Assessment reports>Babylon Genesis Chain>Low findings>Multiple issues when inputting password for the BLS keystore
Category: Coding Mistakes

Multiple issues when inputting password for the BLS keystore

Low Severity
Low Impact
Low Likelihood

Description

When the BLS keystore migration command is used, the caller is prompted to enter a password for the keystore. There are three issues with the current input mechanism:

  1. The user is allowed to pass the password in as a command line parameter, which causes the password to not only be visible in plaintext on the terminal, but also to show up on logs.

  2. If the user does not specify a password, the user is prompted to enter one. In this case, they are only asked to enter the password once, rather than twice, which can cause a typo to render the BLS keystore inaccessible.

  3. Extending from the above case, when the user is asked to input a password, a password-specific prompt is not used, which means that the user's input is echoed back onto the terminal, which again causes the password to be visible on the terminal.

Impact

All of the above issues make it more likely for the password to be leaked to an unauthorized party in one way or another.

Recommendations

Don't allow passwords to be passed in as command line parameters. Instead, always require them to be typed in, and use a password prompt so the inputted password is not echoed back onto the terminal. Additionally, when choosing the password, require the password to be inputted twice in order to prevent typos.

Remediation

This issue has been acknowledged by Babylon Labs, and a fix was implemented in commit 7de1a748. Passwords are no longer prompted for, and providing passwords through a command line parameter is documented as insecure and not for use in production. Providing passwords through environment variables is recommended.

Zellic © 2025Back to top ↑