Coindesk Logo

'Bypass' Attack in Coldcard Bitcoin Wallet Could Trick Users Into Sending Incorrect Funds

'Bypass' Attack in Coldcard Bitcoin Wallet Could Trick Users Into Sending Incorrect Funds

'Bypass' Attack in Coldcard Bitcoin Wallet Could Trick Users Into Sending Incorrect Funds

Bitcoin hardware wallet Coldcard is fixing a flaw that could trick users into sending bitcoin on the mainnet when they meant to use its testnet.

Bitcoin hardware wallet Coldcard is fixing a flaw that could trick users into sending bitcoin on the mainnet when they meant to use its testnet.

Bitcoin hardware wallet Coldcard is fixing a flaw that could trick users into sending bitcoin on the mainnet when they meant to use its testnet.

AccessTimeIconNov 25, 2020, 5:00 PM
Updated Aug 19, 2021, 5:51 AM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

The bitcoin-only hardware wallet Coldcard has released a beta firmware patch for a vulnerability that also affected a competitor hardware wallet earlier this year.

Ben Ma, a security researcher who works for hardware wallet manufacturer Shift Crypto, discovered the Coldcard hardware wallet has a flaw: An attacker could trick Coldcard users into sending a real bitcoin transaction when they think they are sending a “testnet” transaction – or a payment on Bitcoin’s testing network, which is not the same as the mainnet.

Both testnet and mainnet bitcoin transactions “have the exact same transaction representation under the hood,” Ma writes in his post disclosing the vulnerability. An attacker could then generate a bitcoin mainnet transaction for the hardware wallet but make it look like a testnet transaction. The mainnet transaction is presented like a testnet transaction on the user’s wallet, making it difficult for users to recognize the error.

Ma learned of the vulnerability after a pseudonymous researcher discovered the so-called “isolation bypass” attack in the French-manufactured Ledger hardware wallet. 

Unlike Coldcard, Ledger supports many coins, so the bypass attack could work by tricking wallet users into sending bitcoin when they mean to send litecoin and bitcoin cash, in addition to testnet BTC.

‘Bypass’ Bitcoin wallet vulnerability: A background

When the initial vulnerability in the Ledger wallet was disclosed, Coinkite founder and Coldcard creator Rodolfo Novak said, “Coldcard doesn't support any s**tcoins. We find that to be the best path,” implying that his bitcoin-only wallet would be safe because the flaw (in part) resulted from the fact that Ledger devices previously managed different coins using the same private key. 

Since Coldcard doesn’t support multiple coins, it theoretically shouldn’t have this problem. And it wouldn’t, if it weren’t for the fact that it can be exploited with bitcoin testnet addresses.

If users' computers are compromised – and the Coldcard device is unlocked and connected to that computer – then an adversary could trick users into sending real bitcoin when they think they are sending testnet bitcoin.

“The attacker merely has to convince the user to, e.g., ‘try a testnet transaction’ or to buy an ICO with testnet coins (I’ve heard there was a [initial coin offering] like this recently) or any number of social engineering attacks to make the user performs a testnet transaction. After the user confirms a testnet transaction, the attacker receives mainnet bitcoin in the same amount,” Ma writes in the post. 

Because an attacker could execute this attack remotely, it met Shift Crypto’s criteria as a critical issue, triggering the responsible disclosure process. 

According to the post, Ma disclosed the vulnerability to Coinkite on Aug. 4 and Novak acknowledged it the next day. On Nov. 23, Coldcard released a beta firmware to patch the vulnerability.

A Coldcard representative told CoinDesk that “unlike the attack on Trezor/Ledger,” Coldcard’s version “is not a realistic attack because the attacker would have to convince the victim to manually switch the device to testnet. That's not something people are likely to do.”

Additionally, Coinkite addressed the vulnerability in a blog post, adding that an attacker would have had to learn a victim’s XPUB (the master public key for their wallet) and the specific transaction ID for the unspent bitcoin they were targeting to pull off the attack.

Coldcard now includes a warning message when a user decides to switch the wallet into testnet (the wallet is set to mainnet by default).

UPDATE (November 25, 2020, 5:52 UTC): This article has been updated to include additional information from Coldcard.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.