homepage-data/Projects/Pinata

35 lines
1.8 KiB
Text
Raw Normal View History

2017-09-15 20:19:19 +00:00
---
title: The Bitcoin Piñata
2017-09-17 18:52:58 +00:00
abstract: ![Piñata](/static/img/pinata.png)
2017-09-15 20:19:19 +00:00
---
2017-09-17 18:52:58 +00:00
![Piñata](/static/img/pinata.png)
2017-09-17 13:13:28 +00:00
The [Bitcoin Piñata](http://ownme.ipredator.se) is a unikernel which serves as
bug bounty system to test TLS and the underlying implementations. Its
communication endpoints are a website describing the setup, and both a TLS
client and a TLS server listening on a port. The total size, including TLS,
X.509, TCP/IP, of the virtual machine image is 4MB, which is less than 4% of a
comparable system using a Linux kernel and OpenSSL.
2018-04-16 22:00:46 +00:00
When a TLS handshake with the Piñata is successful including mutual
authentication, the Piñata transmits the private key to a Bitcoin wallet which
initially contained 10BTC. The project started on February 10th 2015. Our
lender transferred on March 18th 2018 the 10BTC and repurposed them for other
projects.
2017-09-17 13:13:28 +00:00
On startup, the Piñata generates its certificate authority on the fly, including
certificates and private keys. This means that only the Piñata itself contains
2017-09-17 14:00:44 +00:00
private keys which can authenticate successfully, and an attacker has to find
2017-09-17 13:13:28 +00:00
an exploitable flaw in any software layer (OCaml runtime, virtual network
2017-09-17 14:00:44 +00:00
device, TCP/IP stack, TLS library, X.509 validation, or elsewhere) to complete the challenge.
2017-09-17 13:13:28 +00:00
2018-04-16 22:00:46 +00:00
The Piñata is online since February 10th 2015, and even though hundreds of
thousands of connections and initiated TLS handshakes, no Bitcoins were taken.
2017-09-17 13:13:28 +00:00
By using a Bitcoin wallet, the Piñata is a transparent bug bounty. Everybody
2018-04-16 22:00:46 +00:00
can observe (by looking into the blockchain) whether it has been compromised and
the money has been transferred to another wallet. It is also self-serving: when
an attacker discovers a flaw, they don't need to fill out any forms to retrieve
the bounty, instead they can take the wallet, without any questions asked.