Keyvault - UCG Proposal

Thank you for the detailed update. It’s very comprehensive and I’ve learned a lot. Thank you very much. =)

2 Likes

For things related to dev work, where you have questions I think the best way to get support would be to join the discord and ask in the dev channel! The team members help there aswell :slight_smile:

3 Likes

@lousydropout
As @Sequaja mentions, if you have any technical questions or need direct support from the team, feel free to join our discord server and we will gladly provide you with all the help you need.

Here the link: Astar Network

1 Like

Thank you for the great report.
This report shows that your project is taking a clearly dedicated approach.

1 Like

Hi @lousydropout time flies! Hope things went well from your end with Keyvault in September, how is it going with the audit process? Personally I like to way how you tackle / analyze the issues you are facing along with the development! As a kind reminder, the report this month is expected to be shared by the end of the month, look forward to it!

1 Like

A wonderfully transparent report. Congratulations for the work you have completed, health to you. Is there an exact deadline for unfinished or uncompleted work (e.g. until the next meeting, etc.)?

1 Like

Report for month 2

Initial goals for month 2

  • Get social recovery set up

Note: This is actually a simple sounding goal that is a lot more involved. Big picture-wise, it required

  1. implementing (or finding a library I find trustable) Shamir Secret Sharing algorithm (It is a threshold encryption scheme where, to recover the original secret, you require any k of n “shares.” For example, you might choose to k=3 and n=5, so that any 3 of the 5 shares can be combined to give you back the original secret, but having only 1 or 2 of the shares does you no good.).

  2. implementing (or finding a library I find trustable) a public key, private key system so that messages containing the shares (see above) can be securly sent to those you trust.

  3. implementing a sort of address book so that anyone can easily get anyone else’s public keys (This is safe to do and intentional. You need the recipient’s public key so that you may encrypt a message that only the intended recipient can decrypt and read.).

Mindset and actual goals that I worked on in month 2

As I work developing on stuff, I noticed that there were some stuff I neglected, including the implementation of a fairly important algorithm for merging the credentials that are on-chain and the credentials that are in the keyvault extension.

This is “only” an issue if you create new credentials in keyvault in multiple devices/browsers and are not dilegent in pushing the new creds on-chain. That said, it was a major oversight of mine and I felt I needed to fix it as soon as possible.

With that said, the actual goals I worked on this month:

  1. Figure out how to develop and test locally (as mentioned in the previous report, hardhat’s localnet didn’t work out.)

  2. Design and implement the merging algorithm I mentioned just above.

  3. Write tests and proofs to demonstrate the merging algorithm’s correctness,

  4. Update the keyvault Chrome/Brave extension to work on Firefox as well.

  5. (Sub-goal 1 from above) implementing (or finding a library I find trustable) Shamir Secret Sharing algorithm

  6. (Sub-goal 2 from above) implementing (or finding a library I find trustable) a public key, private key system so that messages can be easily encrypted and decrypted

  7. Move ASTR tokens into a new address and store the private key for that address into keyvault. This was the substitute for an audit that I decided on since audits turned out to be incredibly expensive and I don’t have that kind of money lying around. (See below)

Of the above, I managed (new) goals 1, 2, 3, 4, and 6, but partially 5 and 7.

Summary report on new goals

  1. (Done) Tested with Foundry’s Anvil and that worked. It only required a few tweaks. READMEs with details so that anyone who wishes to try out keyvault locally first can do so.

  2. (Done) The main issue was that keyvault uses a weird data structure (For security and privacy purposes, although keyvault nominally uses an array of objects as its main data structure, the data structure is actually a sort of mix between arrays and linked-lists). I’ll write a more detailed report on this within the next week or so and avoid going deeper here.

  3. (Done) Just wrote a number of tests and proofs for my understanding of their correctness. As with (2), I’ll write a more detailed report on this within the next week or so and avoid going deeper here.

  4. (Done / sorta) This turned out to be a pain-in-ass, and the result is a Firefox add-on (an “extension” in Firefox’s lingo) that, currently, can only be installed on Firefox developer edition and not the mainstream version. For the mainstream version, only add-ons approved and signed by Mozilla are installable and I feel like I’m still updating keyvault too frequently for that at the moment.

