Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security vulnerability: reusable authentication parameters across wallets sharing the same security parameters #253

Closed
polymorpher opened this issue Mar 4, 2022 · 3 comments · Fixed by #275
Closed

Security vulnerability: reusable authentication parameters across wallets sharing the same security parameters #253

polymorpher opened this issue Mar 4, 2022 · 3 comments · Fixed by #275

Comments

@polymorpher
Copy link
Owner

polymorpher commented Mar 4, 2022
edited

Prior to v16, reveal-authentication parameters (specifically, EOTP which is computed from OTP provided by the user) may be reused across wallets sharing the same roots (and other security parameters in their CoreSetting). This includes, for example, upgraded wallets and its prior versions. Although the original intent is to enable users to use the same authenticator codes after the upgrade, this also opened the possibility for someone to copy the EOTP when it is submitted to the blockchain during an reveal operation by the legitimate user. The person can then use the EOTP on the other wallets that share the same CoreSetting to perform unintended operations.

This can be problematic for users who may actively use two wallets sharing the same parameters, for example, using the wallet as an owner of a multisig wallet to authorize transactions, but later upgraded the wallet to a new version. When they use the multisig, since the address of the old wallet is still listed as an owner, the authorization of any transaction in the multisig would be performed as an operation from the old wallet. As mentioned above, someone monitoring the EOTP submitted from the old wallet can then use the same EOTP to authorize any transaction from the upgraded wallet. Vice versa, if the victim sends some funds from the upgraded wallet, another person could use the EOTP to authorize a transaction in the multisig

See also discussions in release notes https://github.com/polymorpher/one-wallet/releases/tag/v0.16.1 for remedial actions.
@polymorpher polymorpher changed the title Shared storage across upgrades Shared contract storage across upgrades Mar 4, 2022
This was referenced Mar 4, 2022
Closed
Closed
@polymorpher polymorpher mentioned this issue Apr 1, 2022
Merged
@polymorpher polymorpher reopened this Apr 1, 2022
@polymorpher polymorpher mentioned this issue Apr 1, 2022
Closed
@polymorpher polymorpher changed the title Shared contract storage across upgrades Security vulnerability: reusable authentication parameters across wallets sharing the same security parameters Apr 1, 2022
@polymorpher
Copy link
Owner Author

Fixed in #284

@polymorpher
Copy link
Owner Author

Issue to be closed after details are added to the post

@polymorpher
Copy link
Owner Author

Remedial actions for multisig users, to quote from the release notes:

In either case, the attacker could potentially cause significant harm to the user by executing arbitrary, unintended operations. Therefore, it is highly recommended that any user who uses wallets of prior versions in an app should:

  • upgrade their wallet to 16.1
  • immediately unlink the wallet of prior version from their app, and link the latest upgraded version (>= 16.1) instead.
  • For example, in the case of Harmony Multisig, it means to remove the wallet of prior version from the list of owners.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@polymorpher