Business News Report Technology
August 10, 2023

Fireblocks Uncovers Vulnerabilities Present in Major Wallet Providers

In Brief

Fireblocks has announced that it has uncovered the so-called “BitForge,” a series of zero-day vulnerabilities present in some of the most widely adopted secure multi-party computation (MPC) protocols.

Businesses should contact their providers and visit the BitForge Status Checker for additional information. As of the time of writing, Coinbase, Binance, and Zengo are secure. The other 12 companies are still at risk.

Enterprise crypto management platform Fireblocks has announced that it has uncovered the so-called “BitForge,” a series of zero-day vulnerabilities present in some of the most widely adopted secure multi-party computation (MPC) protocols.

Fireblocks Uncovers Vulnerabilities Present in Major Wallet Providers

Numerous organizations and retail consumers all over the world trust and rely on multi-party computation as the industry standard for wallet security. The Fireblocks research team has examined dozens of publicly accessible MPC protocols and wallet providers to promote MPC security.

According to the announcement published on X on August 9, the company’s researchers have uncovered vulnerabilities in over fifteen major wallet providers. These vulnerabilities allow attackers to retrieve a private key from a single device. 

Among the vulnerable implementations of MPC protocols are GG-18, GG-20, and Lindell 17. The Lindell 17 vulnerability is a result of implementations processing failed signatures incorrectly and departing from the academic paper’s requirements. After around 200 signature requests, the vulnerability enables an attacker to steal the key by taking advantage of the wallet provider or user who completes the signing procedure. The GG-18 and GG-20 protocols were updated in 2020 to fix a vulnerability. However, these changes introduced a new vulnerability. The way a wallet provider implements these protocols determines how serious the vulnerability is. For instance, some implementations only need 16 signatures to retrieve the key, while others may need as many as one billion.

According to Fireblocks’ announcement, attacks can only last a few seconds in certain implementations without the user or vendor being aware of them.

Businesses should contact their providers and visit the BitForge Status Checker for additional information. As of the time of writing, Coinbase, Binance, and Zengo are secure. The other 12 companies are still at risk. Notably, the MPC-CMP and MPC-CMPGG protocols implemented by Fireblocks are unaffected, and the company’s clients’ funds remain secure. 

Read more:

Disclaimer

In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.

About The Author

Valeria is a reporter for Metaverse Post. She focuses on fundraises, AI, metaverse, digital fashion, NFTs, and everything web3-related. Valeria has a Master’s degree in Public Communications and is getting her second Major in International Business Management. She dedicates her free time to photography and fashion styling. At the age of 13, Valeria created her first fashion-focused blog, which developed her passion for journalism and style. She is based in northern Italy and often works remotely from different European cities. You can contact her at [email protected]

More articles
Valeria Goncharenko
Valeria Goncharenko

Valeria is a reporter for Metaverse Post. She focuses on fundraises, AI, metaverse, digital fashion, NFTs, and everything web3-related. Valeria has a Master’s degree in Public Communications and is getting her second Major in International Business Management. She dedicates her free time to photography and fashion styling. At the age of 13, Valeria created her first fashion-focused blog, which developed her passion for journalism and style. She is based in northern Italy and often works remotely from different European cities. You can contact her at [email protected]

Hot Stories
Join Our Newsletter.
Latest News

The Calm Before The Solana Storm: What Charts, Whales, And On-Chain Signals Are Saying Now

Solana has demonstrated strong performance, driven by increasing adoption, institutional interest, and key partnerships, while facing potential ...

Know More

Crypto In April 2025: Key Trends, Shifts, And What Comes Next

In April 2025, the crypto space focused on strengthening core infrastructure, with Ethereum preparing for the Pectra ...

Know More
Read More
Read more
May 2025 in Blockchain: Key Updates and What’s Coming Next
Digest Business Markets Technology
May 2025 in Blockchain: Key Updates and What’s Coming Next
May 30, 2025
May 2025 in Crypto: Projects That Mattered Across Blockchains
Digest Business Markets Technology
May 2025 in Crypto: Projects That Mattered Across Blockchains
May 30, 2025
Crypto Partnerships Power Up: Coinbase, Binance & Bitget Lead the Charge
Digest Business Markets Technology
Crypto Partnerships Power Up: Coinbase, Binance & Bitget Lead the Charge
May 30, 2025
The Next Wave of Crypto: An Exclusive Podcast with Yat Siu
Hack Seasons Interview Business Markets Technology
The Next Wave of Crypto: An Exclusive Podcast with Yat Siu
May 30, 2025