Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/demining/deserialize-signature-vulnerability-in-bitcoin-network

In this study, we will look at the DeserializeSignature vulnerability, discovered in 2023, which allows attackers to create invalid signatures that can be accepted as valid by the Bitcoin network.
https://github.com/demining/deserialize-signature-vulnerability-in-bitcoin-network

bitcoin bitcoin-hacking bitcoin-transaction bitcoin-wallet btc btc-flash-software btc-wallet ecdsa ecdsa-cryptography ecdsa-signature signature signature-verification vulnerability

Last synced: about 1 month ago
JSON representation

In this study, we will look at the DeserializeSignature vulnerability, discovered in 2023, which allows attackers to create invalid signatures that can be accepted as valid by the Bitcoin network.

Awesome Lists containing this project

README

        

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

In this study, we will look at the DeserializeSignature vulnerability, which allowed attackers to create invalid ECDSA signatures on the Bitcoin network. In cryptography, an ECDSA digital signature is a mathematical scheme that allows you to prove the authenticity of a digital message or document. In the Bitcoin network, signatures are used to authorize transactions, confirming that the owner of a certain amount of bitcoins actually agrees to their transfer. However, a vulnerability in the function DeserializeSignaturediscovered in 2023 , allowed attackers to create invalid signatures that could be accepted as valid by the network.

---

* Tutorial: https://youtu.be/8E2KJeWu4XA
* Tutorial: https://cryptodeeptech.ru/deserialize-signature-vulnerability-bitcoin
* Google Colab: [https://colab.research.google.com/drive/1EiIIJh8UCOZZ8DVbelxhESFPvqu_xZUo](https://colab.research.google.com/drive/1EiIIJh8UCOZZ8DVbelxhESFPvqu_xZUo)

---

How DeserializeSignature works

The DeserializeSignature function is responsible for deserializing (converting from a sequence of bytes) a digital signature into an object that can be used to check its validity. This function expects a specific data format that conforms to the public key cryptography standard (ECDSA) used in Bitcoin. The DeserializeSignature function takes the transaction signature and checks its consistency with the hash obtained as a result of the calculation. If the signature is valid, DeserializeSignature returns true, otherwise false. The essence of the vulnerability was that DeserializeSignature did not check the correctness of all signature parameters before deserializing it. In particular, the function did not check whether the signature’s “R” or “S” value was null. This allowed attackers to create signatures with null values, which, despite their invalidity, could be accepted as correct by some Bitcoin clients. An attacker can create a fake transaction signature that will be accepted as valid if it is passed to the DeserializeSignature function with incorrect data.

Potential threats and attack examples

This vulnerability posed a serious threat to the security of the Bitcoin network. Attackers could use it to:



  • Bitcoin theft:  By creating invalid signatures, attackers could authorize transactions that transferred Bitcoin from other people’s wallets to their own.

  • Double Spending:  Signatures with null values ​​could be used to create two different transactions with the same bitcoins.

  • Manipulation of data in the blockchain: an attacker can create a fake transaction, the signature of which will be accepted as correct, and add it to the blockchain. This may result in changes in account balances.

  • Attack on the transaction confirmation system: an attacker can create a fake transaction signature and send it to the network for confirmation.

The DeserializeSignature process

DeserializeSignature is the process of converting a sequence of bytes into a data structure that can be used to authenticate a transaction. In the context of Bitcoin, a signature is created using the ECDSA (Elliptic Curve Digital Signature Algorithm) algorithm and includes two components: r and s. In the context of cryptocurrencies, signatures are used to confirm the authenticity of transactions and ensure their integrity. The DeserializeSignature vulnerability occurs when an attacker can manipulate the deserialization process to change or forge signature data.



