Replying to Avatar Jameson Lopp

So the ByBit attack was able to happen because:

Gnosis Safe front end is a web app whose JavaScript gets served from an Amazon S3 bucket.

A Gnosis Safe developer had production AWS keys saved on their machine.

The Dev's machine was compromised and the AWS key used to deploy a malicious front end that only targeted ByBit's wallet.

JavaScript web apps have no cryptographic integrity checks to ensure the code being delivered was actually written by the expected author.

Signing complex EVM transactions can't be done securely on airgapped hardware because the hardware simply doesn't have all of the contextual information needed to know the outcome of executing the transaction.
Avatar
Blue 10mo ago

#asknostr

What I don't understand:

Cryptography in JS is a bad idea, that is why Web Crypto API was build into modern browsers natively.

Couldn't this API be used to verify downloaded JS code (which has to be signed) the same way. Otherwise we can never be sure that the JS crypto code running in the browser is the same that was published in their git repo.

This applies not only Webwallets, but also encrypted mail ...

Disclaimer: I just learned that Web Crypto API exists and Proton mail is utilizing it.

Reply to this note

Please Login to reply.

Discussion

Avatar
Elephant in the root 10mo ago

It cannot help because you have to load javascript to verify the javascript. It'd have to be a modified browser but also, very likely, multiple signatures.