Improving the Ecosystem: Disclosing ColdCard Mk2 PIN Vulnerability

As with traditional money, the security of cryptocurrencies is absolutely vital for the entire market. A critical, exploitable vulnerability in any wallet provider could cause a huge impact for all that participate in the world of cryptocurrencies. In light of this, our security experts have the secondary objective of evaluating the security of other cryptocurrency service providers.

Our Shared Responsibility

As mentioned in the intro, major losses caused by vulnerabilities have a major impact on the entire cryptocurrency ecosystem. During the Mt.Gox disaster, we’ve seen prices plummet and the reputation of crypto assets taking a huge blow. No one wants to see anything like that ever happening again.

To do our share in this, our world-class security experts at the Ledger Donjon have a secondary objective that comes after continuously trying to enhance our own devices’ security. This is to evaluate the security of other actors in the cryptosphere. In doing so, their security can be enhanced and vulnerabilities patched.

Naturally, any vulnerabilities discovered will be responsibly disclosed. This gives them the time to patch it. If, however, a fix is not found, we do have the unfortunate responsibility to inform the community. Not only is it important for them to be aware, but this way we can equally propose workarounds to help keep your cryptocurrencies secure.

The Vulnerability

The Coldcard Mk2 has a physical vulnerability that can be used to obtain the device’s PIN code. While indeed someone would first need to be able to get a hold of your Coldcard Mk2, it does mean your crypto assets are vulnerable if someone manages to take your device.

The good news is that the type of attack does require highly specialized equipment worth over $200,000 and expert knowledge to be able to pull this off. This is thanks to Coldcard making use of a secure memory chip, rather than a generic MCU chip. Indeed, the type of chip used for your hardware wallet makes a huge difference for its security.

The bad news is that if someone does have this equipment and expertise, they will be able to extract your device’s PIN code reliably. This means that an attacker could steal the Bitcoins you manage through your device if they’ve managed to get physical access. As there are thousands of people owning a Coldcard Mk2, this could be quite impactful.

The Details

In this part, we’ll present a simplified version of how the Ledger Donjon was able to reliably obtain a Coldcard Mk2 wallet’s PIN code. For a more detailed, high-level version, you can refer to the article the Ledger Donjon has posted. The Ledger Donjon will present the full details of the ATECC508A vulnerability at the SSTIC 2020 conference.

The underlying cause of the vulnerability actually lies within the secure memory chip used in Colcard Mk2 devices. While a significant step up from generic MCU chips and a lot harder to crack, the Microchip ATECC508A is at the root of this vulnerability. This is why at Ledger we only use certified Secure Element chips that have undergone intensive testing by a third party.

The physical attack is done through a method known as a Laser Fault Injection. This is a state-of-the-art attack where a very precise, focused laser is used while a chip is trying to execute an action. In the case of the ATECC508A chip used in Coldcard Mk2 wallets, doing this at a very specific spot and timing, one can bypass the access conditions, and the PIN code hash stored in the secure memory can be obtained. As such, the PIN code can then easily be brute forced offline.

Once the correct PIN code has been obtained through brute forcing, the attacker can have complete access to the Bitcoin managed through the device. 

Larger Than Coldcard

The vulnerability found by the Ledger Donjon on the ATECC508A surpasses its cryptocurrency application through Coldcard devices. This secure memory chip is used in other important tools. For example, Amazon AWS IoT kits using the ATECC508A for secure communication exist. Indeed, the ATECC508A chip has been used for other IoT services’ security as well. The vulnerability uncovered by the Ledger Donjon is currently not applicable to those applications, but as we demonstrated the ATECC508A has weaknesses againsts Laser Fault Injection. Other attack path might exist and be discovered in the future.

Microchip has since put a warning on the ATECC508A chip’s page, stating “Not recommended for new designs”.

The Workaround

First and foremost, it must be stressed that this vulnerability applies to Coldcard’s Mk2 model. Coldcard Mk3 devices are not impacted by this. These use the newer ATECC608A chips instead. Secondly, the attack can only be performed if someone has physical access to your device. Keeping your Coldcard Mk2 hardware wallet well hidden would be one way to mitigate this vulnerability.

Secondly, much like the KeepKey and Trezor vulnerabilities, a strong passphrase is the answer. A passphrase of 37 characters or more is recommended. Unlike the KeepKey and Trezor One devices, you can enter your passphrase directly into the Coldcard Mk2 rather than through a computer. While it might be a bit of an inconvenience to enter a passphrase into your Coldcard device, this does effectively mitigate the PIN vulnerability completely.