Web3 Safety: The Hot, The Hard, & The Cold
Introducing Toshokan, a community-first blog for Sushi

Introducing Toshokan, a community-first blog for Sushi

Today we're excited to introduce Toshokan (図書館 Japanese word for library), our new blog that will help keep our community informed about the latest happenings at Sushi.

8 min read

Web3 Safety: The Hot, The Hard, & The Cold

Mitigate the common risks associated with Web3 space by understanding more about wallets and custody.
Web3 Safety: The Hot, The Hard, & The Cold

Selling self custody

This is such a liberating space with the potential to give anyone, anywhere in the world, a secure means with which to retain their assets in their own custody.
But this type of freedom comes with an immense responsibility - one that most would rather hand over to a custodian like a centralized exchange.
And while I can relate to the appeal, that shift in responsibility is not a shifting of the risk.

Centralized exchanges get hacked. A majority have been, and not all have had the capacity to return funds.
Just recently we saw people withdrawing from Coinbase amidst some concerns.

There is a saying: “Capital deployed is capital at risk.”
I do fully consider any crypto on an exchange as capital deployed, and if not in cold storage I consider it at risk.
There are times to use centralized exchanges just as there are times to use hot wallets, but I would like to argue why (where feasible) a person should use at least one hardware wallet and remain mindful of their approvals.

What is cold storage? (source: https://fool.com)

Cold storage is offline cryptocurrency storage. Any crypto wallet that’s not connected to the internet is considered cold storage and is referred to as a cold wallet.
The most common type of cold wallet is a hardware wallet, which is typically a small device that connects to a computer.

This is the accepted definition and it is adequate, though I would like to encourage a more granular perspective.

Hot wallet: This would be your Metamask or Trustwallet. Installed in a browser, for example.
: This would be a Trezor, Ledger, or a piece of paper for a wallet that is infrequent use.
: Trezor/Ledger etc, but this time used only to store or retrieve funds from.

Why the distinction?

I will expand but first, let’s talk about why anyone would use a stand-alone Hot wallet (i.e. not in conjunction with a Hardware wallet).

Hot wallets

  • Free and easy to set up
  • Quick and convenient to use, not requiring entry of a key phrase on each signing
  • Wide support - just about everything will work with metamask

They are everywhere and will most likely be the first wallet. Probably one of several that someone ends up using, if only as an acceptable compromise on security for the convenience they offer.

But this is why it is so important to be rigorous in the creation and storage of your keys.
Not to store them as a photo on the phone, or to be auto backed up in some cloud.
Bookmark official websites, and remember that anyone who asks you for it is a thief.
No one needs your recovery seed to assist you.
I can count on 2 fingers the acceptions that prove that rule and in both cases, one would likely have already lost everything. So keep your private keys private.

No matter the form of storage, it is vital to protect both your seed phrase and any keys derived from it.
You can think of a seed as a “master key,” from which many accounts (private/public keypairs) can be created.

Offline Storage

There are lots of forms of offline storage. My favorite is the brain. Another pen and paper.
They can, however, under the right conditions, be considered somewhat fragile.
For this, a simple but effective solution is to store your seed phrase in a steel key holder.
These are heavy-duty indestructible plates that will ship with enough letter tiles to log a complete private key or seed phrase (using the first 4 characters of each word, as this is all that is needed for reference).
They are heavy-duty slabs. Perhaps too heavy, if you were thinking of wearing one around the neck.
Still, preferable to give a jeweler your phrase to engrave on some soft metal. Highly recommend them.

Though we still have the issue of needing to interface with the device you are using - the one that will connect to the node and broadcast your signed transactions to the blockchain.

Enter the hardware wallet

This is where hardware wallets really are special. It works by storing your private key on a chip within an external physical device, signing the raw transaction, before passing that on to something like Metamask to then relay to the blockchain.
It creates a substantial layer of security that never exposes your private key to Metamask or even the device that it's plugged into.
If you retain the hardware wallet, there should not in your lifetime be a need to enter that seed into any device ever.
This will protect against the vast majority of from-wallet crypto theft, especially the most substantial: the exposure of your seed phrase and its derived private keys.
For these are the keys to a house to which you cannot change the locks.

