Thread
So I found a ZERO-CLICK vulnerability in @argentHQ allowing an attacker to steal all the funds out of all wallets without any user action or interaction โ ๏ธ
Just iterate over wallets and steal funds, easiest ๐ฐ
Now that user funds are safe, I can share the story ๐
Just iterate over wallets and steal funds, easiest ๐ฐ
Now that user funds are safe, I can share the story ๐
2/x
I was working on our smart contract for #Starknet and noticed an issue with a new way Contracts are expected to verify transactions
First I made sure that Braavos's smart contract is safe, then I decided to verify that Argent did not overlook this subtle issue..and BOOM!
I was working on our smart contract for #Starknet and noticed an issue with a new way Contracts are expected to verify transactions
First I made sure that Braavos's smart contract is safe, then I decided to verify that Argent did not overlook this subtle issue..and BOOM!
3/x
I was able to issue a transaction on a test Argent Wallet WITHOUT ANY SIGNATURE on a *Mainnet* wallet!
Here is the transaction on Mainnet:
starkscan.co/tx/0xe822d983f9c5d3ff320037812633435edcd71afa725e16d84af700973b0da
I was able to issue a transaction on a test Argent Wallet WITHOUT ANY SIGNATURE on a *Mainnet* wallet!
Here is the transaction on Mainnet:
starkscan.co/tx/0xe822d983f9c5d3ff320037812633435edcd71afa725e16d84af700973b0da
4/x
Details ๐
On StarkNet, with account abstraction built-in to the protocol - the responsibility of the signature verification logic moves from the blockchain OS to the account smart contract.
Details ๐
On StarkNet, with account abstraction built-in to the protocol - the responsibility of the signature verification logic moves from the blockchain OS to the account smart contract.
5/x
This is extremely powerful, as it allows for an arbitrary verification logic (among other things).
But as they say, with great power comes great responsibility ๐ช๐ช
This is extremely powerful, as it allows for an arbitrary verification logic (among other things).
But as they say, with great power comes great responsibility ๐ช๐ช
6/x
up until the latest StarkNet OS release (v0.10.x) the chain supported transaction โv0โ in which the account contract main execution code was responsible for calling the signature verification process.
up until the latest StarkNet OS release (v0.10.x) the chain supported transaction โv0โ in which the account contract main execution code was responsible for calling the signature verification process.
7/x
From v0.10.x the verification is still done by the account smart contract, but the responsibility to call it moved to the protocol itself.
From v0.10.x the verification is still done by the account smart contract, but the responsibility to call it moved to the protocol itself.
8/x
for the transition period, the protocol continued to support both transactions v0 and v1. Thus, the account contract should expect transactions from both versions (though it does not have to support both).
for the transition period, the protocol continued to support both transactions v0 and v1. Thus, the account contract should expect transactions from both versions (though it does not have to support both).
9/x
The problem with Argent contract was that it tried not to support tx v0, but performed the check in the wrong place - in the validation function that is only called by the StarkNet OS for tx v1.
So tx v0 could have been executed with no signature validation ๐ฑ๐ฑ
The problem with Argent contract was that it tried not to support tx v0, but performed the check in the wrong place - in the validation function that is only called by the StarkNet OS for tx v1.
So tx v0 could have been executed with no signature validation ๐ฑ๐ฑ
10/x
Realizing the severity we IMMEDIATELY reported the issue to the Argent team and a fix was issued within a few hours.
In addition, we advised the Starkware team on a quick patch to the OS, so this specific attack to Argent accounts will get blocked immediately
Realizing the severity we IMMEDIATELY reported the issue to the Argent team and a fix was issued within a few hours.
In addition, we advised the Starkware team on a quick patch to the OS, so this specific attack to Argent accounts will get blocked immediately
11/x
This vulnerability is a subtle one that is easy to overlook, but has devastating consequences.
If we hadnโt found the issue so quickly, or if the Argent team did not issue a quick fix, a potential attacker could easily drain all funds from Argent accounts.
This vulnerability is a subtle one that is easy to overlook, but has devastating consequences.
If we hadnโt found the issue so quickly, or if the Argent team did not issue a quick fix, a potential attacker could easily drain all funds from Argent accounts.
12/x
This incident reaffirmed my strong belief that good and extensive tests are a must! It is a tiresome process, but can save a lot of time and in crypto case also lots of money getting lost.
So, my reco. is TEST TEST TEST (and then TEST some more!)
This incident reaffirmed my strong belief that good and extensive tests are a must! It is a tiresome process, but can save a lot of time and in crypto case also lots of money getting lost.
So, my reco. is TEST TEST TEST (and then TEST some more!)
13/x
Happy we had a happy ending here and we can continue as an ecosystem to work towards a better crypto experience.
Smart contract wallets are key for this and can really onboard the next cohort of people to Crypto.
Follow us in our journey @myBraavos ๐
Happy we had a happy ending here and we can continue as an ecosystem to work towards a better crypto experience.
Smart contract wallets are key for this and can really onboard the next cohort of people to Crypto.
Follow us in our journey @myBraavos ๐
14/x
Here's the nitty gritty:
medium.com/@braavos_starknet_wallet/zero-click-argent-contract-vulnerability-420740cc07eb
Here's the nitty gritty:
medium.com/@braavos_starknet_wallet/zero-click-argent-contract-vulnerability-420740cc07eb
