Original title: “Slow Mist Cosine: Demystifying the IOTA mainnet suspension, bZx and SIM being hacked. Doing this can improve account security | Full text of the video public course of HUT University”
Live: Cosine, founder of SlowMist Technology
Global epidemic crisis, distributed office, only February, there have been many exchanges, mainstream public chains and popular DeFi projects bZx and even personal digital assets have been stolen. In the field of digital assets, security is an eternal topic. In this issue, the University of Computing Power invited blockchain security expert Yu Manx, the founder of Slow Fog Technology, to share the focus of digital asset security protection.
Cosine explained how to protect the security of digital assets from the perspective of the use of private keys, the determination of project security, and the choice of hardware wallets. It stated that from the management of private keys and wallets, there are many details that will create loopholes.
We are talking about the security incidents of some exchanges, public chains, wallets and individuals, and more importantly, how can we better protect ourselves afterwards. We hope this sharing will let everyone know where the possible threats will occur. It is possible that the audience we are participating in this live broadcast is not only individuals, but also some exchanges, or contracting and even supply chain, I hope to also get some inspiration through my sharing.
1 Private keys, wallets, and SIM cards were hacked, security vulnerabilities exposed by recent security incidents
Let’s talk about some security incidents disclosed in the past month.
The first is that the Italian cryptocurrency exchange Altsbit was hacked. Although the amount is relatively small and it is a relatively new exchange, this exchange originally had a relatively small amount of funds, and the amount of stolen funds actually accounted for them. About half of them, so they declared bankruptcy.
The second one is IOTA. We noticed that this event was mainly due to the suspension of the entire mainnet due to this event.
Everyone can imagine a well-known public chain that can suspend the mainnet. What will cause them to do this kind of thing?
The main chain of the public chain is suspended, such as Bitcoin and Ethereum. If they are suspended, it means that no transactions can be performed, and the various contracts running above cannot be executed normally, and the losses will be very large. IOTA did such a thing at that time, because the official wallet introduced third-party components, and the third-party components were hacked, which indirectly affected many users of their official wallets, causing their private keys and passwords to be stolen. The losses have been calculated, the stolen IOTA is about 8.55 million, and the value is about 2.3 million US dollars.
At the beginning of this incident, the entire community and the official were very frightened. They didn’t know where the problem appeared, but just received complaints from many users that their coins were lost. To investigate this, they had to suspend the entire mainnet.
In our opinion, this influence is a very far-reaching incident, but in China, apart from the fact that we have taken the initiative to follow up and disclose it, and tweeted to the official and some relevant people in the community Apart from related interactions, basically no other security teams were seen to respond to this incident.
At that time we discovered that the reason it was hacked was because the official wallet released a new version with a built-in transaction module, which is equivalent to the function of an exchange in the wallet.
Next is bZx. BZx is a Defi project. In fact, before it was hacked, we heard very little. After all, it was not particularly publicized in China, and it was used by relatively few people. We did it because it was hacked once and then hacked a second time, so we were very concerned about why it was hacked?
In fact, the fundamental reason is that the entire economic model is flawed in risk control. Including the mutual flow of some funds on these agreements and so on, in our opinion, it is a risk control defect in an economic model of the system as a whole and outside the system. So this matter is in our understanding, it is not a very traditional, such as a loophole that appeared in the smart contract, or a very simple vulnerability such as excessive authority, unauthorized power, etc.
This fluctuation is an attack event that can occur only when the inside and outside of the system are combined on the entire economic model. Before they were attacked, other teams had actually reminded them that there might be such a problem. But one of the enforcement rules that these underground hackers follow is to do it. What you want to do is to show people that you can really do it, not to say what kind of problems it may have.
Of course, such an early warning is also good, but it is said that many times they will feel that they are very familiar with smart contracts and very familiar with the world of Defi, but they are too proud. When they are really done, everyone knows that this theoretical risk will actually happen. This is a revelation from bZx.
It seems to us a representative of this decentralized label. However, there are risks associated with decentralization and centralization.
The last time, everyone should be very impressed. This was Josh Jones on the weekend a few days ago. We have also made relevant speculations. At the time, he said on Reddit that he had been stolen, probably more than 1,500 bitcoins, and nearly 60,000 BCH. He said that his SIM card was hacked. The SIM card is a very important module in the phone. If the SIM card is hacked, for example, my SIM card was copied by a hacker, which is equivalent to owning my mobile phone number. Receive any information, such as the verification code of the relevant platform can directly lead to the risk of these funds on my platform will be affected.
