Share this page!

Zellic Profile picture
Twitter logo
Aug 3 11 tweets 3 min read
Thread: How thousands of Slope wallets were hacked and how other wallets can avoid this 👇
1/ First, the following theories are considered very unlikely and entirely rejected:

- issues in Solana core
- issues in SPL token
- crypto issues (e.g. weak RNGs)
- widespread user devices compromise
- supply chain (compromised libraries)
2/ In the war room, we first hypothesized that wallets may be leaking mnemonics or private keys to Sentry.

After further investigation with the community, this is what we found:
3/ First, let's talk about Sentry.

Sentry is an event logging platform used for reporting errors in apps.

If a certain event occurs in the app, a request containing the details & environment is logged to the company's Sentry.

Many companies use Sentry on websites & mobile.
4/ The Slope Wallet for iOS and Android uses Sentry for event logging.

Any interaction in the app would trigger an event log.

Unfortunately, Slope didn't configure Sentry to scrub sensitive info. Thus, mnemonics were leaked to Sentry

s/o to @sniko_ for this screenshot:
5/ However, Slope has been using Sentry for only 1 week now.

**Hypothetically**, an attacker *with access to Sentry* could go through event logs and steal the thousands of mnemonics leaked in the past week

Then drain thousands of wallets.
6/ Wallets using Sentry or other analytics platforms need to be aware of what information is being logged.

With Sentry, it's possible to scrub data you don't want to be logged. This can be done with server-side scrubbing or in the Sentry SDK.
7/ Furthermore, if sensitive data has been logged, remove it from Sentry.

Removing events is not enough, you must also remove the Sentry tags.

This can be done in "Project Settings > Tags" to remove any related data for a given tag.
8/ We highly recommend reading through Sentry's documentation:

docs.sentry.io/platforms/java…
docs.sentry.io/product/data-m…
9/ If you have used Slope, you should generate a new wallet and migrate your assets there.

The private keys previously used in Slope should be considered compromised.
10/ The investigation into this incident is still ongoing.

We have been working with other security researchers & firms to identify the root cause and will continue to work closely with them to release more details. Please follow @Zellic_io for more updates.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Zellic

Zellic Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Zellic_io

Zellic Profile picture
Aug 3
1/ We forked Geth to compile a list of all 23,897,838 Ethereum contract addresses—a snapshot of every contract EVER deployed on Ethereum.

We found some pretty interesting addresses out there...and you might have already interacted with some of them!

Here's what we found 👇
Addresses are 20 bytes in size. Back of the napkin calculation:

24 million * 20 bytes = 480000000 bytes = .48GB

At least half a gigabyte in the Ethereum blockchain is just occupied by contract addresses.

(This calculation isn't 100% precise, but it's a useful estimate)
Some uniquely cool-looking addresses we found:

OpenSea Seaport (0x0000..)
0x00000000006c3852cbef3e08e8df289169ede581

Gnosis Safe Proxy: (0xdeadbeef...) 0xdeadbeefadf9f06945b3dfaf4f73fdecc70e1c89

Compound Governor Bravo: (0xaaaaa...)
0xaaaaaaaaaaaa8fdb04f544f4eee52939cddce378
Read 14 tweets
Zellic Profile picture
Aug 2
1/ Nomad was just hacked for $190M, making it the 5th largest DeFi hack of all time. How did this happen? We break down not just the exploit, but also HOW THE VULNERABILITY WAS INTRODUCED IN THE FIRST PLACE.

Understanding bugs isn't enough. We need to stop merging them.👇
2/ The hack a mess. Most hacks occur instantly. For Nomad, the bridge was slowly drained over the course of an hour.

This was the first exploit transaction.

It was simple: it interacted directly with the bridge, calling a single function, process().

etherscan.io/tx/0xb1fe26cc8…
3/ Looking at process(), this function is responsible for executing cross-chain messages. This function's security is absolutely critical. It is the linchpin of the entire bridge. Every message ends up here.

It must ensure that only valid messages are executed, and only once.
Read 21 tweets
Zellic Profile picture
Aug 1
$10,000,000 is the highest bug bounty reward ever given.🏆

Earlier this year, Wormhole awarded it for a critical finding.

Let's dive into a $10M vulnerability: 👇🧵
1/ First, let's understand what proxies are.

Blockchains are immutable, meaning deployed smart contract code cannot be changed.

Even if:
- Vulnerabilities are found
- Other bugs exist
- You want to ship new features

Proxies solve this issue.
2/ Proxies act as a gateway between users and smart contract logic.

The following two diagrams visualize the basics.

1. Users interact with the proxy contract.
2. The proxy interacts with the logic contract

The proxy contract can point to a new logic contract if needed.
Read 15 tweets
Zellic Profile picture
Jul 27
An attacker drained $6,000,000 from Audius $AUDIO <72 hours ago.

Yet again, smart contracts remain rekt.

How did this happen?

Let's take a look:
1/ The Audius smart contracts use a pattern called the "Proxy Upgrade Pattern".

This means you can update the logic of a smart contract.

Pro: users don't need to interact with new contracts.

Con: Proxy upgrade patterns are easily misused, as proven here.

Let's dive deeper:
2/ The variable defining the contract's admin address collided with 2 other variables.

1) "Initialized"

and

2) "Initializing"

This is a storage collision!

Well, what's a storage collision?
Read 15 tweets
Zellic Profile picture
Jul 26
Want 500 $USDT for FREE?

Crypto scammers know you do.

🚨 SCAM ALERT: If you see someone "leak" a private key, don't act on it too quickly.

Here's how it works 👇
1/ First, the attacker shares a private key or mnemonic.

Either by:
a) asking for help in Twitter DMs
b) pretending to be naïve & leaking it in a Telegram chat.

To dig deeper,
2/ Let's convert that private key into a wallet address.

After that,
Read 9 tweets
Zellic Profile picture
Apr 2
In one of our recent engagements with a customer, we were asked to audit some code which depended on BokkyPooBah's DateTime library. The contract calculates the day of the month from block.timestamp, and it does this to ensure an operation happens only up to once a month.
This wasn't our first seeing BokkyPooBah's DateTime library. Many other projects depend on this code as well. This made me wonder--with a magic looking formula like this, has this code been actually verified? If there were a bug, it would be a vulnerability across many projects.
The function is documented, but if you try to go to the link they cite as a source, it just returns an error. The webpage doesn't exist anymore.
Read 21 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(