1

My question relates to a older question on this stackexchange.

Details
Patrick used the Ethereum Wallet to transfer 1 ether to test out buying TheDAO tokens on his mining computer. When (so far it seems that) Ethereum wallet unlocked his geth wallet for 2 seconds (via the IPC API, not exposed to the Internet), a bot that was watching his geth wallet activity swooped in to send a transfer instruction to geth (via JSON-RPC, exposed to the Internet) and transferred his remaining 7218 ethers into the hacker's account.

Did this bug ever got fixed or is still in the newest version of mist and how could i check if I am vulnerable to this attack or not? Did the developer had a special why they implementet it this way or isn‘t even possible to implement it in other way?

Flaqz
  • 25
  • 4

1 Answers1

1

The issue is related to how secure you geth node is. I don't find anything that needs to fixed.

See, when you make IPC connection to your geth node, you can remove RPC apis. SO only processes on your system can access your geth node. So no bot (if not running on your server) can send the transaction to your geth node.

In case, where you are bound to use rpc over IPC, the preferred method is use 127.0.0.1 as rpcaddr.

Be very specific who can send RPC calls to you geth instance. So in most vulnerable case when you are using RPC and exposing personal over RPC. You can make sure that no other server apart from one your Dapp is running can connect to geth node from server side.

EDIT:

I am not sure of 2 seconds interval. If you can provide any ref on where did you read that. What I know from documentation is :

The unencrypted key will be held in memory until the unlock duration expires. If the unlock duration defaults to 300 seconds.

You always have the option to override the value by using:

personal.unlockAccount(address, password, duration_in_seconds)

PS: As long as you have option to configure defaults, defaults don't matter much.

Prashant Prabhakar Singh
  • 8,026
  • 5
  • 40
  • 79
  • Of course you can take steps like making your computer with your wallet on it completely air-gapped to be even more secure. These steps you mentioned are all good to secure your wallet. My question is more why there even is such a 2 seconds interval in that "hacker " could enter your wallet? Did the developer had some idea behind it or does it even has to have that 2 seconds interval? – Flaqz Jun 25 '18 at 14:26
  • Edit the answer as comment was going long. – Prashant Prabhakar Singh Jun 25 '18 at 16:19
  • Here is the ref where I read about that 2 seconds interval: https://ethereum.stackexchange.com/questions/3887/how-to-reduce-the-chances-of-your-ethereum-wallet-getting-hacked and the bit of code which unlock the account for two seconds web3.personal.unlockAccount(Session.get('data').from, pw || '', 2, function(e, res){. Do you have a idea why they are talking about two senconds? – Flaqz Jun 25 '18 at 16:31
  • There is nothing special about 2 secs.BokkyPooBah was just giving an example where the attacker was hitting a node every 2 seconds, so even if you provide duration_in_seconds as 2, you are not safe enough. You can use any value for same but security is beyond applying for how much time account will be unlocked. – Prashant Prabhakar Singh Jun 25 '18 at 17:06
  • 1
    The old unlockAccount(...), then sendTransaction(...) call has now been replaced with web3.eth.personal.signTransaction(...) - https://github.com/ethereum/mist/blob/master/interface/client/templates/popupWindows/sendTransactionConfirmation.js#L461 . The signed transaction is now generated within Ethereum Wallet / Mist, and the signed transaction is passed on to geth. There is now no need for Ethereum Wallet / Mist to get geth to unlock any accounts. – BokkyPooBah Jun 27 '18 at 13:38