Watch a detailed 18-minute conference talk from USENIX WOOT '24 where Block, Inc. researchers Adam Scott and Sean Andersen demonstrate how to engineer a backdoored bitcoin hardware wallet that covertly leaks private seeds through ECDSA signatures during normal transactions. Learn about a fully-functional hardware wallet implementation that allows attackers to extract the wallet's private seed simply by monitoring the public blockchain, without requiring physical access or deployment details. Explore how this backdoor can be implanted before or after key generation, potentially through firmware updates, making it compatible with existing bitcoin wallets. Examine their proof-of-concept implementation on the bitcoin testnet network that successfully leaks a complete 256-bit seed using just 10 signatures with modest computational requirements, while maintaining indistinguishable behavior from non-backdoored wallets.
Overview
Syllabus
WOOT '24 - Engineering a backdoored bitcoin wallet
Taught by
USENIX