tldr; a potential attack was posted publicly by tzlibre; we’ve now patched this on all versions of TezBox and apologize for not fixing this sooner.

Recently, the group known as TzLibre released details about a vulnerability to a number of Tezos wallets, including TezBox. The idea is that TezBox would send a valid transaction to a backend node, where it would be “forged” into hex bytes and then returned and signed by the sender. The issue here is that if an attacker can compromise the backend nodes, they can intercept this communication and return a compromised set of hex bytes. TezBox would then blindly sign the data.

The attack is a fairly serious attack, with potential for total loss of funds. We were notified of this attack by the Kukai developers in July, and started working on a fix (which is to forge the hex bytes locally). Although this work was not made a high priority, and was completed in the last few weeks, pending final testing. Over the last few days we have completed testing and pushed the relevant updates live (eztz, TezBox Web, TezBox Chrome, and TezBox Desktop are now secured against this attack). Please update your wallet and ensure you are running the latest version (4.0.0 for desktop wallets, 13.0.0 for chrome extension. Web users please ensure you perform a hard refresh).

I, Stephen Andrews, personally apologize for not pooling all resources to patch this attack as soon as I should have. Instead, we focused on other tasks whilst working on the local forge functionality on the side. We do not believe that any funds were lost due to this issue and have verified that none of the tezrpc.me servers have been compromised in anyway. We are working with LeastAuthority to complete further security audits on our various projects.

Some questions and answers:

Were hardware wallet users affected by this?

Trezor performs tx forging on the device (for basic transactions), completely mitigating the issue. Ledger displays the details from the hex bytes on the screen most of the time. Users still need to ensure that the details displayed on the device match their intentions, and should not sign blindly with the Ledger device.

Are other wallets affected?

Yes — we are working with wallet devs to provide them access to our code to assist with patching this issue.

Why wasn’t this issue fixed sooner?

Although we chose to develop a fix, which required a decent amount of development work, we decided that the attack threat was relatively low (believing it would be harder to perform) and therefore the work was not a high priority. We see this assessment was incorrect and apologize for this.

Any other questions then please reach out to us on Twitter!