Thank you for the detailed update. It’s very comprehensive and I’ve learned a lot. Thank you very much. =)
For things related to dev work, where you have questions I think the best way to get support would be to join the discord and ask in the dev channel! The team members help there aswell
@lousydropout
As @Sequaja mentions, if you have any technical questions or need direct support from the team, feel free to join our discord server and we will gladly provide you with all the help you need.
Here the link: Astar Network
Thank you for the great report.
This report shows that your project is taking a clearly dedicated approach.
Hi @lousydropout time flies! Hope things went well from your end with Keyvault in September, how is it going with the audit process? Personally I like to way how you tackle / analyze the issues you are facing along with the development! As a kind reminder, the report this month is expected to be shared by the end of the month, look forward to it!
A wonderfully transparent report. Congratulations for the work you have completed, health to you. Is there an exact deadline for unfinished or uncompleted work (e.g. until the next meeting, etc.)?
Report for month 2
Initial goals for month 2
- Get social recovery set up
Note: This is actually a simple sounding goal that is a lot more involved. Big picture-wise, it required
-
implementing (or finding a library I find trustable) Shamir Secret Sharing algorithm (It is a threshold encryption scheme where, to recover the original secret, you require any
k
ofn
“shares.” For example, you might choose tok=3
andn=5
, so that any3
of the5
shares can be combined to give you back the original secret, but having only1
or2
of the shares does you no good.). -
implementing (or finding a library I find trustable) a public key, private key system so that messages containing the shares (see above) can be securly sent to those you trust.
-
implementing a sort of address book so that anyone can easily get anyone else’s public keys (This is safe to do and intentional. You need the recipient’s public key so that you may encrypt a message that only the intended recipient can decrypt and read.).
Mindset and actual goals that I worked on in month 2
As I work developing on stuff, I noticed that there were some stuff I neglected, including the implementation of a fairly important algorithm for merging the credentials that are on-chain and the credentials that are in the keyvault extension.
This is “only” an issue if you create new credentials in keyvault
in multiple devices/browsers and are not dilegent in pushing the new creds on-chain. That said, it was a major oversight of mine and I felt I needed to fix it as soon as possible.
With that said, the actual goals I worked on this month:
-
Figure out how to develop and test locally (as mentioned in the previous report,
hardhat
’s localnet didn’t work out.) -
Design and implement the merging algorithm I mentioned just above.
-
Write tests and proofs to demonstrate the merging algorithm’s correctness,
-
Update the keyvault Chrome/Brave extension to work on Firefox as well.
-
(Sub-goal 1 from above) implementing (or finding a library I find trustable) Shamir Secret Sharing algorithm
-
(Sub-goal 2 from above) implementing (or finding a library I find trustable) a public key, private key system so that messages can be easily encrypted and decrypted
-
Move
ASTR
tokens into a new address and store the private key for that address intokeyvault
. This was the substitute for an audit that I decided on since audits turned out to be incredibly expensive and I don’t have that kind of money lying around. (See below)
Of the above, I managed (new) goals 1, 2, 3, 4, and 6, but partially 5 and 7.
Summary report on new goals
-
(Done) Tested with
Foundry
’sAnvil
and that worked. It only required a few tweaks. READMEs with details so that anyone who wishes to try outkeyvault
locally first can do so. -
(Done) The main issue was that
keyvault
uses a weird data structure (For security and privacy purposes, although keyvault nominally uses an array of objects as its main data structure, the data structure is actually a sort of mix between arrays and linked-lists). I’ll write a more detailed report on this within the next week or so and avoid going deeper here. -
(Done) Just wrote a number of tests and proofs for my understanding of their correctness. As with (2), I’ll write a more detailed report on this within the next week or so and avoid going deeper here.
-
(Done / sorta) This turned out to be a pain-in-ass, and the result is a Firefox add-on (an “extension” in Firefox’s lingo) that, currently, can only be installed on
Firefox developer edition
and not the mainstream version. For the mainstream version, only add-ons approved and signed by Mozilla are installable and I feel like I’m still updating keyvault too frequently for that at the moment. -
(partially done) I found an implementation by Parity (more info below) but have not yet made use of it in keyvault.
-
(Done) I found a library, OpenPGP.js, maintained by Proton Mail that fits what keyvault needs perfectly. It has been incoporated into keyvault, but the UX is still not great.
-
(partially done) I’ve created a new wallet and moved some
ASTR
s into it (~1,000 ASTRs
so far) and stored the wallet’s private key intokeyvault
as a sort of alternative for an audit. I’ll move another6,000 ASTR
s into it in the next day or so, and make a public promise to give the successful attacker another7,000 ASTR
s upon them publicly demonstrating how the attack was done. I haven’t moved the tokens from the portal to my wallet yet. So, the total reward is14,000 ASTR
s, or1,000 USD
. There will be a end date. I’m thinking at least until December 2024 or so.
