Bitcoin Forum

Kraken Security Labs examined latest hyped hardware wallet Safepal S1 and found some serious vulnerabilities and weaknesses in this (https://blog.kraken.com/post/7874/kraken-security-labs-finds-flaws-in-safepal-s1-hardware-wallet/) detailed report.

The thing that had most impact on me after reading their report is the fact that Safepal used GPL open source licenses and claimed them as their own making Safepal closed source, and they made licensing violations without giving credits to original creators!
Kraken team asked for source code from Safepal but they refused to provide it confirming GPL licensing violations and risking potential lawsuit.
There is also possibility that they used firmware check used in Trezor wallet with trezor-license, but this could not be proven at the time of report.

Safepal Tamper Detection is ineffective and Kraken team managed to open wallet easy and without any issue, but Safepal later confirmed this in their reply claiming it doesn’t impact the wallet security.
Interesting thing when they opened the wallet is that they could not identity Secure Element chip that Safepal claims it's EAL5+ but it's obvious from unknown manufacturer.

Downgrade Attack is a big flaw for Safepal as Kraken security team managed to change it's firmware that could be used in some potential attack.
Safepal later confirmed this, made a patch and claimed it's non-exploitable.

Safepal team made a quick public reply to Kraken in this (https://blog.safepal.io/our-response-to-the-security-findings-from-kraken-security-labs/) blog post claiming that funds are SAFU... and that Kraken team failed to extract the seed from device, but their lame reply to license violations is that they will open source Safepal in 2021, let's wait and see.

https://i.imgur.com/aj6Ft7i.png

You can read detailed Kraken report here (https://blog.kraken.com/post/7874/kraken-security-labs-finds-flaws-in-safepal-s1-hardware-wallet/) and Safepal reply in this (https://blog.safepal.io/our-response-to-the-security-findings-from-kraken-security-labs/) post.

My conclusion is that Safepal wallet can not be trusted, as they stole someone else work and claim it as their own and we call that a plagiarism (unless they claim the origianl source)
The fact that Kraken didn't manage to extract keys doesn't mean that it will not happen soon and who knows what kind of crap is running inside their toy and their Secure Element is unknown and can not be trusted with holding anything.
I would stay away from Safepal and advice anyone not to waste their money and risk your privacy ordering it.

Thanks OP for the post. It is already one of my favourite post about hardware wallet .

SafePal S1 claim their product is EAL5+ level

https://docs.safepal.io/safepal-hardware-wallet/security-features/hardware-security/independent-crypto-element (https://docs.safepal.io/safepal-hardware-wallet/security-features/hardware-security/independent-crypto-element)

regards to EAL and hardware side .. it makes me wonder about RISC-V open standard instruction set architecture (ISA);

Gosh..


 ::) :D

the CEO of safepal said she (female) is strongly secure about her beliefs

SafePal - #BUIDLers​ Season 1: Project 3 of 8
https://youtu.be/8olCNqR_2wY

If Kraken were able to extract the keys in future, what would it mean for those who are using the safepal wallets ?

Will the funds stored in safepal wallet will be subject to risk if this happens ?

I know they claim this, BUT problem is that Safepal is the only hardware wallet (except unknown Wookong brand) that I couldn't identify what secure element they are using, and I even wrote them an email and contacted them on social media.
I received some generic reply without clear explanation, and imagine when Kraken experts also could not identify their secure element...

See the current list of Hardware wallets with identified secure element chips and notice how only Chinese Safepal and Wookong have unknown chips:

