SSP Wallet, Relay and Key - InFlux

Prepared by:

HALBORN

Last Updated Unknown date

Date of Engagement: December 30th, 2024 - January 22nd, 2025

Summary

100% of all REPORTED Findings have been addressed

All findings

Critical

High

Medium

Low

Informational

1. Introduction
2. Assessment summary
3. Test approach and methodology
4. Scope
5. Risk methodology
6. Scope
7. Assessment summary & findings overview
8. Findings & Tech Details

8.1 Hal-26 - be - mnemonic phrase exposure in memory
8.2 Hal-04 - ios - insecure storage of pin
8.3 Hal-29 - harcoded secrets in git history
8.4 Hal-17 - ios - biometric authentication bypass
8.5 Hal-18 - android - fingerprint authentication bypass
8.6 Hal-31 - ios - allowing sensitive data to be copied to clipboard
8.7 Hal-07 - android - insecure trust of device-level biometric authentication
8.8 Hal-08 - ios - insecure trust of device-level biometric authentication
8.9 Hal-01 - vulnerable third-party dependencies
8.10 Hal-23 - api - lack of rate limitation on ssp relay endpoints
8.11 Hal-27 - api - lack of data sanitization and validation of limits
8.12 Hal-05 - ios - insecure accessibility attributes in keychain storage
8.13 Hal-22 - be - potential risk of sensitive data exposure through clipboard
8.14 Hal-10 - mobile - weak password policy
8.15 Hal-33 - android - exposure of sensitive data through clipboard
8.16 Hal-03 - be - unrestrictive content-security-policy (csp)
8.17 Hal-25 - be - potential risk due to third-party iframe
8.18 Hal-32 - android - risk of overlay attack
8.19 Hal-30 - api - outdated versions of tls supported
8.20 Hal-14 - api - cacheable https response
8.21 Hal-15 - ios - lack of jailbreak detection mechanism
8.22 Hal-16 - android - lack of root detection mechanism
8.23 Hal-02 - be - dependencies should be pinned to exact versions
8.24 Hal-12 - ios - certificate pinning bypass
8.25 Hal-13 - android - certificate pinning bypass
8.26 Hal-35 - ios - lack of anti-tampering and anti-hooking mechanisms
8.27 Hal-34 - android - lack of anti-tampering and anti-hooking mechanisms
8.28 Hal-28 - be - verbose logging in extension
8.29 Hal-06 - be - lack of password complexity and password policy
8.30 Hal-09 - ios - persistent keychain data
8.31 Hal-11 - ios - background screen caching
8.32 Hal-19 - android - background screen caching
8.33 Hal-24 - android - transaction data exposed in logs
8.34 Hal-21 - ios - application allows screenshots
8.35 Hal-20 - android - application allows screenshots

1. Introduction

InFlux Technologies engaged Halborn to conduct a security assessment of their applications. The security assessment was scoped to their browser extension, their respective underlying API, and mobile applications (Android and iOS). Halborn was provided access to the application and its respective source code to conduct security testing using tools to scan, detect, and validate possible vulnerabilities found in the application and report the findings at the end of the engagement.

2. Assessment Summary

The team at Halborn was provided a timeline for the engagement and assigned a full-time security engineer to verify the security of the assets in scope. The security engineer is a penetration testing expert with advanced knowledge in web, mobile, recon, discovery & infrastructure penetration testing.

The security assessment identified several vulnerabilities across the application ecosystem, affecting extension, backend, API, and mobile platforms. High-risk issues include the exposure of sensitive mnemonic phrases in memory and insecure storage of PINs on iOS, which could lead to unauthorized access and compromise user accounts. Hardcoded secrets found in public repositories further heighten the risk of exploitation. Medium-risk findings included biometric authentication bypass on Android and iOS, insecure trust in device-level biometrics, and the potential exposure of sensitive data due to insecure clipboard usage. Vulnerable third-party dependencies and lack of rate limitation on critical API endpoints were also observed, which could result in denial-of-service attacks or sensitive data leaks.