  5. (partially done) I found an implementation by Parity (more info below) but have not yet made use of it in keyvault.

  6. (Done) I found a library, OpenPGP.js, maintained by Proton Mail that fits what keyvault needs perfectly. It has been incoporated into keyvault, but the UX is still not great.

  7. (partially done) I’ve created a new wallet and moved some ASTRs into it (~1,000 ASTRs so far) and stored the wallet’s private key into keyvault as a sort of alternative for an audit. I’ll move another 6,000 ASTRs into it in the next day or so, and make a public promise to give the successful attacker another 7,000 ASTRs upon them publicly demonstrating how the attack was done. I haven’t moved the tokens from the portal to my wallet yet. So, the total reward is 14,000 ASTRs, or 1,000 USD. There will be a end date. I’m thinking at least until December 2024 or so.

New libraries incorporated into keyvault

I had done a lot of searches into open-source implementations of end-to-end encryption schemes (such as Signal’s) and implementations of Shamir Secret Sharing (there was one implemented in Go by HashiCorp for their HashiCorp Vault, shamir.go).

To put some of your minds at ease, I was sure that the lower-level building blocks that I needed must have been built and tested already, and likely by some big names. What I wasn’t sure about was which exact building blocks I’ll need and what the design of the larger system will look like. Hence, I was looking into what others had done to hopefully understand what issues they ran into and avoided.

Luckily, however, I eventually encountered 2 libraries that did exactly what I need, and implemented in JavaScript by well-known, reputable organizations. So, my task simplified to one where I plug the two libraries into keyvault.

The 2 libraries are

  1. OpenPGP.js – This is a JavaScript implementation of OpenPGP. (OpenPGP is essentially the gold standard for securely encrypting and decrypting messages.) This project is maintained by Proton Mail (see Proton Mail now the maintainer of OpenPGPjs email encryption library | Proton).

  2. banana split – This is a Javascript implementation of Shamir Secret Sharing plus a frontend. It’s not actually a library, so I just took the code and imported it into keyvault (see shamir.ts and shamir.test.ts). banana split is written by the developers at Parity, the main org behind the development and implemenation of Polkadot.

Audit alternative

As I found out, audits are incredibly expensive. Too expensive for me to afford at the moment. Instead, I’m moving a bunch of the ASTRs I’m receving from Astar’s UCG program into a new wallet and storing the wallet’s private key into keyvault.

The idea is that if someone can hack it, they can take the ASTR tokens and that’ll prove keyvault is unsafe. Then, once they explain how it was done publicly (so that keyvault can hopefully patch it), another portion is handed out.

To be far, I don’t think this is quite far since successfully hacking/decrypting the ciphertext for the account’s private keys means breaking a 256-bit AES-GCM encrypted ciphertext, a feat that’s worth a lot more. Nevertheless, this is what I can offer.

Transaction info

I think I’ve withdrawn a total of ~10,800 ASTRs from the Astar Portal since my last report. I’ll withdraw another ~13,000 ASTRs in the next few days. I’ll need to check the transactions for a better tally, but I’ll update this thread with the correct number once I figure it out.

Additional notes

I’ve come to realize I’ve grossly underestimated the amount of time and work keyvault will require. I will need to revise the timeline. I hope you understand.

I’ll update this thread with a new timeline as soon as I’ve figured it out myself.

2 Likes

Thanks. I’ve come to realize that I’ve been way too optimistic about what is achievable and will need to update the timeline. I’ll post my updated timeline once I’ve figured out what I feel is doable.

Of the first thing I want to get done is making the current, working version accessible on mainnet. I think I’ve neglected publishing working versions in favor of working on the next feature.

As for deadlines, I’ve listed my (then) expectations for which features I’ll get done by when in the proposal itself. That turned out to be overly optimistic and I’ll need to adjust it and report the adjusted version here.

2 Likes

Thank you for the detailed report. It is excellent, just like the last one.
I am not an engineer so it is difficult for me to give advice, but your efforts are very clear and likeable.

