, 2020

Better sanitation of user input would go a long way to reducing reported issues and confusion surrounding them.

#8171

sure humans are humans and we all make mistakes,

When presented with poor validation and sanitation of user input, resulting in poor UX.

@nahuus123
Copy link

@nahuus123 nahuus123 commented Oct 15, 2020

I have found an issue where a user can access their original wallet by the seed phrase, but it does not restore any additional accounts that were created in metamask.

So the original Metamask account was created by importing a wallet created on MEW, a seed phrase was created by Metamask.

Additional wallets were created in Metamask, and from what I understand these are tied to the original seed phrase. However, when restoring the account by the seed phrase only the original wallet is restored, but the additional created wallets are no longer there. So would the user loose access to the funds in the newly created wallets?

To be sure: I did not loose any funds, as I just created these additional wallets for test net stuff. I'm not looking for any compenstation. I'm a satisfied user from Metamask and no complaints.

Would this be of interest for you? I am able to reproduce it.

@roo-shy
Copy link

@roo-shy roo-shy commented Nov 16, 2020

referencing customer: https://consensys.zendesk.com/agent/tickets/64454

Example my seed phase is 1 to 12 words in that order opens my wallet , now if I was to switch word 1 & 7 round I can open another wallet up .

Screen Shot 2020-11-16 at 10 24 04 AM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet