Dark Skippy is not an attack against any particular hardware
wallet/signing device, but rather a general method that a malicious
signing device could use to steal your funds.
As long you are using a genuine device with honest firmware then it
should not be carrying out this attack. Ideally verifying open source
firmware against your vendor's public keys, many devices verify firmware
signatures automatically. You should ensure no one has the opportunity
to tamper with your device's firmware in-between uses.
Relevant questions you can ask about a signing device:
Dark Skippy shows air-gapping is about as useful as a glass door on a
dunny for protecting against a malicious hardware wallet (🇦🇺
translation: not at all). Dark Skippy embeds data in the transaction
signatures that are passed from the air-gapped device to the Bitcoin
network. The starting point of Dark Skippy was a conversation about
misconceptions surrounding the security benefits of airgapped signing.
Using 'air-gapped' devices may make it harder to courrupt a
signing device in the first place, by reducing the attack surface of
bugs in the way the device handles wired communication protocols like
USB. Implementing USB based protocols incorrectly
has been a source of exploits in the past.
No. The attack does not need to save your seed words on the device in
order to work. When you load your seed onto the device and sign the seed
words will be undetectably inserted into the transactions signatures.
This also implies
you should never share you signing device with anyone, especially if
the firmware is easily tampered with.
There are other protections one could employ such as verifying and
reflashing the firmware every time you use the device, but these are
cumbersome mitigations and may introduce other risks in the process. It
is possible that a motivated attacker could still tamper with the
internals of the hardware to read from another flash storage component
that contains malicious firmware.
It would be very easy for a malicious device to conditionally act
maliciously depending on the transaction being signed. So unless you're
checking that your device uses deterministic nonces every time you sign,
deterministic nonces are not a robust mitigation and is rather
impractical.
For example, a malicious device could exfiltrate your seed phrase on the
8th transaction you sign, or exfiltrate upon you spending an amount
above some threshold. Or only exfiltrate on mainnet transactions and not
testnet transactions.
Furthermore, manually verifying deterministic signatures can present
further security risks since it requires an independent devices to have
access to the secret key material. In the future, another possibility is
that devices use Zero-knowledge proofs like
Purify from MuSig-DN
to prove to the wallet softwre that the nonce we generated correctly.
This would fully address the issue.
Yes this attack applies to hardware wallets in general, including wider
"cryptocurrency" devices.
Dark Skippy likely also has applications within other classes of
security hardware, but so far we have not identified any where a simpler
exfiltration method would not be more applicable.
As of August 2024, not to our knowledge. Unlikely since this attack has
only recently been discussed, and implementing the appropriate variation
of Pollard's Kangaroo algorithm for a Bitcoin context requires quite a
lot of work. Though since the attack is particularly covert, we cannot
know for certain!
The closest thing to this attack was observed in
The curious case of the half-half Bitcoin ECDSA nonces.
The most straightforward way to make this attack impossible is to use
wallet software on your computer or phone that actively disrupts these
attacks. The user's internet connected device can act as a bouncer that
stops transactions with data embedded in them from reaching the outside
world.
Currently, the two systems that employ this strategy are:
At the moment this is for ECDSA only, but progress is being made towards a Schnorr anti-exfil protocol.
Yes it is possible that enough of your secret key could be
exfiltrated within a single signature from a malicious signer, where the
remaining unknown words are brute forced.
This would take a lot of computational power and time, but it is
definitely possible.
For once, and in this very narrow context, just barely! Instead of taking two transaction signatures, the attack will be successful after four.
Instead of exfiltrating the seedwords themselves, the attack can
exfiltrate the raw seed bytes of the master private key (after the
passphrase is applied). This might take a small few more signatures, so
a passphrase provides no substantial protection.
The attack could also just exfiltrate the passphrase additionally, but a
strong passphrase could substantially increase the required number of
signatures.
Yes it is possible to do the attack within both ECDSA and Schnorr signature schemes.
Yes as you would need a quorum of signers to be malicious and exfiltrate
their keys in order to lose funds.
It should be noted that if the attacker manages to compromise a quorum
of keys/devices they will not know the public keys of any remaining
non-exfiltrated keys. This means the attacker can not immediately sweep
the funds as they do not know the wallet descriptor and thus can not
produce the redeem scripts. Instead the attacker would need to wait
until a transaction is made, revealing the other public keys in the
redeem script, and then RBF this transaction in-flight replacing the
destination of the outputs to themself.
A sophisticated variation of Dark Skippy could exfiltrate the multisig
descriptor within additional signatures.
Multisignature definitely will not help if you use the same malicious
signing device for all your keys!
Threshold signature schemes such as FROST are more protected by default
since multiple parties are contributing to every nonce. It is easy to
modify a FROST based signing scheme to get full protection against Dark
skippy and all other nonce based exfiltration attacks.
We will make our demonstrating code publicly available sometime around September 2024. This code will provide functionality to build these malicious signatures, identify affected transactions in the mempool, solve for secret nonces, and decode the corresponding exfiltrated seed words.
The attacker uses an algorithm like Pollard's Kangaroo algorithm to solve for the secret nonces. Pollard's algorithm involves a "tame" and a "wild" kangaroo making a series of jumps through group elements. The wild kangaroo eventually jumps onto the same path as the tame kangaroo, finding a collision. Skippy the Bush Kangaroo is a famous Australian TV series 🦘.
We believe that Dark Skippy is now the best-in-class attack for
malicious signing devices. So despite the attack vector not being new we
think this disclosure is worthwhile. Particularly with misconceptions
surrounding the security of airgapped + stateless signing devices.
We hope to reduce the risk this kind of attack being successful, and we
wish to highlight the security benefits that ecosystem-wide anti-exfil
mitigations could bring.
Still have questions? contact@darkskippy.com