JunoClaw Wallet Registry Vulnerability Exposing BIP-39 Mnemonic in Tool-Call JSON

A vulnerability in JunoClaw's Cosmos MCP write tools allowed the BIP-39 mnemonic to be passed as a raw string parameter, which was then embedded in the tool-call JSON. This exposure could be intercepted through any transport, log, or telemetry between the LLM provider and the MCP process, potentially leading to unauthorized access to the mnemonic seed. The issue has been addressed by replacing the mnemonic parameter with a 'wallet_id' handle, which is now managed through a secure wallet registry. This registry encrypts the mnemonic and stores it as a 32-byte data-encryption key, accessible only during a single signing session. The vulnerability affected JunoClaw versions prior to 0.3.0.

Impact

The vulnerability allowed for the BIP-39 mnemonic seed to be exposed in plaintext, creating a risk of unauthorized access to the associated cryptocurrency wallet and funds.

Reproduction

To reproduce this vulnerability, use a version of JunoClaw prior to 0.3.0 and call any of the MCP write tools (such as 'send_tokens' or 'upload_wasm') while providing the 'mnemonic' parameter. The mnemonic will be embedded in the tool-call JSON and can be intercepted before it reaches the MCP process.

Remediation

The vulnerability has been fixed in JunoClaw version 0.3.0. Users should update to this version or later.