ZenGo finds transaction simulation flaw in Coinbase, others

Cryptocurrency wallet provider ZenGo discovered a “red pill attack” that can exploit a flaw in a security feature used by organizations including cryptocurrency giant Coinbase.

A transaction simulation is a security feature typically offered in Web3 platforms that uses sandbox emulation to anticipate the potential outcomes of cryptocurrency transactions before initiating them. While the technology is used for a variety of purposes, one primary reason is to prevent cryptocurrency scams and theft.

ZenGo Monday reported a method to exploit transaction simulators, which it referred to as a “red pill attack,” to steal cryptocurrency. Red pill attacks, ZenGo’s research blog explained, are based on the premise that if malware is able to detect it is operating in a simulation, “it can behave in a benign manner thus deceiving the anti-malware solution, and reveal its true malicious nature only when actually executed in a real environment.”

ZenGo managed to accomplish this via the smart contracts used to complete cryptocurrency transactions. Because there are special circumstances that exist exclusively in a transaction simulation and not in a real transaction, the researchers were able to exploit these simulation-only rules.

ZenGo’s research gave Coinbase’s smart contract instruction as an example.

“The ‘COINBASE’ instruction contains the address of the current block miner. Since during simulation there is no real block and hence no miner, some simulation implementations just set it to the null address (all zeros address),” the blog post read.

The red pill attacks use a simple approach to detect the sandbox emulation and initiate a malicious transaction.

“Ask users to send some native coin to the contract. If COINBASE is zero (which means simulation in Polygon) the contract will send back some coins in return, thus making the transaction potentially profitable to the user when its wallet simulates it. However, when the user sends the transaction on-chain, COINBASE is actually filled with the non-zero address of the current miner, and the malicious contract just takes the sent coins.”

ZenGo CTO and co-founder Tal Be’ery, who led the company’s red pill attack research, told TechTarget Editorial that the company has not found evidence of red pill attacks in the wild to date, though he added that “someone approached us after we published claiming that they might have seen this behavior in the wild.”

ZenGo found multiple cryptocurrency platforms, wallets and tools had transaction simulation implementations that were vulnerable to red pill attacks, including Coinbase wallet, Rabby wallet, Blowfish, Pocket Universe, Fire Extension, and another unnamed extension. According to the post, “all vendors were very receptive to our reports, and most of them were quick to fix their faulty implementations.”

Exploitation of the flaws could put enterprises in jeopardy as well as consumers, as many platforms have introduced business offerings as the cryptocurrency market has exploded. For example, Coinbase this month introduced Wallet as a Service, which provides enterprises with wallet infrastructure APIs to help them deploy customizable, on-chain wallets for their customers.

“Transaction Simulation, inspired by anti-malware sandbox security solutions, can be a highly useful tool in defenders’ toolbox, providing much-required visibility into opaque Web3 transactions. This visibility should be leveraged by a Web3 firewall to alert users against malicious transitions,” the post read. “However, when not implemented securely, transaction simulation may backfire and actually help attackers defraud users out of their assets.”

Alexander Culafi is a writer, journalist and podcaster based in Boston.