I also agree that audits are very expensive. It is interesting that you ask for a white hat (or bug bounty) as a way to counter that. I would love to see the engineers try this.

1 Like

Thanks for the update! Great progress, really enjoying reading it.
And I really like the Audit alternative, as a bug bounty program. If I come across another option for auditing it I will share it here :slight_smile:

1 Like

Hi @lousydropout , I personally am very impressed to see how you self-manage the problems and their solutions for securing KeyVault at a maximum capacity.

Glad to see the alternative way of audit, and hope to see KeyVault not being hacked by all means! :slight_smile: Or if it happens, then hope to see the report being shared to improve the security even further!

Curios to know if there is any guidance to try KeyVault locally? I assume the website and the GitHub might be updated with the latest commits at some point?

1 Like

Thanks.

GitHub repo: The one you linked is the old one when I was using ink! The new repo is up-to-date and located GitHub - lousydropout/keyvault: Blockchain-based password manager built on the Astar network. It should have sufficient instructions for running locally. Please let me know if the instructions are lacking in any way.

Website: yes, I do need to update this. I’ll try to get to it soon-ish. For now, hopefully the repo’s readmes will suffice.

I was planning on making short demo videos since the user experience is lacking somewhat, but my computer just crashed (I interrupted an installation process that was taking too long for me and, well, things are now screwy. No wifi or network card detected anymore lol.)

I’m trying to fix my computer but, in the meantime, I’ll try to answer questions as best as I can from my phone lol.

1 Like

Thank you for your hard work on the second report.
Above all, I appreciate that you did not forget to provide information and express transparency.

Unexpected events can occasionally occur. The important thing is to thoroughly revise the plan in response, and I believe you are doing that.

Regarding the audit, if this ‘audit’ includes ‘code review for the contract,’ there are SaaS solutions using AI available recently. Bunzz and TECHFUND provide these solutions, so it might be worth considering. Of course, if it is a comprehensive security guarantee, it is understood that it will inevitably be expensive, so please consider whether your alternative plan will be sufficient.

Okay, just went through transaction history. For simplicity, I’ve assumed an exchange rate of $0.07/ASTR.

Since my report for month 1, I’ve withdrew a total of 29,485.812 ASTRs ($2,064.00).

Withdraw history:
Sept. 1st, 2024 – withdrew 8,913.319 ASTRs ($623.93)
Sept. 6th, 2024 – withdrew 5,634.435 ASTRs ($394.41)
Oct. 1st, 2024 – withdrew 14,938.058 ASTRs ($1,045.66)

Event IDs:

  • 6930902-7
  • 6930902-10
  • 6930902-13
  • 6930902-16
  • 6930902-19
  • 6930902-22
  • 6930902-25
  • 6930902-28
  • 6930902-31
  • 6972418-9
  • 6972418-12
  • 6972418-15
  • 6972418-18
  • 6972418-21
  • 6972418-24
  • 7150041-9
  • 7150041-12
  • 7150041-15
  • 7150041-18
  • 7150041-21
  • 7150041-24
  • 7150041-27
  • 7150041-30
  • 7150041-33
  • 7150041-36
  • 7150041-39
  • 7150041-42
  • 7150041-45
  • 7150041-48
  • 7150041-51
  • 7150041-54
  • 7150041-57
  • 7150041-60
  • 7150041-63
  • 7150041-66
  • 7150041-69
  • 7150041-72
  • 7150041-75
  • 7150041-78
  • 7150041-81

Oh, also transferred 6,000 more ASTR tokens to 0x6D2d3975b91471D25a6E1DBd326b4AC8Da10a6b2 (the account whose private key is on keyvault (contract Astar address details for 0xC273ea964b5C975Fdbba9DF9624649F1038aAf9B | Blockscout).

There is now a total of ~7,000 ASTR tokens for anyone to hack into and take: Astar address details for 0x6D2d3975b91471D25a6E1DBd326b4AC8Da10a6b2 | Blockscout

I’ll be updating the keyvault website in the next few days.

1 Like