The U.S. Securities and Exchange Commission (SEC) recently fell victim to a social media account hack, which was attributed to a ‘SIM Swap’ attack. The hackers used the compromised account to make a false announcement about a Bitcoin Exchange-Traded Fund (ETF). This incident has raised concerns about the security of digital assets and the vulnerability of social media platforms to cyber-attacks.

Understanding the ‘SIM Swap’ Attack

A ‘SIM Swap’ attack, also known as SIM jacking, is a type of identity theft where the attacker convinces the mobile service provider to port a target’s phone number to a new SIM card controlled by the attacker. Once successful, the attacker can bypass two-factor authentication and password recovery systems that send a code to the phone, gaining control over email, social media, and financial accounts.

The False Bitcoin ETF Announcement

Using the SEC’s compromised social media account, the hackers announced the approval of a Bitcoin ETF, a long-awaited event in the cryptocurrency world. The false announcement caused a brief spike in Bitcoin’s price, demonstrating the potential impact of such misinformation.

• Immediate Impact: The false announcement led to a temporary surge in Bitcoin’s price, reflecting the market’s sensitivity to such news.
• Long-term Implications: The incident highlighted the potential for market manipulation through social media and the need for stronger security measures.

How the SEC Responded

The SEC quickly identified and rectified the breach, clarifying that the Bitcoin ETF announcement was false. The commission is now working with law enforcement agencies to investigate the incident and strengthen its security measures to prevent future attacks.

Implications for Digital Asset Security

This incident underscores the importance of robust security measures for digital assets. It highlights the need for:

• Stronger Authentication Measures: Two-factor authentication, while generally effective, can be bypassed in a SIM Swap attack. This calls for more robust security measures, such as biometric authentication or hardware tokens.
• Improved Social Media Security: Social media platforms need to enhance their security protocols to prevent account takeovers.
• Regulatory Oversight: Regulatory bodies like the SEC need to ensure that accurate information is disseminated to prevent market manipulation.

Preventing SIM Swap Attacks

While SIM Swap attacks are sophisticated, there are steps that individuals and organizations can take to protect themselves:

• Use Non-SMS Two-Factor Authentication: Opt for authentication methods that do not rely on SMS, such as authenticator apps or hardware tokens.
• Limit Personal Information Sharing: The less personal information available online, the harder it is for an attacker to impersonate you to your mobile service provider.
• Regularly Monitor Accounts: Regularly check your financial and social media accounts for any suspicious activity.

Conclusion

The recent SEC social media hack serves as a stark reminder of the potential vulnerabilities in our increasingly digital world. While the false Bitcoin ETF announcement was quickly debunked, the incident highlights the potential for market manipulation through social media and the importance of robust digital security measures. As we continue to navigate the digital landscape, it is crucial for individuals, organizations, and regulatory bodies to remain vigilant and proactive in protecting digital assets.

Source link

So a lot of noise has been made around the Lightning vulnerability recently disclosed by Antoine Riard. Many people are claiming the sky is falling, that Lightning is fundamentally broken, and nothing could be further from the truth. I think part of the problem is that people don’t really understand how this vulnerability works, firstly, and secondly many people don’t understand how this individual vulnerability overlaps with other known issues on the Lightning Network that have known solutions.

So first, let’s go through and try to understand the vulnerability itself. When a Lightning payment is routed across the network, one thing that is key to understand is how the timelocks for refunding a failed payment work. The hop closest to the receiver has a timelock of ‘x’, and every hop going back to the sender has one of ‘x+1’, ‘x+2’, and so on. The timelocks get progressively longer as you go each hop from the receiver back towards the sender. The reason for this is that if a payment reaches the receiver, but some problem stops the preimage from propagating all the way back to the sender, the hop where it stopped has time to enforce it on-chain, and put the preimage there that all preceding hops need to confirm the payment. Otherwise someone in the middle, where the failure happens, could have their outgoing hop claim the funds with the preimage, and the hop that forwarded it to them claim it with their refund path, and leave that person in the middle shit out of luck having lost funds.

