Jade Security Disclosure

Following up on our Jade safety announcement, and in accordance with trade disclosure requirements following exhaustive investigation, beneath we give extra context on the reported safety challenge, our response to being notified by DARKNAVY, and knowledge for our customers on tips on how to improve and keep protected.

The safety of our customers’ information is of the utmost significance to us. We try to be fully clear and open in our dealings, and on this spirit we embrace lots of info on this disclosure. We urge all customers to evaluate the How To Upgrade part beneath for particulars on upgrading and staying protected.

Security disclosures can appeal to makes an attempt by unhealthy actors to confuse customers or impersonate reliable help channels. With this in thoughts, Please notice the next:

• The solely reliable help for Blockstream merchandise is offered by way of https://help.blockstream.com/.
• Blockstream won’t ever ask you to share any non-public information together with your restoration phrase, PIN, or user-identifiable info.
• If you’re doubtful about whether or not a message or hyperlink is real, please contact us.
• If you obtain a suspicious e mail, message or contact deal with, or have issues about safety with any of our merchandise, please e mail security@blockstream.com or DM our Support team on X.

If you solely use the official Blockstream app on a malware-free system, then your Jade isn’t at instant threat of exploitation from the recognized vulnerability. Additionally, in case you solely use QR mode, then you aren’t in danger. Note that in each instances, we nonetheless advocate that you simply improve as quickly as doable.

Timeline and Background

In early August, we have been contacted by DARKNAVY (@DarkNavyOrg), an impartial safety analysis and consulting group, searching for clarification on the Jade safety reporting coverage and saying that that they had discovered a extreme vulnerability that they wished to responsibly open up to us. After clarifying our insurance policies and communication channels, we acquired a complete report detailing their findings in early October.

We confirmed the report’s validity with DARKNAVY inside 24 hours, carried out a repair for the problem reported, and started an inside audit to make sure that there have been no comparable points elsewhere within the Jade supply code. In parallel, we adjusted our launch schedule to permit for inside testing of the mounted firmware, and set about finalizing the subsequent launch. We additionally searched our help, reported points, and inside data to confirm that the vulnerability was not being actively exploited. This revealed no additional points and no signal that an exploit had been launched or was getting used. At the identical time, we prioritized a number of initiatives to additional enhance detection and stop exploitation of such points going ahead.

We launched model 1.0.37 with the repair on Nov thirteenth, three weeks after receiving the DARKNAVY report. We then started capturing anonymized firmware obtain counts with the intention to estimate the uptake of the mounted model. One week later, we launched model 1.0.38 to allow anti-rollback safety, making certain that upgraded units stay completely safe. With the 1.0.38 launch, we additionally made a basic safety announcement, encouraging our customers to rapidly improve.

During our communication, DARKNAVY additionally reported different points regarding how the Blockstream pockets app interacts with Jade units. We verified their findings, audited the app code, and launched mounted variations inside every week of those reviews. We audited and utilized comparable fixes to our net flashing software, and up to date the net firmware model to include the repair.

DARKNAVY observe a 90 + 30 accountable disclosure mannequin. From the time a safety challenge is reported, the affected challenge has 90 days to develop, check, and launch a repair. After a repair is made out there, technical particulars observe an extra 30-day interval.

Blockstream helps DARKNAVY’s strategy and use of established accountable disclosure practices for well timed challenge decision and prioritization of consumer security. This coverage is designed to permit applicable remediation earlier than public disclosure and to make sure customers obtain clear, actionable steering for sustaining safety.

We want to publicly thank DARKNAVY once more for his or her accountable and moral reporting of the vulnerability to us, along with offering a complete evaluation of the potential impression and suggesting a repair.

Technical Details and Scope

In Jade firmware model 1.0.24, the power to register a descriptor was added to the firmware by way of the CBOR RPC interface. The vulnerability lies within the processing of the CBOR message handed to the “register_descriptor” RPC. Due to a lacking examine on the scale of the descriptor parameter information handed by the caller, it’s doable to overwrite the method stack with attacker-controlled information, resulting in a tool crash or restricted code execution as detailed beneath.

The weak code can solely be reached on an initialized and unlocked system, the place the system was unlocked utilizing the identical interface that the RPC is known as on. This means a USB-connected system is barely weak to USB-RPC calls, and a Bluetooth related system is barely weak to Bluetooth RPC calls. A tool that has been quickly unlocked is barely weak on the interface that was chosen when it’s unlocked; QR mode isn’t weak because it doesn’t expose an RPC interface in any respect.