• CoboVault (https://github.com/CoboVault): EAL5+ (FIPS 140-2) secure element with open source firmware
• ColdCard Mk3 (https://github.com/Coldcard): Microchip ATECC608A covered by epoxy, open source
• Bitbox02 (https://github.com/digitalbitbox): Microchip ATECC608A, open source
• Passport (https://github.com/Foundation-Devices): Microchip ATECC608A,open source
• Ledger (https://satochip.io/): EAL5+/EAL6+ ST31H320, ST33J2M0, closed source!
• D'CENT (https://dcentwallet.com/products/BiometricWallet): EAL5+ NXP P60
• Safepal S1 (https://www.safepal.io/): EAL5+ ? unknown chip, closed source
• CoolWalletS (https://www.coolwallet.io/): EAL5+ SE microchip NXP P5CD081, closed source
• Jubiterwallet (https://jubiterwallet.de/): EAL6+ SE Infineon, closed source
• Kasse HK-1000 (https://kasseusa.com/): EAL5+ ST31H320 A03, closed source
• Keevo (https://www.keevowallet.com/): EAL5+ Infineon Optiga Trust-P, closed source
• Secux (https://secuxtech.com/): EAL5+ Infineon CC, closed source
• Ngrave (https://www.ngrave.io/products/zero): EAL7+ STM32MP157C with built-in secure element​, ?
• Tangem (https://tangem.com/): EAL6+ Samsung SecureCore microchip, open source sdk
• ImKey (https://imkey.im/): EAL 6+ Military-grade CC security chip, closed source
• Wookong (https://wooko.ng/): EAL 4+ ? unknown chip, closed source
• Hashwallet (https://www.gethashwallet.com/): EAL 6+ Infineon SLE78 secure element

Interesting, I didn't know about this.


It would happen the similar thing like for Trezor, Keepkey, older ledger and all other hardware wallets that have some security flaws and extracting keys means they can control and send your crypto.
Not your keys - not your crypto.

I am sure they can apply security updates!

if I get proper business contacts I intent to visit their headquarter physically (in real world, not digital);

my route plan is: Macau (a.k.a. Asian's Las Vegas) then Hong Kong then Shenzhen (ps Thanks for Google Geo for the tips)

What security updates?
They stole GPL licensed open source code and made it closed source and copyrighted so you can't exactly fix that classical plagiarism, and I think they are now more busy making their new Safepal S2 wallet with bigger battery and stronger features... whatever that means.
No word about fixing issues or making it open source.

https://blog.safepal.io/safepal-weekly-update-week-1-march-2021/

I noticed some fishy things about Safepal hardware wallet and near 100% positive feedback on their website.
They are using Rivyo app for their feedback, but what is interesting is that last feedbacks you can see are dated on November 30 2020 and they have 97% five starts!
There are total of 229 reviews, 221 are 5 stars, 4 are 4 stars, 1 with 3 stars and looks like 3 are deleted.
Even funnier are actual reviews like Excellent, As expected, All good, Perfect wallet...

https://i.imgur.com/BmyReyr.jpg
https://shop.safepal.io/products/safepal-hardware-wallet-s1-bitcoin-wallet
archive: https://archive.ph/UEmDE

Is this really possible?
I doubt it and I think they are deleting any bad review they receive, and my review for Safepal never got published.

But let's look Safepal rating and reviews on other websites they are not controlling 100% like Amazon and Google store, that may also have fake reviews but not 100% positive for sure :)

This is Safepal page on Google Store (https://play.google.com/store/apps/details?id=io.safepal.wallet&hl=en&gl=US) that have positive and negative feedback that is totally normal and again, that doesn't mean all off this reviews are real.
There are more 1 start reviews than 4 start reviews  and many recent reviews are negative and with actual issues you don't see on Safepal website.

https://i.imgur.com/hyjymYC.png

Let's move on to Safepal Amazon page (https://www.amazon.co.uk/gp/product/B07YD6W5T3) and you can see there are 77% 5 stars, 10% 4 stars and 12% 1 star ratings:

https://i.imgur.com/k6osQ9E.png

It's obvious that Safepal website reviews are rigged and fake and you can test that yourself if you try to write them honest feedback if you ever purchased and used Safepal wallet.
If there is anything you don't like about Safepal there is no chance it will actually end up on their website.

I always said that Safepal hardware wallet is one of the worst cheapest hardware wallets you can buy, but now they are proving with Binance exchange how all that fake decentralized exchanges are just a scam and fake advertisement.
Starting from May 12 Binance ''DApp'' will introduce mandatory KYC  intermediate verification for everyone who wants to continue using this trading feature.
They claim other ''decentralized'' services like send/receive, Swap, Bridge, Earn, DAppstore are not impacted (for now), but by passing KYC you will permanently connect your hardware wallet with your identity.
That means Binance will report all your IP, addresses, transactions and all your activity to regulators, just so they can kiss their asses.
It should also be mentioned that nothing connected with Binance is decentralized, including their shitcoin chain and fake bitcoin token they created.
https://i.imgur.com/KZzsHyO.jpg
https://blog.safepal.io/important-changes-about-binance-dapp-identity-verification/

Term DApp used by Safepal here is fake and means nothing in reality.

