Crypto Security Report: June 2022

Featuring the $120,000 clickjacking bounty awarded to the UGWST, the Halborn "Demonic" vulnerability disclosure affecting browser wallets, plus the deprecation of eth_decrypt and eth_getEncryptionPublicKey.

4 minutes
Crypto Security Report: June 2022

Each month, MetaMask Security Director Luker reports on the latest crypto attacks and emerging risks that you need to know about.

June 2022 saw the Endo and LavaMoat projects ship import.meta, require.resolve, and Yarn 3 support to harden the build pipeline, while MetaMask's bug bounty program went live on HackerOne. On the metrics side, the Computer Incident Response Team closed 38 tickets across the first half of 2022 at a 40.39-day mean time to repair, and MetaMask deprecated the eth_decrypt and eth_getEncryptionPublicKey API methods over cryptographic concerns. Two disclosures headlined the month: Halborn earned $50,000 for surfacing "Demonic" (CVE-2022-32969), a disk-encryption weakness that could leave a Secret Recovery Phrase cached in plaintext on an unencrypted drive, and the United Global Whitehat Security Team took home a $120,000 bounty for a critical clickjacking flaw in the Extension. The full breakdown is below, but first... 

Whitfield Diffie, alongside Martin Hellman and Ralph Merkle, published "New Directions in Cryptography" in November 1976, introducing the Diffie-Hellman key exchange protocol that made secure communication possible without a pre-shared secret. The protocol underpins TLS, SSH, and the encrypted channels that self-custodial wallet users rely on every day. Diffie received the ACM Turing Award in 2015 and was inducted into the National Inventors Hall of Fame in 2011.

Clickjacking vulnerability earns $120,000 bounty for UGWST

MetaMask awarded a $120,000 bounty to the United Global Whitehat Security Team (UGWST) for responsibly disclosing a critical clickjacking vulnerability in the MetaMask Extension. The attack rendered the extension UI as an invisible iframe layered over a malicious website, tricking users into approving transactions and revealing private data without realizing it. No known exploitation occurred before the patch. Users running MetaMask Extension version 10.14.6 or later are protected.

Halborn "Demonic" disclosure reveals disk encryption risk for browser wallets

Security researchers at Halborn disclosed CVE-2022-32969, codenamed "Demonic," a vulnerability in which a Secret Recovery Phrase entered during import could be cached to disk in plaintext by the browser's session-restore mechanism. The risk applied when three conditions were met: the hard drive was unencrypted, the Secret Recovery Phrase was imported on a compromised or untrusted device, and the "Show Secret Recovery Phrase" checkbox was toggled during import. MetaMask implemented mitigations in Extension version 10.11.3 and later. MetaMask Mobile was not affected. Halborn received $50,000 for the discovery.

MetaMask incident response closes 38 tickets in H1 2022 with a 40.39-day MTTR

The MetaMask Computer Incident Response Team (CIRT) closed 38 tickets during the first half of 2022. External reporters submitted the majority, more than double the combined total from audits and internal sources. By assignee, the Extension team handled the largest share, followed by Security-focused (cross-product) issues and Mobile. Of the 38 tickets, 13 carried a CVSS score: 1 Critical — the clickjacking bounty vulnerability — 9 Medium, and 3 Low. Reporter-submitted tickets resolved fastest at 28.53 days per issue. The overall Mean Time to Repair was 40.39 days.

eth_decrypt and eth_getEncryptionPublicKey deprecated over cryptographic concerns

MetaMask deprecated the eth_decrypt and eth_getEncryptionPublicKey API methods. Both methods, built in accordance with EIP-1024 (since abandoned), reuse the same private key across different elliptic curves for signing and encryption, a practice that opens additional attack vectors. No known exploits exist, but the design was determined to be insufficiently secure to continue promoting. The methods remain functional to give third-party integrators time to migrate.

Endo import.meta and require.resolve support complete

The Endo project merged import.meta support for Compartments, requiring adjustments to the Babel plugin in static-module-record to ensure import.meta nodes are visited and transformed even inside already-transformed export definitions. A follow-up PR adding import.meta.url support to compartment-mapper (endojs/endo #1202) brought import.meta.url support to compartment-mapper's importLocation functionality (not available in Archives). Separately, the require.resolve function was added to the CommonJS implementation, throwing by default but accepting a custom implementation via ReadPowers. These changes completed the planned CJS support roadmap.

LavaMoat adds Yarn 3 support and explicit policy denials

LavaMoat shipped Yarn 3 support for allow-scripts, adding a plugin to handle yarn setup on fresh checkouts of protected projects. A second update introduced explicit false values in policy-overrides.json, allowing projects to deny specific endowments and prevent over-exposure of object fields during policy merges.

HackerOne bug bounty program launches

MetaMask launched its bug bounty program on HackerOne in June 2022, covering the MetaMask Extension GitHub repository and the MetaMask Mobile GitHub repository.


MetaMask’s June 2022 Crypto Security Report  covered the $120,000 clickjacking bounty awarded to UGWST, the Halborn "Demonic" disk encryption vulnerability disclosure affecting browser wallets, and MetaMask's deprecation of eth_decrypt and eth_getEncryptionPublicKey over cryptographic concerns. Browse previous editions of the MetaMask Crypto Security Report for more threats, trends, and tips for staying safe across the ecosystem.

  • Luker
    Luker

      Jen Luker, known by most as just Luker, is the Director of Product Security at Consensys, where she leads the frontline defenders who protect millions of users from vulnerabilities, emerging threats, and malicious actors across decentralized tech. An active participant in the Ethereum ecosystem since 2017, she has held key roles including Editor at ETHNews and Project Manager at MyCrypto. Luker is a regular speaker at industry conferences, the author of MetaMask's monthly Crypto Security Report, and an official ETH Security Badge holder as designated by The DAO. She's also a passionate advocate for continuous education and security awareness as essential pillars for the future of Ethereum and blockchain technology.

      모든 글 읽기