Why he said that the SIM card was hacked, we would be more convinced, because last year, there were many users of Coinbase Exchange because the SIM card was hacked, which led to the theft of their funds on Coinbase. This seems to us. The risks that can be attributed to the same category are third parties.
In fact, it feels very similar to IOTA mentioned earlier. IOTA was hacked because the wallet was embedded with a third-party exchange component. This and Coinbase and Josh Jones were hacked because of third parties.
The SIM card attack method is actually quite popular, but you don’t have to worry too much in China, because the domestic operators have gone through all kinds of chaos in the early operators, and even the operators have done bad things, including our related laws and regulations. Your phone number will not be easily copied by others.
This phenomenon was quite common in our country about 10 years ago. However, the strength of foreign operators may not be as strong as ours. Everyone knows that the level of infrastructure in our country is very strong. Many overseas operators are private companies operating, and their technical strengths are not necessarily so high, including related internal agreements, which may be very old versions, and risk control management may be backward, and there will indeed be overseas Mobile phone number was copied by social engineering and other methods.
We will remind you that if you are an overseas user, in addition to using the mobile phone number as a two-factor, it is best to use a secondary authentication APP such as Google Identity Authenticator, or some hardware-level solutions. These are some of the things that have been publicly disclosed in the recent month. In fact, there are many undisclosed.
2 How do you manage your private keys?
We have seen a lot of problems in the past month. For example, everyone knows that the private key is the identity. There are very important assets in the private key. There are three key points involved in this. From the generation, storage, and use of the private key, if any one of the links is not vigilant, it may be over time. When some risks are exposed, the possibility of going back or investigating is very low.
We generally mention the private key, and we will also mention multi-signature, including a popular algorithm called secure multi-party computing, but in the early days, many people actually needed them to manage some heavy assets, especially In some currencies, his support for multi-signature is not very reassuring.
For example, Ethereum, everyone knows that Ethereum’s popular multi-signature solution is implemented through smart contracts. However, in the history of multi-signature smart contracts, there have been security issues. We cannot 100% believe that the multi-signature absolute security is achieved through the on-chain smart contract.
Even if I do not pass the smart contract, I can generate multi-signature on the protocol set and go down the chain, but it cannot guarantee absolute security. But here we will be more at ease. The reason is that this method has been checked numerous times in history. If there is a problem, basically everyone can think that the entire public chain or the infrastructure of these well-known public chains has very, very big problems. At this time, it is not some cases, it is definitely a very large-scale incident.
So from the probability and the related code audit, including the frequency of use, many people will prefer a native and transparent solution similar to BTC, rather than multi-sign smart contracts written by third parties, although these smart contracts also We passed the security audit, but we don’t trust the smart contract and the virtual machine underlying the smart contract itself.
So in the early days, many people’s private key generation was a very Stone Age way. After the private key is generated, such as the private key or the mnemonic, through multiple copies and copying, there are multiple people in charge. In the beginning, these people may trust each other very much. For example, three people, any two people get the private key, or a fragment of the mnemonic word, they can form a complete private key.
But the first question is, who will do it when generating the private key? Is the environment he made safe? He said that after he finished it, he deleted it. There is a certain way to restore these deleted data. If there is no solution to the credibility problem in the first step, a seed of doubt or suspicion will be planted. Since these problems are early, it is very difficult to investigate clearly.
Then comes the storage, how to keep the private key in a safe place.
The other is to use it. You still have to use it. You have to play these coins out, or you have to transfer them. As long as you use it, whether you are directly or indirectly, you will have the possibility of networking, or is your operating environment at that time safe?
In recent several internal cases, in fact, many are centered on private keys. The private key just mentioned is very core at the level of the blockchain, and it is also a very basic and very low-level thing.
At the level of the entire system, such as an exchange or a wallet, there are various business modules to run, such as currency transactions, fiat currency transactions, transfers between wallets, recharge, manifestation, and so on. Including some new ways of playing now, such as contract trading, leverage, and you may have funds escrow, you may use a third party.
When we look at security issues, the greater the complexity of a security, the higher the level of a thing, the more user-oriented it is. Therefore, we also find that there are many cases of hacked, or stolen coins, where the higher-level risk control is missing, or the related management platform is hacked.
Many people may think that my management platform, how can a hacker see? In fact, as long as you touch the Internet, your computer’s permissions may be stolen due to being implanted with a Trojan or virus.
When we analyze a hacked or stolen coin incident, our approach is definitely to split many layers from top to bottom, many modules, we will use the simplest method, called the exclusion method. Every piece, every piece of exclusion, finally determines its root cause.
