Prepared by:
HALBORN
Last Updated 10/21/2025
Date of Engagement: June 4th, 2025 - July 3rd, 2025
100% of all REPORTED Findings have been addressed
All findings
26
Critical
0
High
7
Medium
8
Low
6
Informational
5
Crossmint engaged Halborn to perform a security assessment of the Signer-Frames, Crossmint-SDK, Crossbit-main, and TEE-ts repositories. The assessment scope included these repositories, although only specific paths within some were included. Halborn was granted access to the source code to conduct security testing using automated tools and manual techniques to identify, detect, and validate potential vulnerabilities within the application.
The Halborn team was provided a timeline for the engagement and assigned a dedicated full-time security engineer to evaluate the security of the scoped assets. This engineer is a penetration testing expert with advanced expertise in web, mobile, reconnaissance, discovery, and infrastructure penetration testing.
The security assessment uncovered multiple vulnerabilities across the repositories, varying in severity. It is strongly recommended to remediate these issues promptly to mitigate unnecessary risks.
Seven (7) high-impact issues were identified during the assessment:
Host MitM and Insecure Default targetOrigin. The application accepts messages from any origin, allowing a man-in-the-middle attacker to inject or steal cross-origin data and compromise user sessions.
Environment Parameter Tampering via URL Override. An attacker can override configuration parameters through query strings, causing the backend to operate in an unintended environment and exposing sensitive functionality.
Lack of Content Security Policy and Frame-Ancestor Protection. The absence of a Content Security Policy (CSP) and clickjacking protections permits hostile iframes and arbitrary script execution, potentially leading to malware injection and data theft.
Potential Arbitrary JavaScript Injection. Unescaped user input is reflected into HTML, enabling execution of attacker-supplied JavaScript and full compromise of the victim’s browser session.
Potential Authentication Bypass with ACCESS_SECRET Unset. When the shared secret is missing, the server skips verification, allowing an unauthenticated caller to impersonate any user.
Log Injection and Use of X-Forwarded-For. User-controlled strings are logged without sanitization, enabling attackers to forge IP addresses, insert fake entries, and mislead incident responders.
Excessive Exposure of Key Shares. Key fragments are exposed in the browser memory allowing a potential attacker that has compromised the computer to extract them.
Nine (9) medium-impact issues were identified during the assessment:
Insecure Storage of Cryptographic Keys in localStorage. Persisting keys client-side exposes them to theft via cross-site scripting (XSS) or physical device access, undermining encryption guarantees.
Hard-coded and Weak Secret. The use of a static, low-entropy secret enables attackers to brute-force credentials offline within minutes.
Potential XSS and Reverse-Tabnabbing. Unsanitized URL parameters and unguarded target="_blank" links allow script injection and phishing attacks through malicious tabs.
IDOR in Public Key Derivation. Predictable identifiers permit one tenant to request another tenant’s key material, resulting in horizontal privilege escalation.
Lack of Rate Limiting. Unlimited authentication attempts and API requests facilitate credential-stuffing attacks and resource exhaustion.
Attestation Response Replay Attack. Previously captured attestation tokens can be replayed to gain illegitimate trust and bypass integrity checks.
Potential Timing Attack on Shared-Secret Comparison. Measurable processing time differences reveal partial key bytes, enabling gradual recovery of the secret.
Lack of Message Origin Validation. The application processes postMessage events without verifying the sender’s domain, allowing cross-site request forgery of privileged actions.
Master Keys Not Explicitly Removed from Memory. Keys remain in RAM after use, so memory dumps or crash reports could expose them to attackers.
Five (5) low-impact issues were identified during the assessment:
Excessive Data Shared in Attestation. The attestation payload includes unnecessary user attributes, increasing privacy risks if intercepted.
Missing event.source Validation Allows Same-Origin Message Spoofing. Attackers executing code within the same domain can forge trusted messages and manipulate application state.
Weak Randomness. Non-cryptographic random generators produce predictable tokens, reducing the effort required for brute-force attacks.
Excessive Error Information Exposed to Caller. Detailed stack traces and configuration values leak internal implementation details that could aid attackers.
Sensitive Data Logged to Console. Debug logging outputs secrets to browser consoles and monitoring tools, risking inadvertent disclosure.
Five (5) informational findings were identified during the assessment:
Denial of Service (DoS) via Uncontrolled Memory Allocation. Very large input sizes can cause high memory consumption, potentially crashing the service under stress conditions.
Documentation Issues. Incomplete or outdated security documentation may lead to insecure operational practices.
Potential Production DoS Bug. Concurrency flaws could allow a high-rate attacker to exhaust worker threads and degrade availability.
