Kraken Security Labs, our expert team of security researchers, identified vulnerabilities within the Safepal S1 hardware wallet. While we were not able to steal cryptocurrency from the wallet, we demonstrate certain weaknesses that may make future compromise possible.
At Kraken, we try to discover attacks before they happen. Upon discovery, we disclosed the full details of these vulnerabilities to the Safepal team on November 18, 2020.
Improving the security of technologies we all enjoy is an important process to grow the digital asset industry and believe that awareness and education are a vital component of that mission.
Ineffective Tamper Detection
Our testing found Safepal’s tamper detection to be, at best, ineffective. According to the Safepal documentation: “Inside S1 there is embedded with self-destroy and data-erasing mechanisms. Once there is any software or physical attack detected by multiple sensors, the wallet will initiate a self-defence mechanism, the self-destruction mechanism will erase the private key and all wallet data, keeping the hacker from getting sensitive data, keeping your asset from wrong hands.” We found that the device would stop booting when we took it apart but that we could re-enable the device by re-attaching a single pin and that the device’s contents were not erased. Further testing and communication with Safepal revealed that the wallet will erase data only when (a) the device is powered on and (b) when the single pin previously mentioned is disconnected for longer than 10 seconds. In a theft, it seems unlikely that a motivated attacker would trip this alarm.
Open Source Licensing Violations
The wallet contains the GPLv2 licensed U-Boot and Linux Kernel. The use of these GPL-licensed components requires Safepal to distribute the source code for their product so that users can inspect and modify the code running on the user’s device. We requested the source code from Safepal but they refused to provide it,…