Data security is an extremely complex industry. Even the most cutting edge applications, like blockchain and cryptocurrency wallets, are subject to “boring” data security threats. Especially because in the cryptocurrency context reputation equals costs.
To eat an elephant one bite at a time, let’s have a think about the first and foremost things to consider with cryptocurrency wallets security, in simple words.
Cryptocurrency wallets are applications. Yes, magic has real-life mechanics. All that you’ve learnt about application security and threat vectors (user phishing, injections, MitM, brute-forcing users’ passwords, replay attacks, reverse engineering,
malicious 3rd party libraries) applies to crypto wallets too.
In terms of financial risks, a cryptocurrency wallet’s security baseline is similar to a banking app.
Crypto wallets' application security failures allow stealing money faster than from vulnerable mobile banking apps. Unlike banks, public blockchains don’t have a massive anti-fraud system or customer support able to revert transactions. So, while building
a trendy cryptocurrency wallet, you can still rely on OWASP ASVS L3, MASVS L2, and PSD2. It’s much easier to move forward when you can use the well-thought guides.
Crypto wallets are the “gates” to the blockchain ledgers. This opens a broad attack surface for consideration. So, it would be security-wise for development teams to think about:
-
risks and threats typical for any finance application,
-
security issues unique for the ledger,
-
implementation issues (platform related issues, coding).
For example, check out if you pay attention to such issues as:
- Risk of deanonymization. If you got used to the idea that using cryptocurrency can be completely anonymous, I’m to surprise you, alas. Anonymity myth was repeatedly dispelled and user deanonymization is one of the typical risks in the cryptocurrency
world (f. ex., user deanonymization based on transactions graph analysis, IP-address deanonymization based on observing nodes' connections, and many more).
- DoS attacks on individual nodes or the whole ledger is quite typical. Most crypto wallet applications connect directly to the ledger without firewalls. Sending malformed transactions often might lead to loading blockchain nodes with useless
computations.
- User authentication risks caused by a lack of security controls around password and authentication flow. It means that if you leave your iPhone or laptop with an installed crypto wallet unattended, someone might try to bruteforce your password.
Crypto wallets often don’t have any brute force protection.
- Platform trust issues. Web, mobile, and desktop applications have their platform-specific risks. Don’t leave your devices unattended, install the latest security updates for your OS and browser, and select a long password to protect your
crypto wallet app.
- Cryptographic flaws of crypto wallet apps. Cryptocurrency and cryptography share 6 initial letters but it doesn’t mean that developers of crypto wallets are experts in cryptography. Non-custodial crypto wallets store account mnemonics/seed–the
single sensitive data piece that allows access to the whole crypto funds. It comes as no surprise that cryptographic code suffers from common design flaws and implementation mistakes. Alas, we know dozens of cases when a combination of bad cryptographic choices
led to a disaster.
- End users’ reluctance on data security issues can lead to sensitive data leakage even without any attackers’ technical skills. Users might lose their device, forget wallet mnemonics or transfer funds to suspicious accounts.
Finally, the question is what should we do with these concerns?
First of all, treat crypto wallets as financial applications.
Second, start with risk & threat modelling. Then follow best practices in secure design, secure coding, and cryptography.
Push security left and follow the secure software development cycle (SSDLC) as it really saves funds spent on security and reputation as well.