{"id":76263,"date":"2023-03-27T17:02:23","date_gmt":"2023-03-27T14:02:23","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=76263"},"modified":"2025-09-10T16:24:27","modified_gmt":"2025-09-10T13:24:27","slug":"verichains-warns-of-vulnerability-in-multisignature-wallets","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/verichains-warns-of-vulnerability-in-multisignature-wallets\/","title":{"rendered":"Verichains warns of vulnerability in multisignature wallets"},"content":{"rendered":"<p>Verichains researchers reported a new vulnerability in wallets that use the <span data-descr=\"multi-party computation\" class=\"old_tooltip\">MPC<\/span> protocol. The company says this in its <a href=\"https:\/\/blog.verichains.io\/p\/vsa-2022-120-multichain-key-extraction\">report<\/a>.<\/p>\n<p>Experts uncovered a critical flaw in the <a href=\"https:\/\/hub.forklog.com\/vvedenie-v-porogovuyu-podpis-tss-i-drugie-kriptograficheskie-primitivy\/\">threshold signature<\/a> (TSS) scheme, which could potentially allow attackers to obtain the private key.<\/p>\n<p>A study conducted since October 2022 found that nearly all multisignature wallets are vulnerable to this vulnerability. According to experts, about $8 billion is stored on them.<\/p>\n<p>The company noted that such a method of hacking leaves no traces, making it difficult to identify the hacker.<\/p>\n<p>Additionally, addresses using the <a href=\"https:\/\/hub.forklog.news\/algoritm-ecdsa\/\"><span data-descr=\"Elliptic Curve Digital Signature Algorithm\" class=\"old_tooltip\">ECDSA<\/span><\/a> algorithm are at risk.<\/p>\n<p>Analysts did not name services potentially vulnerable to attacks. However, Verichains has already warned of the danger &#8216;a number of affiliated providers&#8217;.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cVerichains is firmly committed to responsible disclosure of vulnerabilities. We exercise caution and deliberate steps in disclosing attacks, especially given the broad range of affected projects and user funds at risk,\u201d added Thanh Nguyen, co-founder of the company.<\/p>\n<\/blockquote>\n<p>The company urged crypto platforms to prioritise the implementation of robust security measures and to consult with experts on this matter.<\/p>\n<p>Earlier, Verichains <a href=\"https:\/\/u1f987.com\/en\/news\/verichains-flags-critical-vulnerabilities-in-tendermint-core\">reported<\/a> about several critical vulnerabilities in the widely used consensus-confirmation mechanism based on the <a href=\"https:\/\/ru.wikipedia.org\/wiki\/%D0%90%D0%92%D0%9B-%D0%B4%D0%B5%D1%80%D0%B5%D0%B2%D0%BE\">AVL-tree<\/a> from the Tendermint Core protocol.<\/p>\n<p>Earlier in March, Fireblocks <a href=\"https:\/\/u1f987.com\/en\/news\/fireblocks-reveals-details-of-patched-vulnerability-in-bitgo-wallets\">revealed details of the exploit<\/a> in BitGo&#8217;s wallets.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Verichains researchers reported a new vulnerability in wallets that use the MPC protocol. The company says this in its report.<\/p>\n","protected":false},"author":1,"featured_media":76264,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,57],"class_list":["post-76263","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-wallets"],"aioseo_notices":[],"amp_enabled":true,"views":"18","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/76263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=76263"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/76263\/revisions"}],"predecessor-version":[{"id":76265,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/76263\/revisions\/76265"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/76264"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=76263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=76263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=76263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}