Anyone who owns Safepal hardware wallet should be aware of recent scams related with this hardware wallet.
Scammers created fake Safepal Google Chrome Extension that was later reported and removed from google store, but scammers will try to upload something similar for sure.
Confusion started after Safepal released their real extension that was not publicly launched, but only as beta test version that works with invitations.

https://i.imgur.com/s97u7wq.jpg
https://twitter.com/safepal_support/status/1534430433437679621

I read dkbit98's post above, and I'm a little confused about the term "decentralized" and I'm wondering if we're all defining it the same way.  Take this statement for example:

I assume that's BNB you're referring to?  Now I don't claim to be an expert on BNB, but the coin/token has its own blockchain and works on some protocol that I won't pretend to understand--but there are validators for nodes sort of like Tezos, Polkadot, and others, right?  If that's the case, then it isn't Binance that's fully in charge of keeping BNB alive, no?  I would think that if there are independent validators operating around the world, then that would pretty much qualify BNB as decentralized, regardless of its origins and/or affiliations.

If Binance had the power to shut BNB down completely and invalidate all of the coins, then I'd say it's a centralized token.

As for the other dapps and crap they're offering, all of that sounds centralized to me--but that isn't necessarily a bad thing on its own.  Newegg is centralized, and I think it's a damn good electronics store.  It's the KYC part of this Binance thing that's the killer, but those two things aren't one and the same.  Anyhow, would you expect Binance to do anything differently now that regulators have crypto under a scanning electron microscope? 

We all have free will, and those of us who care about privacy won't go anywhere near those Binance services that require you to give up your dox.

BNB is a PoS coin and I think that whatever the papers tell nicely, Binance does have that power.
Some explanations are here: https://coinmarketcap.com/alexandria/article/what-is-binance-smart-chain#header-3

Basically, from my understanding, Binance can easily have more than 50% of the coins (since almost everybody keeps BNB coins in Binance's custody), they are also PoA validators and they probably the ones approving new PoA validators too.

I didn't want to derail this thread about the Safepal wallet with a diatribe about decentralization, but since you responded....even if Binance's customers keep their BNB there, that doesn't (or shouldn't) give Binance control over those coins with respect to whatever voting can be done with them.  Right?

That whole thing reminds me of NEO, which used to be a seemingly simple coin that morphed into something with a council that you have to vote for and a new version of NEO that's not traded on many (if any) exchanges.

On topic: I don't own a Safepal wallet, but I do appreciate dkbit98's warning about the fake extension.  It's so easy for unsuspecting folks to just download something that's available in a browser (especially Chrome), not realizing that it's a trojan horse that could potentially rob you blind.  Scary stuff.

Dude you are getting off-topic here, but BNB shitcoin is literally CZ and few of his friends running ''nodes'', so I don't see why would you be confused about my statement.
They can control everything and reverse transactions, so it's not really a secret that most of the shitcoins are not really decentralized, not just CZ child BNB.
Please let's get back on topic now - Safepal hardware wallet.

I think that Safepal made a mistake with releasing their test browser extension.
All other hardware wallets are trying to avoid having extensions and they are going backwards, so scammers only used this situation.

Disease is officially spreading  ::)
After ledger made very unpopular move with their new crap Recover feature, now we have another closed source wallet Safepal planning to do something similar, but they are even worse.
In upcoming update they want to connect and backup seed phrase with iCloud and GoogleDrive for waller recovery:
Source: https://medium.com/lysithea-ventures/an-insightful-exchange-recap-of-safepal-ama-with-ceo-veronica-3479ee32b796

I will repeat again, Safepal is closed source junk and they are doing exactly the same thing as Ledger.
This is really strange and it makes me think that same group of people is controlling or commanding this manufacturers what to do.
I mean... they can't be so stupid to release this ''news'' in very similar timing like Ledger circus show.
Keeping seed phrase in cloud... what could possibly go wrong? :P

Stay away from Safepal, and stop using it.

Wow, just wow.
Based on your thread about secure elements in hardware wallets, Safepal also has one but you couldn't find the exact model. Have you managed to find any more information on it in the meantime? Maybe they are also using one of the ST3x models.

