Related papers: SoK: Design, Vulnerabilities, and Security Measures of Cryptocurrency Wallets

SoK: Design, Vulnerabilities, and Security Measures of Cryptocurrency Wallets

URL: http://arxiv.org/abs/2307.12874v4
Date: Tue, 14 Jan 2025 16:03:42 GMT
Title: SoK: Design, Vulnerabilities, and Security Measures of Cryptocurrency Wallets
Authors: Yimika Erinle, Yathin Kethepalli, Yebo Feng, Jiahua Xu,
Abstract summary: We introduce a multi-dimensional design taxonomy for existing and novel wallets. We identify previously occurring vulnerabilities and discuss the security implications of design decisions. We present a multi-layered attack framework and investigate 84 incidents between 2012 and 2024, accounting for $5.4B.
Score: 6.074775040047958
License:
Abstract: With the advent of decentralised digital currencies powered by blockchain technology, a new era of peer-to-peer transactions has commenced. The rapid growth of the cryptocurrency economy has led to increased use of transaction-enabling wallets, making them a focal point for security risks. As the frequency of wallet-related incidents rises, there is a critical need for a systematic approach to measure and evaluate these attacks, drawing lessons from past incidents to enhance wallet security. In response, we introduce a multi-dimensional design taxonomy for existing and novel wallets with various design decisions. We classify existing industry wallets based on this taxonomy, identify previously occurring vulnerabilities and discuss the security implications of design decisions. We also systematise threats to the wallet mechanism and analyse the adversary's goals, capabilities and required knowledge. We present a multi-layered attack framework and investigate 84 incidents between 2012 and 2024, accounting for $5.4B. Following this, we classify defence implementations for these attacks on the precautionary and remedial axes. We map the mechanism and design decisions to vulnerabilities, attacks, and possible defence methods to discuss various insights.

Related papers

Phantom Events: Demystifying the Issues of Log Forgery in Blockchain [31.570414211726888]
We present the first in-depth security analysis of transaction log forgery in EVM-based blockchains. We propose a tool designed to detect event forgery vulnerabilities in smart contracts. We have successfully identified real-world instances for all five types of attacks across multiple decentralized applications.
arXiv Detail & Related papers (2025-02-19T08:07:26Z)
Jailbreak Attacks and Defenses against Multimodal Generative Models: A Survey [50.031628043029244]
Multimodal generative models are susceptible to jailbreak attacks, which can bypass built-in safety mechanisms and induce the production of potentially harmful content. We present a detailed taxonomy of attack methods, defense mechanisms, and evaluation frameworks specific to multimodal generative models.
arXiv Detail & Related papers (2024-11-14T07:51:51Z)
Examining Attacks on Consensus and Incentive Systems in Proof-of-Work Blockchains: A Systematic Literature Review [0.0]
Bitcoin's security relies on a decentralized ledger consisting of a consensus and an incentive mechanism. As Bitcoin's acceptance grows, it faces increasing threats from attacks targeting these mechanisms. This paper begins by examining individual attacks executed in isolation and their profitability. It then explores how combining these attacks with each other or with other malicious and non-malicious strategies can enhance their overall effectiveness and profitability.
arXiv Detail & Related papers (2024-11-01T04:18:42Z)
Principles of Designing Robust Remote Face Anti-Spoofing Systems [60.05766968805833]
This paper sheds light on the vulnerabilities of state-of-the-art face anti-spoofing methods against digital attacks. It presents a comprehensive taxonomy of common threats encountered in face anti-spoofing systems.
arXiv Detail & Related papers (2024-06-06T02:05:35Z)
WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets [19.265999943788284]
We present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose. We design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis. evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision.
arXiv Detail & Related papers (2024-05-07T14:01:27Z)
Enhancing Trust and Privacy in Distributed Networks: A Comprehensive Survey on Blockchain-based Federated Learning [51.13534069758711]
Decentralized approaches like blockchain offer a compelling solution by implementing a consensus mechanism among multiple entities. Federated Learning (FL) enables participants to collaboratively train models while safeguarding data privacy. This paper investigates the synergy between blockchain's security features and FL's privacy-preserving model training capabilities.
arXiv Detail & Related papers (2024-03-28T07:08:26Z)
Architectural Design for Secure Smart Contract Development [0.0]
Several attacks on blockchain infrastructures have resulted in hundreds of millions of dollars lost and sensitive information compromised. I identify common software vulnerabilities and attacks on blockchain infrastructures. I propose a model for ensuring a stronger security standard for future systems leveraging smart contracts.
arXiv Detail & Related papers (2024-01-03T18:59:17Z)
Collaborative Learning Framework to Detect Attacks in Transactions and Smart Contracts [26.70294159598272]
This paper presents a novel collaborative learning framework designed to detect attacks in blockchain transactions and smart contracts. Our framework exhibits the capability to classify various types of blockchain attacks, including intricate attacks at the machine code level. Our framework achieves a detection accuracy of approximately 94% through extensive simulations and 91% in real-time experiments with a throughput of over 2,150 transactions per second.
arXiv Detail & Related papers (2023-08-30T07:17:20Z)
Designing an attack-defense game: how to increase robustness of financial transaction models via a competition [69.08339915577206]
Given the escalating risks of malicious attacks in the finance sector, understanding adversarial strategies and robust defense mechanisms for machine learning models is critical. We aim to investigate the current state and dynamics of adversarial attacks and defenses for neural network models that use sequential financial data as the input. We have designed a competition that allows realistic and detailed investigation of problems in modern financial transaction data. The participants compete directly against each other, so possible attacks and defenses are examined in close-to-real-life conditions.
arXiv Detail & Related papers (2023-08-22T12:53:09Z)
Quantum Multi-Solution Bernoulli Search with Applications to Bitcoin's Post-Quantum Security [67.06003361150228]
A proof of work (PoW) is an important cryptographic construct enabling a party to convince others that they invested some effort in solving a computational task. In this work, we examine the hardness of finding such chain of PoWs against quantum strategies. We prove that the chain of PoWs problem reduces to a problem we call multi-solution Bernoulli search, for which we establish its quantum query complexity.
arXiv Detail & Related papers (2020-12-30T18:03:56Z)
Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.