Trezor and Ledger are two of crypto’s heavyweights when it comes to hardware wallets and security. For quite some time, their solutions have been the industry standard which theoretically allows cryptocurrency holders to make transactions and check their balance without being exposed to the risk of a malware-infected computer. In a world where the most popular motto is “not your keys, not your coins” and the community gets encouraged to transfer cryptocurrencies from exchanges to personal wallets on the 10th anniversary of Bitcoin, getting a Trezor or a Ledger appears to be the convenient and security-cautious choice.
However, as the three knights in shiny armor from wallet.fail have proved during the 35th Chaos Communication Congress, the most popular hardware wallet choices are trusted third parties which exhibit real and worrisome security holes. The hour-long presentation of Dmitry Nedospasov, Thomas Roth, and Josh Datko is an all-you-can-hack festival which highlights shocking vulnerabilities in devices that were thought to be perfectly safe choices. From the reckless use of hologram stickers which can be removed without a trace with a simple hotel hair drier, and all the way to the STM32 chip found in the Trezor One getting glitched by trial-and-error AI and cloud computing, we’ve all been exposed to a whole new dimension of doubt and uncertainty.
While the panel is a display of ethical hacking which open sources the findings and allows Trezor and Ledger to update their products to perfect their security, one can’t help but wonder what all of this means for the reputation of the hardware wallet manufacturers. Anything can be hacked and there’s something to be exploited for every chip model, but when something as valuable as your bitcoins can be extracted through a series of cheap hacks, the entire community must stand up and demand for improved products that live up to the hype and expectations.
The two types of devastating hacks
By watching the hour-long presentation, one can distinguish between two types of hacks: the ones which tamper with new devices for the sake of planting custom chips to hack the device, and the ones which extract data from the hardware wallets. For instance, the unsecure STM32 chip found in the Ledger Nano S can be exploited by meddling with the memory map and writing into the 0x00 F00dbabe block (which is used to launch the firmware). It’s a way of tricking the software into believing that it’s loading up the right firmware, while malicious software gets thrown into the chip to alter the functionality. For the sake of showing what can be done with a little creativity, the video game Snake gets installed to run on the Ledger device (the industry standard is DOOM, but the device’s screen is too small to run id Software’s 1993 hit).
The more concerning attack took place on a Trezor One hardware wallet, as overwriting the RDP2 protection and running some strings on the device’s firmware has revealed the seed keys and the PIN. In all fairness, the process took three months of trial and error, it meddled with the boot process which takes 1.4 milliseconds, and it’s unlikely that anyone would go to that length to hack a single device. It’s impractical, resource-intensive, time-consuming, but nevertheless possible.
Watching the formerly trusted hardware wallet solutions get brutally busted during a presentation is uncomfortable, to say the least. But if we’re optimistic about it, then we can find some positive outcomes: first of all, these vulnerabilities have been open sourced and the manufacturers are about to provide the required fixes via firmware updated.
Secondly, we’ve finally settled the debate regarding which one of the two brands makes better devices. It seems like Ledger has a slight edge in terms of security, as their issues are far less damaging and it’s harder to glitch the wallet to extract the seed keys and PIN. On the other hand, Trezor One proved to be the most vulnerable choice. The rule of thumb seems to be that the simpler devices are also the more reliable ones, as there are fewer components to meddle with: for instance, the Ledger Blue (the one with the touch screen) features a long conductor with a fast-charging current which turns it into an antenna and exposes the wallet to easy hacks which only require a cheap HackRF and a telescope antenna.
So if you absolutely must get a hardware wallet, it seems like the safest choice is the Ledger Nano S – just make sure it’s original, untouched, and always within your reach and therefore away from hackers’ hands.
Ledger and Trezor respond to the bad news
Shortly after the wallet.fail website went live, Ledger has released a rather optimistic statement which highlights its clear advantage over Trezor: no seed keys or PINs have been extracted from the devices, and the hacks were part of hardware manipulation that doesn’t happen to original devices stored in safe places. Furthermore, the argument is that this type of attack is inefficient and too costly, as opposed to installing a video camera to record the PIN. The statement also goes into detail to explain how each hack was possible and what it requires, as a way of proving that the operation is impractical.
