WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets
Pengcheng Xia, Yanhui Guo, Zhaowen Lin, Jun Wu, Pengbo Duan, Ningyu He, Kailong Wang, Tianming Liu, Yinliang Yue, Guoai Xu, Haoyu Wang
TL;DR
Browser-based non-custodial wallets are highly popular but security under-analysis has left systemic vulnerabilities under-addressed. The authors present WalletRadar, a hybrid static–dynamic vulnerability detection framework tailored to browser extensions, underpinned by a vulnerability taxonomy that spans traditional web risks and wallet-specific issues. In a large-scale evaluation of 96 wallets, WalletRadar identified 110 vulnerabilities across 70 wallets (116 total vulnerabilities reported), with several addressed post-disclosure and bug bounties totaling at least $2000; the demonic vulnerability emerged as a major concern. The work demonstrates the feasibility and value of automated security assessment for wallet development, revealing widespread weaknesses and motivating broader adoption of secure coding practices in the blockchain ecosystem.
Abstract
Cryptocurrency wallets, acting as fundamental infrastructure to the blockchain ecosystem, have seen significant user growth, particularly among browser-based wallets (i.e., browser extensions). However, this expansion accompanies security challenges, making these wallets prime targets for malicious activities. Despite a substantial user base, there is not only a significant gap in comprehensive security analysis but also a pressing need for specialized tools that can aid developers in reducing vulnerabilities during the development process. To fill the void, we present a comprehensive security analysis of browser-based wallets in this paper, along with the development of an automated tool designed for this purpose. We first compile a taxonomy of security vulnerabilities resident in cryptocurrency wallets by harvesting historical security reports. Based on this, we design WALLETRADAR, an automated detection framework that can accurately identify security issues based on static and dynamic analysis. Evaluation of 96 popular browser-based wallets shows WALLETRADAR's effectiveness, by successfully automating the detection process in 90% of these wallets with high precision. This evaluation has led to the discovery of 116 security vulnerabilities corresponding to 70 wallets. By the time of this paper, we have received confirmations of 10 vulnerabilities from 8 wallet developers, with over $2,000 bug bounties. Further, we observed that 12 wallet developers have silently fixed 16 vulnerabilities after our disclosure. WALLETRADAR can effectively automate the identification of security risks in cryptocurrency wallets, thereby enhancing software development quality and safety in the blockchain ecosystem.