[tbb-dev] A proposal for stopping users from copying potentially-edited cryptocurrency addresses
tom at ritter.vg
Thu Mar 7 05:40:20 UTC 2019
The second of three proposals.
This one basically stops the user from copying a cryptocurrency
address to the clipboard if the address was delivered in a way the
exit node could have tempered with it.
-------------- next part --------------
Title: Protecting Against Malicious Exit Nodes Performing Cryptocurrency Hijacking
Author: Tom Ritter
Sometimes, exit nodes are malicious. One activity malicious exit nodes
perform is rewriting the addresses of cryptocurrencies to hijack and steal
funds users are trying to send the original address. Tor Project and
volunteers scan and report malicious exit relays where-upon they are
given the BadExit flag.
In the period of time between the nodes being identified and being
blocklisted, users are put at risk from these nodes.
2.1. Required Infrastructure
This proposal is complementary to the xxx-selfsigned-user-safety.txt proposal.
We assume that (only) one of the following is in place.
The selfsigned-user-safety proposal is implemented.
2.1.2 Self-signed certificate error detection
As in selfsigned-user-safety, we classify TLS Certificate Errors into two
Class 1: Suspicious Certificate Errors
- A self-signed Certificate
- A certificate signed by a Trust Anchor but for a different hostname
- A certificate that appears to be signed by a Trust Anchor, but is
missing an intermediate allowing a full path to be built
Class 2: Unsuspicious Certificate Errors
- An expired certificate signed by a Trust Anchor
- A certificate that requires an OCSP staple, but the staple is not
The browser will detect a Class 1 error and make this state available for
the browser to base decisions off of.
2.2. Browser Logic
The browser will be able to recognize addresses of common cryptocurrencies
and when a user executes a copy event, will search for such an address in the
If an address is detected and:
- the page is loaded over HTTP
- selfsigned-user-safety is not implemented, the page is loaded over HTTPS,
and the certificate has a Class 1 Suspicious Certificate Error
Then the text MUST NOT be copied to the clipboard.
Basically this prevents the address from being copied if the address could
have been changed by the exit node.
3. False Positives
Not every cryptocurrency address served over HTTP is being attacked by a
malicious exit node.
4. User Interface/Experience
The text wil not be copied. But when the user executes the copy shortcut or
menu item a model dialog (like alert()) could be presented explaining why the
We could also use a doorhanger or information bar - but both of these seem prone
to being missed or ignored; while a modal dialog will be immediate, come with a
The user can, of course, manually type the address.
More information about the tbb-dev