On the other hand, Trezor hasn’t published an official blog post and has chosen to tackle the issue on Twitter. Satoshi Labs CTO and Trezor co-founder Pavol Rusnak (also known as “Stick”) has announced a firmware update at the end of January and has revealed details about a two-hour constructive conversation he’s had with the wallet.fail team which is responsible for this mayhem. The official account has also reminded all of the users that the presented hacks and exploits only work in the event of physical access to the hardware wallet’s board. Therefore, as long as the devices are held by the rightful owners in a safe place, there is no reason to worry.
With regards to #35c3 findings about @Trezor: we were not informed via our Reponsible Disclosure program beforehands, so we learned about them from the stage. We need to take some time to fix these and we'll be addressing them via a firmware update at the end of January.
— Pavol Rusnak (@pavolrusnak) December 28, 2018
Yet in the case of both the Ledger and the Trezor products, more rigorous product sealing has to be done in order to provide the guarantee of a device that wasn’t meddled with. If a hair drier can help remove the safety stickers without leaving traces, there’s no way of knowing if the hardware wallet you bought from Amazon is secure or even genuine. The electronic parts are cheap, the software is open sourced, and there probably are many fakes circulating around the market. That’s exactly why orders should only be placed on the manufacturer’s website, with no exception and regardless of special sales or price offers that you can find somewhere else. You’re buying a hardware wallet for the security it grants you, not by virtue of a special discount. Naturally, acquiring a device from a previous owner is out of the question.
Is anything safe anymore?
For a long time, security experts have recommended storing cryptocurrencies on a securely wiped device (laptop or phone) which never gets connected to the internet and doesn’t interact with other devices that may contain malware. It’s a cheap solution from a financial perspective, but it doesn’t allow for trades to be made and therefore lacks the convenience offered by hardware wallets.
Naturally, just like in everything else, there’s a tradeoff and one has to choose between absolute security and ease of use. Hardware wallets provide a decent compromise which shouldn’t pose major risks as long as the devices themselves are permanently kept in a safe place which eliminates the possibility of external tampering. If nobody touches your Ledger or Trezor and you’re 100% sure that you own a legitimately original device, then you don’t have any reasons to worry about anything.
— Karol Topolski (@_ktopolski) December 27, 2018
The wallet.fail reveals, despite being frightening and potentially harmful in regards to the image Ledger and Trezor have built throughout the years, are necessary in order to improve the products and provide essential fixes against malevolent hackers. Fortunately, these exploits are part of an ethical project whose purpose is to criticize the ridiculous amount of trust that we invest in the manufacturers of some products and the marketing teams behind them. Hardware wallets provide an imaginary veil of being bulletproof against hackers and malware, but in reality can be tampered with in some very smart and inexpensive ways.
Now that we’re aware of these shortcomings, we can only hope that the announced firmware updates fix some of the issues, while the next generations of Ledger and Trezor hardware wallets provide greater security against opening the enclosure. Maybe devices that are made of metal are much more durable and resistant to malevolent meddling, but we shall see how the market demand and the highest security standards meet in future releases.
In many ways, this type of ethical hacking is beneficial for the long-term development of truly secure cryptocurrency hardware wallets. Nevertheless, discovering such exploits is a devastating blow to the reputation of manufacturers, as they have to provide new software fixes and perhaps return to the drawing board to come up with improved designs. All in all, unless the trust in these devices gets so low that nobody will want to buy one anymore, we can only hope for a bright future where our Ledgers and Trezors can truly protect us from even more sophisticated attacks.
Crypto Insider has contacted the wallet.fail project, Trezor’s Pavol Rusnak, and Ledger’s Thomas France to provide comments on the issue. They haven’t responded yet at press time, but this paragraph will get edited to quote the exact answers as they get sent.
Later edit 1 – Trezor co-founder Pavol Rusnak has sent the following response:
We learned about the vulnerability from stage, so there is no fix for it yet. However, we came up with the solution, discussed it thoroughly with the wallet.fail team for two hours at the 35c3 Congress and we will deliver the fix to our users at the end of January. Wallet.fail team has confirmed it is hard to get the glitching parameters right and they will not share these for the foreseeable future, certainly not before the fix is released to our costumers.