We have discovered a private key encryption vulnerability affecting some users of the BitPay and Copay apps' spending password feature. We patched these issues in last week's updates to our wallet apps. However, if you use a spending password to encrypt your private keys, you may need to take additional action to protect your private keys.
The Vulnerability for Spending Password Users
Before version 3.14, the BitPay and Copay apps wrote new wallets' private keys to the device's storage (or disk) at wallet creation. Encrypting a wallet with a spending password would overwrite any unencrypted keys. But writing the unencrypted key to disk before encryption unnecessarily exposed the private key to the device storage, which can be compromised by malware.
This vulnerability only applies to you if you encrypted a wallet with a spending password prior to version 3.14. If you are not using a spending password already, this issue does not affect you.
The new versions of Copay (3.14 or higher) now ensure that private key encryption happens at wallet creation. No unencrypted key is ever stored to disk unless you choose not to set a spending password/encryption. This prevents your private keys from ever being leaked to the device storage.
Security Steps You Can Take
This exposure of keys to device storage does not represent an immediate threat to any users who do not share device access or backups with outside parties. Also, funds stored in multi-signature wallets are at less risk of loss to outside parties, since a multi-signature wallet splits private keys among multiple devices.
However, we recommend that all affected users take some preventative action to protect their funds. All users relying on spending passwords set before version 3.14 should upgrade to version 3.14 or higher of the BitPay or Copay wallets.
Additionally, if you store significant funds in a pre-3.14 BitPay or Copay wallet with a spending password, your private keys have already been written to device storage. For this reason, we recommend that you move your funds to a new wallet with new private keys. Create a new BitPay or Copay wallet (version 3.14 or higher) with a strong spending password enabled from the beginning, then move your funds to the new wallet with a transaction.
How To Take Further Security Measures for Your Wallet's Private Keys
If you store more money in a Bitcoin or Bitcoin Cash wallet than you would be comfortable carrying around in a physical cash wallet, we recommend that you take a couple of additional steps to secure your funds. We recommend these steps for any BitPay and Copay users, not just those affected by this security vulnerability.
Private keys for unencrypted (no spending password) wallets are stored on disk, so they can potentially be accessed by malware. If you do not have a spending password enabled for a significant amount of Bitcoin or Bitcoin Cash, we recommend that you move your funds to a new wallet (version 3.14 or higher) encrypted with a strong spending password. You should also consider creating a multi-signature wallet for additional security for your private keys.
CORRECTION, 1/30/18, 5:40 PM ET: A previous version of this post referenced that users should upgrade to version 3.14 of the "desktop" wallets. The upgrade is necessary for mobile wallet users as well as desktop wallet users, as this vulnerability for spending passwords exists in pre-3.14 BitPay mobile and desktop wallets.