The Replacement Cycling Attack is a complicated way to try and accomplish exactly that undesired outcome, the target node losing money by having the outgoing hop claim the funds with a success transaction, and the incoming hop claiming funds through the refund transaction. This necessitates stalling out the victim node, and preventing them from seeing the preimage in the success transaction on one side until after the timelock expires on the other side, so they can claim the refund there.

This requires a very targeted and complicated game of manipulating the victim’s mempool. Let’s look at the actual transaction structure involved here. You have the commitment transaction, which is the main transaction representing the Lightning channel state. It has an output for each side of the channel representing funds completely under the control of one member or the other, and outputs for each HTLC in the process of being routed. These outputs are the ones we are concerned with. Each HTLC output can be spent either immediately at any time with the preimage from the receiver, or after the timelock expires on the refund.

The attack requires that a malicious party, or two conspiring parties, have a channel on both sides of the victims node routing a payment. So Bob, the victim, has a channel with Alice and Carol, the attackers, and payment routed from Carol to Bob to Alice. Now remember, the timelock refund path between Alice and Bob will expire and become valid before the refund between Carol and Bob.

The attackers route a payment through Bob, and then Alice will refuse to send Bob the preimage to finalize the payment when she receives it. What Bob will do now is wait until the timelock window expires between himself and Alice, and go to broadcast the channel commitment transaction and refund transaction to get it confirmed before the timelock window expires. What Alice will do is then go to spend the preimage transaction to claim the funds with an output unrelated to the channel, and right afterwards doublespend the second input in the preimage success transaction. The goal here is to evict Bob’s timeout transaction from the mempool, but also evict the preimage success transaction so Bob doesn’t see it. If he does, he will learn the preimage and can simply claim the funds in his channel with Carol before her timeout transaction is valid to spend.

Alice and Carol have to do this on a consistent basis, everytime Bob rebroadcasts his timeout transaction with Alice, until the blockheight passes where Carol’s timeout transaction is valid. Then they can submit the success transaction on Alice’s side, and the timeout transaction on Carol’s side, and leave Bob holding the bag having lost the value of the payment he was routing.

The problem with this is two fold. Firstly, the victim’s Bitcoin Core node must be specifically targeted to ensure that at no time does the preimage success transaction propagate into their mempool where their Lightning node can acquire the preimage. Secondly, if the second transaction Alice uses to evict the preimage transaction is confirmed, Alice incurs a cost (remember, the idea is to replace the timeout transaction with the preimage, so that is evicted from the mempool, then replace the preimage transaction with the second one double-spending the additional input in the preimage transaction). That means every time Bob re-broadcasts his timeout transaction, Alice has to pay a higher fee to re-evict it, and when that is confirmed she actually incurs a cost.

So Bob can force Alice to incur a big cost simply by regularly rebroadcasting his timeout transaction with a higher fee, meaning if the payment HTLC output is not worth significantly more than the fees Alice could incur, the attack isn’t economically worthwhile to pull off. It would also be possible to prevent the attack completely by changing how HTLC success and timeout transactions are constructed. By using the SIGHASH_ALL flag, which means the signature commits to the entirety of the transaction and becomes invalid if the tiniest detail (like adding the new input in the preimage transaction required for this attack) is changed. This wouldn’t work with current version of Lightning channels using anchor outputs, but it would solve the issue entirely. Peter Todd has also proposed a new consensus feature that would entirely solve the issue, essentially a reverse timelock, where the transaction would become invalid after a certain time or blockheight instead of becoming valid after. Going that far however is not necessary in my opinion.

Simply rebroadcasting your transaction regularly with a slight fee bump is a massive mitigation of the attack, but there are also numerous dynamics that just make it not a serious issue regardless. First, if you aren’t a routing node, this isn’t really a serious issue. So most end users are safe from this attack. Secondly, there are many reasons why nodes do not allow any random person to open channels to them. Large nodes are very selective about who they peer with, as random channels not managed efficiently or professionally have a cost in the form of sunk or wasted capital in unused channels. So any large node that would make a juicy target for this attack is not trivial to even get connected with in the first place, let alone connect to them with multiple channels to pull off the attack in the first place. Lastly, as I’ve written about in the past, other unrelated attacks possible on the network are already necessitating filters and restrictions in how nodes choose to handle HTLCs they could forward. I.e. limits on the size of payments they will forward, how many they will allow at any given time, etc. So even if you can open a channel with a node worth attacking, as the network evolves there will be more thought through criteria and filters for deciding whether to even forward a payment in the first place.

