KeyBleed: Attacking the OneKey Mini


August 25, 2023




Track 1

It’s hard to figure out which cryptocurrency wallets are more secure than others. Often good advice is to choose one that utilizes a Secure Element (like Ledger, ColdCard, OneKey, etc) as opposed to ones without that have been widely demonstrated to be easily dumped through fault injection (Trezor, KeepKey, etc).

This talk will discuss how the devils are in the details and how transfer of keys and sensitive data from the SE to the main microprocessor can sometimes introduce exploitable conditions that allow an even easier and more reliable attack. This talk will review some other prior attacks on cryptocurrency wallets, issues with code reuse, and the specific issue with the OneKey Mini that allows our company to recover the seed with 100% reliability in under 1 second that we’ll demonstrate live on-stage an exploit of a OneKey Mini where we extract and crack it’s seed to recover any funds stored on it.