But this process is actually very time consuming, and the most time consuming is probably more than two months before we discover the truth. The moment our entire team knew the truth, the tears were almost falling, and I immediately felt boring.
We know very well that any event, in our opinion, is like solving a case. We need to use the exclusion method to list any possibility, and then exclude it one by one. And many times, the descriptions of many people are problematic. If you want to scrutinize, his memory may also be problematic, and even if he deliberately makes bad, you have to scrutinize.
There are actually not many successful cases in our history, and the proportion of cases that can be solved may be more than half, not to say that they are absolute. After the case is solved, the probability of recovering the stolen coins is even lower.
Because everyone knows that cryptocurrency transactions are transparent and visible on the chain, but this transparent visibility is limited to transactions, and does not record your IP, your privacy in the real world.
When tracking on the chain, there is an interesting point in the end. He will definitely convert these coins into fiat currencies in the end, but it is only a matter of time.
I may wait a few years later, I can come back after the storm, you will eventually convert into fiat currency. In many cases we found it was anxious to redeem it.
If we are underground hackers, no matter what method is used, the coins are stolen through the loopholes in these exchange wallets, or various users are phishing to steal other coins, or the server and you are stolen through ransomware. Your computer is encrypted, you have to pay me Bitcoin or Monero and so on. No matter what, I stole these coins and I will find a way to cash them out.
This involves that your coins will go to the exchange. Before entering the exchange, more and more professional practices now go through a mixed currency platform. The existence of these mixed coin platforms is a game for others who need to launder coins. The amount of money I wash in it, I ca n’t surely increase it every time. This ca n’t be more means that my speed will be slow. The other one may find a few more houses to wash together, because if you are in trouble, Now, all the evidence chains I laundered on you can be found, and even you will record my IP and so on.
None of these methods are particularly effective in the face of some superpowers. So you can see that laundering is also an art. It is not easy. The greater the movement, the more it may be exposed.
In the end, after you come out of the mixed currency, you have to enter some well-known exchanges, because they have fiat currency channels to come out. Here again, you are involved in your identity and account number on this exchange. Professional hackers will never use their identities to register with these exchanges. Their various KYCs, various identities and even video identification can be fake.
This is a very complete underground hacking industry chain, all relying on money to buy. So for example, if I steal 100 million US dollars of coins, they will eventually be washed out and will be washed by various intermediate links. I may step on a pit and my coins will not come out. It is already very lucky.
3 How can I tell if this project is safe?
The main problem that many people care about is how to judge whether a project is safe or not?
This is not an easy task, but we still give some basis for judgment, which can be used as a reference for everyone.
First, is there a strong security team in-house? Or a key person with rich security experience is checking, this is very critical. I may not have a security team, but it doesn’t matter. I have very rich experience. I can connect R & D, operation and maintenance, operations, etc. to advance the entire security construction work in an orderly manner.
So how to judge whether there is a security team, or a core person, is it true or false? This is hard to answer, and the industry often relies on word of mouth. Therefore, we may have to see a lot more, or we may know more people, so that our judgment can be more accurate.
Second, in the past six months, it has not been security audited by a third-party professional security agency, and there are public security audit results. This requirement is still a bit difficult in our opinion.
Because the entire industry is developing very fast, has it been audited by a security agency within half a year, it is best to be a very professional and well-known, and relevant reports can be publicly reviewed. However, we find that many project parties are actually reluctant to make internal audit reports public. After all, it may involve project privacy, which we also understand.
However, we have also seen that there are many project parties overseas, in fact, they are very willing to let these audit institutions transparently publish their reports.
Third, there are third-party security agencies that work closely together for a long time. Because it was also said that security needs long-term development, there will be one or more very close third-party professional security agencies to cooperate. If there is such an ongoing relationship, some black swan attack incidents can also be achieved to stop losses faster.
In our opinion, being hacked is inevitable. No one dares to say that he has not been hacked. This is certain. Of course, it is not necessarily the case if there is any stolen currency, there are indeed some that do a better job, and the coins have not been stolen.
But being hacked on the Internet, such an open network, can happen all the time, even by insiders. Therefore, since this is a very common phenomenon, we should calmly cope.
As long as you don’t lose too much, or you don’t have an evil or opaque mentality, you can actually win the wider support of the community.
This is also the fourth point we said. Core members are needed. They should be open to security and admit their mistakes if they have problems, instead of just shouting slogans.
