A security researcher has posted reports of a zero-day vulnerability in AvalancheGo, an implementation of Ava Labs’ Avalanche protocol. The vulnerability, he said, allows private keys of network validators to be forged, “which essentially renders the entire protocol compromised.”
Researcher James Edwards said he was posting the vulnerability in public because Ava Labs—after responding to his initial claims posted February 14 on Hackenproof with a request for more information—had failed to respond to his later reports detailing the issue, and had not patched the software.
1/ I crafted a 4-part series exploring a flaw in how @avalancheavax $AVAX Avalanche cryptography that allows for private key recovery.
Team ignored. So this is now a guide on how to recover validator private keys on the mainnet.
Enjoy! https://t.co/LVUTjZcfwo
— James Edwards (@librehash) February 19, 2023
“If there’s anybody out there that’s using Avalanche at the time of writing … my best advice as an objective observer and researcher would be to remove any and all funds you have on this protocol ASAP,” he wrote.
Edwards posted a lengthy four-part description of how the vulnerability works, noting that it is only present in the Golang implementation of the Avalanche Protocol. It concerns the way AvalancheGo uses “nonce values” to create deterministic signatures—though Avalanche’s signatures are indeed deterministic, a flaw in functions used to iterate and produce nonce values could potentially compromise validators.
AvalancheGo uses a Decred (another blockchain) library in this process, generating signatures based on the RFC6979 specification.
“Since Avalanche chose to screw me out of a $10k bug bounty, I’ve elected to publish this research for free for the benefit of the community,” he said in his fourth and concluding post on February 19.
Avalanche is a proof-of-stake (PoS) consensus blockchain built to run smart contracts and decentralized applications (dApps). Based on a protocol developed by Emin Gün Sirer and a team of colleagues at Cornell University, its Developer Accelerator Program went open-source in March 2020, and Avalanche itself was officially released a few months later.
As a PoS blockchain, Avalanche confirms blocks by having a network of “validators” lock in stakes of its native token, also called Avalanche (or AVAX). It received US$230 million in investment from Polychain and Three Arrows Capital (3AC), and has reportedly done deals with Deloitte and Amazon.
In August 2022, the project became embroiled in the “Crypto Leaks” scandal involving Kyle Roche, founding partner at Roche Freedman—the law firm that represented Ira Kleiman in the long-running Kleiman v Wright case that sought unsuccessfully to extract a large percentage of Satoshi Nakamoto’s early Bitcoins from Dr. Craig S. Wright. Roche claimed in leaked videos to have used mercenary legal tactics to accumulate trade secrets during discovery and to “take down” competitors to Ava Labs, one of the firm’s clients, in return for a large allotment of AVAX assets. Sirer and Ava Labs denied allegations of wrongdoing, but the firm was subsequently removed from a class action suit against Tether, and Roche himself was fired over the affair. The firm is now called Freedman Normand Friedland.
Avalanche’s response?
For the record, a senior software engineer at Ava Labs refuted claims about vulnerabilities in Avalanche’s nonce/signature generation processes on February 17. This article was re-posted in response to Edwards’ tweet.
1/ We got a great question about how Avalanche generates signatures. We dove deep & outlined exactly how AvalancheGo & AvalancheJS produce RFC6979-compliant signatures. We also linked compliance tests in both repos that pass a corpus of test vectors: https://t.co/Xxi6xCp9sx
— hexfusion.avax 🦀 🔺 (@hexfusion) February 17, 2023
“Ava Labs has a long history of working with responsible security researchers and bug bounty reporters across the broader security ecosystem,” they wrote.
Edwards wrote that Ava Labs developers had sent him “a longform documented response” to his vulnerability claims, though this response said AvalancheGo’s library had inherited several functions from the Decred version “that it in fact, didn’t.” He demonstrated this by producing signatures using both the Decred library and AvalancheGo’s with different results.
He noted that the description worked “in theory” but added, “this has not been executed in practice by myself as it goes against my personal code of ethics.”
Watch: Law & Order Regulatory Compliance for Blockchain & Digital Assets
width=”562″ height=”315″ frameborder=”0″ allowfullscreen=”allowfullscreen”>
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.