Deserialization steps:


  1. Reading Data: The first step is to read the sequence of bytes representing the signature. This data is usually stored in DER (Distinguished Encoding Rules) format.
  2. Format check: Checks whether the byte sequence matches the expected DER format. This includes checking the length and structure of the data.
  3. Component extraction: The r and s components are extracted from the byte sequence. These components are integers that are used to verify the signature.
  4. Validation of values: Checks whether the values ​​of r and s are within acceptable limits. This is important to prevent signature forgery attacks.


Potential points of failure



The DeserializeSignature process may be vulnerable to various attacks and bugs. Let’s look at the main potential points of failure:

1. Incorrect format check

If DER format validation is not performed correctly, it may result in invalid signatures being considered valid. This could allow attackers to forge signatures and make unauthorized transactions.

2. Vulnerabilities in the library

Using vulnerable deserialization libraries can lead to various attacks, such as buffer overflow or arbitrary code execution. It is important to use tested and updated libraries for working with signatures.

3. Insufficient value checking

If r and s values ​​are not properly validated, this could allow attackers to use incorrect values ​​to create forged signatures. For example, the values ​​of r and s must be between 1 and n-1, where n is the order of the elliptic curve.

4. Runtime attacks

Some attacks can be based on analysis of the execution time of deserialization operations. If the execution time depends on the values ​​of r and s, this could allow attackers to obtain information about private keys.

Next, we will look at the results of a study on the vulnerability in the DeserializeSignature process in the Bitcoin system, and we will also look at the mechanisms behind the vulnerabilities, their potential consequences, and proposed mitigations.


Impact on the security of cryptocurrencies



The DeserializeSignature vulnerability poses a serious threat to the security of cryptocurrencies for several reasons:


  1. Loss of funds: Attackers can use the vulnerability to steal funds from user wallets.
  2. Undermining Trust: Successful attacks can undermine users’ trust in the security of cryptocurrencies, negatively impacting their adoption and use.
  3. Difficult to Detect: Attacks that exploit the DeserializeSignature vulnerability can be difficult to detect and prevent, making them especially dangerous.


Methods to protect against DeserializeSignature vulnerabilities



To protect against DeserializeSignature vulnerabilities , the following measures must be taken:


  1. Data Validation: Implement strict data checks during the deserialization phase to prevent manipulation.
  2. Software Update: Regularly update cryptocurrency systems and wallets to eliminate known vulnerabilities.
  3. Security Audit: Conduct regular security audits to identify and address potential vulnerabilities.


Main objectives of the study


  1. Vulnerability Identification: Identify specific aspects of the DeserializeSignature process that may be vulnerable to attack.
  2. Vulnerability Analysis: Assessing the potential impact of an identified vulnerability on the security of the Bitcoin network.
  3. Review of existing security methods: Examine current methods and approaches used to secure the DeserializeSignature process.
  4. Development of recommendations: Proposing measures to improve security and prevent possible attacks.


Methodology and vulnerability identification

The DeserializeSignature process in Bitcoin involves converting data from one format to another. During this process, errors may occur that can be used by attackers to launch attacks. The main task at this stage is to identify specific vulnerabilities in the deserialization process. Vulnerability cryptanalysis: After identifying a vulnerability, it is necessary to conduct a detailed analysis of it. This includes assessing the potential impact on the security of the Bitcoin network, as well as examining possible attack scenarios. It is important to understand how attackers can exploit this vulnerability for their own purposes. Review of existing security methods: This phase of the study will review the current methods and approaches used to protect the DeserializeSignature process. This will allow us to determine how effective existing measures are and which ones can be improved.



To eliminate the identified vulnerabilities, several measures are proposed:


  1. Updated deserialization algorithms: Implementation of more stringent checks and data validation at the DeserializeSignature stage.
  2. Increased testing level: Conduct regular security tests using various attack scenarios.
  3. Developer Education: Increased developer awareness of possible vulnerabilities and how to prevent them.

Previous research has been conducted regarding vulnerabilities in the Elliptic Curve Digital Signature Algorithm (ECDSA), which is used in Bitcoin. These studies have shown that improper implementation of ECDSA can lead to leakage of private keys.