The WebUSB API permits net purposes to speak by way of USB and is the premise for the Jade Web Flashing Tool. This implies that net purposes which are granted the power to speak to a Jade system can invoke the “register_descriptor” RPC. Users ought to take additional care that they solely improve their units utilizing the official flashing directions at https://jadefw.blockstream.com/upgrade/fwupgrade.html.

Jade units operating firmware model 1.0.24 to 1.0.36 might be crashed by a malformed RPC request, resulting in a tool reboot. Jade units include stack safety code that makes an attempt to forestall overwriting of the stack, and triggering this code will trigger the system to reboot.

On firmware variations 1.0.24 to 1.0.35, a classy attacker can probably assemble an RPC request that bypasses Jade’s stack safety, resulting in restricted code execution. Version 1.0.36 isn’t but recognized to be weak, however this can’t be dominated out.

If an attacker is ready to execute a malicious request, they might change the operating software program till system reboot. Additionally, they might probably learn and write the system’s inside storage and ship RPC messages to the host system. This implies that the severity of any future exploit primarily based on this vulnerability ranges from griefing the consumer by destroying saved information, to probably extracting the consumer’s secret key and returning it by way of RPC reply message within the worst case situation.

Versions 1.0.23 and prior, in addition to variations 1.0.37 and onward are proof against any try to use the “register_descriptor” RPC. Version 1.0.38 moreover disallows downgrading the put in firmware to any affected model. To make sure that your system is safe and can’t be downgraded to change into weak, we advocate that you simply improve to firmware model 1.0.38 instantly by following the directions offered within the How To Upgrade part beneath.

Note that it’s not doable for exploitation of this challenge to completely change the software program operating on the system or to put in non-official software program that may execute following system reboot.

We will replace this announcement with a hyperlink to the total DARKNAVY disclosure as soon as revealed.

Exploitation Analysis

We want to emphasize that we’re not conscious of this vulnerability being exploited by any malware within the wild. However, as with every different security-sensitive software program, we anticipate that unhealthy actors monitor our releases on the lookout for vulnerabilities and trying to develop exploits towards older software program variations.

If you consider you’ve got found malware that makes an attempt to use this vulnerability, please contact our safety reporting workforce at security@blockstream.com instantly. If you consider your system has been exploited, please reach out to our support desk.

An exploit associated to this vulnerability should be initiated by malware on the host system speaking with Jade (i.e. your cell system or pc). This may probably take the type of pretend pockets purposes or an exterior malware package deal put in with another untrusted software program, or by a safety bypass in your working atmosphere. 

Web pages utilizing the WebUSB API can discuss to Jade units if permission is given by the consumer. Given that unsophisticated customers could also be tricked into visiting malicious net pages, Blockstream doesn’t advocate utilizing Jade with any net wallets.

Malware that needs to use an affected Jade faces a number of hurdles:

• The firmware software program for every Jade system sort (Original Jade, Jade 1.1, and Jade Plus) requires device-specific code to completely exploit the vulnerability.
• Each firmware is available in two configurations: Standard or No-radio (i.e. with out Bluetooth help).
• Each firmware revision for every system and configuration (from 1.0.24 to 1.0.36) will usually require a barely totally different payload be developed to efficiently carry out an exploit.
• The Jade could also be related by both USB serial or Bluetooth; a generic exploit should deal with each instances.
• Increasing the severity of the exploit (from crashing the system to exfiltrating secret information) requires a high stage of ability and chaining collectively a number of superior strategies, equivalent to partially reversing the compiled firmware to search out the places of code which might be repurposed for an assault.
• The variety of exploitable units (and due to this fact the potential of any exploit to reward an attacker) is reducing quickly as customers replace their units to non-vulnerable variations.

As with any broadly used security-sensitive system, we assume motivated attackers will try to focus on older software program variations over time. We will proceed to watch the state of affairs and urge customers to improve; at the moment we’re inspired by the high variety of customers downloading unaffected firmware variations. We will proceed to inform customers by way of official channels, together with social media and our mailing checklist, to bolster the significance of staying up-to-date.

