Read on Twitter
1/ Over the years we’ve gained experience with responsible disclosures of security vulnerabilities, both conducting and receiving them.
Learning: A good assessment framework is key.
We share our own to promote best practices between professionals and independent researchers.
Learning: A good assessment framework is key.
We share our own to promote best practices between professionals and independent researchers.
2/ Code reviews are a big part of our work: researching new features and verifying interoperability.
If we find a vulnerability, we responsibly disclose it and give the project 3 months to fix it, more if needed.
Our intention is always to make #Bitcoin
better and stronger.
If we find a vulnerability, we responsibly disclose it and give the project 3 months to fix it, more if needed.
Our intention is always to make #Bitcoin
better and stronger.
3/ When assessing the severity of a security vulnerability, there are two main dimensions to consider:
Severity = Impact * Scalability
Severity = Impact * Scalability
4/ The "impact" describes what outcome an attacker can achieve:
seed/key extraction (worst)
theft
ransom
destruction of funds
loss of privacy
bricking the device (least bad)
seed/key extraction (worst) theft ransom destruction of funds loss of privacy bricking the device (least bad)
5/ The "scalability" describes how targeted an attack is: local attacks on a single user take much more effort than a remote software attack targeting millions of computers.
The main categories of attacks are:
Remote
Supply chain
Local
with many nuances in between.
The main categories of attacks are:
Remote Supply chain Localwith many nuances in between.
6/ Additional aspects to consider: what coins are affected? Is user mitigation possible? When is the vulnerabilty present? Is it patchable?
Read the full framework in our full writeup: https://shiftcrypto.ch/blog/how-we-do-security-assessments/
Read the full framework in our full writeup: https://shiftcrypto.ch/blog/how-we-do-security-assessments/
7/ Additionally, all these attack vectors should be reflected in a specific, unhyped threat model.
Check out our threat model for the BitBox02 hardware wallet, and how we protect you and your #Bitcoin against these attacks. https://shiftcrypto.ch/bitbox02/threat-model
Check out our threat model for the BitBox02 hardware wallet, and how we protect you and your #Bitcoin
against these attacks. https://shiftcrypto.ch/bitbox02/threat-model
