Key Recovery Attacks Discovered in Popular for MPC Wallets 

According to a report by Verichains, over $8 billion worth of digital assets could be at risk following a recently discovered vulnerability in multi-party computing (MPC) protocols. Verichains, a leading blockchain security solutions provider announced that it had discovered critical key recovery attacks in Threshold Signature Scheme (TSS), an MPC-based protocol that enables multi-party signatures on the blockchain without revealing their private keys. 

As blockchains move toward decentralization and enhanced security, convenience is often overlooked. This gave rise to multi-sig wallets that offer convenience while maintaining the standard of security and decentralization. As such, many top financial institutions and custodial wallet services have implemented MPC protocols to secure digital assets. Multiparty wallets and digital asset custody solutions such as BNY Mellon (the largest global custodian bank), Revolut (Europe’s largest neo bank), ING, Binance, Fireblocks, and Coinbase have all implemented MPC protocols. 

To ensure the security of funds, these custodial institutions ensure complete decentralization by employing a TSS, a cryptographic protocol that allows a group of parties to generate a signature on a message without revealing their individual secret keys. This way, the funds can be controlled by a distributed set of signers who can cooperate to authorize transactions. 

Recently, many companies are implementing MPC protocols for threshold Elliptic Curve Digital Signature Algorithm (ECDSA), the security verification protocol Bitcoin uses, based on GG18, GG20 and CGGMP21 algorithms. Having researched threshold ECDSA since October 2022, Verichains found that nearly all TSS implementations are vulnerable to key recovery attacks. This means that a single malicious party in 1 or 2 signing ceremonies can extract a full private key, which puts the funds of the other signatories at risk. 

 “The attack leaves no trace and appears innocent to the other parties,” the report states. 

As such, over $8 billion in digital assets in custody are at risk across various wallets, non-custodial key infrastructure, and cross-chain asset management protocols. Notwithstanding, assets stored using the threshold ECDSA that are not on the blockchain could also be vulnerable to hacks. 

Verichains recommended that companies and organisations that use vulnerable ECDSA  prioritize implementing robust security measures” and “seek review from security experts to ensure their platforms’ safety and security”. The blockchain security firm further stated it has informed all relevant parties of the vulnerabilities and will await the solutions to be implemented before releasing the final report. 

“Verichains has a strong commitment to responsible vulnerability disclosure, and we take care and considered steps when disclosing attacks, especially given the wide range of impacted projects and significant user funds at risk,” said Thanh Nguyen, Co-Founder of Verichains and former CPU Security Lead at Intel. 

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.