- there’s a misunderstanding of what memo is in Cosmos-based blockchains
- it can lead to the wallet being exposed without the possibility to un-expose it
- we’ve found wallets with tokens for over $1.2M in 5 networks, could be more
- check out https://wasmywalletleaked.com if your wallet was exposed
- check out the bottom of the article on the next step if it was exposed.
We’ve recently found out that there’s a relatively easy way to expose your wallet info, so any can withdraw all of your tokens. Here’s a little bit of how we did it.
How do Cosmos-based blockchains work?
First of all, we would like to remind how blockchain works:
- Blockchain is a sequence of blocks, where each following block “signs” the previous one, so there’s no way of overriding older blocks without removing the newer ones. The first block in the chain is called the genesis block.
- Each block contains 0 or more transactions
- Once a transaction is in a blockchain, it basically cannot be removed from it
Each transaction can contain a “memo”, this is an arbitrary string that can serve as a payment description or a message from the sender. Memo is public, so anyone can see and access it.
Now here’s a little bit on how wallets work in Cosmos-based blockchains. Once you create a new wallet, you get a mnemonic — a string that can be used to recover the wallet. It’s usualy a 12- or 24-words string, separated with a space. It cannot be changed, so if the mnemonic is leaked, whoever has access to it can do literally anything to the wallet.
So, we’ve recently found out that some people thought that the memo is a mnemonic and attached the mnemonic of a wallet to 1 or more transactions.
We think it’s a common mistake : we’ve checked the most popular wallets for the modals or windows used for issuing a transaction, and found the following:
- in some wallets, the “Memo” field is not a textbox, but a textarea (with multiple lines), and given that it’s big enough to contain mnemonic, chances are people would use it in a wrong way
- in all wallets, there are no disclaimers saying the memo is public
So as you can see it’s pretty easy for the newcomers to make this mistake.
How did we find it out?
Now, you’ll ask, “How did you think about it?” Truth is, we’ve leaked the mnemonic of our own wallet the same way. We were testing the self-delegation script, which used the CLI, which has the
--memo option, which does pretty much the same.
This wallet didn’t have that much money, so in case someone would figure that out, they wouldn’t be able to withdraw money from it. However, it was a wallet linked to a validator, so the attacker could withdraw rewards at least.
Here’s what we did next:
- asked all people who delegated to our validator to redelegate to somebody else, and if they’d do it, we’ll send some bonus money to them
- waited for the total stake sum to drastically decrease
- calculated how many refunds should we give.
Once we were going through the transactions list, we’ve noticed 1 transaction that looked like a mnemonic. So we decided to try using it to login to this wallet, and it worked!
After that we decided to check the whole blockchain for transactions where memo does look like mnemonic. After the scan (we decided to do it on Sentinel network, which by then had around 107k blocks, but later extended it to Cosmos 4, Akash, Persistence, Certik, Kava and Starname), we’ve found at least 60 wallets with over $1.2M worth of money.
Later we were thinking of the actions we (not as users, but as members of the network) can do to prevent things like that. Here’s what we came up with:
- the UI of all the wallets apps should notify user of the memo and the consequences of its usage. We will reach out (or already did it) to the developers of the wallets
- we should reach out to people who got their wallets exposed to let them save their money
- we should write a bot that checks for the new transactions, and if there’s a mnemonic-like string, tries to withdraw all the money, asking the owner to contact us
One of the actions we took was delegating the available tokens to validators, so there won’t be a way to withdraw them without a 28-days unbonding (see below).
We also created the service, called https://wasmywalletleaked.com. You can use it to verify if your wallet is exposed.
What to do if your wallet was exposed?
If your wallet was already drained, there’s nothing you can do unfortunately. If it wasn’t, here’s what you can do:
- Do not let anyone know about this. If you raise any suspicions, changes are someone may figure it out and steal your money.
- As soon as you can, transfer all the available tokens to a newly-created wallet. Chances are someone can do it faster than you, so please do it ASAP.
- If you have any tokens delegated to a validator, once un-delegating them you must go through the unbonding process, where your money can only be withdrawn after 28 days. Once the unbonding is done, you can try withdrawing your funds, before that there’s not much you can do.
And the main rule: DO NOT EVER PUT THE SENSITIVE DATA AS A MEMO.
We hope that the article was entertaining and that it would save the tokens of some people. Please consider it the next time, and if you have somebody who wants to get into one of the Cosmos networks, share this article with them.
Our special thank you goes to:
And if you think that this article was helpful, consider delegating your tokens to our validators:
So long, and thanks for the fish!