Engineering a Backdoored Bitcoin Hardware Wallet - Security Analysis and Implementation
Earn Your CS Degree, Tuition-Free, 100% Online!
Pass the PMP® Exam on Your First Try — Expert-Led Training
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Watch a detailed 18-minute conference talk from USENIX WOOT '24 where Block, Inc. researchers Adam Scott and Sean Andersen demonstrate how to engineer a backdoored bitcoin hardware wallet that covertly leaks private seeds through ECDSA signatures during normal transactions. Learn about a fully-functional hardware wallet implementation that allows attackers to extract the wallet's private seed simply by monitoring the public blockchain, without requiring physical access or deployment details. Explore how this backdoor can be implanted before or after key generation, potentially through firmware updates, making it compatible with existing bitcoin wallets. Examine their proof-of-concept implementation on the bitcoin testnet network that successfully leaks a complete 256-bit seed using just 10 signatures with modest computational requirements, while maintaining indistinguishable behavior from non-backdoored wallets.
Syllabus
WOOT '24 - Engineering a backdoored bitcoin wallet
Taught by
USENIX