**Update** This article contains an improper critique of FlexFarmer. A more substantiative update will be done on FlexFarmer key hygiene, which is actually quite good compared to the rest of the ecosystem.
**Update 2** FlexPool is back on the menu, according to Gene the farmer private key IS the risk I considered this morning. Expect a post on how Chia keys work.
There has been a lot of discussion about private keys and key hygiene as it relates to Arbor Wallet in the last few days, and I am going to write a short post here addressing that. I think there is a huge focus on a singular area of security and private key hygiene while ignoring most of the actual problem in the Chia ecosystem.
First off, I don’t like that Arbor is sending keys off-device. It is poor security practice and makes it a lot easier for them to leak. But do you know what else is poor security practice? Storing them on disk, and allowing a shell command to spit them out without authentication like Chia’s software does. Putting them into a config file that you generated by putting your 12 words into your browser, like FlexPool does. This is all bad key hygiene, just as putting it across a wire is. In fact, according to OWASP and industry standard key management best practices, as long as the channel that Arbor is transmitting the key is FIPS-102 secure its actually OKish, whereas storing keys in plain text without permissions is never OK. That is why this debate is infuriating to me, because it focuses on one thing that feels like the worst idea, but it really isn’t. In fact the worst thing about the Arbor Wallet key transmission is that it might end up stored somewhere insecure, like a load balancers logs. Meanwhile, that improper key storage is done by design in a lot of the ecosystem, as discussed below.
There are a lot of security issues with the Chia ecosystem, some more severe than others. People claim to have lost coins not by using Arbor Wallet, but from the official client. Which makes sense! Its really easy to steal someone’s private keys with Chia, you don’t even need admin access to their machine. Any user with file system access can run “chia keys show –show-mnemonic-seed” and spit your keys out in plain text, or just copy them from the .chia/mainnet folder.
And worse is the FlexFarmer mechanism of generating your private key in the browser. Any browser extension you have running can read that data, transmit it off device or store it. And their config.yaml file for FlexFarmer keeps the private key in plain text on your machine just sitting there in a known location. This is all very bad security practice, but I don’t hear people calling for Chia or FlexPool to be banished from the internet for it.
I am not defending Arbor, I think they need to fix this issue. I suspect there are other architectural issues they also will need to address. But its young software, it doesn’t need to be perfect – it needs to improve. For now I would consider any keys used by their system to be compromised, but I would also think long and hard about your other Chia keys and how safe they have been this whole time. The whole cryptocurrency ecosystem is rife with security issues, and not all of them are easy to spot as “privatekey: $privatekey” in a JSON POST. I cannot wait until we see Nucle under the hood, as my understanding is they are doing a full on security review that should catch issues like this.
Edit: FlexPool has made an excellent point about FlexFarmer that it only stores the farmer private key, for plots, and not the wallet private keys. In fact since it doesn’t require a wallet at all it only exposes the plot keys period.
“In fact, according to OWASP and industry standard key management best practices, as long as the channel that Arbor is transmitting the key is FIPS-102 secure its actually OKish”
I don’t think that’s what they (OWASP) mean. They probably refer to symmetric key distribution like it happens in a SSL-Handshake and does not include asymmetric encryption.
They also say: “The public key may be known by anyone; the private key should be under the sole control of the entity that “owns” the key pair.”
Thats correct. Its not good. But there are lots of situations where private keys are transported. They should never be transported or stored in plain text.
Also, symmetric key distribution doesn’t have a private key, only asymmetric does.
Again, this wasn’t a defense to Arbor but a call to think about key hygiene in its totality, in which the cardinal rule is DO NOT STORE IN PLAIN TEXT.
I am pretty sure the private key is just the tip of the Ice burg for “Arbor Wallet”. The hackathon promoted speed development over secure development. Anything that handles your coin/money/currencies is a HUGE target for attackers.
Along with the lead developer (aka the CTO) is just a teenager that from what I gather, has never worked on a production level application. I am not saying he is not a good developer because he is very smart, but you just may be native to what is good & bad practices.
Yes they are young but it’s not okay to criticize people for who they are.
Keep up with the flexpool criticism, it’s great to show how shady they are