Azoundria: Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bittensormaliciouspypiprivatekeyleak.php}} {{Unattributed Sources}} BitTensor Logo/HomepageBittensor offers an open-source, decentralized, artificial intelligence platform. It aims to decentralize economies and commodities, reducing reliance on centralized entities. The Bittensor blockchain experienced a temporary halt following an attack on user wallets, re..."

2024-09-18T21:06:31Z

Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bittensormaliciouspypiprivatekeyleak.php}} {{Unattributed Sources}} thumb|BitTensor Logo/HomepageBittensor offers an open-source, decentralized, artificial intelligence platform. It aims to decentralize economies and commodities, reducing reliance on centralized entities. The Bittensor blockchain experienced a temporary halt following an attack on user wallets, re..."

New page

{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/bittensormaliciouspypiprivatekeyleak.php}}
{{Unattributed Sources}}

[[File:Bittensor.jpg|thumb|BitTensor Logo/Homepage]]Bittensor offers an open-source, decentralized, artificial intelligence platform. It aims to decentralize economies and commodities, reducing reliance on centralized entities. The Bittensor blockchain experienced a temporary halt following an attack on user wallets, resulting in an $8 million loss of TAO tokens from one wallet. This incident caused TAO prices to drop by 15%. The attack, suspected to be due to a private key leak from a corrupt PyPi package, prompted Bittensor to enter "safe mode," halting transactions to prevent further losses. Investigations are ongoing, with the blockchain's security team working to understand the nature of the attack and mitigate future risks.<ref name="rektnews-14566" /><ref name="x-14567" /><ref name="x-14568" /><ref name="investigationstelegram-14557" /><ref name="bittensor-14562" /><ref name="bittensor-14563" /><ref name="bittensordocs-14564" /><ref name="taofinneymedium-14565" /><ref name="x-14569" /><ref name="coindesk-14570" />

== About BitTensor ==
"BitTensor is pioneering the decentralized production of artificial intelligence."

"There is no greater story than people's relentless and dogged endeavor to overcome repressive regimes. Whether we notice it or not, centralized firms, markets and authorities are engaged in a never-ending disempowerment of human people's autonomy. Bittensor is creating a new future for humanity, where new economies and new commodities are decentralized by design and where no single entity is a sole authority."

"Bittensor is an open source platform on which you can produce competitive digital commodities. These digital commodities can be machine intelligence, storage space, compute power, protein folding, financial markets prediction, and many more. You are rewarded in TAO when you produce best digital commodities."

"Each category of the digital commodity is produced in a distinct subnet. Applications are built on these specific subnets. End-users of these applications would be served by these applications.

Subnets, which exist outside the blockchain and are connected to it, are off-chain competitions where only the best producers are rewarded. A subnet consists of off-chain subnet validators who initiate the competition for a specific digital commodity, and off-chain subnet miners who compete and respond by producing the best quality digital commodity.

Scores are assigned to the top subnet miners and subnet validators. The on-chain Yuma Consensus determines the TAO rewards for these top performers. The Bittensor blockchain, called subtensor, runs on decentralized validation nodes, just like any blockchain."

"You can be a consumer of a subnet's digital commodity. Or if you are a subject-matter expert, for example an ML practitioner, then be a subnet miner, produce best predictions for your customer and earn TAO. Or, you can be a subnet validator, find markets, enterprises, small-businesses, application developers or end-users, for these digital products, generate revenue and earn TAO. Or you can just be a subnet owner and create fertile grounds for the growth of your subnet validators and subnet miners and earn TAO."

"As the native token of Bittensor, TAO plays a central role in the network’s economy. As Bittensor’s network grows, the utility of TAO could expand beyond simple transactions to include governance, staking, and access to premium services, which could increase its value and demand."

== The Reality ==
"While blockchain protocols themselves may be secure, the tools developers use to interact with them can become unexpected points of failure."

== What Happened ==
"The path of the TAO led straight to the hacker's wallet, with approximately 32,000 TAO tokens making an unauthorized journey."
{| class="wikitable"
|+Key Event Timeline - BitTensor Malicious PyPi Private Key Leak
!Date
!Event
!Description
|-
|November 30th, 2023 11:21:41 AM MST
|BitTensor Beginner's Guide
|A beginner's guide is published for the BitTensor protocol.
|-
|July 2nd, 2024 1:06:36 PM MDT
|Funds Transfered
|The time of the first theft fund transfers.
|-
|July 2nd, 2024 11:56:00 PM MDT
|CoinDesk Article
|CoinDesk reports on the theft. The attack is suspected to be related to a private key leak, although further details are not yet available at this point.
|}

== Technical Details ==
"The vulnerability affected users who downloaded the Bittensor PyPi package between May 22 and May 29, or used Bittensor==6.12.2, and then performed certain operations like staking, unstaking, transferring, delegating, or undelegating."