Other significant issues included weak password policies, unrestricted Content-Security-Policy configurations, and the use of insecure accessibility attributes in iOS keychain storage. The insecure handling of third-party iframes and risks associated with overlay attacks on Android were noted as medium to low risk but require attention to ensure robust protection against phishing and impersonation. Lower-severity issues, such as the support for outdated TLS versions, cacheable HTTPS responses, verbose logging, and lack of anti-tampering and anti-hooking mechanisms, were also documented. While these may not pose an immediate threat, addressing them will enhance the overall security posture. Mitigating these vulnerabilities will improve the overall security posture of the applications.

The InFlux Technologies team addressed most of the identified issues, with one partially resolved, some marked as risk accepted, and others scheduled for resolution in future builds of the application.

3. Test Approach and Methodology

Halborn followed Whitebox and Blackbox methodology as per the scope and performed a combination of manual and automated security testing with both to balance efficiency, timeliness, practicality, and accuracy regarding the scope of the pentest. While manual testing is recommended to uncover flaws in logic, process and implementation; automated testing techniques assist enhance coverage of the infrastructure and can quickly identify flaws in it. The assessment methodology covered included but was not limited to a range of phases and employed various tools.

Mapping Content and Functionality of Applications
Application Logic Flaw
Reverse Engineering the applications
Access Handling
Authentication/Authorization Flaw
Transaction Flow
Rate Limitations Test
Input Handling
Source Code Review
Mobile Specific Vulnerabilities
Fuzzing of all input parameter

4. Scope

URL/API:

https://relay.ssp.runonflux.io/

Binaries:

Android APK: Version 1.5.1
iOS IPA: Version 1.5.1 Build 92
Browser Extension: v1.8.4

5. RISK METHODOLOGY

Every vulnerability and issue observed by Halborn is ranked based on two sets of Metrics and a Severity Coefficient. This system is inspired by the industry standard Common Vulnerability Scoring System.

The two Metric sets are: Exploitability and Impact. Exploitability captures the ease and technical means by which vulnerabilities can be exploited and Impact describes the consequences of a successful exploit.

The Severity Coefficients is designed to further refine the accuracy of the ranking with two factors: Reversibility and Scope. These capture the impact of the vulnerability on the environment as well as the number of users and smart contracts affected.

The final score is a value between 0-10 rounded up to 1 decimal place and 10 corresponding to the highest security risk. This provides an objective and accurate rating of the severity of security vulnerabilities in smart contracts.

The system is designed to assist in identifying and prioritizing vulnerabilities based on their level of risk to address the most critical issues in a timely manner.

5.1 EXPLOITABILITY

Attack Origin (AO):

Captures whether the attack requires compromising a specific account.

Attack Cost (AC):

Captures the cost of exploiting the vulnerability incurred by the attacker relative to sending a single transaction on the relevant blockchain. Includes but is not limited to financial and computational cost.

Attack Complexity (AX):

Describes the conditions beyond the attacker’s control that must exist in order to exploit the vulnerability. Includes but is not limited to macro situation, available third-party liquidity and regulatory challenges.

Metrics:

EXPLOITABILITY METRIC ( $m_e$ )	METRIC VALUE	NUMERICAL VALUE
Attack Origin (AO)	Arbitrary (AO:A) Specific (AO:S)	1 0.2
Attack Cost (AC)	Low (AC:L) Medium (AC:M) High (AC:H)	1 0.67 0.33
Attack Complexity (AX)	Low (AX:L) Medium (AX:M) High (AX:H)	1 0.67 0.33

Exploitability

E

is calculated using the following formula:

$E = \prod m_e$

5.2 IMPACT

Confidentiality (C):

Measures the impact to the confidentiality of the information resources managed by the contract due to a successfully exploited vulnerability. Confidentiality refers to limiting access to authorized users only.

