1/ Over the years we’ve gained experience with responsible disclosures of security vulnerabilities, both conducting and receiving them.

Learning: A good assessment framework is key.

We share our own to promote best practices between professionals and independent researchers.

2/ Code reviews are a big part of our work: researching new features and verifying interoperability.

If we find a vulnerability, we responsibly disclose it and give the project 3 months to fix it, more if needed.

Our intention is always to make #Bitcoin better and stronger.

3/ When assessing the severity of a security vulnerability, there are two main dimensions to consider:

Severity = Impact * Scalability

4/ The "impact" describes what outcome an attacker can achieve:

seed/key extraction (worst)
theft
ransom
destruction of funds
loss of privacy
bricking the device (least bad)

5/ The "scalability" describes how targeted an attack is: local attacks on a single user take much more effort than a remote software attack targeting millions of computers.

The main categories of attacks are:

Remote
Supply chain
Local

with many nuances in between.

6/ Additional aspects to consider: what coins are affected? Is user mitigation possible? When is the vulnerabilty present? Is it patchable?

Read the full framework in our full writeup: https://shiftcrypto.ch/blog/how-we-do-security-assessments/

7/ Additionally, all these attack vectors should be reflected in a specific, unhyped threat model.

Check out our threat model for the BitBox02 hardware wallet, and how we protect you and your #Bitcoin against these attacks. https://shiftcrypto.ch/bitbox02/threat-model