Great, so it’s offline. Why the distinction?

Approvals, allowances & infinite spending limits

This is where we come to how people use their wallets and what we use them for.
No one can move funds from your wallet without the use of your private key… at some point.

If you have used a few dapps, you have likely had to approve a contract.
You may or may not have realized you were approving an infinite spending limit. But even if you did, you may have left it as is, in order to save yourself spending gas on future approvals.

Most users dislike having to approve. It is inconvenient and can be expensive on a chain such as Ethereum.
As a result, most dapps will approve an infinite amount by default, or use off-chain signing methods such as permits.

Approvals are often cited as a roadblock to mass adoption.
But they are essential, as you are setting an allowance for that contract to remove up to the remainder of the approved spending limit. And it can be used at any time.

We had reported one day of some people not seeing their wETH after a swap.
Most often this is a case of wETH auto unwrapping and a user receiving ETH instead. But here there was something different.
They were receiving their wETH, and it was being instantly pulled from their wallets within the same block.

Reviewing a trace of the transaction revealed a call to a function: anySwapOutUnderlyingWithPermit().

This should call the “underlying” tokens permit() function to approve Anyswap’s router to withdraw an amount from the user's address. It should need legitimate v, r, s values to do it, but these were being bypassed.
The function, calling the attacker’s own contract is then able to return wETH as the underlying asset.

Anyswap’s function doesn’t check if the returned token is actually one of its own minted tokens, and the wETH fallback function has no reason to fail, allowing the transaction to continue.

This by itself wouldn’t be such an issue but as users had approved infinite spending limits, the allowance was there to move the tokens.

The above case actually had some controversy. As if you visit the transaction now you will see the sender labeled as (Whitehat), but at the time it was a different story.

(source: https://blocksecteam.medium.com/)

Note: Our initial screenshot is taken immediately following and so actually has no labeling.

As a result of that exploit, Anyswap (rebranded Multichain) had been forced to issue warnings for users to revoke approvals for 6 of their tokens, though many would not get the memo.
Thankfully a committed white hat rescue effort eventually saw much of the funds returned.

This was but one example and does not touch on blind signing, or the selling of NFT’s from a hardware wallet that can’t display the details of what you are agreeing to.

Wallet providers having felt pressured to add functionality, do so in an effort to appease users wishing to interact with apps like OpenSea. But these approvals are too many just like the legal jargon one is expected to scroll through when clicking Agree, before using any new application.
They are (at times) given minimum consideration.
They have to be accepted so people accept them, and we have to expect people to use their wallets in this way.
This is why the distinction.

Cold storage

Should be the wallet your hand does rarely touch to warm up.
It should but sit there.
Amass no approvals, give no allowance, and have no need to sign any untrusted transaction.
If you wish to invest or sell, you will send it to another wallet or an exchange.

My friend works at a bank for a department that handles insurance.
They had a company come in to brief them on the blockchain, crypto, and cold storage (the service for which they were selling).
We debated over the meaning as I expressed what it could be and he assured me that this was different. “These tokens were stored off the blockchain”.

Now we may be familiar with why that is not a possible concept, but the distinction he asserts is one that I believe has value.
In essence, it is what we should strive for with our keys. To have at least a vault for which assets are only to be parked or withdrawn as needed.

I would recommend doing so when you are holding enough to justify the cost of acquiring the wallet(s) and paying the gas to transfer tokens. It is best to spread the risk.

Have wallets with distinct uses and limit your exposure relative to their level of accessibility.

Ok… I hope this wasn’t too convoluted or alarmist. Speaking about security often can come across that way.
But it really doesn’t need to be a scary prospect and I want that to be the takeaway.
If one can simply keep their recovery-seed secure, and remain mindful of their approvals.
There is no safer place for your assets than in your custody.

I do hope this exploration of Wallets and Approvals can serve some value and assist in the creation of a secure setup that is right for you.

1 love - 0xMaka

Some worthwhile reads:

Crypto’s Greatest Weakness? Blind Signing, Explained | Ledger
Blind signing is a vulnerability leveraged by scammers to steal your assets. Our latest upgrade mitigates your risk.
The Race Against Time and Strategy: About the AnySwap Rescue and Things We Have Learnt
By BlockSec Team