Nostr Web Client

So the ByBit attack was able to happen because:

Gnosis Safe front end is a web app whose JavaScript gets served from an Amazon S3 bucket.

A Gnosis Safe developer had production AWS keys saved on their machine.

The Dev's machine was compromised and the AWS key used to deploy a malicious front end that only targeted ByBit's wallet.

JavaScript web apps have no cryptographic integrity checks to ensure the code being delivered was actually written by the expected author.

Signing complex EVM transactions can't be done securely on airgapped hardware because the hardware simply doesn't have all of the contextual information needed to know the outcome of executing the transaction.

Freezy 10mo ago 💬 1

But isn't the AWS S3 bucket just for large file storage that the backend interacts with? How can you manipulate the frontend by getting access to that? Plz don't destroy me, I'm currently learning web development.

Reply to this note

Please Login to reply.

Discussion

daniele 10mo ago 💬 1

S3 is often used to upload (precompiled) assets, like js and css, for the frontend.

Erik 10mo ago

s3 static web hosting 🤙