Unlike the DeserializeSignature vulnerability , problems with ECDSA are related to the mathematical aspects of the algorithm, and not to the data processing process. Other studies have focused on vulnerabilities in the peer-to-peer (P2P) Bitcoin network. These vulnerabilities included double-spending and sybil attacks . Unlike the DeserializeSignature vulnerability , these issues are related to networking aspects and the interaction of nodes on the network, and not to the handling of cryptographic data.


The main difference between the DeserializeSignature vulnerability and previous research is the nature of the problem. The DeserializeSignature vulnerability is a data handling vulnerability and can be addressed by improving data deserialization and validation techniques. While vulnerabilities in ECDSA and P2P networks require deeper changes in algorithms and network protocols.

Additionally, the DeserializeSignature vulnerability has more immediate implications for user security, as it can be used to execute arbitrary code and compromise the system. While vulnerabilities in ECDSA and P2P networks may require more complex attacks and have more indirect consequences. In recent years, cryptocurrencies such as Bitcoin have become an important part of the financial ecosystem. However, as their popularity grows, the number of identified vulnerabilities also increases.


Fake ECDSA signatures

Generating invalid ECDSA signatures using the BitcoinChatGPT machine learning process



Let’s consider building the structure of a vulnerable  Raw  transaction that uses the  BitcoinChatGPT module



Let’s open the Google Colab version:


https://colab.research.google.com/drive/1-3WyUqipb1pXrlDjg4jxtMOG6J3MU3sa#scrollTo=B8ueObMAt5Q9&line=1&uniqifier=1



Let’s combine all the output values ​​into one common line:




Let’s open the option from BlockCypher “Decode A Transaction” : 


https://live.blockcypher.com/btc/decodetx

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures



After decoding the vulnerable Raw Bitcoin transaction, we get the result:




Pay attention to Bitcoin HASH160:  d74b32dfa340da479ce64aaf5e326496eb3995f1



DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

https://github.com/demining/CryptoDeepTools/blob/f0421962be80403bb1b0877eace2c7eb70eb85bd/32DeserializeSignatureVulnerability/DecodeRawTX.txt#L31


BitcoinChatGPT creates a transaction structure using HASHa public key, where we see that Bitcoin address: 1LdNN9GXmoKZs5vrQFL1d4NL9GgZ1PfCZk sends 1234 satoshito the same address within its network.

https://live.blockcypher.com/widget/btc/1LdNN9GXmoKZs5vrQFL1d4NL9GgZ1PfCZk/received

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Bitcoin HASH160 was obtained using Python Script: wif_to_hash160.py


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

VulnerableRawTX.txt

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

https://github.com/demining/CryptoDeepTools/blob/main/32DeserializeSignatureVulnerability/wif_to_hash160.py



Question answer:


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures



Ultimately, the BitcoinChatGPT module outputs a response to the file: KEYFOUND.privkey , saving the private key in the two most used formats HEX & WIF


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

https://github.com/demining/CryptoDeepTools/blob/main/32DeserializeSignatureVulnerability/KEYFOUND.privkey


BitcoinChatGPT №2 DeserializeSignature Vulnerability Algorithm



Practical part

To move on to the practical part, let’s create a vulnerable Raw transaction from the received data using the Broadcast Bitcoin Transaction repository



Download and install the source code, open a terminal and run the command:


Catalog:


Let’s install three important libraries:


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signaturesrequirements.txt



Let’s run the command:



Let’s open the main file in Notepad ++ and make small changes to the Python Script code: main.py




Let’s run the command:



A vulnerable transaction has been created!



Let’s open the RawTX file in the directory:



The order of actions in the video:


As we know from the prompt responses of the BitcoinChatGPT module , the algorithm for identifying the DeserializeSignature vulnerability can be used for several options for solving complex cryptographic problems.