Overall, this is a legitimate issue and possible attack, but both in terms of direct mitigations, and how the attack will interact with solutions to other issues over the long term, this is not an unsolvable problem. It is a legitimate issue, and dismissing it as purely FUD is not an accurate reaction, but to claim the sky is falling and the Lightning Network as a protocol is doomed is far overblowing the issue.

Time will march on, we will run into problems, and we will fix those problems as they come. Like we always have. 

Source link

This is an opinion editorial by Kudzai Kutukwa, a financial inclusion advocate and Mandela Washington fellow.

Throughout American economic history, there has been a constant drive toward centralization, as evidenced by the many attempts to establish a central bank in the United States. From Alexander Hamilton’s “Federalist Papers” to President Andrew Jackson’s fierce battle against the Second Bank of the United States and the ultimate creation of the Federal Reserve in 1913, the allure of consolidating financial power has shaped the nation’s monetary landscape.

However, amid the fervor for a centralized monetary authority, there is a cautionary note: Be wary of the erosion of financial privacy. The concentration of financial control leads to less individual sovereignty, as the watchful eyes of authority encroach on the sanctity of personal wealth. As this centralized leviathan grows in the face of diminishing individual autonomy, a disturbing truth emerges: financial privacy is shrinking in the shadow of a monolithic force that demands unquestioning compliance.

Bitcoin exists today in defiance of that centralized monetary control, after more than a century of central bank tyranny. The subsequent entrenchment of legal tender laws bestowed upon the government the sole authority to determine what money is and what it is not. As Austrian economist Carl Menger has pointed out:

“Money is not an invention of the state. It is not the product of a legislative act. Even the sanction of political authority is not necessary for its existence.”

Therefore, the enactment of legal tender laws is in sharp contrast to any rational economic thought. Satoshi Nakamoto understood this and created a transparent monetary system for free-market actors to adopt, while taking away the power of central banks to create money. The government’s monopoly over the issuance of currency is the foundation of its capacity to inflate the money supply. In addition, legal tender laws are the basis for attacking superior alternative monetary systems, such as Bitcoin, while simultaneously eroding financial privacy.

Fighting An Expansion Of Authority

The recent dismissal of Coin Center’s challenge to the expansion of Section 6050I of the tax code, which was part of the Infrastructure Investment and Jobs Act (IIJA) passed in 2021, serves as a chilling example of the incremental outlawing of financial privacy. Section 6050I requires the reporting of cash or cash equivalents that exceed $10,000 and the amendment in the IIJA expanded this provision to include bitcoin and cryptocurrency businesses, traders and investors in the U.S. An immediate problem with treating digital assets as cash contradicts the IRS’s determination that they are property, not cash, for tax purposes.

That’s not all; in addition to meeting these reporting requirements, recipients of bitcoin or other cryptocurrency payments must also divulge personal details of the senders, such as their names, dates of birth and social security numbers. Furthermore, recipients are also required to maintain records of all of their transactions as well as the personal details of all senders for a period of five years. The privacy infringements of these provisions are glaringly obvious as they expand warrantless surveillance while turning everyone making these transactions into unofficial law enforcement agents. Without a successful appeal, the enforcement of this law commences on January 1, 2024.

The Death Of Decentralization

While the alarm has been sounded on how central bank digital currencies (CBDCs) are the death knell for financial privacy, this provision enables the powers that be to create blacklists of Bitcoiners and potentially target them individually for “tax violations” or in other ways that are unimaginable today.

