1/ Over the years we’ve gained experience with responsible disclosures of security vulnerabilities, both conducting and receiving them.
Learning: A good assessment framework is key.
We share our own to promote best practices between professionals and independent researchers.
Learning: A good assessment framework is key.
We share our own to promote best practices between professionals and independent researchers.
![Rückhand Zeigefinger nach unten 👇](https://abs.twimg.com/emoji/v2/72x72/1f447.png)
2/ Code reviews are a big part of our work: researching new features and verifying interoperability.
If we find a vulnerability, we responsibly disclose it and give the project 3 months to fix it, more if needed.
Our intention is always to make #Bitcoin
better and stronger.
If we find a vulnerability, we responsibly disclose it and give the project 3 months to fix it, more if needed.
Our intention is always to make #Bitcoin
![](https://abs.twimg.com/hashflags/Bitcoin_2020/Bitcoin_2020.png)
3/ When assessing the severity of a security vulnerability, there are two main dimensions to consider:
Severity = Impact * Scalability
Severity = Impact * Scalability
4/ The "impact" describes what outcome an attacker can achieve:
seed/key extraction (worst)
theft
ransom
destruction of funds
loss of privacy
bricking the device (least bad)
![Schlüssel 🔑](https://abs.twimg.com/emoji/v2/72x72/1f511.png)
![Detective 🕵️](https://abs.twimg.com/emoji/v2/72x72/1f575.png)
![Wasserpistole 🔫](https://abs.twimg.com/emoji/v2/72x72/1f52b.png)
![Bombe 💣](https://abs.twimg.com/emoji/v2/72x72/1f4a3.png)
![Anfeuerungsmegafon 📣](https://abs.twimg.com/emoji/v2/72x72/1f4e3.png)
![Bricks 🧱](https://abs.twimg.com/emoji/v2/72x72/1f9f1.png)
5/ The "scalability" describes how targeted an attack is: local attacks on a single user take much more effort than a remote software attack targeting millions of computers.
The main categories of attacks are:
Remote
Supply chain
Local
with many nuances in between.
The main categories of attacks are:
![Computer 💻](https://abs.twimg.com/emoji/v2/72x72/1f4bb.png)
![Fabrik 🏭](https://abs.twimg.com/emoji/v2/72x72/1f3ed.png)
![Haus 🏠](https://abs.twimg.com/emoji/v2/72x72/1f3e0.png)
with many nuances in between.
6/ Additional aspects to consider: what coins are affected? Is user mitigation possible? When is the vulnerabilty present? Is it patchable?
Read the full framework in our full writeup: https://shiftcrypto.ch/blog/how-we-do-security-assessments/
Read the full framework in our full writeup: https://shiftcrypto.ch/blog/how-we-do-security-assessments/
7/ Additionally, all these attack vectors should be reflected in a specific, unhyped threat model.
Check out our threat model for the BitBox02 hardware wallet, and how we protect you and your #Bitcoin
against these attacks. https://shiftcrypto.ch/bitbox02/threat-model
Check out our threat model for the BitBox02 hardware wallet, and how we protect you and your #Bitcoin
![](https://abs.twimg.com/hashflags/Bitcoin_2020/Bitcoin_2020.png)