For example, we see that there are many project parties, and their official website writes that my security is very strong and very good. Even at the Zeus level, it feels that various noun adjectives will come out, of course, these slogans are actually meaningless. We know where his problems may appear, because we are a very professional security team. Of course, for those professional underground hackers, they can also know that they can make your slogan important to your face Basis.
Fifth, we have awe and respect for safety. In fact, I think this thing is not only about safety. In this industry, no matter what you do, the entire industry chain goes up and down, everyone in the middle link must be full of awe, including due respect.
4 What kind of hardware wallet is safe?
Recently, we also reviewed some hardware wallets. After doing an audit of these hardware wallets, we made a summary of what kind of hardware wallets are secure and powerful.
1. It is better to support enough mainstream currencies;
This is not absolute, we just consider it from the perspective of peace of mind, because a person’s hardware wallet in principle will not exceed two types, because you are not necessarily a good thing, and true security is not When it comes to absolute security, there are very few really secure hardware wallets.
2. The relevant hardware modules used at the hardware level are the top international standards and the production and delivery supply chain is also top;
Many teams that make hardware wallets are definitely not completely top-level and professional for various chips, modules and components of hardware. At this time, you have to rely on a lot of international top standards, even if you can’t do it, you have to use it well. Including your choice of supply chain, your production, including your delivery, all have to choose these top quality.
3. The coupling and safety design of firmware and hardware modules are absolutely top-notch;
The firmware is simply an operating system. It is definitely not based on Android. Android’s mission is not to make hardware wallets. The coupling between the firmware and the hardware modules, the safety design with a coupling between them is absolutely first-class.
4. The hardware uses Bluetooth, USB and other external communication modules are the latest security standard technology;
5. It is best to have a screen for the hardware wallet, so that the user can confirm the correctness of the target address with naked eyes when transferring money;
6. The environment of the connected computer or mobile phone used for supporting the hardware wallet is pure and single;
If you are not sure, don’t mix it in other environments. For example, if I am sure, then it doesn’t matter to me, because I know the security of my computer very well. But I’m not sure, we’d better say it’s an independent virtual machine, an independent computer, and it’s dedicated to some operations of important assets.
7. The hardware wallet should support multi-signature security management;
Multi-signature or multi-party calculation is a good way. Of course, there is still a long way to go for multiple parties. Multiple parties can better solve different supply chains because the multi-signature mechanism is not the same. There is no universal solution. Of course, it can turn this solution into a more general one. The solution, this is what we are really looking forward to.
8. The design of mnemonic record and storage, or even co-management, is best introduced into SSSS practice;
To put it simply, when I split the mnemonic, for example, it can be designed as 2-3 or 3-5. I won’t say in transcription that one person will remember all the words completely. Of course, after copying, I can make sure that I copy these copies, such as my 2-3 I would like to take two copies, and it can be spelled into a complete mnemonic list.
9. The physical security of the hardware wallet cannot be ignored;
For example, can it be better waterproof, fireproof, lightning protection, etc. For example, if I fall to the floor, it may be broken, which is very embarrassing. And when it is destroyed, it can not be perfectly restored, which can prevent my supply chain link from being manipulated by some people in the middle of the delivery process.
10. The security mechanism for upgrading firmware and supporting software cannot be ignored;
You may be okay now, maybe if you upgrade a firmware, the private key generation is very random, a backdoor that is maliciously implanted by someone, then it is very troublesome. It’s not the same as the traditional Internet saying that you need to upgrade in time. Our suggestion is based on a premise, that is, when you have enough or there are no serious loopholes, don’t upgrade easily.
11. The hardware wallet security team has sufficient strength to analyze the deficiencies of its peers, and the disclosure has obtained extensive technical reputation in the industry;
The person who engages in security is actually a hacker on the back, just like we do security. If you do not have some relevant knowledge of hackers, how can you do security well? There should be some tempers, and it is normal to talk to each other. The key point is that you have to be really capable. You can publish some of your research reports, instead of saying that you always send out some PR articles, saying that you are safe and secure.
12. The private key is generated, stored, and used. The almost absolute security of the private key is the most basic requirement.
13. Open source.
Our view on open source is this, not to say that you open source as soon as you come up, it is unrealistic.
Everyone knows this industry. In fact, many times business is a dog thing. If you open source, you may be copied directly by your peers. So open source is a process, not a matter of anger. I said that open source is open source. I also have to do business, I also have to make money, and I have to live. But open source is a gradual process, and we are very much looking forward to when you become the top in the industry, you can boldly open source, you will always lead in the front, let them follow and it is OK, this feels very good.
The above is my share, thank you.
Source link: mp.weixin.qq.com