This has been assigned CVE-2022-35913: https://www.cve.org/CVERecord?id=CVE-2022-35913
/dev/fd0 Sent with Proton Mail secure email. ------- Original Message ------- On Thursday, July 14th, 2022 at 9:25 AM, alicexbt via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote: > Hi bitcoin-dev list members, > > > STONEWALLx2[1] is a p2p coinjoin transaction in Samourai wallet. The miner > fee is split between both participants of the transaction. > > > ========================== > Problem > ========================== > > Antoine Riard shared the details of DoS attack in an [email][2] on 21 June > 2022. > > Proof of Concept: > > 1) Download Samourai APK, create testnet wallet, get some coins from faucet > and claim a paynym in 2 android devices. Consider Bob and Carol are using > these devices. > > 2) Bob and Carol follow each other's paynyms. Carol is the attacker in this > case and she could make several paynyms. > > 3) Bob initiates a Stonewallx2 transaction that requires collaboration with > Carol. > > 4) Carol confirms this request in the app. > > 5) Carol spends the UTXO from wallet configured in electrum with same seed > before Bob could complete the last step and broadcast STONEWALLx2 > transaction. It was non RBF [transaction][3] with 1 sat/vbyte fee rate and > was unconfirmed during testing. > > 6) Bob receives an [error][4] in the app when trying to broadcast Stonewallx2 > transaction which disappears in a few seconds. The [progress bar][5] appears > as if wallet is still trying to broadcast the transaction until Bob manually > go back or close the app. > > > ========================== > Solution > ========================== > > Suggestions: > > a) Error message that states collaborator spent her UTXO used in STONEWALLx2, > end the p2p coinjoin process, unfollow collaborator's paynym and suggest user > to do such transactions with trusted users only for a while. > > b) Once full RBF is used by some nodes and miners, attacker's transaction > could be replaced with a higher fee rate. > > Conclusions by Samourai: > > a) As the threat involves the collaborator attacking the spender. We strongly > advise that collab spends be done w/ counterparties with which some measure > of trust is shared. As such, this does not seem to have an important threat > surface. > > b) Bumping fee won't be simple as fees are shared 50/50 for STONEWALLx2 > spends. Change would have to be recalculated for both spender and > collaborator. Collab would either have had already authorized a possible fee > bump beforehand or would have to be prompted before broadcast. > > > ========================== > Timeline > ========================== > > 22 June 2022: I emailed Antoine after testing STONEWALLx2 > > 23 June 2022: I shared the details of attack in a confidential issue in > Samourai wallet [repository][6] > > 07 July 2022: TDevD (Samourai) acknowledged the issue and wanted to discuss > it internally with team > > 14 July 2022: TDevD shared the conclusions > > > ========================== > Credits > ========================== > > Antoine Riard discovered DoS vector in p2p coinjoin transactions and helped > by responding to emails during testing. > > > [1]: https://docs.samourai.io/spend-tools > [2]: > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-June/020595.html > [3]: > https://mempool.space/testnet/tx/42db696460a46f196f457779d60acbf46b31accc5414b9eac54b2e785d4c1cbb > [4]: https://i.imgur.com/6uf3VJn.png > [5]: https://i.imgur.com/W6ITl4G.gif > [6]: https://code.samourai.io/wallet/samourai-wallet-android > > > /dev/fd0 > > > Sent with Proton Mail secure email. > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
