Key Management Audit Report for DeFi Protocol
Management Summary
A company with a De-Fi protocol system contacted Sayfer Security in order to perform a key management audit of their company keys. The company uses 3 wallets to manage the company treasury and internal payments like employee paychecks and contractors’ payments.
Before assessing the company’s keys, we held a kickoff meeting with the company’s technical team and received an overview of the system and the current keys and their roles.
Over the research period of 2 weeks, we discovered 4 findings.
Throughout the audit, we found that while the company has a strong security culture, there are different ways to improve the key management procedures.
Vulnerabilities by Risk
Critical – Immediate or ongoing part of the business being exploited with direct key business losses.
High – Direct threat to key business processes.
Medium – Indirect threat to key business processes or partial threat to business processes.
Low – No direct threat exists. The vulnerability may be exploited using other vulnerabilities.
Informational – This finding does not indicate vulnerability, but states a comment that notifies about design flaws and improper implementation that might cause a problem in the long run.
Approach
Discovery and Data Gathering
To kick off the audit, we will begin by seeking to understand your existing infrastructure and processes. We will collect relevant documentation and conduct interviews with your team Our aim is to understand your procedures for key generation, storage, backup, and recovery.
Technical Analysis
Following the discovery phase, Sayfer team will perform a technical analysis of your key management systems. This includes assessing the security measures of your hardware and software wallets, reviewing the encryption standards, and evaluating the protection measures against both physical and digital threats.
Backup Strategy
We will review your backup protocols to ensure they provide robust protection against the loss or compromise of keys, key shares or recovery seed.
Monitoring
Sayfer will assess your systems for detecting unauthorized access attempts or suspicious activity. We will review your alert management processes and evaluate your readiness to face a potential security breach.
Risk Assessment
Based on the data gathered and our technical analysis, we will identify potential risks
Recommendations
Upon completion of the audit, we will provide detailed recommendations to address any identified vulnerabilities or areas for improvement. These will include both short-term fixes and strategic long-term improvements.
Audit Findings
Dangerous Shamir Backup Threshold
Severity:
High
Business Impact
The primary issue lies in the fact that the loss or compromise of even one of the recovery shares would make the recovery of the private key impossible.
Background
The company uses the Trezor Model T with Shamir Backup for treasury management and internal payment. While Shamir Backup is a robust and reliable method for secure key management, designed to split a secret into multiple parts, our audit revealed that the company’s implementation raised significant concern.
The company uses a 2 out of 2 share threshold in their Shamir Backup setup. This means that both recovery shares are necessary to recover the private key. While this may appear to provide an added layer of security, it actually introduces a dangerous level of risk.
Furthermore, the 2 out of 2 scheme does not offer any advantage in terms of security over a single copy of the key. In both cases, the loss of a single component leads to the irreversible loss of the key. The crucial difference is that in the 2 out of 2 scheme, there are twice as many potential points of failure that could lead to such a loss.
Recommendation
the company should reconsider their threshold setup for Shamir Backup. A 2 out of 3, or even a 3 out of 5 scheme, would provide a better balance between security and redundancy, reducing the risk of key loss while still requiring multiple shares for recovery.
An Employee Has High Spending Limits on Safe Multi-sig
Severity:
High
Business Impact
A stolen key from the employee will potentially expose the company’s Safe multi-sig wallet to substantial risk. If compromised, this setup could drain the company’s assets in less than 20 days.
Background
During the audit, we identified an employee’s address 0x███████████████, connected and generated by a simple Metamask wallet, which has been granted a daily spending limit of 10 ETH per day. Given the potential vulnerabilities associated with hot wallets like Metamask, this configuration presents a significant risk to the company’s financial assets held in the Geonosis Safe multi-sig wallet.
Recommendation
We strongly recommend that the company re-evaluate the spending limits set for employee addresses, particularly those linked to high-risk wallets. The daily spending limit for this address should be significantly reduced or span over longer period of time to minimize potential losses in the event of a compromise.
A Hidden Wallet is Not Used
Severity:
Medium
Business Impact
The absence of a hidden wallet in the company’s Trezor setup degrades the security when a physical or remote attack happens. If a malicious actor gains access to the primary wallet, they could observe all the assets the wallet has.
Background
A hidden wallet, also known as a plausible deniability or duress wallet, is a feature provided by multiple wallets that allows the creation of a secondary wallet attached to the primary one through an additional passphrase. This feature serves as an extra layer of security, effectively masking the primary wallet.
During the audit, we found that the company does not utilize this feature. Their crypto asset holdings are visible in the primary wallet, which could be a potential target for hackers. This is a concern given the value of assets managed by the company and the potential impact of a successful breach.
Recommendation
We strongly recommend that the company consider implementing a hidden wallet in its Trezor setup. By adding a secret passphrase, they can create a secondary wallet and maintain a minimal amount of crypto assets in the primary wallet. This strategy will not only provide an added layer of security but also serve as a decoy to mislead potential attackers.
Recovery Seed Shares Are Written on Paper
Severity:
Medium
Business Impact
Storing recovery seed shares on paper presents a significant risk to the company’s key management strategy. Paper is susceptible to a variety of physical threats such as water, fire, and general wear and tear. The loss or damage of these seed shares could result in irreversible loss of access to the company’s crypto assets, leading to potentially substantial financial losses and operational disruptions.
Background
During the audit, it was found that the company’s records of its’ recovery seed shares on paper. While this method may be straightforward and cost-effective, it does not offer the same level of durability and longevity as other materials. Given the critical importance of these seed shares for the recovery of the private keys, this approach falls short of industry best practices.
Recommendation
We recommend that the company transitions from paper to a more durable material for storing recovery seed shares. Metal backup tools like the KEYSTONE Tablet provide a robust solution for this purpose. These tablets are resistant to fire, water, and corrosion, ensuring that the seed shares remain intact and legible even under harsh conditions.
No Process for Simulation of Lost or Stolen Keys
Severity:
Medium
Business Impact
The absence of a process for simulating lost or stolen keys in the company’s key management strategy could lead to unpreparedness in the face of a real-world incident. This could potentially result in substantial delays in response time, increased likelihood of asset loss, and significant operational disruptions, impacting the company’s business continuity and financial standing.
Background
During the audit, we identified that the company does not have a documented process for simulating scenarios where keys are lost or stolen. Regular simulations of these scenarios are crucial for testing and improving the company’s incident response plan, ensuring that staff knows what steps to take, and verifying that recovery processes work as intended.
Recommendation
We recommend that the company implements a regular schedule of simulations for lost and stolen keys. These simulations should involve all relevant parties and follow a documented procedure, which outlines the steps to be taken in such a scenario. The process should be comprehensive, covering both the technical aspects of key recovery and the communication channels to be used in the event of such an incident.