In this AMA Recap, we delve into the world of crypto wallet security. Experts from Hacken, ZenGo, and Zerion discuss potential risks, common vulnerabilities, and the challenges faced in balancing user experience with robust security measures, like include open-source code, extensive testing, bug bounties, user awareness, and education.
Mr. Fantastic: Dyma, could you enlighten us on potential risks and key factors to consider when evaluating wallet security?
Dyma: The main risks we’ve identified in this context are private key leaks, malicious transaction signing resulting in financial loss, and personal information leakage. These risks are still prevalent in our industry, but we have ideas on how to mitigate them. There are three main ways:
First, the product should be fully open source, not just partially. Many projects only open parts of their code, leaving critical components hidden.
Second, each version of the wallet should undergo extensive testing, which is currently lacking in our industry. Simply passing the security measures of app stores and Google stores is not enough.
Lastly, bug bounties are critical, yet only 20 out of 46 wallets have implemented them with proper scope. Additionally, only 6 out of 46 wallets publicly announce penetration tests, with just three conducting tests within the past year. This lack of security measures is concerning.
To provide a degree of assurance regarding security measures and compliance, 14 out of 46 wallet brands have undergone at least partial auditing. Furthermore, out of 137 wallet brands offering applications, only 26 have embraced source code transparency by publishing part of their application source code. However, this is still not sufficient.
Mr. Fantastic: Fascinating insights, Dyma. What are some common security gaps or vulnerabilities found in crypto wallets?
Dyma: We conducted extensive research and discovered several critical vulnerabilities. Firstly, many projects don’t adhere to strong password requirements, which compromises security. Only 2 out of 10 wallets implemented third-party recovery processes with at least two authentication factors. Many wallets compromise security for better user experience, allowing screenshots during the backup process. Shockingly, 18 out of 37 iOS wallets lacked a mandatory backup feature. This compromises user security.
Mr. Fantastic: What are the key challenges you face as wallet providers, and how do you ensure timely threat detection and response while maintaining user-friendliness?
Ouriel: Balancing security and user experience is a significant challenge. We’ve spent years contemplating this trade-off. Our approach involves reducing friction and decision-making around security. We focus on creating seamless experiences during onboarding, recovery, and transactions. To address risks, we introduced a new recovery solution using multiple factors and integrated a built-in firewall for transaction protection. These measures safeguard users from human errors and malicious apps.
Yaroslav: From a technical standpoint, we prioritize security by not relying on third-party libraries, except for trusted ones like ethers.js. For user experience, we strive to strike a balance. Strong password requirements can lead users to store passwords unsafely, so we emphasize average complexity passwords that can be memorized. We incentivize users to back up their seed phrases, but we also consider scenarios where access to password managers is limited. Additionally, we ensure sensitive data isn’t stored in memory when logged into the extension.
Mr. Fantastic: Excellent insights. Now, in your opinion, how crucial is user awareness and education in preventing successful hacking attempts? And how do you approach it?
Yaroslav: User awareness plays a vital role, but with mass adoption, it’s challenging to guarantee complete user education. As implementers, we focus on creating a friendly experience while guiding users toward secure practices. We provide warnings and instructions for essential steps, like backing up seed phrases and using strong passwords. However, we understand that not all users will read or fully comprehend the instructions, so we aim to strike a balance.
Ouriel: People’s reading habits and security comprehension vary greatly. Therefore, we design our systems assuming users won’t read extensively. Our goal is to build a secure default experience, where the system’s security relies on user actions. For instance, we make seed phrase backup mandatory, minimizing the risk of human error. We also observe trends outside the crypto industry, such as passwordless systems and hardware keys, to enhance overall security. While it doesn’t solve all issues, it mitigates risks related to human errors.
Dyma: I agree. It’s crucial to strike a balance between security and user experience. We can’t assume all users will fully understand security measures, so focusing on default secure experiences is crucial. User awareness and education remain essential, but the responsibility also lies with wallet providers to ensure robust security measures are in place. What do you think we need to do to make crypto wallets prioritize public disclosure on user security?