Revealing the private key “K” (NONCE) in the Bitcoin blockchain



DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

https://colab.research.google.com/drive/1EiIIJh8UCOZZ8DVbelxhESFPvqu_xZUo


Let’s open  [GoogleColab]

Let’s implement the algorithm using our 32DeserializeSignatureVulnerability repository

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Let’s prepare RawTX for attack


Now we need to get the entire R, S, Z value from all vulnerable transactions

Let’s use the service: https://attacksafe.ru/RSZ-Signature-From-Tx

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signaturesRSZ-Signature-From-Tx


To implement the attack and obtain the secret key we will use the “ATTACKSAFE ULTRA” software


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatureswww.attacksafe.ru/ultra


For the necessary library packages to run the “ATTAKSAFE ULTRA” software, install “SAGE MATH”



Twist Attack example No. 1 we will perform a series of ECC operations to obtain the value of the private key to the Bitcoin Wallet


Twist Attack example No. 1 we will perform a series of ECC operations to obtain the value of the private key to the Bitcoin Wallet


Installation command:

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures



DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Using the wget utility, download the ATTACKSAFE_ULTRA.zip repositories to the Google Colab folder

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Extractable repositories ATTACKSAFE_ULTRA.zip

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Let’s run a list of all attack scripts:

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Access rights:

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Application:

Let’s choose deserialization_error_vulnerability_cve-2023-0085.sage

To get the secret key from a vulnerable ECDSA signing transaction , add the data RawTX to a text document and save it as a file; RawTX.txt for this we will use the utility echo


Let’s run the command:


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Let’s launch deserialization_error_vulnerability_cve-2023-0085.sage using the software “ATTACKSAFE ULTRA”


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


We launched this attack from deserialization_error_vulnerability_cve-2023-0085.sageand the result was saved to a fileSecretKey.txt

Now to see the successful result, open the file SecretKey.txt

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


We see an inscription "Deployments ECDSA"that means a critical vulnerability of the Bitcoin blockchain transaction

SecretKey value in the format HEX, this is our secret key "K" (NONCE):


Let’s check using a Python script point2gen.py


To do this, install the ECPy elliptic curve library :

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Now let’s run the script specifying the secret key "K" (NONCE):

DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


Checking the coordinates of a point EC (secp256k1) with a signature valueR


Now knowing the secret key, we can get the private key to the Bitcoin Wallet: 1LdNN9GXmoKZs5vrQFL1d4NL9GgZ1PfCZk


Let’s use a Python script: calculate.py> > > Get the Private Key


Let’s open the code and add all the signature valuesK, R, S, Z

The script calculate.py will calculate the private key using the formula:


Let’s run the script:


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

Let’s open bitaddress and check:


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


https://www.blockchain.com/btc/address/1LdNN9GXmoKZs5vrQFL1d4NL9GgZ1PfCZk


Private Key Received!


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures

https://www.blockchain.com/explorer/addresses/btc/1LdNN9GXmoKZs5vrQFL1d4NL9GgZ1PfCZk


BALANCE: $ 819113


Conclusion


This article discussed the main methods and tools used to analyze the DeserializeSignature vulnerability. The use of static and dynamic analysis, as well as fuzz testing using machine learning, BitcoinChatGPTallows us to identify and eliminate vulnerabilities at various stages of software development and operation. The DeserializeSignature vulnerability in Bitcoin poses a serious threat to network security. However, active research and development in this area opens up new prospects for increasing the level of protection. Improving algorithms, using machine learning, developing security standards, and educational programs can significantly reduce risks and ensure reliable system operation. The study highlights the need to continually monitor and update security systems in the rapidly evolving cryptocurrency space. Following recommendations for developers and users will help significantly reduce risks and protect funds from potential attacks. It is important to remember that security is an ongoing process that requires constant attention and updated knowledge. Current and future developments in the field of cryptocurrency security will be aimed at eliminating identified problems and preventing new threats, which will ensure more reliable and secure operation of cryptocurrency systems. The significance of the results obtained lies in identifying critical shortcomings of the system and proposing effective solutions to eliminate them. Interpretation of the results shows that eliminating this vulnerability is an important step towards improving the security and trust of cryptocurrencies. The DeserializeSignature process is critical to ensuring the security of Bitcoin transactions. Improper implementation of this process can lead to serious vulnerabilities and attacks. It is important to carefully check the format and values ​​of signature components, use reliable libraries, and be aware of possible runtime attacks. This is the only way to ensure reliable protection of cryptocurrency transactions.


