HODLX Guest Post
Submit Your Post
No incidents reported in the DeFi space for zero days. This latest vulnerability was discovered in the widely used “Elliptic Library”.
What makes it worse
- – Its exploitation could allow hackers to control users’ private keys and drain wallets.
- By simply signing fraudulent messages presented by the user. Is this a critical issue?
The first thing to consider is the fact that the Elliptic Library provides developers with ready-made code components. This means that developers do not borrow the necessary elements but rather use existing code without writing and reviewing it from scratch. While it is considered a safer practice since the library is continuously used and tested, the risk increases if a vulnerability is introduced.
The Elliptic Library is widely used in the JavaScript ecosystem. It provides cryptographic functionality for many well-known blockchain projects, web applications, and security systems. According to NPM statistics, the packages containing this bug are downloaded approximately 1.2 to 1.3 billion times a week, with over 3,000 projects listing it directly as a dependency.
This extensive usage means that the vulnerability could impact a large number of applications – particularly cryptocurrency wallets, blockchain nodes, and electronic signature systems – as well as any services relying on ECDSA signatures from the Elliptic Library, especially when external inputs are provided.
This vulnerability allows remote attackers to completely compromise sensitive data without proper authorization. That is why the issue has received a very high severity rating – about 10 on the CVSS scale.
It is important to note that exploiting this vulnerability requires a very specific sequence of actions; the victim must sign arbitrary data provided by the attacker. This means, for example, that if an application only signs predetermined internal messages, certain projects may remain secure. Nevertheless, many users do not pay as much attention when signing messages with cryptocurrency wallets as they do when signing transactions.
Whenever a Web 3.0 site asks users to sign service terms, users often ignore reading them. Similarly, users may quickly sign a message without fully understanding its implications.
Technical Details
The issue arises from the improper handling of errors during the creation of ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. ECDSA is commonly used to verify that messages such as blockchain transactions are genuine.
To create a signature, you need a secret key – known only to the owner – and a unique random number called a “nonce”. If the same nonce is used multiple times for different messages, it is possible to mathematically determine the secret key.
Typically, attackers cannot deduce the private key from one or two signatures because each signature uses a unique random number (nonce). However, the Elliptic Library has a flaw – if it encounters an unusual input type (such as a special string instead of the expected format), it can create two signatures for different messages using the same nonce.
This bug can potentially reveal the private key, a mistake that should never occur with proper ECDSA usage. To exploit this vulnerability, an attacker needs two things:
- The user’s valid message and its signature – for instance, from any previous interaction.
- The user must explicitly sign a second message to exploit the vulnerability.
With these two signatures, the attacker can compute the user’s private key, granting full access to the associated funds and actions. More details can be found in the GitHub security advisory.
Exploitation Scenarios
Attackers can exploit this vulnerability through various methods, including the following:
- Phishing attacks that guide users to counterfeit websites and request message signatures.
- Malicious DApps (Decentralized Applications) masquerading as harmless services, such as signing terms of use or participating in airdrops.
- Social engineering to convince users to sign seemingly harmless messages.
- Compromising server private keys, which are derived from user-signed messages.
One particularly concerning aspect is that users generally adopt a relaxed attitude toward signing messages compared to transactions. Cryptocurrency projects frequently require users to sign service terms or messages for airdrop participation, making exploitation easier.
So consider this – would you sign a message to request free tokens? What if that signature could jeopardize your entire cryptocurrency balance?
Recommendations
Users must promptly update all applications and wallets utilizing the Elliptic Library to the latest secure versions. Exercise caution when signing messages, especially from unfamiliar or suspicious sources. Developers of wallets and applications should verify their version of the Elliptic Library. If any users may be affected by a vulnerable version, developers must urgently inform them of the need to update.
Gleb Zykov is the co-founder and CTO of HASHEX Blockchain Security. He has over 14 years of experience in the IT industry, more than 8 years in internet security, and a strong technical background in blockchain technologies (Bitcoin, Ethereum, and EVM-based blockchains).