Integrity (I):

Measures the impact to integrity of a successfully exploited vulnerability. Integrity refers to the trustworthiness and veracity of data stored and/or processed on-chain. Integrity impact directly affecting Deposit or Yield records is excluded.

Availability (A):

Measures the impact to the availability of the impacted component resulting from a successfully exploited vulnerability. This metric refers to smart contract features and functionality, not state. Availability impact directly affecting Deposit or Yield is excluded.

Deposit (D):

Measures the impact to the deposits made to the contract by either users or owners.

Yield (Y):

Measures the impact to the yield generated by the contract for either users or owners.

Metrics:

IMPACT METRIC ( $m_I$ )	METRIC VALUE	NUMERICAL VALUE
Confidentiality (C)	None (C:N) Low (C:L) Medium (C:M) High (C:H) Critical (C:C)	0 0.25 0.5 0.75 1
Integrity (I)	None (I:N) Low (I:L) Medium (I:M) High (I:H) Critical (I:C)	0 0.25 0.5 0.75 1
Availability (A)	None (A:N) Low (A:L) Medium (A:M) High (A:H) Critical (A:C)	0 0.25 0.5 0.75 1
Deposit (D)	None (D:N) Low (D:L) Medium (D:M) High (D:H) Critical (D:C)	0 0.25 0.5 0.75 1
Yield (Y)	None (Y:N) Low (Y:L) Medium (Y:M) High (Y:H) Critical (Y:C)	0 0.25 0.5 0.75 1

Impact

I

is calculated using the following formula:

$I = max(m_I) + \frac{\sum{m_I} - max(m_I)}{4}$

5.3 SEVERITY COEFFICIENT

Reversibility (R):

Describes the share of the exploited vulnerability effects that can be reversed. For upgradeable contracts, assume the contract private key is available.

Scope (S):

Captures whether a vulnerability in one vulnerable contract impacts resources in other contracts.

Metrics:

SEVERITY COEFFICIENT ( $C$ )	COEFFICIENT VALUE	NUMERICAL VALUE
Reversibility ( $r$ )	None (R:N) Partial (R:P) Full (R:F)	1 0.5 0.25
Scope ( $s$ )	Changed (S:C) Unchanged (S:U)	1.25 1

Severity Coefficient

C

is obtained by the following product:

$C = rs$

The Vulnerability Severity Score

S

is obtained by:

$S = min(10, EIC * 10)$

The score is rounded up to 1 decimal places.

Severity	Score Value Range
Critical	9 - 10
High	7 - 8.9
Medium	4.5 - 6.9
Low	2 - 4.4
Informational	0 - 1.9

6. SCOPE

REPOSITORIES

(a) Repository: ssp-relay

(b) Assessed Commit ID: 98a7d85

(a) Repository: ssp-key

(b) Assessed Commit ID: e346264

(a) Repository: ssp-wallet

(b) Assessed Commit ID: 4f8c894

Out-of-Scope: New features/implementations after the remediation commit IDs.

7. Assessment Summary & Findings Overview

Critical

High

Medium

Low

Informational

Security analysis	Risk level	Remediation Date
HAL-26 - BE - MNEMONIC PHRASE EXPOSURE IN MEMORY	Informational	Solved - 02/13/2025
HAL-04 - iOS - INSECURE STORAGE OF PIN	Informational	Solved - 02/18/2025
HAL-29 - HARCODED SECRETS IN GIT HISTORY	Informational	Solved - 01/28/2025
HAL-17 - iOS - BIOMETRIC AUTHENTICATION BYPASS	Informational	Solved - 02/16/2025
HAL-18 - ANDROID - FINGERPRINT AUTHENTICATION BYPASS	Informational	Solved - 02/16/2025
HAL-31 - iOS - ALLOWING SENSITIVE DATA TO BE COPIED TO CLIPBOARD	Informational	Solved - 02/16/2025
HAL-07 - ANDROID - INSECURE TRUST OF DEVICE-LEVEL BIOMETRIC AUTHENTICATION	Informational	Solved - 02/16/2025
HAL-08 - iOS - INSECURE TRUST OF DEVICE-LEVEL BIOMETRIC AUTHENTICATION	Informational	Solved - 02/12/2025
HAL-01 - VULNERABLE THIRD-PARTY DEPENDENCIES	Informational	Solved - 02/24/2025
HAL-23 - API - LACK OF RATE LIMITATION ON SSP RELAY ENDPOINTS	Informational	Solved - 01/28/2025
HAL-27 - API - LACK OF DATA SANITIZATION AND VALIDATION OF LIMITS	Informational	Solved - 01/28/2025
HAL-05 - iOS - INSECURE ACCESSIBILITY ATTRIBUTES IN KEYCHAIN STORAGE	Informational	Solved - 02/18/2025
HAL-22 - BE - POTENTIAL RISK OF SENSITIVE DATA EXPOSURE THROUGH CLIPBOARD	Informational	Solved - 02/13/2025
HAL-10 - MOBILE - WEAK PASSWORD POLICY	Informational	Solved - 02/13/2025
HAL-33 - ANDROID - EXPOSURE OF SENSITIVE DATA THROUGH CLIPBOARD	Informational	Solved - 02/16/2025
HAL-03 - BE - UNRESTRICTIVE CONTENT-SECURITY-POLICY (CSP)	Informational	Solved - 01/29/2025
HAL-25 - BE - POTENTIAL RISK DUE TO THIRD-PARTY IFRAME	Informational	Solved - 01/14/2025
HAL-32 - ANDROID - RISK OF OVERLAY ATTACK	Informational	Partially Solved - 02/24/2025
HAL-30 - API - OUTDATED VERSIONS OF TLS SUPPORTED	Informational	Solved - 01/28/2025
HAL-14 - API - CACHEABLE HTTPS RESPONSE	Informational	Solved - 01/28/2025
HAL-15 - iOS - LACK OF JAILBREAK DETECTION MECHANISM	Informational	Solved - 02/18/2025
HAL-16 - ANDROID - LACK OF ROOT DETECTION MECHANISM	Informational	Solved - 02/18/2025
HAL-02 - BE - DEPENDENCIES SHOULD BE PINNED TO EXACT VERSIONS	Informational	Solved - 01/30/2025
HAL-12 - iOS - CERTIFICATE PINNING BYPASS	Informational	Future Release - 02/20/2025
HAL-13 - ANDROID - CERTIFICATE PINNING BYPASS	Informational	Future Release - 02/20/2025
HAL-35 - IOS - LACK OF ANTI-TAMPERING AND ANTI-HOOKING MECHANISMS	Informational	Future Release - 02/20/2025
HAL-34 - ANDROID - LACK OF ANTI-TAMPERING AND ANTI-HOOKING MECHANISMS	Informational	Future Release - 02/20/2025
HAL-28 - BE - VERBOSE LOGGING IN EXTENSION	Informational	Solved - 01/30/2025
HAL-06 - BE - LACK OF PASSWORD COMPLEXITY AND PASSWORD POLICY	Informational	Solved - 01/30/2025
HAL-09 - iOS - PERSISTENT KEYCHAIN DATA	Informational	Solved - 02/24/2025
HAL-11 - iOS - BACKGROUND SCREEN CACHING	Informational	Solved - 02/18/2025
HAL-19 - ANDROID - BACKGROUND SCREEN CACHING	Informational	Solved - 02/16/2025
HAL-24 - ANDROID - TRANSACTION DATA EXPOSED IN LOGS	Informational	Solved - 02/16/2025
HAL-21 - iOS - APPLICATION ALLOWS SCREENSHOTS	Informational	Future Release - 02/18/2025
HAL-20 - ANDROID - APPLICATION ALLOWS SCREENSHOTS	Informational	Solved - 02/16/2025