A day prior to the dismissal of Coin Center’s challenge, U.S. Senators Jack Reed, Mike Rounds, Mark Warner and Mitt Romney unveiled the Crypto Asset National Security Enhancement And Enforcement Act In The Senate (CANSEE), which aims to combat abuse of cryptocurrency protocols by criminals and enemies. While this bill may seem reasonable at first glance, it would make it infeasible to develop decentralized protocols in the U.S., while additionally posing a threat to financial privacy. Under the bill, penalties would be extended to those who publish applications for digital asset transactions and who have “the power, directly or indirectly, to direct a change in the computer code or other terms governing the operation of the protocol, as determined by the Secretary of the Treasury,” and this could include open-source software contributors. Furthermore the bill would also extend all of the Bank Secrecy Act obligations that now apply to financial institutions like cryptocurrency exchanges to those same persons.

In short, the bill would effectively ban the publication of open-source code for decentralized cryptocurrency protocols while giving the secretary of the U.S. Treasury virtually-unbounded discretion to decide who qualifies as someone who “controls” those protocols, as well as granting exemptions to centralized protocols that comply with regulations. This would give the government unprecedented control over the development and use of decentralized protocols.

Not only is this concentration of power concerning, but the bill evidently overlooks the fact that decentralized protocols like Bitcoin are designed to function peer to peer and in a non-intermediated way. Decentralization is one of the key pillars that distinguishes Bitcoin from everything else. This bill, in its current form, is an attempt to stifle innovation in the Bitcoin ecosystem by attacking decentralization.

Without decentralization, a major bulwark in preserving financial privacy will have been removed. While these laws do not affect the underlying code or architecture of Bitcoin, they could potentially slow down its adoption, while giving the government time to roll out a CBDC that would be marketed to the general public as a “digital asset you can trust.” As a result, most people would unknowingly trade freedom for convenience.

Trading Freedom For Convenience

This potential is most evident in the Federal Reserve’s newly-launched digital payment system, FedNow, which enables instant transactions by default.

According to Federal Reserve Chairman Jerome Powell, “The Federal Reserve built the FedNow Service to help make everyday payments over the coming years faster and more convenient.” As heartwarming as that sounds, FedNow is another step toward increased centralized control of the financial system as it lays the foundation necessary for the rollout of a CBDC.

It’s important to note that FedNow is not a CBDC, however it’s one of the key pieces of infrastructure in the gradual transition to a digital dollar. Once the complete digitalization of the fiat system is complete, extensive financial surveillance, data mining and control over individuals’ financial choices will be the norm. As always, the standard “carrot and stick” approach is being used to encourage people to adopt this new system, with convenience being the carrot and, later on, jail time being the stick.

Unlike Bitcoin, FedNow is permissioned, grants the Fed the power to monitor as well as reverse or ban transactions and isn’t global. In other words, it’s the same as the current monetary system but with less freedom and privacy. The recent unilateral shut down of British politician Nigel Farage’s bank account serves as a cautionary tale of how reduced financial privacy can quickly morph into financial censorship for having differing political views. Therein lies the danger of permissioned digital financial infrastructure; its use depends on the benevolence of whoever controls it. The moment you are deemed to be “persona non grata” like Farage, you are immediately cut off from the financial system. If successful, FedNow will be the backbone for the American social credit system. The silver lining in all this is that the authoritarians are helping to make the case for permissionless and censorship resistant money like Bitcoin even stronger.

Lurking In The Shadows

In addition to predatory legislation and Orwellian CBDCs, blockchain surveillance companies, such as Chainalysis, are another threat to our financial privacy that lurks in the shadows. In addition to collecting the internet protocol (IP) addresses of visitors to a block explorer that it owns, Chainalysis also runs several Bitcoin nodes in a bid to mine as much data as possible that can be used to deanonymize Bitcoin users. While these methods are ultimately probabilistic at best, Chainalysis enjoys a cozy relationship with law enforcement agencies, which means that its “black box analysis” can be used to secure convictions. The case of Roman Sterlingov immediately comes to mind.

Sterlingov was arrested in 2021 on charges of operating Bitcoin Fog, a Bitcoin mixing service. The United States Department of Justice (DOJ) alleges that he laundered a staggering $336 million through the mixer. According to an arrest warrant, Sterlingov faces three charges: unlicensed money transmission, money laundering and money transmission without a license. Sterlingov’s defense team, led by Tor Ekeland and Mike Hassard, vehemently maintains his innocence, questioning the reliability of the blockchain analysis techniques employed to link him to the case and raising concerns about a possible conflict of interest involving Chainalysis. His defense further contends that the statute of limitations has lapsed on the charges against him, citing that the alleged activities took place back in 2011.

