ethermint icon indicating copy to clipboard operation
ethermint copied to clipboard

Published 20 hours ago verified publisher icon evmos

NewAccount fails if several calls are performed in sequence

Open tomtau opened this issue 3 years ago • 4 comments

KS-THA-F-16 https://github.com/tharsis/ethermint/blob/main/rpc/ethereum/namespaces/personal/api.go#L121

Calling NewAccount many times in sequence fails.

      ~ curl -X POST --data
 '{"jsonrpc":"2.0","method":"personal_newAccount","params":["This is the
 passphrase"],"id":1}' -H "Content-Type: application/json" http://localhost:8545
 {"jsonrpc":"2.0","id":1,"result":"0xb453a4f30c92524a6b88b775e9a25a9f1a1fe1fe"}
 ~ curl -X POST --data
 '{"jsonrpc":"2.0","method":"personal_newAccount","params":["This is the
 passphrase"],"id":1}' -H "Content-Type: application/json" http://localhost:8545
 {"jsonrpc":"2.0","id":1,"error":{"code":-32000,"message":"public key already exists
 in keybase"}}
 ~ curl -X POST --data
 '{"jsonrpc":"2.0","method":"personal_newAccount","params":["This is the
 passphrase"],"id":1}' -H "Content-Type: application/json" http://localhost:8545
 {"jsonrpc":"2.0","id":1,"error":{"code":-32000,"message":"public key already exists
 in keybase"}}
 ~ curl -X POST --data
 '{"jsonrpc":"2.0","method":"personal_newAccount","params":["This is the
 passphrase"],"id":1}' -H "Content-Type: application/json" http://localhost:8545
 {"jsonrpc":"2.0","id":1,"error":{"code":-32000,"message":"public key already exists
 in keybase"}}
 ~ curl -X POST --data
 '{"jsonrpc":"2.0","method":"personal_newAccount","params":["This is the
 passphrase"],"id":1}' -H "Content-Type: application/json" http://localhost:8545
 ^[[A{"jsonrpc":"2.0","id":1,"error":{"code":-32000,"message":"public key already
 exists in keybase"}}

We consider this hardly exploitable in practice, but it might be an indication of entropy pool exhaustion. We recommend checking that NewAccount does not deplete the entropy pool. Always prefer using /dev/urandom rather than /dev/random.

tomtau avatar Oct 07 '21 02:10 tomtau

this might need to be fixed in the SDK

JayT106 avatar Oct 27 '21 16:10 JayT106

@JayT106 do you have a link for the Cosmos SDK issue?

tomtau avatar Oct 28 '21 01:10 tomtau

@tomtau after checkedbip39.NewEntropy in the SDK again, I think it uses /dev/urandom by default. See https://pkg.go.dev/crypto/rand?utm_source=gopls#pkg-variables

So the issue I think might be in here. https://github.com/tharsis/ethermint/blob/bc1d81c5e874109bd95edd99725ab764ce9f922b/rpc/ethereum/namespaces/personal/api.go#L124 Because the format is with sec precision. if we try to create some keys in a sec, it will have an issue when writing the key to the Keystore because the name of the keys is the same. https://github.com/cosmos/cosmos-sdk/blob/b75c29fc15d3320ec0c7596dbd7c787c48dccad8/crypto/keyring/keyring.go#L750

JayT106 avatar Oct 28 '21 19:10 JayT106

I think we can add a nonce instead of using time.Now() (eg: use the len of the keyring list)

fedekunze avatar Oct 28 '21 19:10 fedekunze

This issue is stale because it has been open 45 days with no activity. Remove Status: Stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar Aug 16 '22 02:08 github-actions[bot]