We only provide the traces of the commands of Fig. 4 so as not to overwhelm.

As an example, we provide the trace that was generated for the following transaction:

A.2 Active Attacks

a.4: Alter the Wallet Security Properties. The attack requires sending the wrong pin \(p'\) three consecutive times and then tampering the set_operation command. A sample trace with the breakdown of the steps and their corresponding commands is given in Table 6 Open image in new window The attack requires sending the wrong pinthree consecutive times and then tampering thecommand. A sample trace with the breakdown of the steps and their corresponding commands is given in Table; we underline the important pieces of the exchange.

b.1–b.2: Transaction Attacks. The structure of untrusted_hash_transaction_input_finalize is: command e046020048 length of payment address 22 payment address \(addr_p\) 314e3371757233596565334b664e74436a4677756e346f366f4c324478686747796f payment amount \(amount_p\) 0000000000005305 fees \(fees_p\) 0000000000001d60 change address BIP32 parameters 058000002c800000008000000000000001000000 second authentication status (true/false) 02 payment amount \(amount_p\) 03b1000000000000 hash160 of \(addr_p\) f1253f0463e5877c5e8bb3f34e7abfb335023ee1 change c 0553000000000000 hash160 change address \(addr_c\) e6e44d66125327341d6abb71e0702a4ea0537437 The structure ofis:and the structure of the response data that we are interested in is:

Depending on the attack we want to perform the corresponding data part needs to be altered. For example, to change the payment address from 163WPEeTHjvFsUfx1UbDPXK92eRmqXQrGA to 113biVTVQk73Eem1UYYn9YcrPVrxp6xeVc, we tamper the original command:

e04602004822 3136335750456554486a7646735566783155624450584b3932655 26d715851724741 00000000000027100000000000001a9a058000002c80000000800000000000000100000000 to the command:

e04602004822 3131336269565456516b373345656d315559596e395963725056 7278703678655663 00000000000027100000000000001a9a058000002c80000000800000000000000100000000

where we underline the relevant parts; similarly for the response.

Learning the Security Card. The attacker gains access to the keycard mappings, secFR, via the untrusted_hash_sign command, e.g., e04800001f058000002c8000000080000000000000000000000104 0f090a02 0000000001.