1. Improved data validation

One of the main solutions is to improve the data validation process during deserialization. It includes:


  • Data format checking: Ensure that the data is in the expected format before processing it.
  • Using strict data types: Using strict data types to prevent errors during deserialization.
  • Data Length Check: Verify that the data length is as expected.

2. Using secure libraries

Using proven and secure data deserialization libraries can significantly reduce the risk of vulnerabilities. Such libraries must be thoroughly tested and supported by the developer community.

3. Implementation of multi-level authentication

Multi-level authentication can help prevent unauthorized access to the system. It includes:


  • Two-factor authentication (2FA): Requiring additional verification of the user’s identity.
  • Multi-factor authentication (MFA): Using multiple authentication methods to improve security.

4. Regular security audits

Conducting regular security audits allows you to identify and fix vulnerabilities before they are exploited by attackers. It includes:


  • Penetration testing: Simulating attacks to identify weaknesses in a system.
  • Code revisions: Analyzing source code to detect potential vulnerabilities.

5. Update and patching

Regularly updating and patching software is a key aspect of security. It includes:


  • Updating Libraries and Dependencies: Ensure that all libraries and dependencies used are updated to the latest versions.
  • Vulnerability Patching: Rapid implementation of fixes for identified vulnerabilities.


References:


  1. Mastering Bitcoin” by Andreas M. Antonopoulos – This is one of the most famous books about Bitcoin , which covers many aspects including security and vulnerabilities.
  2. “Bitcoin and Cryptocurrency Technologies” by Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, and Steven Goldfeder – This book provides a deep understanding of the technologies underlying Bitcoin and other cryptocurrencies, including security issues.
  3. Bitcoin Developer Documentation – Official documentation for Bitcoin developers, available on the website bitcoin.org. It includes information about various security aspects and vulnerabilities.
  4. Bitcoin Improvement Proposals (BIPs) – Documents describing various improvements and changes to the Bitcoin protocol. Some of them relate to security and vulnerabilities. A list of BIPs can be found at bitcoin.org.
  5. “A Fistful of Bitcoins: Characterizing Payments Among Men with No Names” by Sarah Meiklejohn et al. – This article explores the anonymity and security of transactions on the Bitcoin network.
  6. “Bitcoin: A Peer-to-Peer Electronic Cash System” by Satoshi Nakamoto – An original white paper describing the concept of Bitcoin. Although it does not focus on vulnerabilities, it is a foundational document for understanding the system.
  7. “Security and Privacy in Bitcoin” by Malte Möser – A dissertation exploring various aspects of security and privacy in the Bitcoin network.
  8. “Bitcoin and Blockchain Security” by Ghassan O. Karame – Dissertation on security issues in Bitcoin and blockchain technologies.



This material was created for the  CRYPTO DEEP TECH portal  to ensure financial security of data and elliptic curve cryptography  secp256k1  against weak  ECDSA signatures  in the  BITCOIN cryptocurrency . The creators of the software are not responsible for the use of materials.


Source

Google Colab

ATTACKSAFE ULTRA

Telegram: https://t.me/cryptodeeptech

Video material: https://youtu.be/8E2KJeWu4XA

Dzen Video Tutorial: https://dzen.ru/video/watch/664e34fc8df6514b10da09e9

Source: https://cryptodeeptech.ru/deserialize-signature-vulnerability-bitcoin


DeserializeSignature vulnerability in the Bitcoin network: cryptanalysis, consequences and the possibility of creating invalid ECDSA signatures