According to a security researcher, Ben Ma, who works for hardware wallet manufacturer Shift Crypto, found that the Coldcard hardware wallet features a flaw: An attacker could trick a Coldcard user into transferring a true bitcoin transaction when they think they’re sending a “testnet” transaction – or a payment on Bitcoin’s testing network, that isn’t similar to the mainnet.
Both testnet and mainnet bitcoin transactions, though, “have the precise same transaction representation under the hood,” Ma adds within his post disclosing the vulnerability. An attacker, then, could generate a bitcoin mainnet transaction for the hardware wallet but make it appear as if a testnet transaction. The mainnet transaction has presented a sort of a testnet transaction on the user’s wallet, making it difficult for users to acknowledge the error.
Ma discovered the vulnerability after a pseudonymous researcher discovered the so-called “isolation bypass” attack within the French-manufactured Ledger hardware wallet.
Unlike Coldcard, Ledger supports many coins, therefore the bypass attack could work by tricking wallet users into transferring bitcoin once they mean to send Litecoin [LTC] and Bitcoin Cash [BCH], additionally to testnet BTC.