"A malicious package, masquerading as a legitimate Bittensor package, snuck its way into PyPi version 6.12.2.

This trojan horse contained code designed to steal unencrypted coldkey details.

When unsuspecting users downloaded this package and decrypted their coldkeys, the decrypted bytecode was sent to a remote server controlled by the attacker."

"The attack on Bittensor's blockchain unfolded with the precision of a well-practiced qigong routine.

Over a mere 3-hour span, the attacker managed to compromise multiple high-value wallets, making off with approximately 32,000 TAO tokens."

== Total Amount Lost ==
"approximately 32,000 TAO tokens."

The total amount lost has been estimated at $8,000,000 USD.

== Immediate Reactions ==
"Bittensor initially announced in their Discord that a number of their wallets were attacked, going on to state that they’re investigating and have halted all on-chain transactions as a precaution."

"The Bittensor team swiftly responded to the situation by immediately halting all network operations, taking decisive action to address the issue at hand.

The network entered "safe mode," allowing blocks to be produced but preventing any transactions from being processed.

This measure was taken to prevent further losses and protect users while a thorough investigation is conducted.

The incident led to a swift 15% decline in the value of the TAO token, demonstrating that in blockchain, as in life, everything flows... including market cap."

"As the Bittensor team scrambled to respond, the crypto community's favorite on-chain sleuth was already on the case."

== Ultimate Outcome ==
"The OTF has taken immediate steps to mitigate the damage:

Removed the malicious 6.12.2 package from the PyPi Package Manager repository.

Conducted a thorough review of Subtensor and Bittensor code on Github.

Worked with exchanges to trace the attacker and potentially salvage funds."

"According to Bittensor’s Telegram, users and stakers are fine. It's just the owners of some validators, subnets and miners that were drained."

"Moving forward, the OTF has promised enhanced package verification, increased outside audit frequency, improved security standards, and increased monitoring moving forward."

== Total Amount Recovered ==
There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

== Ongoing Developments ==
What parts of this case are still remaining to be concluded?
== Individual Prevention Policies ==
{{Prevention:Individuals:Placeholder}}

{{Prevention:Individuals:End}}

== Platform Prevention Policies ==
{{Prevention:Platforms:Placeholder}}

{{Prevention:Platforms:End}}

== Regulatory Prevention Policies ==
{{Prevention:Regulators:Placeholder}}

{{Prevention:Regulators:End}}

== References ==
<references><ref name="rektnews-14566">[https://rekt.news/bittensor-rekt/ Rekt - Bittensor - Rekt] (Accessed Jul 4, 2024)</ref>

<ref name="x-14567">[https://x.taostats.io/account/5FbWTraF7jfBe5EvCmSThum85htcrEsCzwuFjG3PukTUQYot Bittensor (TAO) Blockchain Explorer : Taostats] (Accessed Jul 4, 2024)</ref>

<ref name="x-14568">[https://x.taostats.io/account/5FbWTraF7jfBe5EvCmSThum85htcrEsCzwuFjG3PukTUQYot#transfers Bittensor (TAO) Blockchain Explorer : Taostats] (Accessed Jul 4, 2024)</ref>

<ref name="investigationstelegram-14557">[https://t.me/investigations/138 Telegram: Contact @investigations] (Accessed Jul 4, 2024)</ref>

<ref name="bittensor-14562">[https://bittensor.com/ Bittensor] (Accessed Jul 4, 2024)</ref>

<ref name="bittensor-14563">[https://bittensor.com/explained Bittensor] (Accessed Jul 4, 2024)</ref>

<ref name="bittensordocs-14564">[https://docs.bittensor.com/ Docs Home | Bittensor] (Accessed Jul 4, 2024)</ref>

<ref name="taofinneymedium-14565">[https://medium.com/@taofinney/bittensor-tao-a-beginners-guide-eb9ee8e0d1a4 Bittensor TAO: The Definitive Beginner’s Guide | by Tao Finney | Medium] (Accessed Jul 4, 2024)</ref>

<ref name="x-14569">[https://x.taostats.io/extrinsic/3307809-0015 Bittensor (TAO) Blockchain Explorer : Taostats] (Accessed Jul 4, 2024)</ref>

<ref name="coindesk-14570">[https://www.coindesk.com/tech/2024/07/03/bittensors-tao-slides-15-after-8m-wallet-drain-attack/ Bittensor’s TAO Slides 15% After $8M Wallet Attack] (Accessed Jul 4, 2024)</ref></references>

BitTensor Malicious PyPi Private Key Leak - Revision history