New libraries incorporated into keyvault
I had done a lot of searches into open-source implementations of end-to-end encryption schemes (such as Signal’s) and implementations of Shamir Secret Sharing (there was one implemented in Go
by HashiCorp
for their HashiCorp Vault
, shamir.go).
To put some of your minds at ease, I was sure that the lower-level building blocks that I needed must have been built and tested already, and likely by some big names. What I wasn’t sure about was which exact building blocks I’ll need and what the design of the larger system will look like. Hence, I was looking into what others had done to hopefully understand what issues they ran into and avoided.
Luckily, however, I eventually encountered 2 libraries that did exactly what I need, and implemented in JavaScript by well-known, reputable organizations. So, my task simplified to one where I plug the two libraries into keyvault
.
The 2 libraries are
-
OpenPGP.js – This is a JavaScript implementation of
OpenPGP
. (OpenPGP
is essentially the gold standard for securely encrypting and decrypting messages.) This project is maintained by Proton Mail (see Proton Mail now the maintainer of OpenPGPjs email encryption library | Proton). -
banana split – This is a Javascript implementation of
Shamir Secret Sharing
plus a frontend. It’s not actually a library, so I just took the code and imported it into keyvault (see shamir.ts and shamir.test.ts).banana split
is written by the developers at Parity, the main org behind the development and implemenation of Polkadot.
Audit alternative
As I found out, audits are incredibly expensive. Too expensive for me to afford at the moment. Instead, I’m moving a bunch of the ASTR
s I’m receving from Astar’s UCG program into a new wallet and storing the wallet’s private key into keyvault
.
The idea is that if someone can hack it, they can take the ASTR
tokens and that’ll prove keyvault
is unsafe. Then, once they explain how it was done publicly (so that keyvault can hopefully patch it), another portion is handed out.
To be far, I don’t think this is quite far since successfully hacking/decrypting the ciphertext for the account’s private keys means breaking a 256-bit AES-GCM encrypted ciphertext, a feat that’s worth a lot more. Nevertheless, this is what I can offer.
-
Current amount stored in the wallet: ~1,000 ASTRs (~70 USD)
-
Amount TO BE stored in the wallet: ~7,000 ASTRs (~500 USD)
-
Amount to be given after explanation of successful hack: 7,000 ASTRs (~500 USD)
-
wallet address: 0x6D2d3975b91471D25a6E1DBd326b4AC8Da10a6b2
-
contract address: 0xC273ea964b5C975Fdbba9DF9624649F1038aAf9B
-
deadline: Dec 1st, 2024 (tentative. I do intend on extending the deadline.)
Transaction info
I think I’ve withdrawn a total of ~10,800 ASTR
s from the Astar Portal since my last report. I’ll withdraw another ~13,000 ASTR
s in the next few days. I’ll need to check the transactions for a better tally, but I’ll update this thread with the correct number once I figure it out.
Additional notes
I’ve come to realize I’ve grossly underestimated the amount of time and work keyvault
will require. I will need to revise the timeline. I hope you understand.
I’ll update this thread with a new timeline as soon as I’ve figured it out myself.
Thanks. I’ve come to realize that I’ve been way too optimistic about what is achievable and will need to update the timeline. I’ll post my updated timeline once I’ve figured out what I feel is doable.
Of the first thing I want to get done is making the current, working version accessible on mainnet. I think I’ve neglected publishing working versions in favor of working on the next feature.
As for deadlines, I’ve listed my (then) expectations for which features I’ll get done by when in the proposal itself. That turned out to be overly optimistic and I’ll need to adjust it and report the adjusted version here.
Thank you for the detailed report. It is excellent, just like the last one.
I am not an engineer so it is difficult for me to give advice, but your efforts are very clear and likeable.
I also agree that audits are very expensive. It is interesting that you ask for a white hat (or bug bounty) as a way to counter that. I would love to see the engineers try this.
Thanks for the update! Great progress, really enjoying reading it.
And I really like the Audit alternative, as a bug bounty program. If I come across another option for auditing it I will share it here
Hi @lousydropout , I personally am very impressed to see how you self-manage the problems and their solutions for securing KeyVault at a maximum capacity.
Glad to see the alternative way of audit, and hope to see KeyVault not being hacked by all means! Or if it happens, then hope to see the report being shared to improve the security even further!
Curios to know if there is any guidance to try KeyVault locally? I assume the website and the GitHub might be updated with the latest commits at some point?
Thanks.
GitHub repo: The one you linked is the old one when I was using ink! The new repo is up-to-date and located GitHub - lousydropout/keyvault: Blockchain-based password manager built on the Astar network. It should have sufficient instructions for running locally. Please let me know if the instructions are lacking in any way.
Website: yes, I do need to update this. I’ll try to get to it soon-ish. For now, hopefully the repo’s readmes will suffice.
