Skip to content

Certain custom networks vulnerable to chosen chainId attack

High
andrepimenta published GHSA-996m-jhjg-3chr Jan 25, 2021

Package

No package listed

Affected versions

<1.0.9

Patched versions

>=1.0.9

Description

Note: As of January 25, 2021, this vulnerability has been addressed in the latest version of MetaMask on all platforms. To the best of our knowledge, this attack was never exploited in the wild.

Impact

In version <1.0.9 of MetaMask Mobile, if a user adds a custom network to MetaMask without specifying a chain ID, MetaMask requests net_version from the network's RPC endpoint at runtime, and uses the return value to sign transactions.

This can induce the user to sign transactions for unintended chains in the following ways:

  1. net_version returns the network ID, which may differ the chain ID. Transactions signed with a network ID could be invalid for the intended chain, and valid for another. See EIP-155 for details.
  2. A malicious or faulty endpoint could return arbitrary results for net_version at runtime.

Any user of MetaMask Mobile version 1.0.8 and lower that adds or has added a custom network without specifying a chain ID is vulnerable to this attack.

Patches

Version >=1.0.9 includes 9a73243.

Workarounds

  • Update MetaMask Mobile to version >=1.0.9 as soon as it's available on your platform. For most users, this will already have been done automatically.
    • Version >=1.0.9 requires chainId values to be specified by the user for all custom networks, and MetaMask will only use those values to sign transactions.

References

For more information

If you have any questions or comments about this advisory:

Severity

High

CVE ID

No known CVE

Weaknesses

No CWEs

Credits