Elizabeth Bisbee, the director of investigative solutions at Chainalysis, made the following statement in an affidavit intended to provide more information on Chainalysis’ clustering methodology and error rate:

“Historically, Chainalysis has not gathered and recorded in a central location false positives/false negatives because there is design to be more conservative in the clustering of addresses. In response to the Court’s inquiry, Chainalysis is looking into the potential of trying to collect and record any potential false positives and margin of error, but such a collection does not currently exist.”

In a nutshell, this means that Chainalysis has not kept a record of the errors it makes when doing its blockchain analysis and is completely unaware of its false-positive rate. This calls into question the accuracy of its methods and, while the court has asked it to consider tracking any potential errors, it currently does not have a system in place to do so. This implies that Chainalysis’ blockchain surveillance methods could potentially lead to erroneous conclusions, the extent of which are unknown at this stage. This point was also confirmed by Coinbase, a competitor of Chainalysis, in a blog post describing blockchain analytics as “more an art than a science” with a high propensity for bias due to the quality and availability of evidence.

In the same statement, Bisbee added:

“Chainalysis clustering methodologies have not been peer-reviewed in the sense that an academic paper would get peer-reviewed with data and methodology(ies) reviewed in a separate study by other scientists. However, every single clustering heuristic in the system has been reviewed by numerous Chainlaysis data scientists, intelligence analysts, and investigators that specialize in blockchain analytics. Chainalysis clustering algorithms are based on deep scientific research in cryptography, blockchains, distributed systems, and computer science.”

Chainalysis is simply saying, “trust me bro” as its clustering methodologies have not been externally peer reviewed, thus raising more questions about the transparency and impartiality of its techniques. Without independent verification, it’s hard to validate Chainalysis’ clustering methods which have become essential tools in cybercriminal investigations. In short, the company claims its black-box methodology is based on solid scientific principles, but considering the fact that Sterlingov has already served over two years in prison and could get a 50-year sentence if convicted, more convincing evidence is required to substantiate this claim.

Given these circumstances, it would be reasonable to expect there to be corroborating evidence that points to Sterlingov and, according to his lawyers, none has been found. This is after combing through 3 terabytes of hard drives, SD cards, thumb drives, handwritten notes, backup account codes, laptops and smartphones that he had on his person at the time of his arrest. This ongoing case, which is set to go to trial on September 14, 2023, is an example of how far the state will go to attack your financial privacy. Sterlingov’s bitcoin holdings were acquired legitimately through early investments, unrelated to Bitcoin Fog, which he only utilized for privacy purposes.

The outcome of Sterlingov’s case may shape the future application of these methods in legal proceedings, and could negatively impact how cases involving Bitcoin financial privacy are handled.

Your Financial Privacy Is Under Attack

These seemingly-unrelated accounts presented in this article all point to one thing; your financial privacy is under attack! Those in charge of the fiat system are more determined than ever to use every tool at their disposal, legislative or otherwise, to neuter Bitcoin while weaponizing the justice system against individual, privacy-conscious Bitcoiners, as in the case of Sterlingov. Fortunately we have the capabilities to develop new privacy-preserving tools that would render all these State-level attacks useless.

As Eric Hughes wrote in the “Cypherpunk Manifesto”: “We must come together and create systems which allow anonymous transactions to take place.”

Nakamoto gave us a head start with Bitcoin. We must continue to build tools to strengthen its censorship resistance and privacy. An example of this would be PayJoin transactions. PayJoin makes Bitcoin transactions more private by making it harder to track them, through the obfuscation of the origin and destination of funds, thus preventing chain surveillance companies like Chainalysis from linking them together. The recent release of the PayJoin Development Kit by Bitcoin Developer Dan Gould is a positive development that will ensure that as many Bitcoin services as possible integrate PayJoin.

The faster that these privacy enhancing tools can be developed, the easier it will be to ensure that dystopian monetary instruments like CBDCs and other privacy eroding technologies are dead on arrival.

This is a guest post by Kudzai Kutukwa. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.

Source link