ZenGo uncovers ‘red pill attack’ vulnerability in popular Web3 apps

According to a blog post published by developers of crypto wallet ZenGo, the firm said it had uncovered security vulnerabilities in transaction simulation solutions used by popular decentralized applications, or dApps. Dubbed the “red pill attack,” this vulnerability allowed malicious dApps to steal user assets based on opaque transaction approvals offered to and approved by users. The vulnerability derives its name from the iconic “red pill” scene from The Matrix movie series. 

“If malware is able to detect its actually being executed in a simulated environment or living in the matrix, it can behave in a benign manner, thus deceiving the anti-malware solution, and reveal its true malicious nature only when actually executed in a real environment.”

ZenGo claimed its research revealed that many leading vendors, including Coinbase Wallet, were at one point in time vulnerable to such attacks. “All vendors were very receptive to our reports,” said ZenGo, “and most of them were quick to fix their faulty implementations.”

The vulnerability is possible due to a programming oversight in “Special Variables” among smart contracts storing general information on the blockchain functionality, such as timestamp of the current block. During simulations however, ZenGo says there is no correct value for Special Variables and claims developers “take a shortcut” and set them to an arbitrary value.

“For example, the “COINBASE” instruction contains the address of the current block miner. Since during simulation there is no real block and hence no miner, some simulation implementations just set it to the null address (all zeros address).”

In a video, ZenGo developers demonstrated how a smart contract simulation on Polygon (MATIC) asks users to send native coins in exchange for another could be compromised via this method:

“When the user actually sends the transaction on-chain, COINBASE [Wallet] is actually filled with the non-zero address of the current miner and the contract just takes the sent coins.”

ZenGo said the fix for the vulnerability was straightforward: “instead of populating these vulnerable variables with arbitrary values, the simulations need to populate them with meaningful values.” The firm presented redacted screenshots of bug bounties, apparently awarded by Coinbase, for solving the issue. The Ethereum Foundation has also awarded ZenGo a $50,000 grant for its research on transaction simulations.