-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security vulnerability: reusable authentication parameters across wallets sharing the same security parameters #253
Comments
polymorpher
changed the title
Shared storage across upgrades
Shared contract storage across upgrades
Mar 4, 2022
This was referenced Mar 4, 2022
Closed
polymorpher
changed the title
Shared contract storage across upgrades
Security vulnerability: reusable authentication parameters across wallets sharing the same security parameters
Apr 1, 2022
Fixed in #284 |
Issue to be closed after details are added to the post |
Remedial actions for multisig users, to quote from the release notes:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Prior to v16, reveal-authentication parameters (specifically, EOTP which is computed from OTP provided by the user) may be reused across wallets sharing the same roots (and other security parameters in their CoreSetting). This includes, for example, upgraded wallets and its prior versions. Although the original intent is to enable users to use the same authenticator codes after the upgrade, this also opened the possibility for someone to copy the EOTP when it is submitted to the blockchain during an
reveal
operation by the legitimate user. The person can then use the EOTP on the other wallets that share the same CoreSetting to perform unintended operations.This can be problematic for users who may actively use two wallets sharing the same parameters, for example, using the wallet as an owner of a multisig wallet to authorize transactions, but later upgraded the wallet to a new version. When they use the multisig, since the address of the old wallet is still listed as an owner, the authorization of any transaction in the multisig would be performed as an operation from the old wallet. As mentioned above, someone monitoring the EOTP submitted from the old wallet can then use the same EOTP to authorize any transaction from the upgraded wallet. Vice versa, if the victim sends some funds from the upgraded wallet, another person could use the EOTP to authorize a transaction in the multisig
See also discussions in release notes https://github.com/polymorpher/one-wallet/releases/tag/v0.16.1 for remedial actions.
The text was updated successfully, but these errors were encountered: