Blockchain and Crypto-Currencies

Tip

AWS ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ:HackTricks Training AWS Red Team Expert (ARTE)
GCP ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training GCP Red Team Expert (GRTE) Azure ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training Azure Red Team Expert (AzRTE)

HackTricks ์ง€์›ํ•˜๊ธฐ

Basic Concepts

  • Smart Contracts are defined as programs that execute on a blockchain when certain conditions are met, automating agreement executions without intermediaries.
  • Decentralized Applications (dApps) build upon smart contracts, featuring a user-friendly front-end and a transparent, auditable back-end.
  • Tokens & Coins differentiate where coins serve as digital money, while tokens represent value or ownership in specific contexts.
  • Utility Tokens grant access to services, and Security Tokens signify asset ownership.
  • DeFi stands for Decentralized Finance, offering financial services without central authorities.
  • DEX and DAOs refer to Decentralized Exchange Platforms and Decentralized Autonomous Organizations, respectively.

Consensus Mechanisms

Consensus mechanisms ensure secure and agreed transaction validations on the blockchain:

  • Proof of Work (PoW) relies on computational power for transaction verification.
  • Proof of Stake (PoS) demands validators to hold a certain amount of tokens, reducing energy consumption compared to PoW.

Bitcoin Essentials

Transactions

Bitcoin transactions involve transferring funds between addresses. Transactions are validated through digital signatures, ensuring only the owner of the private key can initiate transfers.

Key Components:

  • Multisignature Transactions require multiple signatures to authorize a transaction.
  • Transactions consist of inputs (source of funds), outputs (destination), fees (paid to miners), and scripts (transaction rules).

Lightning Network

Aims to enhance Bitcoinโ€™s scalability by allowing multiple transactions within a channel, only broadcasting the final state to the blockchain.

Bitcoin Privacy Concerns

Privacy attacks, such as Common Input Ownership and UTXO Change Address Detection, exploit transaction patterns. Strategies like Mixers and CoinJoin improve anonymity by obscuring transaction links between users.

Acquiring Bitcoins Anonymously

Methods include cash trades, mining, and using mixers. CoinJoin mixes multiple transactions to complicate traceability, while PayJoin disguises CoinJoins as regular transactions for heightened privacy.

Bitcoin Privacy Atacks

Summary of Bitcoin Privacy Attacks

In the world of Bitcoin, the privacy of transactions and the anonymity of users are often subjects of concern. Hereโ€™s a simplified overview of several common methods through which attackers can compromise Bitcoin privacy.

Common Input Ownership Assumption

It is generally rare for inputs from different users to be combined in a single transaction due to the complexity involved. Thus, two input addresses in the same transaction are often assumed to belong to the same owner.

UTXO Change Address Detection

A UTXO, or Unspent Transaction Output, must be entirely spent in a transaction. If only a part of it is sent to another address, the remainder goes to a new change address. Observers can assume this new address belongs to the sender, compromising privacy.

Example

To mitigate this, mixing services or using multiple addresses can help obscure ownership.

Social Networks & Forums Exposure

Users sometimes share their Bitcoin addresses online, making it easy to link the address to its owner.

Transaction Graph Analysis

Transactions can be visualized as graphs, revealing potential connections between users based on the flow of funds.

Unnecessary Input Heuristic (Optimal Change Heuristic)

This heuristic is based on analyzing transactions with multiple inputs and outputs to guess which output is the change returning to the sender.

Example

2 btc --> 4 btc
3 btc     1 btc

์ž…๋ ฅ(์ž…๋ ฅ UTXO)์„ ๋” ์ถ”๊ฐ€ํ•ด ๊ฑฐ์Šค๋ฆ„๋ˆ ์ถœ๋ ฅ์ด ์–ด๋–ค ๋‹จ์ผ ์ž…๋ ฅ๋ณด๋‹ค ์ปค์ง€๋ฉด, ํœด๋ฆฌ์Šคํ‹ฑ์„ ํ˜ผ๋™์‹œํ‚ฌ ์ˆ˜ ์žˆ๋‹ค.

๊ฐ•์ œ๋œ ์ฃผ์†Œ ์žฌ์‚ฌ์šฉ

๊ณต๊ฒฉ์ž๋Š” ์†Œ์•ก์„ ์ด์ „์— ์‚ฌ์šฉ๋œ ์ฃผ์†Œ๋กœ ๋ณด๋‚ด ์ˆ˜์‹ ์ž๊ฐ€ ์ดํ›„ ํŠธ๋žœ์žญ์…˜์—์„œ ์ด๋ฅผ ๋‹ค๋ฅธ ์ž…๋ ฅ๋“ค๊ณผ ๊ฒฐํ•ฉํ•˜๋„๋ก ์œ ๋„ํ•  ์ˆ˜ ์žˆ์œผ๋ฉฐ, ์ด๋กœ์จ ์ฃผ์†Œ๋“ค์„ ์„œ๋กœ ์—ฐ๊ฒฐ์‹œํ‚ค๋ ค ํ•œ๋‹ค.

์˜ฌ๋ฐ”๋ฅธ ์ง€๊ฐ‘ ๋™์ž‘

์ง€๊ฐ‘์€ ์ด๋ฏธ ์‚ฌ์šฉ๋œ ๋นˆ ์ฃผ์†Œ๋กœ ๋ฐ›์€ ์ฝ”์ธ์„ ์‚ฌ์šฉํ•˜์ง€ ์•Š์•„์•ผ ํ•˜๋ฉฐ, ์ด๋Š” ํ”„๋ผ์ด๋ฒ„์‹œ leak๋ฅผ ๋ฐฉ์ง€ํ•˜๊ธฐ ์œ„ํ•จ์ด๋‹ค.

๊ธฐํƒ€ ๋ธ”๋ก์ฒด์ธ ๋ถ„์„ ๊ธฐ๋ฒ•

  • ์ •ํ™•ํ•œ ๊ฒฐ์ œ ๊ธˆ์•ก: ๊ฑฐ์Šค๋ฆ„๋ˆ์ด ์—†๋Š” ํŠธ๋žœ์žญ์…˜์€ ๋™์ผ ์‚ฌ์šฉ์ž๊ฐ€ ์†Œ์œ ํ•œ ๋‘ ์ฃผ์†Œ ๊ฐ„์˜ ๊ฑฐ๋ž˜์ผ ๊ฐ€๋Šฅ์„ฑ์ด ๋†’๋‹ค.
  • ๋ฐ˜์˜ฌ๋ฆผ๋œ ๊ธˆ์•ก: ๊ฑฐ๋ž˜์—์„œ ๋ฐ˜์˜ฌ๋ฆผ๋œ ๊ธˆ์•ก์€ ๊ฒฐ์ œ์ผ ๊ฐ€๋Šฅ์„ฑ์ด ๋†’๊ณ , ๋ฐ˜์˜ฌ๋ฆผ๋˜์ง€ ์•Š์€ ์ถœ๋ ฅ์ด ๊ฑฐ์Šค๋ฆ„๋ˆ์ผ ๊ฐ€๋Šฅ์„ฑ์ด ๋†’๋‹ค.
  • ์ง€๊ฐ‘ ์ง€๋ฌธํ™”: ์„œ๋กœ ๋‹ค๋ฅธ ์ง€๊ฐ‘์€ ๊ณ ์œ ํ•œ ํŠธ๋žœ์žญ์…˜ ์ƒ์„ฑ ํŒจํ„ด์„ ๊ฐ€์ง€๋ฉฐ, ๋ถ„์„๊ฐ€๋Š” ์ด๋ฅผ ํ†ตํ•ด ์‚ฌ์šฉ๋œ ์†Œํ”„ํŠธ์›จ์–ด ๋ฐ ์ž ์žฌ์ ์ธ change ์ฃผ์†Œ๋ฅผ ์‹๋ณ„ํ•  ์ˆ˜ ์žˆ๋‹ค.
  • ๊ธˆ์•ก ๋ฐ ์‹œ๊ฐ„ ์ƒ๊ด€๊ด€๊ณ„: ๊ฑฐ๋ž˜ ์‹œ๊ฐ„์ด๋‚˜ ๊ธˆ์•ก์„ ๊ณต๊ฐœํ•˜๋ฉด ๊ฑฐ๋ž˜ ์ถ”์ ์ด ์‰ฌ์›Œ์ง„๋‹ค.

ํŠธ๋ž˜ํ”ฝ ๋ถ„์„

๋„คํŠธ์›Œํฌ ํŠธ๋ž˜ํ”ฝ์„ ๋ชจ๋‹ˆํ„ฐ๋งํ•จ์œผ๋กœ์จ ๊ณต๊ฒฉ์ž๋Š” ํŠธ๋žœ์žญ์…˜์ด๋‚˜ ๋ธ”๋ก์„ IP ์ฃผ์†Œ์™€ ์—ฐ๊ฒฐ์‹œ์ผœ ์‚ฌ์šฉ์ž ํ”„๋ผ์ด๋ฒ„์‹œ๋ฅผ ์†์ƒ์‹œํ‚ฌ ์ˆ˜ ์žˆ๋‹ค. ํŠนํžˆ ๋งŽ์€ ์ˆ˜์˜ Bitcoin ๋…ธ๋“œ๋ฅผ ์šด์˜ํ•˜๋Š” ์ฃผ์ฒด๋Š” ํŠธ๋žœ์žญ์…˜์„ ๊ฐ์‹œํ•  ๋Šฅ๋ ฅ์ด ํ–ฅ์ƒ๋œ๋‹ค.

More

ํฌ๊ด„์ ์ธ ํ”„๋ผ์ด๋ฒ„์‹œ ๊ณต๊ฒฉ ๋ฐ ๋ฐฉ์–ด ๋ชฉ๋ก์€ Bitcoin Privacy on Bitcoin Wiki๋ฅผ ์ฐธ์กฐํ•˜๋ผ.

์ต๋ช… Bitcoin ๊ฑฐ๋ž˜

์ต๋ช…์œผ๋กœ Bitcoin์„ ์–ป๋Š” ๋ฐฉ๋ฒ•

  • Cash Transactions: ํ˜„๊ธˆ์„ ํ†ตํ•ด bitcoin์„ ์ทจ๋“.
  • Cash Alternatives: ๊ธฐํ”„ํŠธ ์นด๋“œ๋ฅผ ๊ตฌ๋งคํ•ด ์˜จ๋ผ์ธ์—์„œ bitcoin์œผ๋กœ ๊ตํ™˜.
  • ์ฑ„๊ตด: ํ˜ผ์ž ์ฑ„๊ตดํ•  ๋•Œ๊ฐ€ ๊ฐ€์žฅ ํ”„๋ผ์ด๋น—ํ•˜๊ฒŒ bitcoin์„ ์–ป๋Š” ๋ฐฉ๋ฒ•์ด๋‹ค. ๋งˆ์ด๋‹ ํ’€์€ ์ฑ„๊ตด์ž์˜ IP ์ฃผ์†Œ๋ฅผ ์•Œ ์ˆ˜ ์žˆ๋‹ค. Mining Pools Information
  • Theft: ์ด๋ก ์ ์œผ๋กœ๋Š” ๋น„ํŠธ์ฝ”์ธ์„ ํ›”์น˜๋Š” ๊ฒƒ์ด ๋˜ ๋‹ค๋ฅธ ์ต๋ช… ํš๋“ ๋ฐฉ๋ฒ•์ด ๋  ์ˆ˜ ์žˆ์œผ๋‚˜, ๋ถˆ๋ฒ•์ด๋ฉฐ ๊ถŒ์žฅ๋˜์ง€ ์•Š๋Š”๋‹ค.

๋ฏน์‹ฑ ์„œ๋น„์Šค

๋ฏน์‹ฑ ์„œ๋น„์Šค๋ฅผ ์ด์šฉํ•˜๋ฉด ์‚ฌ์šฉ์ž๋Š” ๋น„ํŠธ์ฝ”์ธ์„ ๋ณด๋‚ด๊ณ  ๋‹ค๋ฅธ ๋น„ํŠธ์ฝ”์ธ์„ ๋ฐ›์•„ ์›๋ž˜ ์†Œ์œ ์ž๋ฅผ ์ถ”์ ํ•˜๊ธฐ ์–ด๋ ต๊ฒŒ ๋งŒ๋“ค ์ˆ˜ ์žˆ๋‹ค. ๋‹ค๋งŒ ์„œ๋น„์Šค๊ฐ€ ๋กœ๊ทธ๋ฅผ ๋ณด๊ด€ํ•˜์ง€ ์•Š๊ณ  ์‹ค์ œ๋กœ ๋น„ํŠธ์ฝ”์ธ์„ ๋ฐ˜ํ™˜ํ•  ๊ฒƒ์ด๋ผ๋Š” ์‹ ๋ขฐ๊ฐ€ ํ•„์š”ํ•˜๋‹ค. ๋Œ€์•ˆ์œผ๋กœ Bitcoin ์นด์ง€๋…ธ ๋“ฑ์ด ์žˆ๋‹ค.

CoinJoin

CoinJoin๋Š” ์—ฌ๋Ÿฌ ์‚ฌ์šฉ์ž์˜ ํŠธ๋žœ์žญ์…˜์„ ํ•˜๋‚˜๋กœ ํ•ฉ์ณ ์ž…๋ ฅ๊ณผ ์ถœ๋ ฅ์„ ๋งค์นญํ•˜๋ ค๋Š” ์‹œ๋„๋ฅผ ๋ณต์žกํ•˜๊ฒŒ ๋งŒ๋“ ๋‹ค. ๊ทธ๋Ÿผ์—๋„ ๋ถˆ๊ตฌํ•˜๊ณ  ์ž…๋ ฅ ๋ฐ ์ถœ๋ ฅ ํฌ๊ธฐ๊ฐ€ ๊ณ ์œ ํ•œ ํŠธ๋žœ์žญ์…˜์€ ์—ฌ์ „ํžˆ ์ถ”์ ๋  ๊ฐ€๋Šฅ์„ฑ์ด ์žˆ๋‹ค.

์˜ˆ์‹œ ํŠธ๋žœ์žญ์…˜(์‚ฌ์šฉ๋์„ ๊ฐ€๋Šฅ์„ฑ ์žˆ์Œ): 402d3e1df685d1fdf82f36b220079c1bf44db227df2d676625ebcbee3f6cb22a ๋ฐ 85378815f6ee170aa8c26694ee2df42b99cff7fa9357f073c1192fff1f540238.

์ž์„ธํ•œ ์ •๋ณด๋Š” CoinJoin์„ ์ฐธ๊ณ ํ•˜๋ผ. Ethereum ์ƒ์˜ ์œ ์‚ฌ ์„œ๋น„์Šค๋Š” Tornado Cash๋กœ, ์ฑ„๊ตด์ž๋“ค๋กœ๋ถ€ํ„ฐ์˜ ์ž๊ธˆ์œผ๋กœ ํŠธ๋žœ์žญ์…˜์„ ์ต๋ช…ํ™”ํ•œ๋‹ค.

PayJoin

CoinJoin์˜ ๋ณ€ํ˜•์ธ PayJoin(๋˜๋Š” P2EP)์€ ๋‘ ๋‹น์‚ฌ์ž(์˜ˆ: ๊ณ ๊ฐ๊ณผ ์ƒ์ธ) ์‚ฌ์ด์˜ ํŠธ๋žœ์žญ์…˜์„ ์ผ๋ฐ˜ ํŠธ๋žœ์žญ์…˜์ฒ˜๋Ÿผ ์œ„์žฅํ•˜์—ฌ CoinJoin์˜ ๋™๋“ฑํ•œ ์ถœ๋ ฅ ํŠน์ง•์„ ๋ณด์ด์ง€ ์•Š๊ฒŒ ํ•œ๋‹ค. ์ด๋Š” ํƒ์ง€๊ฐ€ ๊ทน๋„๋กœ ์–ด๋ ต๊ฒŒ ๋งŒ๋“ค๋ฉฐ, ๊ฑฐ๋ž˜ ๊ฐ์‹œ ์ฃผ์ฒด๋“ค์ด ์‚ฌ์šฉํ•˜๋Š” common-input-ownership heuristic์„ ๋ฌด๋ ฅํ™”ํ•  ์ˆ˜๋„ ์žˆ๋‹ค.