8.17 HAL-25 - BE - POTENTIAL RISK DUE TO THIRD-PARTY IFRAME

Informational

Description

Score

(0.0)

Recommendation

Remediation Comment

References

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-src

8.18 HAL-32 - ANDROID - RISK OF OVERLAY ATTACK

Informational

Description

Proof of Concept

Score

(0.0)

Recommendation

Remediation Comment

8.19 HAL-30 - API - OUTDATED VERSIONS OF TLS SUPPORTED

Informational

Description

Proof of Concept

Score

(0.0)

Recommendation

Remediation Comment

References

https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html

8.20 HAL-14 - API - CACHEABLE HTTPS RESPONSE

Informational

Description

Description

Score

(0.0)

Recommendation

Remediation Comment

8.27 HAL-34 - ANDROID - LACK OF ANTI-TAMPERING AND ANTI-HOOKING MECHANISMS

Description

Score

(0.0)

Recommendation

Remediation Comment

8.35 HAL-20 - ANDROID - APPLICATION ALLOWS SCREENSHOTS

Informational

Description

Proof of Concept

Score

(0.0)

Recommendation

Remediation Comment

Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.

1. Introduction
2. Assessment summary
3. Test approach and methodology
4. Scope
5. Risk methodology
6. Scope
7. Assessment summary & findings overview
8. Findings & Tech Details

8.1 Hal-26 - be - mnemonic phrase exposure in memory
8.2 Hal-04 - ios - insecure storage of pin
8.3 Hal-29 - harcoded secrets in git history
8.4 Hal-17 - ios - biometric authentication bypass
8.5 Hal-18 - android - fingerprint authentication bypass
8.6 Hal-31 - ios - allowing sensitive data to be copied to clipboard
8.7 Hal-07 - android - insecure trust of device-level biometric authentication
8.8 Hal-08 - ios - insecure trust of device-level biometric authentication
8.9 Hal-01 - vulnerable third-party dependencies
8.10 Hal-23 - api - lack of rate limitation on ssp relay endpoints
8.11 Hal-27 - api - lack of data sanitization and validation of limits
8.12 Hal-05 - ios - insecure accessibility attributes in keychain storage
8.13 Hal-22 - be - potential risk of sensitive data exposure through clipboard
8.14 Hal-10 - mobile - weak password policy
8.15 Hal-33 - android - exposure of sensitive data through clipboard
8.16 Hal-03 - be - unrestrictive content-security-policy (csp)
8.17 Hal-25 - be - potential risk due to third-party iframe
8.18 Hal-32 - android - risk of overlay attack
8.19 Hal-30 - api - outdated versions of tls supported
8.20 Hal-14 - api - cacheable https response
8.21 Hal-15 - ios - lack of jailbreak detection mechanism
8.22 Hal-16 - android - lack of root detection mechanism
8.23 Hal-02 - be - dependencies should be pinned to exact versions
8.24 Hal-12 - ios - certificate pinning bypass
8.25 Hal-13 - android - certificate pinning bypass
8.26 Hal-35 - ios - lack of anti-tampering and anti-hooking mechanisms
8.27 Hal-34 - android - lack of anti-tampering and anti-hooking mechanisms
8.28 Hal-28 - be - verbose logging in extension
8.29 Hal-06 - be - lack of password complexity and password policy
8.30 Hal-09 - ios - persistent keychain data
8.31 Hal-11 - ios - background screen caching
8.32 Hal-19 - android - background screen caching
8.33 Hal-24 - android - transaction data exposed in logs
8.34 Hal-21 - ios - application allows screenshots
8.35 Hal-20 - android - application allows screenshots

// Download the full report

SSP Wallet, Relay and Key

* Use Google Chrome for best results

** Check "Background Graphics" in the print settings if needed