Yaroslav: I’m not answering your question directly, but I want to comment on the seed phrase being in memory. In our Zerion wallet extension, we keep the seed phrase encrypted even in memory. We only decrypt the wallet data and private keys when needed for transaction signing. Other wallets often neglect this aspect of user protection. We’ve also discovered interesting browser behaviors where the password input field is kept in memory, which could expose passwords. We take steps to reset the password field after submission to remove it from memory. We’re now considering keeping all keys encrypted, requiring password entry for each transaction, which many users would find desirable.
Ouriel: In our case, we don’t have such a problem because we use multi-party computation (MPC) in our wallet. It ensures that there is no single secret that can compromise the wallet. The keys are generated independently, making it extremely difficult for attackers to gain control of the user’s funds. Account takeover with MPC is highly challenging. Additionally, smart contract wallets and multi-signature wallets provide alternative approaches that reduce the reliance on a single secret, enhancing security.
Dyma: Yes, absolutely. For those unfamiliar with smart contract wallets, they operate differently from regular crypto wallets. Instead of operating with an address, users interact with a smart contract that defines the wallet’s rules. This approach offers a different user experience but also introduces potential problems, such as individual hacks and the need for account recovery. It’s essential to categorize wallets based on their security factors, including seed phrase wallets, multi-party computation wallets, and smart contract wallets.
Mr. Fantastic: Thank you all for these insightful points. Let’s now shift our focus to the Atomic Wallet incident. Carlo, can you explain what happened, and what lessons can be learned from this hack? Why is it so challenging to get wallet security right?
Carlo: We don’t have all the details, but based on the available information, many addresses associated with Atomic Wallet were compromised. Wallet security is challenging because it requires striking a balance between application security and cryptography. Developers may lack expertise in both areas, making it difficult to achieve a secure wallet. There are several vulnerabilities wallets must address, such as insufficient entropy in key generation, the derivation of private keys from public information, transmission of keys to centralized servers, and the risk of supply chain attacks. Atomic Wallet’s incident likely involved outdated and vulnerable dependencies that exposed too much information on the public blockchain. Wallets need to tackle these vulnerabilities to achieve proper security.
Mr. Fantastic: Indeed, wallet security is a critical issue. In your opinion, what are the key vulnerabilities that crypto wallets should address to prevent similar attacks?
Carlo: There are two important metrics to consider: impact and likelihood. Wallet providers should prioritize addressing vulnerabilities with high likelihood and critical impact. For private key wallets, ensuring sufficient entropy in key generation is crucial. Even if a user waits years to secure their wallet, a vulnerability may be discovered, compromising their security. Additionally, wallets should avoid providing excessive public information that could lead to private key derivation. They must also prevent backups from being stored in insecure locations or transmitted to unauthorized servers. Finally, guarding against supply chain attacks, where malicious updates are pushed to wallets, is essential.
Mr. Fantastic: Thank you for sharing those insights. Dyma, can you provide an overview of Atomic Wallet’s rating on CER prior to the incident and shed light on similar wallets’ situations?
Dyma: Atomic Wallet had a rating of 49% out of 100% on CER. They were self-hosted, and the boundaries were clear, but there were no published audit reports. While they had undergone an audit, the report was not made public. The reasoning behind this was that it could give potential hackers insights into vulnerabilities. Nonetheless, regular audit reports are important for transparency and building user trust. Closed-source wallets can also consider private, closed bug bounty programs to enhance their security.
Dyma: I just wanted to emphasize that we have invested thousands of hours into creating Wallet Security Rating. While the methodology can be challenged, we believe that someone needs to take the initiative, and we have done so. We hope that as listeners, founders, and crypto experts, you will assist us in building comprehensive data sets and refining the methodology. We encourage your contribution and spreading the word about cer.live. Please ask your friends about the wallets they use and share the Rating with them. Encourage them to use only secure ones. Only through collective efforts can we raise the bar of security in our industry.
Stay tuned for more security insights