Actions We Are Taking

We have employed a brand new Jade firmware developer and might be onboarding one other developer in Q1 of 2026. This effort has allowed us to enhance our inside code evaluate course of. We have additionally elevated staffing in supporting groups to permit the event workforce to focus completely on improvement and safety.

New Jade manufacturing runs might be flashed with the newest model of firmware.  For current stock, we’re taking motion to make sure that all system packaging incorporates reminders to improve firmware in the course of the setup course of, and standardizing communication all through all out there channels: product pages, social media, and in-app notifications. 

We have audited the Jade supply code for different instances the place an RPC could also be affected. This course of is ongoing and its scope has been expanded to incorporate figuring out alternatives for additional hardening the firmware. For instance, we’re at the moment testing elevated stack protections within the improvement system firmware builds.After opening the Blockstream app, it is going to immediate you to replace your Jade to 1.0.38 upon connecting it. Upgrading will quickly change into necessary to entry pockets administration performance.

We are actively investigating choices for an impartial, third-party public safety audit of the Jade supply code. Users can anticipate an announcement on this as soon as finalized.

In order to enhance our evaluation and testing capabilities throughout improvement cycles, we’ve introduced ahead an on-going inside challenge referred to as “libjade”, which is now merged into our public supply code repository. libjade is a work-in-progress which permits constructing and operating the Jade firmware as a local software program library. With libjade, we’ve been capable of tremendously enhance our check protection and run the newest reminiscence security, static evaluation, and benchmarking instruments towards the firmware instantly. We intend to make use of libjade to tremendously enhance our fuzz testing because it permits assessments to run tons of of instances quicker than actual {hardware} or emulation.

We are additionally enterprise an additional inside audit of all software program that interacts with Jades, such because the Blockstream app and the firmware flashing software.

We are persevering with to look into new methods to maintain our customers protected, and welcome your strategies and contributions for rising the standard and safety of our software program. If you’ve got suggestions or want to contribute to Jade improvement, be at liberty to affix us on our public repository at https://github.com/Blockstream/Jade.

How To Upgrade

The finest protection towards any assault is to all the time maintain your software program up-to-date. This consists of your companion app (e.g. the Blockstream app), your net browser, and your working system, along with the Jade firmware.

It is necessary that you simply improve your companion app to the newest out there model. Apps which help Jade OTA updates will give you the newest model of the firmware to replace with.

You can safely improve Jade utilizing your companion app, or any technique you favor in accordance with our instructions, in case you fall into any of the next classes:

• Your Jade is uninitialized or has been manufacturing facility reset.
• You have solely used your Jade in QR mode.
• Your Jade is operating firmware model 1.0.36 or later.
• You are sure that the system you’re upgrading from is freed from malware.

For Jade Plus units, performing a USB improve by way of JadeHyperlink or suitable USB drive is protected. Follow these instructions.

Otherwise, in case you are involved that your host system (cell system or pc) could also be compromised, it is best to:

• Ensure that your Jade’s restoration phrase is backed up appropriately.
• Factory reset your Jade to erase all information from the system.

Following the above two steps, it’s now protected to attach your Jade to any host system.

Upgrade Jade utilizing your companion app or any technique you favor in accordance with our instructions. Your Jade is protected as soon as the replace completes and the system reboots. Ensure that the model displayed is 1.0.38 or later.

If you consider that your host system is compromised, it is best to reinstall or change it earlier than utilizing Jade or any Bitcoin software program with the system.

As an alternative choice to resetting your Jade, you need to use a assured clear system (e.g. a freshly put in laptop computer from signed set up media) to carry out the improve utilizing the hyperlinks above.

If you encounter any issues, please reach out to our support desk for steering.

Summary

• Affected variations: Jade firmware 1.0.24 by way of 1.0.36
• Unaffected variations:  0.1.21 to 1.0.23, 1.0.37 and later
• Risk standing: No proof of exploitation within the wild
• User motion required: Upgrade to firmware model 1.0.38 or later
• Funds in danger: No confirmed lack of consumer funds associated to this challenge

Security is paramount to all that we do at Blockstream. Beyond the measures described on this disclosure, we’re all the time on the lookout for methods to enhance our customers’ safety.

If you’ve got questions or issues relating to our safety practices, be at liberty to contact us.

To report safety points, please e mail security@blockstream.com.

For press inquiries, attain out to press@blockstream.com.