Open-source library dependence puts digital currency exchanges at risk: report

Are digital currency exchanges safe to store their tokens inside? That’s one question newbies into the digital currency ecosystem always ask inside online forums and chat groups. Often they meet with advice to store tokens safely outside the exchange, which they don’t then follow. 

They disregard this sage advice under the false pretense that online digital currency exchanges follow the same rigorous privacy and security standard as traditional financial institutions.

Throughout this last decade of growth in the digital currency sector, there have been numerous instances where exchanges were hacked or corrupted, which caused their users to suffer costly losses from stolen funds. With each scandal comes a post-mortem examination by the team explaining how the exploit occurred and what measures they took to prevent further breaches. 

Every year, there continues to be a fresh scandal, followed by a new round of excuses. 

Earlier this week, an article published by Wired indicated that these security breaches might have been because of the institution’s embrace of open-source libraries that reduce the time and effort needed to launch their platforms. 

At the recent Black Hat security conference, researchers detailed potential weaknesses in the exchanges secured wallet schemes that have now been patched. 

Jean-Philippe Aumasson, cofounder of Taurus Group and vice president at Kudelski Security, said. “They need a way to split the cryptocurrency private keys into different components, different shares, so no party ever knows the full key and, there isn’t a single point of failure. But we found some flaws in how these schemes are set up that are not just theoretical. They could really have been carried out by a malicious party.”

Researchers’ findings break down into three vectors of attacks.

One attack takes advantage of a flaw in a particular open-source library’s mechanism for refreshing, or rotating, keys. In the unsafe library, the refresh mechanism allowed one of the key holders to initiate a refresh and then corrupt the process, so some components of the key changed as others remained the same. While it couldn’t merge chunks of an old and new key, it could cause a denial of service(DOS), permanently locking the exchange out of its funds.

The researchers revealed the flaw to the library developer shortly after the code went out, so it’s unlikely that any prominent exchanges incorporated the library into their systems. It could have found its way into many smaller financial institutions.

In the second scenario, a flaw in the key rotation process of another open-source library is in which it fails to validate all the statements the two parties make to each other. This attack could allow a rogue exchange with malicious motivations to slowly extract its users’ private keys over multiple key refreshes. From there, it could initiate transactions to steal tokens from its customers. This offense could also be carried out quietly by an attacker who first compromises an exchange’s security. 

During the last scenario, researchers found that a protocol in an open-source library developed by Binance didn’t actually check the random values used in “zero-knowledge proofs.” Due to this, a malicious actor in the key generation could send uniquely constructed messages to everyone else that would basically choose and assign all of these values. This action allows the attacker to use this invalidated information later to extract everyone’s piece of the secret key.

“This is the one that is instantly fatal,” said Omer Shlomovits, cofounder of the mobile wallet maker ZenGo. “For the attack here, you would craft a specific message, send it at the time of key generation, wait until the first signature, and then you’re done. You would have enough information to learn all the other keys.”

In March, Binance fixed the vulnerability and pointed out that it’s only present during the initial key generation. It does not interject a lasting vulnerability singly. 

These attacks would not be simple for an attacker to carry out. They all involve moderately privileged knowledge of the inner working within an exchange.

Beyond exposing individual vulnerabilities, researchers stipulated the goal of the examination was to call attention to how simple it is to introduce bugs while implementing multiparty distributed keys for exchanges. Mistakes can be impactful when they’re in open-source libraries that can circulate widely.

Source: Read Full Article