Introduction to Cryptocurrency Hardware Wallet Recovery

To pay for this course using cryptocurrency, please select "Request an Invoice" and select cryptocurrency as your payment method. We will send you an updated invoice with a wallet address you can use for payment.

Disclaimer: Please read this first

Everything covered in this course is based on publicly available information. This course will focus on the Trezor One, however, the steps will likely be identical for other wallets based on the Trezor One (i.e. the Keepkey) and similar for wallets where a publicly known attack has not been published (i.e. the Ledger Nano S). We are simply summarizing all the available research for participants and going over a step by step guide to reproduce the attacks. As part of this course, neither the Trainer nor Advanced Security Training will be recovering wallets for participants of the course or providing you any warranty that you will succeed in recovering a wallet which you control. The goal of this course is EDUCATION and to teach you the exact steps required so that you can make an educated decision about recovering your own funds or funds of someone you know.

Ever since the Wallet.Fail talk in 2018 we've gotten hundreds of requests to recover people's wallets. This course is a way to give those people a peace of mind and educate them prior to seeking professinal consulting services. We do believe that people that have a background in computer security, electrical engineering and/or hardware hacking will be capable of recovering funds from a wallet they control after completing this class. Additionally, as part of this class, we will provide references to labs capable of offering wallet recovery as a professional service to clients.

Course Outline

The Most Popular open source hardware wallet to date is the Trezor One. The Trezor One offers excellent Open Source documentation, an excellent development environment and publicly available schematics that make it an obvious starting point for many other wallets. Nevertheless, the Trezor One uses an architecture built around a consumer-grade micro-controller, the STM32F2. Although the STM32F2 does offer some secuirty, this security can be bypassed through a series of glitches.

For instrumenting and attacking the STM32F2 we will use the Spearf1sh embedded security platform. The Spearf1sh utilizes the Digilent Arty Z7 development board with a custom embedded Linux Image. The Spearf1sh image will be made available publicly prior to the course.

Day 1: Attacking Firmware Versions < 1.8.0

Day 1 will focus on some background of how cryptocurrency wallets work, how they store their secrets and why they are vulnerable to physical attacks. We will also explain the glitcher, how it works and why this is the tool of choice for performing such attacks. Day 1 will also detail the vulnerability present in Trezor firmware prior to version 1.8.0. There is a known vulnerability in the STM32F2 used by the trezor allowing users to downgrade the security configuration, allowing a malicious attacker to read the SRAM contents. This attack requires a single glitch to extract the contents of the Trezor's voltatile SRAM memory during a firmware upgrade.

Day 2: Attacking Firmware Versions >= 1.8.0

With version 1.8.0 the Trezor patched the vulnerabilities covered during Day 1. A second attack is required to defeat firmware versions newer than 1.8.0. Fortunately, there is a publicly known attack against the STM32F2 involving multiple glitches. This attack largely builds on the attack of Day 1 to further degrade the security configuration of the STM32F2. Although this attack requires a better set up and more accuracy, it doesn't require a firmware upgrade, which means it's potentially less risky to perform. Additionally, this attack should work against older versions of the Trezor as well.

Hardware Required

• A PC or Mac with Virtualbox or VMware installed - we will provide a VM with tools for building the trezor firmware and running the Trezor simulator

(Optional) Hardware Required to perform the Attack

If you are taking this class for educational purposes and do not plan on performing the attack yourself, you will not have to purchase this hardware.

• STM32F205RET6 - this is the STM32F2 used by the Trezor, which is nice to have to practice the attack to not have to perform the attack in situ
• Trezor One - We recommend buying at least 3 Trezor Ones to practice the attack before performing it on a real device
• Digilent Arty Z7 - for running the Spearf1sh image
• MicroSD card - we recommend 4GB to 32GB for loading the Spearf1sh image
• USB to MicroSD adapter for flashing the Micro SD card