This is exactly what I was saying in the Ledger Recover thread. Some (maybe all) secure element chips have been proven to be vulnerable to remote seed sharing. Now it's just a question of who will do it next and in what way and shape. This can't possibly be only their own doing. I guess they have started cooperating with the higher powers to be in a better position when stricter regulations are rolled out.

It may be just the hunger for money. They may have been seeing Ledger's crap news and thought "what a wonderful idea, let's do that ourselves and get rich from selling to the idiots monthly subscription on making the seed less secure".

Thanks for the heads up, @dkbit98

Yeah, that's just plain stupid squared--but I guess Ledger and Safepal and anyone else in the future who rolls out features like this are playing to the uneducated masses who think owning crypto is like keeping money in a bank.  It just boggles my mind that Ledger (and now Safepal I guess) are doing this, as ostensibly their core customer base consists of people who do know what they're doing in the dangerous world of crypto and never wanted a device from which private keys could be exported.

And yeah, I get that Ledger was always known to be closed-source and thus should have been looked upon as not-completely-secure.  You've been saying that all along, and I wish I'd taken heed of that the first time I heard it.

I'm pretty much soured on all HW wallets now.

I dont know why some people lose one basic thing in enginering, not matter if mechanical engineering, civil engineering, electronic systems etc. and this basic principle its.

"the more simple the less chance to fail".

Lets prove this by an easy example.

If you made a car window lifter with two piece, you have TWO piece who can fail, if you made a window lifter with 5 piece, one servomotor, electronic activation, sensors and an app to control them from outside, you now have XXXXX quantity of things/piece who can fail.

Yes i know you added some new and cool features, but talking about security you added a ton of vector of attack and possibilities of fail.

Well, coming all the way back to our BTC and Wallets things the basic principle still the same, if you start adding things you are making in less or more ways more vulnerable the wallet.

In this case with PHRASE IN CLOUD, yes cool you travel all the way down to the antipode of the planet and you dont have your phrase and now thanks to this tecnology you can acces.... ohhh my god. for that new feature you are now 100000000% more vulnerable to cyberattacks not only to you also to the cloud company who holds the phrase. And no matter how good that was made, encryption or not, you added a new vector of attack.

---

So KEEP IT SIMPLE AND SECURE.

We forget one simple thing. This kind of "feature" (heh) is not meant for us who have a certain understanding of (the) technology. This is meant for those who still think that "cloud" is sort of magical thingy on the internet and it's some sort of their happy place. This is meant for those who don't understand that:

https://www.talkimg.com/images/2023/05/21/A13usaonutL._AC_CLa_21402000_71s1vWsGpPL.png_00214020000.00.02140.02000.0_UY1000_3cc46b6242953b57.jpeg
source: amazon.com

No I didn't, but they are not using ST3x models for sure.
There was some speculation from Kraken security team but nobody could identify secure element with 100% accuracy, it's probably some cheap chinses junk chip.

I think it's more stupidity than hunger for money.
We can see the clear pattern here, closed source devices collecting bunch of money and than they need to repay that with stupid cloud services like this.
There is an argument that hardware wallet companies are not earning as much money as smartphone companies, so they wanted to do some kind of subscription model for regular income, so they want to be like Netflix  ::)

Don't be.
I suggest listening to the latest talk between Andreas Antonopoulos and Jameson Lopp (I posted it in different topic), you will hear some good sugesstions.

In the end its always the same,everything have some failures or can fail, so the only you can do its....

don't put your eggs in only one basket

This reduce the loss no matter what happen, i know its a little bit more work, but it can prevent you for more than one headache.

No, I would say don't put anyone eggs in rotten stinky baskets that have bunch of snakes inside.
This would be correct representation for safepal, ledger and other similar closed source devices, so putting ''eggs'' in more bad baskets is not a good thing in this case.
Stay away from safepal basket to keep your eggs safe.

I also initially got caught up in the safepal basket and put some eggs in it.
But as time went on, I never used the Safepal Hardware Wallet again, or very rarely.

The original purpose was not to save, but to follow some airdrops that looked profitable, but over time until now there is no longer an airdrop that is worth it for Hardware Wallet holders.

Another problem is not only that, firmware updates only focus on adding new blockchains and there are no updates about security, the latest features, or others.
So my Safepal Hardware Wallet is stored until it gets dusty and maybe later it will become a treasure.