Understanding the Stake Address Issue and Resolution
Spoofed addresses have been a long-standing problem in our ecosystem that has caused issues for wallets having issues with interacting with different dapps. How does this happen? A normal user address generated by any wallet is the consecution of the hash of the payment public key, followed by the hash of the staking public key.
In order to make a payment from an address, only the payment secret key is needed. In order to stake the content of an address(ada for staking rewards), only the staking secret key is needed.
What is a Spoofed address or Franken address?
A spoofed address is an address created by a bad-intentioned actor to pretend to be a certain user. Many platforms on Cardano used to base whitelist solely on the stake address, which was not needed for payment. A few bad actors created addresses using their own payment keys and someone else’s public stake key, to create addresses that would enable them to claim tokens, airdrops, or rewards on behalf of someone else.
Why are assets ending in Franken addresses hard to retrieve?
Nondiscerning owned and non-owned assets show as the content under the same stake, as this is how the blockchain is designed. Even though the assets are seemingly owned by the user, they can’t move them as they are on a payment key which the user can’t sign as he doesn’t have the secret key. These assets are subsequently owned in transferability form by someone else. If that certain someone else gets found the assets can be rescued. But given the Illegality of the actions that led to the creation of said Franken addresses the holder of the keys is unlikely to be found.
The Bug and Its Impact
This bug occurred 5 weeks ago, it used the first unspent transaction outputs (UTXOs) of the user’s stake as the output for transaction changes. Consequently, the change from any swap transactions was sent to the spoofed address. These users were able to see before signing that their assets were being moved to the spoofed address. This address, while linked to the user’s stake, did not allow the user to access or move the assets. This bug affected 4 transactions before being caught and fixed.
Resolution and Preventive Measures
The change address selection had been effectively fixed and a few safeguards have been added across all of DexHunter. Whenever a transaction is involved, the user has to be able to sign for both the stake and the payment of the receiving change address, this prevents sending assets to unowned addresses as change and makes sure that both keys of the change address are owned by the user. The solution we implemented 5 weeks ago right after noticing this issue is permanent and even previously affected wallets will not have an issue in the future.
Affected Transactions
4 transactions in total were affected. Unfortunately, the assets that were redirected to these spoofed addresses are unlikely to be retrieved unless the owner of the addresses is found. We have made the difficult decision to refund these spoofed wallets despite the issue being mostly due to outside factors, as the issue occurred while interacting with our platform. All four wallet owners have been contacted and refunds were issued based on the liquidation prices of affected assets.
Conclusion
This article was written in the interest of transparency to detail an issue we dealt with at the end of October. All transactions going through DexHunter need to be signed with all keys related to the address that is used as a change to confirm that they own both the staking and payment rights to the address that will receive the change. While the issue is resolved on our end and cannot occur again, we do feel it’s important to document it. This is an issue that can affect any dapp while interacting with spoofed wallets if they are unaware of this issue.
