On Nov. 30, Guy Zyskind, CEO of privacy smart contract blockchain Secret Network, said that developers had patched a privacy-related vulnerability and users’ funds remain secure. In a document dated Nov. 29, Secret Network wrote that users or developers required no action and that all active nodes were upgraded to correct the exploit on Nov. 2.
2/ You can read the post for the main details, but the important part is that the vulnerability was mitigated and unlikely to have been exploited. Most importantly, funds were never at risk, because Secret intentionally does not rely on SGX for correctness – only privacy.
— Guy Zyskind (@GuyZys) November 29, 2022
The sequence of events, unveiled late yesterday by the Secret Network developers, began when a group of white-hat computer science researchers contacted the Secret team on Oct. 3 regarding a recently disclosed xAPIC (Advanced Programmable Interrupt Controller) architectural bug. The exploit allowed uninitialized memory reads in certain Software Guard Extension-enabled (SGX) Intel CPUs. Secret Network leverages SGX technology to provide confidential execution of smart contracts.
As stated in their paper, researchers first registered a server as a validator node on the Secret Network, even when they did not have sufficient funds to be trusted to actively validate transactions. The registration process then stored a copy of Secret’s global consensus seed inside its SGX enclave. Next, through the aforementioned CPU glitch, researchers extracted the consensus seed of its Secret Node and its private Intel Enhanced Privacy ID key. Finally, with these items, they were able to break Secret’s privacy-preserving features and decrypt the internal state of all smart contracts on the network, as well as the digital assets embedded in them.
Secret developers verified the exploit on Oct. 4 and devised a plan to patch the vulnerability together with researchers and Intel staff. First, nodes were forcefully ejected from the network, and their secret keys deleted. After that, nodes could only rejoin the network if they patched all known vulnerabilities, which was completed on Nov. 2. “With this upgrade, it is now infeasible to mount xAPIC attacks against the Secret Network mainnet,” wrote the Secret Network team.
In addition, new nodes joining the network will be limited to server-class hardware only, as to limit the attack surface that user-class hardware presents. Founded in 2015, Secret Network currently has a market cap of $131 million through its native token SCRT. The firm partnered with director Quentin Tarantino to launch Secret NFTs last November.