2 btc --> 3 btc
5 btc     4 btc

Transactions like the above could be PayJoin, enhancing privacy while remaining indistinguishable from standard bitcoin transactions.

The utilization of PayJoin could significantly disrupt traditional surveillance methods, making it a promising development in the pursuit of transactional privacy.

Best Practices for Privacy in Cryptocurrencies

Wallet Synchronization Techniques

To maintain privacy and security, synchronizing wallets with the blockchain is crucial. Two methods stand out:

  • Full node: By downloading the entire blockchain, a full node ensures maximum privacy. All transactions ever made are stored locally, making it impossible for adversaries to identify which transactions or addresses the user is interested in.
  • Client-side block filtering: This method involves creating filters for every block in the blockchain, allowing wallets to identify relevant transactions without exposing specific interests to network observers. Lightweight wallets download these filters, only fetching full blocks when a match with the userโ€™s addresses is found.

Utilizing Tor for Anonymity

Given that Bitcoin operates on a peer-to-peer network, using Tor is recommended to mask your IP address, enhancing privacy when interacting with the network.

Preventing Address Reuse

To safeguard privacy, itโ€™s vital to use a new address for every transaction. Reusing addresses can compromise privacy by linking transactions to the same entity. Modern wallets discourage address reuse through their design.

Strategies for Transaction Privacy

  • Multiple transactions: Splitting a payment into several transactions can obscure the transaction amount, thwarting privacy attacks.
  • Change avoidance: Opting for transactions that donโ€™t require change outputs enhances privacy by disrupting change detection methods.
  • Multiple change outputs: If avoiding change isnโ€™t feasible, generating multiple change outputs can still improve privacy.

Monero: A Beacon of Anonymity

Monero addresses the need for absolute anonymity in digital transactions, setting a high standard for privacy.

Ethereum: Gas and Transactions

Understanding Gas

Gas measures the computational effort needed to execute operations on Ethereum, priced in gwei. For example, a transaction costing 2,310,000 gwei (or 0.00231 ETH) involves a gas limit and a base fee, with a tip to incentivize miners. Users can set a max fee to ensure they donโ€™t overpay, with the excess refunded.

Executing Transactions

Transactions in Ethereum involve a sender and a recipient, which can be either user or smart contract addresses. They require a fee and must be mined. Essential information in a transaction includes the recipient, senderโ€™s signature, value, optional data, gas limit, and fees. Notably, the senderโ€™s address is deduced from the signature, eliminating the need for it in the transaction data.

These practices and mechanisms are foundational for anyone looking to engage with cryptocurrencies while prioritizing privacy and security.

Value-Centric Web3 Red Teaming

  • Inventory value-bearing components (signers, oracles, bridges, automation) to understand who can move funds and how.
  • Map each component to relevant MITRE AADAPT tactics to expose privilege escalation paths.
  • Rehearse flash-loan/oracle/credential/cross-chain attack chains to validate impact and document exploitable preconditions.

Value Centric Web3 Red Teaming

Web3 Signing Workflow Compromise

  • Supply-chain tampering of wallet UIs can mutate EIP-712 payloads right before signing, harvesting valid signatures for delegatecall-based proxy takeovers (e.g., slot-0 overwrite of Safe masterCopy).

Web3 Signing Workflow Compromise Safe Delegatecall Proxy Takeover

Smart Contract Security

  • Mutation testing to find blind spots in test suites:

Mutation Testing With Slither

References

DeFi/AMM Exploitation

If you are researching practical exploitation of DEXes and AMMs (Uniswap v4 hooks, rounding/precision abuse, flashโ€‘loan amplified thresholdโ€‘crossing swaps), check:

Defi/AMM Hook Precision

For multi-asset weighted pools that cache virtual balances and can be poisoned when supply == 0, study:

Defi Amm Virtual Balance Cache Exploitation

Tip

AWS ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ:HackTricks Training AWS Red Team Expert (ARTE)
GCP ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training GCP Red Team Expert (GRTE) Azure ํ•ดํ‚น ๋ฐฐ์šฐ๊ธฐ ๋ฐ ์—ฐ์Šตํ•˜๊ธฐ: HackTricks Training Azure Red Team Expert (AzRTE)

HackTricks ์ง€์›ํ•˜๊ธฐ