I was planning on making short demo videos since the user experience is lacking somewhat, but my computer just crashed (I interrupted an installation process that was taking too long for me and, well, things are now screwy. No wifi or network card detected anymore lol.)
I’m trying to fix my computer but, in the meantime, I’ll try to answer questions as best as I can from my phone lol.
Thank you for your hard work on the second report.
Above all, I appreciate that you did not forget to provide information and express transparency.
Unexpected events can occasionally occur. The important thing is to thoroughly revise the plan in response, and I believe you are doing that.
Regarding the audit, if this ‘audit’ includes ‘code review for the contract,’ there are SaaS solutions using AI available recently. Bunzz and TECHFUND provide these solutions, so it might be worth considering. Of course, if it is a comprehensive security guarantee, it is understood that it will inevitably be expensive, so please consider whether your alternative plan will be sufficient.
Okay, just went through transaction history. For simplicity, I’ve assumed an exchange rate of $0.07/ASTR.
Since my report for month 1, I’ve withdrew a total of 29,485.812 ASTRs ($2,064.00).
Withdraw history:
Sept. 1st, 2024 – withdrew 8,913.319 ASTRs ($623.93)
Sept. 6th, 2024 – withdrew 5,634.435 ASTRs ($394.41)
Oct. 1st, 2024 – withdrew 14,938.058 ASTRs ($1,045.66)
Event IDs:
- 6930902-7
- 6930902-10
- 6930902-13
- 6930902-16
- 6930902-19
- 6930902-22
- 6930902-25
- 6930902-28
- 6930902-31
- 6972418-9
- 6972418-12
- 6972418-15
- 6972418-18
- 6972418-21
- 6972418-24
- 7150041-9
- 7150041-12
- 7150041-15
- 7150041-18
- 7150041-21
- 7150041-24
- 7150041-27
- 7150041-30
- 7150041-33
- 7150041-36
- 7150041-39
- 7150041-42
- 7150041-45
- 7150041-48
- 7150041-51
- 7150041-54
- 7150041-57
- 7150041-60
- 7150041-63
- 7150041-66
- 7150041-69
- 7150041-72
- 7150041-75
- 7150041-78
- 7150041-81
Oh, also transferred 6,000 more ASTR tokens to 0x6D2d3975b91471D25a6E1DBd326b4AC8Da10a6b2 (the account whose private key is on keyvault (contract Astar address details for 0xC273ea964b5C975Fdbba9DF9624649F1038aAf9B | Blockscout).
There is now a total of ~7,000 ASTR tokens for anyone to hack into and take: Astar address details for 0x6D2d3975b91471D25a6E1DBd326b4AC8Da10a6b2 | Blockscout
I’ll be updating the keyvault website in the next few days.
Impressive progress and transparency in this update! Social recovery and Shamir Secret Sharing are not easy to implement in a safe and user-friendly manner. Kudos for taking it on: big! Work on OpenPGP.js integration and steps towards Firefox compatibility really demonstrate dedication to accessibility.
The alternative audit approach with the ASTR bounty is really creative and bold-putting your work to the test, big time! Excited to see how development unfolds, especially with a new merging algorithm and those promising integrations. Keep up the fantastic work; thanks for the detailed insights!
Thank you for the report.
The progress of the project and the use of the grant are very clear and excellent. Keep up the good work.
Thank you very much for the information. The information is very clear and transparent. If there are any additional activities that you would like to promote, please feel free to let me know. I’m happy to help in any way I can. =)
Thanks for the transparency. Maybe write a small guide again how one can get started and that you have a bug bounty of 6k $ASTR for people to test it.
Maybe we find some volunteers here aswell
It’s time for another progress report. I’m quite a bit busier than I expected to be at the moment, so I’ll only give a brief summary for now. I’ll add to the report this weekend (including uploading a number of screencasts demoing keyvault here before adding them to the website).
So, key points
-
I have not pulled out any rewards since the last report. I’ll pull them out sometime this weekend and report on the amount.
-
Second, the contract remains thus far unhacked and my current intention is to just leave the challenge remain indefinitely.
-
I thought up a improvement for both the UX and cost, and ended up spending much of the month fixated on it. In short, users only need to perform a single transaction when pushing his/her creds to the contract. I borrowed Parity’s SCALE encoding to minimize the size of the ciphertext, and I simplified the data structure used for the credentials/passwords. (see https://github.com/lousydropout/keyvault/commit/220955652c2d9211a4ca88f4d29a94a670e2064d.)
-
Updated feature for encrypting and decrypting messages. So, as is, users can use
keyvault
to encrypt and decrypt messages, but the process is not yet user-friendly. I think adding a contact/address book feature would help significantly. -
I have started making screencasts to show how to use
keyvault
. I still have more screencasts I mean to do and need to upload them and make them public. So, this is at the top of my TODO list.