Wallet Theft Revelation: CipherBC Flexify Leveraging MPC to Protect Assets
On July 18, 2024, an Indian cryptocurrency exchange, WazirX, suffered a theft of over $230 million from a multi-signature wallet, the Safe wallet smart contract wallet. The attacker induced the multi-signature signers to sign a contract upgrade transaction, allowing them to directly transfer the assets in the wallet, ultimately moving over $230 million out.
According to WazirX, the signers stored their private keys using hardware wallets. The attacker collected signatures from 3 signers by forging transfer transactions, indicating no private key leakage from the 3 WazirX managers. Similarly, Liminal also did not experience any private key leaks; otherwise, the attacker would not have needed to initiate the final transaction through the Liminal platform.
The signers accessed the correct Liminal platform through bookmarks and underwent Google and MFA verification. Liminal platform logs also recorded three abnormal transactions, ruling out the possibility of WazirX logging into a fake Liminal platform for signature collection. Based on WazirX’s preliminary forensic device evidence, it is believed that the devices of the 3 WazirX signers were not compromised.
In summary, a possible attack method involved the attacker hijacking the victims’ browsers through man-in-the-middle attacks, XSS attacks, or other zero-day exploits to present legitimate transaction content to the victims. After collecting signatures from 3 WazirX victims, the attacker submitted the final contract upgrade attack transaction through an existing session to the Liminal platform, which was successfully processed after risk control measures by the Liminal platform.
Security Threats Faced by Cryptocurrency Trading Platforms
Reflecting on the theft incident, we can draw the following conclusions:
Platform vulnerabilities
Platforms have business security vulnerabilities in their systems and external access interfaces, enabling hackers to conduct illegal operations such as selling user assets or stealing crucial user data.
Lack of intelligent risk control protection
Platforms cannot promptly detect illegal transactions and activities due to the absence of risk identification technologies at critical junctures. The liminal platform signed and processed the contract upgrade transactions. The platform’s whitelist transfer risk control strategy did not function as intended.
How CipherBC Flexify Helps Customers Defend Against Cyber Attacks
领英推荐
Comprehensive Risk Control Mechanisms
CipherBC Flexify is an MPC technology-based wallet service app that provides various risk control mechanisms to address challenges in storing, managing, and transferring digital assets. Depending on the type of wallet, the CipherBC Flexify risk control engine allows customers to run independent risk control programs or on-chain risk control contracts. Even if CipherBC Flexify faces a security attack, customer-side and on-chain risk checks can safeguard user funds.
Transaction Risk Control
You can easily set and edit off-chain and on-chain transaction risk controls.
The backend system of CipherBC Flexify manages off-chain transaction risk control. The risk control engine can conduct granular checks and controls on token transfers and contract calls based on user-configured rules, ensuring that transactions comply with the user’s restrictions. Notably, for MPC wallets, we support deploying custom risk control programs on MPC-TSS signer nodes. This risk control is set on the customer’s MPC-TSS node, automatically identifying and filtering high-risk wallet addresses. This location-based risk control can provide customers with a last line of defense in extreme cases where CipherBC is under attack. In this case, if the WazirX signers had MPC-TSS nodes protected by CipherBC, the attacker would not have been able to collect signatures for unexpected transactions.
Team Management
You can define the number of team members required to approve certain operations (such as deleting team members, modifying member roles, and freezing team accounts). Depending on the approving node settings, there is no limit to adding approvers to one approving node. You can also manually edit rules, set automatic approval, automatic rejection, or approval thresholds.
RAFP — User Roles and Permissions
Role Based Approval Flow Protocol(RAFP) consists of a predefined set of rules that can be used to assign specific permissions to designated members within a team. With CipherBC’s RAFP settings, you can create additional roles based on specific requirements. Please refer to the overview for more information on user roles and permissions.
Providing Secure Technical Support for Customers
We offer timely customer support. If you encounter any security issues, you can promptly report them to us for assistance in identifying and resolving security vulnerabilities.