Full Report
In Bitcoin, there is a concept known as replace by fee (RBF) to allow the use of other transactions to replace unconfirmed ones. There are many ways to go about doing this type of scheme. Fee based (higher fee goes) and time based are common ways to do this. On Ethereum, the fee based mechanism can be used. In order to confirm that a transaction went through, a certain amount of confirmations must pass. This demonstrates that this is legit and the state will not change. Many chains call this finalization. Why does this matter? Cryptocurrency wallets were found to be using transactions with zero confirmations; aka, still in the mempool. By abusing the replace by fee functionality (and using a very low fee), it's possible to send a transfer that the wallet initially sees with a lot of money then have this transfer be completely different (or even invalid). Imagine, you're a user doing a transfer for something physical in exchange for cryptocurrency where you BOTH need to do an action at the same time. The end user sees the bitcoin in their account then gives the guy the package. But, it was a trick! In reality, the wallet never had the tokens; they were in the mempool and it reverted. Apparently, this issue effected major wallets like Ledger. In some cases doing this too many times would cause the wallet to become bricked! Overall, a super interesting attack! The wallets want to be fast for the user and didn't anticipate this functionality being abused.
Analysis Summary
# Vulnerability: BigSpender (Bitcoin Wallet Double-Spend Vulnerability)
## CVE Details
- **CVE ID**: N/A (Industry-standard identifier not assigned; tracks as "BigSpender")
- **CVSS Score**: Estimated 7.5 (High)
- **CWE**: CWE-345: Insufficient Verification of Data Authenticity / CWE-670: Always-Incorrect Control Flow Implementation
## Affected Systems
- **Products**: Major non-custodial Bitcoin wallets. Specifically identified:
- Ledger Live
- Edge
- BRD (Breadwallet)
- **Versions**: All versions prior to July 2020 patches.
- **Configurations**: Wallets configured to display "unconfirmed" or "pending" mempool transactions as part of the user's available spendable balance.
## Vulnerability Description
The "BigSpender" vulnerability is a logic flaw in how wallet software handles the Bitcoin **Replace-By-Fee (RBF)** protocol. RBF allows a sender to replace an unconfirmed transaction in the mempool with a new version that includes a higher fee.
Vulnerable wallets failed to properly validate or track these replacements. An attacker sends a transaction with a very low fee (ensuring it stays in the mempool) to the victim. The vulnerable wallet immediately increments the victim's balance. The attacker then uses RBF to "cancel" the original transaction by sending a new transaction that spends the same inputs back to an address they control. Because the wallet does not adequately monitor the mempool for such replacements or invalidations, the victim sees an inflated balance that never settles on the blockchain.
## Exploitation
- **Status**: PoC available; exploited in the wild (targeted fraud).
- **Complexity**: Low
- **Attack Vector**: Network (Blockchain Mempool)
## Impact
- **Confidentiality**: None
- **Integrity**: **High** (The wallet UI reflects a false state of the user's financial assets).
- **Availability**: **Medium** (In some cases, repeatedly sending and cancelling transactions could "brick" or crash the wallet application due to database synchronization errors).
## Remediation
### Patches
- **Ledger Live**: Released updates in June/July 2020 to handle unconfirmed transactions more strictly.
- **Edge / BRD**: Released updates to ensure unconfirmed transactions are clearly demarcated and not added to the primary spendable balance.
### Workarounds
- **User Education**: Never consider a transaction "received" until it has at least 1-3 confirmations on the Bitcoin blockchain.
- **Settings**: If supported by the wallet, disable the display of unconfirmed transactions.
## Detection
- **Indicators of Compromise**: Multiple incoming transactions from the same source that disappear after a short period, or a discrepancy between the wallet UI balance and the balance shown on a public block explorer (e.g., blockchain.info).
- **Detection Methods and Tools**:
- **BigSpender Tool**: A public research tool provided by Zengo (KZen-networks) to test wallet vulnerability: `https://github[.]com/KZen-networks/big-spender`
## References
- **Zengo Advisory**: `https://zengo[.]com/bigspender-double-spend-vulnerability-in-bitcoin-wallets/`
- **TechCrunch Feature**: `https://techcrunch[.]com/2020/07/01/a-vulnerability-in-some-bitcoin-wallets-leads-to-double-spend-attacks-and-inflated-balance/`
- **GitHub Repository**: `https://github[.]com/KZen-networks/big-spender`