Blue Buttons of Death
Today we will deal with what we in our arthouse understanding of the web3 security is called the “blue button of death” and then Ortem will talk about this type of attack using the signature function, which uses EIP-712 — in our subjective opinion, very underestimated danger!
First, I would like you to study these 2 sources to get an understanding of the issue before reading article:
- typefully.com/korpi87/iHknFMq — Important to read for everyone
- officercia.mirror.xyz/M0QAuwwbppAFj2KWZV02DEC8CtrxaX3R47kdpcTspvE — Especially important if you are in NFT
I — Approve Button
A lot of tokens on Ethereum use the ERC/EIP20 standard. This is a standard interface for the token contract that details the contract properties, functions, function arguments, and function return types.
One of these standard functions is
function approve(address _spender, uint256 _value) public returns (bool success). This allows a third-party to send tokens from your account on your behalf. You’ll recognize this pattern if you’ve ever done a swap through an AMM (like Uniswap) as you’ll have to approve the AMM to spend your tokens before you swap.
Bad actors have learned how to exploit this function, as it’s harder for unsuspecting users to avoid when they’re only expecting scams that outright ask for their private keys. Exploiting token approvals is a clever approach because users generally think: “If they don’t have my key, then they can’t sign a transaction, so they cannot steal my assets.” Whilst generally accurate, this is not true when we talk about ERC20 tokens and other token standards.
II — EIP-712: The Hidden Threat. PoC.
First, a little preface. This EIP allows you to approve tokens by signing, that is, if you are already used to all approves being given as a separate transaction, you won’t believe it, you can also approve with a simple signature, which will save you some gas.
This EIP is implemented in some ERC20 tokens, among them $USDC, $UNI and others. Everybody got used to the fact that the signature does not carry any danger, but then we showed you how you can steal all the money from your wallet with eth_sign function:
But that method had one special feature — a big red warning sign from the MetaMask that warned you about the risks. In this case, if an attacker forges a signature for EIP-712, the MetaMask will not warn you in any way and you will not even know that you have been scammed!
To understand the next paragraph, you need to learn for yourself how signatures work and have an idea of the structure of a smart contract.
Next, we need to make that very signature. The EIP-712 type can differ from token to token, so ideally you should look for a different signature approach for each token.
Then we have to take v, r, and s from our signature and pass them and a few other parameters to the permit function on the token contract we want to access.
As we can see, at the very end of the function, after all the checks have been passed, we see a call to the allowance function, which is responsible for approving.
All information is presented for strictly introductory purposes! Do not commit crimes!
For those who want to understand the work of this mechanism in details — we’ve prepared a concept scam site, here is a link to it, all set to work with $DAI on Rinkeby:
GitHub - ortomich/scam_with_sign_2
You can't perform that action at this time. You signed in with another tab or window. You signed out in another tab or…
III — Fantastic Beasts and How to Protect from Them
First of all, I want to say that you can meet this scam anywhere — you can get such a site with a spam token, accidentally get into such an attack if they hack into a legitimate Web3 resource that you use or deliver it to you in some other way, but the whole point is the same — to make you click on a link and do something.
If in the case of approving you can save by using revoke.cash or cointool.app and follow approve hygiene — when you have to cancel all approves every time, in the case of signing, I advise you to use the basic tips from my Guide, use the separation of devices and never do what you do not understand!
Follow the 25 rules in this set, the first 10 rules relate to personal security, and the rest to corporate security, also keep an eye on the latest trends in crypto OpSec, that always makes sense. Don’t be afraid of links, you don’t need all of them but you should be able to pick up which will interest you the most for your own Pathway.
- DarkNet-DeepWeb OpSec Guide
- Read about Timing Attack | Attack via a Representative Sample
Use extensive measures when working with files and always keep an eye on the latest security trends even if your area is far from it. Take this subreddit and this awesome old & trusted resource as the first step. In our dangerous world anyone can become a target, especially in crypto.
Forewarned is forearmed! Stay safe!
Read my articles:
- Key principles of storing crypto, cold wallet security
- 2 violent attack vectors in Crypto: a closer look
- A CIA Agent’s Guide to Steganography, Fooling the KGB, and Protecting Your Crypto
- OpSec in Crypto & Web3.0: Thoughts
- A View on OpSec Through the Prism of Time
- All known smart contract-side and user-side attacks and vulnerabilities in Web3.0, DeFi, NFT and Metaverse
That said, it doesn’t really matter what industry you’re in. If you have any sensitive, proprietary information at all, then you could very well be a target. This is a good thing to always keep in mind.
Learn the latest attack techniques, white-hat cheatsheets and defense methods, join hacker communities — because only with knowledge can we defeat the knowledge of hackers. In this intellectual battle the most prepared will win and I believe that it will be you, Anon. It sounds scary but it is possible, the main thing is to always think ahead.
Support is very important to me, with it I can spend less time at work and do what I love — educating DeFi & Crypto users!
If you want to support my work, you can send me a donation to the address:
- 0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A or officercia.eth — ETH, BSC, Polygon, Optimism, Zk, Fantom, etc
- 17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU — BTC
- 4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero XMR