The MVP - Acknowledgements
Most of the acknowledgements about bad-use, bugs or features to be upgraded are found in each repo’s issues.
The applications, services and libraries were audited. This is the report:
We identified the following areas for the improvement of RIF Identity security, we recommend prioritizing the fixes for issues 1 and 2:
- Holder app: Mnemonic and private key are stored on the local database without encryption, currently it’s using a ‘dummybox’ with a hardcoded secret that does not encrypt at all. Consider using this library to store the secrets and to avoid implementing your own cryptographic functions.
- The authentication flow in
express-did-auth allows relay attacks, this means that, for example: the Convey service can force the client (mobile app) to sign a challenge for the credential request service or vice versa. Currently, the client includes the server’s DID as subject (JWT sub) on the challenge response. However, this subject is not verified on the server when processing the challenge response. The
getAuthToken() must verify that the subject included on the challenge response matches the DID of the service.
- Holder app: Deprecated crypto library uses a static IV to encrypt the presentation (vp) before uploading it to Convey. This means that if two presentations begin with the same values, the encryption will result in the same cipher text on the first 16 bytes. In this case, the presentations begins with a different timestamp (iss/exp) which mitigates the issue. However, if this function is used to encrypt another data in the future, it would leak information that could allow further attacks.
- Revocation of credentials is not possible, the user interface on the Issuer app, it displays the option but is not implemented on the backend yet.
- Issuer app: When a credential is “revoked” the backoffice user can change the status of it to “granted” again. The user interface does not allow this, however it’s possible to change the status from “revoked” to “granted” sending direct requests to the server.
- Holder app: Screen capture is permitted, users could take a screenshot of the mnemonic phrase and increase the risk of compromise as it will be stored on the photo gallery and cloud backups. Consider this example library.
- Holder app: Remove the screen PIN lock logged to console.