38 / OpenZeppelin Contracts ECDSA bug

Investigating the ECDSA bug in OpenZeppelin Contracts and searching for vulnerabilities in smart contracts. Will a zero day be found?

Timeline

01:05 Official drink
02:49 What is ECDSA
04:34 How to use ECDSA
10:04 Ella's cameo!
14:47 Searching for vulnerabilities in the wild
15:09 Searching with Etherscan
17:51 Found results
19:47 Found it in the mock
20:37 Found zero day

Participants

Episode notes

Edit these notes…
  1. What is ECDSA?
    1. A public key and a private key
      1. Can be Eth address
    2. Sign a message with a private key, and anybody can verify against public key
      1. Sign a Eth TX or message
        1. The messages are used on smart contracts to denote authorization
    3. Encrypt message with a public key, and decrypt with a private key
    4. Two types of encoding, 64-byte and 65-byte
      1. Either is accepted for verification in a smart contract
  2. ECDSA signature malleability · Advisory · OpenZeppelin/openzeppelin-contracts https://github.com/OpenZeppelin/openzeppelin-contracts/secur lity/advisories/GHSA-4h98-2769-gh6h
    1. OZ mentioned ecrecover opcode malleability
    2. OZ failed to mention the 64/65-bit malleability
    3. Reported other contracts affected ERC1271WalletMock and EIP712External
  3. Should make signature acceptance injective rather than surjective
  4. Need better code search for live contracts!
    1. At least github search accepts “-” operators
    2. Potential issues with Github search operators for Stars & Forks
  5. Found a vulnerability in Zibert bridge (created Github issue) and Hive https://github.com/cent-inc/hive/issues/1