Over-Privileged ACCESS_SECRET. The shared secret grants broader access than necessary, increasing the blast radius if leaked.
Deterministic Generation of Master Keys (Risk Accepted). Reproducible key generation facilitates development but may weaken uniqueness across deployments; this risk has been formally accepted by stakeholders.
Halborn employed both whitebox and blackbox methodologies according to the scope, combining manual and automated security testing to balance efficiency, timeliness, practicality, and accuracy. Manual testing is essential to uncover flaws in logic, processes, and implementation, while automated techniques enhance coverage and quickly identify infrastructure vulnerabilities. The assessment methodology included, but was not limited to, the following phases and tools:
Mapping Content and Functionality of APIs and SDKs
Application Logic Flaws
Access Handling
Authentication and Authorization Flaws
Rate Limiting Tests
Input Handling
Source Code Review
Fuzzing of All Input Parameters
Logic Errors
In the Signer-Frames repository, all contents except /test and /src/lib are in scope.
In the Crossmint-SDK repository, all contents except packages/client/rn-window and packages/client/window are in scope.
In the Crossbit-main repository, only the contents of libraries/products/wallets/ncs and apps/crossmint-nextjs/src/api/wallets/ncs.controller.ts are in scope.
Critical
0
High
7
Medium
8
Low
6
Informational
5
Impact x Likelihood
HAL-01
HAL-02
HAL-03
HAL-04
HAL-05
HAL-06
HAL-07
HAL-08
HAL-09
HAL-10
HAL-11
HAL-12
HAL-13
HAL-14
HAL-15
HAL-16
HAL-17
HAL-18
HAL-19
HAL-20
HAL-21
HAL-22
HAL-23
HAL-24
HAL-25
HAL-26
| Security analysis | Risk level | Remediation Date |
|---|---|---|
| Host MitM and Insecure Default Target Origin | High | Risk Accepted - 07/10/2025 |
| Environment Parameter Tampering via URL Override | High | Solved - 07/01/2025 |
| Lack of Content Security Policy and Frame Ancestor Protection | High | Solved - 07/14/2025 |
| Potential Arbitrary JavaScript Injection | High | Solved - 07/11/2025 |
| Potential Authentication Bypass with ACCESS_SECRET Unset | High | Solved - 07/10/2025 |
| Log Injection & use of x-forwarded-for | High | Solved - 07/11/2025 |
| Excessive Exposure of Key Shares | High | Solved - 07/10/2025 |
| Insecure storage of cryptographic keys in localStorage | Medium | Solved - 07/10/2025 |
| Hardcoded and Weak Secret | Medium | Solved - 07/15/2025 |
| Potential XSS & Potential Reverse-Tabnabbing | Medium | Solved - 07/11/2025 |
| IDOR in Public Key Derivation | Medium | Not Applicable - 07/11/2025 |
| Lack of Rate Limiting | Medium | Solved - 07/14/2025 |
| Attestation Response Replay Attack | Medium | Solved - 07/18/2025 |
| Potential Timing-Attack on Shared Secret Comparison | Medium | Solved - 07/09/2025 |
| Lack of Message Origin Validation | Medium | Risk Accepted - 07/11/2025 |
| Master Keys Not Explicitly Removed from Memory | Low | Risk Accepted - 07/14/2025 |
| Too Much Data Shared in Attestation | Low | Not Applicable - 07/11/2025 |
| Missing event.source Validation Allows Same-Origin Message Spoofing | Low | Solved - 07/11/2025 |
| Weak Randomness | Low | Solved - 07/15/2025 |
| Excessive Error Information Exposed to Caller | Low | Solved - 07/11/2025 |
| Sensitive Data Logged to Console | Low | Solved - 07/15/2025 |
| DoS via Uncontrolled Memory Allocation | Informational | Solved - 07/16/2025 |
| Other Documentation Issues | Informational | Solved - 07/18/2025 |
| Potential Production DoS Bug | Informational | Future Release - 07/15/2025 |
| Too Privileged ACCESS_SECRET | Informational | Future Release - 07/15/2025 |
| Deterministic generation of Master Keys | Informational | Risk Accepted - 06/24/2025 |
//High
//High
//High
//High
//High
//High
//High
//Medium
//Medium
//Medium
//Medium
//Medium
//Medium
//Medium
//Medium
//Low
//Low
//Low
//Low
//Low
//Low
//Informational
//Informational
//Informational
//Informational
//Informational
Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.
// Download the full report
Non-Custodial Signer Solution
* Use Google Chrome for best results
** Check "Background Graphics" in the print settings if needed
