search

hats-finance / illuminex-0x0bb4aa1f58719707405c231fcdf0b405714799cf

0 stars 1 forks source link

Lack of Periodic Key Rotation #42

Open hats-bug-reporter[bot] opened 3 months ago

hats-bug-reporter[bot] commented 3 months ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0x1bb39d8990b4949ad2fbf39f4fa27c53e84144613cf7ae081c7f208c44ea996d Severity: low

Description: Description\ The VaultBitcoinWallet contract calls _updateKey during the _onActionDeposit function, which ensures that keys are updated when deposits occur. However, this does not guarantee periodic key rotation based on the ringKeyUpdateInterval. If deposits areinfrequent, keys may remain static for extended periods, which can compromise security.

Attack Scenario\

  1. Stale Keys: Risk: Without periodic key rotation, keys may become stale if deposits are infrequent. Impact: Stale keys increase the risk of compromise, as they remain static and potentially vulnerable to attacks.
  2. Reduced Security: Risk: The security model of the protocol relies on regular key updates. Without periodic rotation, the protocol's overall security is weakened. Impact: The protocol may become more susceptible to cryptographic attacks, such as brute force or replay attacks, as the same key is used for an extended period.
  3. Operational Overhead: Risk: Relying solely on deposit actions for key updates may lead to inconsistent key management practices. Impact: This increases the likelihood of human error and operational burden if manual intervention is required to ensure key rotation.

Attachments

  1. Proof of Concept (PoC) File

  2. Initial Setup: The contract is deployed with an initial key _genesis . The ringKeyUpdateInterval is set to 1 day.

  3. Key Update on Deposit: A user makes a deposit, triggering the _onActionDeposit function. The _updateKey function is called, updating the key.

  4. Infrequent Deposits: No further deposits are made for an extended period (e.g., 8 days). During this time, the key remains static, as no deposits occur to trigger _updateKey.

  5. Security Implications: The static key is vulnerable to compromise. If an attacker gains access to the key, they can decrypt all data encrypted with that key.

  6. Revised Code File (Optional)

    Implement an automated key rotation mechanism that triggers key updates based on the ringKeyUpdateInterval. This can be achieved by adding a function that checks the interval and updates the keys if necessary.

party-for-illuminati commented 3 months ago

Key rotation needs to happen with some key-event, which is the deposit. This is how it is intended to be