First Scatter Desktop Audit Complete!
Saying that security is important to Scatter is an understatement. While most people think of wallets as an interface with secure components, Developers like to think of them as a secure component with an interface.
Since day one Scatter has been built from the ground up with the utmost care towards both security and privacy. In fact, there’s quite a few advancements in security that Scatter takes pride in ( such as a complete lack of stored password hashes usually needed for verifying passwords which nullifies rainbow tables, keys encrypted both while in storage and while in RAM, and privacy centric additions such as the permissions system ).
Today, we got confirmation that all that hard work has indeed paid off.
Hacken, one of the world’s leading whitehat groups, after 13 days of rigorous testing has sent us their Final Security Assessment.
The things we were checking:
- Authentication — Processing of user authentication and attacks on authentication
- Session Management — Ability to trace/view activities and data guided by temporary storage such as RAM
- Input Manipulation — Inputs from various interfaces, including transit data
- Output Manipulation — Possibility to get information from stored data
- Information Leakage — Possibility to view information while in transit
The above includes the meat of Scatter, everything surrounding those few pieces is just glitter and unicorns ( such as basic wallet functionalities ).
The above bullet points touch on
- the encrypted data stored within the disk and RAM
- the WebSocket layer which provides connectivity with web and native dapps
- the authentication system used to encrypt/decrypt sensitive information such as keypairs, identities, permissions and settings
- and also man-in-the-middle attacks between dapps and Scatter Desktop.
These tests took longer than we both expected. Scatter might not look it, but under the hood it’s a massive beast with untamed power.. and lines of code.
So let’s talk about the vulnerabilities.
- Scatter Desktop saves the words ( all possible words, not just the ones in your own mnemonic ) that make up the backup password mnemonics within it’s own program, which can be exposed by dumping one of the files from the package. This isn’t a particularly sensitive issue as pretty much all wallets that offer mnemonic/seed phrases do this.
- The contents of the app.asar ( the package that contains Scatter’s logic ) can be extracted, and it’s contents read. This is just the app’s logic however which is already open-source on our GitHub, and it can’t be put back together with altered code without breaking the app.
“We performed some anti malware vectors to get critical info from process dump and ram but gain no results. “ — Hacken
Fear not, I was as surprised as you. I had freed up my schedule to do emergency maintenance and was left wanting. Okay, maybe not wanting, but definitely a little bored. We did find some cool stuff though, and some stuff that will lead to a better experience for both crypto-users and non-crypto-users.
- Apparently the salt which is used to further obfuscate the encryption’s password ( prevents rainbow tables ) is often a valid Ethereum key! This is purely coincidental given the way that it is created but hilarious none-the-less. Perhaps your password holds some money :)
- When trying to manipulate the data flowing from dapps to Scatter ( MITM attack ) it broke the data during transit making it reject it and not allow signing. This means that if anything is sitting on your computer watching and tampering with packets as they float around even if it manages to tamper with transaction data you wouldn’t be able to sign it.
- When tampering with the encrypted scatter.json file, any modification breaks it completely. This is of course both good and bad. It’s good because you want it to be tamper proof, and it’s bad because the act of tampering with it actually makes it invalid. Because of this the next version of Scatter now includes a way to set up “Automatic Backups” from within the onboarding process. As it’s always safer to have multiple points of failure, and those automatic backups will be in locations that malware won’t know about ( because they aren’t default locations ). On top of this we are also working on an optional(!) centralized backup service which will work similar to LastPass, and will allow you to save encrypted files to our servers to mitigate the chance of complete data loss such as multiple hard-drive crashes from electrical surges and fires which could take out all your electronic devices ( computers, hardware wallets, etc ).
With this news, one of the next releases of Scatter Desktop will take it out of Beta!
Once that happens, we will begin signing the application and providing checksums for each release which you can use to validate them.
This isn’t the last audit!
This month we will likely begin another audit with another team! Just like going to a doctor, it’s important we get a second opinion. We have been chatting with Cure53 ( the team that did the MetaMask audit ) for a while and are going to pursue a secondary audit on Scatter Desktop on top of the first just to really make sure we didn’t miss anything, or add anything between then and now. Scatter moves rapidly, and changes are abundant. It’s important that we don’t feel held back because we “just did an audit and don’t want to rock the boat”, so instead we’ll be having periodic audits consistently to make sure we’re always keeping users comfortable and most importantly, protected.
— Nathan James ( nsjames ) | Telegram: https://t.me/Scatter
Scatter is a blockchain signature provider as well as an identity and single-sign-on system. It currently supports both Ethereum and EOS, with more blockchain support already underway.