Business News Report Technology
August 10, 2023

Fireblocks Uncovers Vulnerabilities Present in Major Wallet Providers

Fireblocks Uncovers Vulnerabilities Present in Major Wallet Providers

Enterprise crypto management platform Fireblocks has announced that it has uncovered the so-called “BitForge,” a series of zero-day vulnerabilities present in some of the most widely adopted secure multi-party computation (MPC) protocols.

Numerous organizations and retail consumers all over the world trust and rely on multi-party computation as the industry standard for wallet security. The Fireblocks research team has examined dozens of publicly accessible MPC protocols and wallet providers to promote MPC security.

According to the announcement published on X on August 9, the company’s researchers have uncovered vulnerabilities in over fifteen major wallet providers. These vulnerabilities allow attackers to retrieve a private key from a single device. 

Among the vulnerable implementations of MPC protocols are GG-18, GG-20, and Lindell 17. The Lindell 17 vulnerability is a result of implementations processing failed signatures incorrectly and departing from the academic paper’s requirements. After around 200 signature requests, the vulnerability enables an attacker to steal the key by taking advantage of the wallet provider or user who completes the signing procedure. The GG-18 and GG-20 protocols were updated in 2020 to fix a vulnerability. However, these changes introduced a new vulnerability. The way a wallet provider implements these protocols determines how serious the vulnerability is. For instance, some implementations only need 16 signatures to retrieve the key, while others may need as many as one billion.

According to Fireblocks’ announcement, attacks can only last a few seconds in certain implementations without the user or vendor being aware of them.

Businesses should contact their providers and visit the BitForge Status Checker for additional information. As of the time of writing, Coinbase, Binance, and Zengo are secure. The other 12 companies are still at risk. Notably, the MPC-CMP and MPC-CMPGG protocols implemented by Fireblocks are unaffected, and the company’s clients’ funds remain secure. 

Read more:

Disclaimer

Any data, text, or other content on this page is provided as general market information and not as investment advice. Past performance is not necessarily an indicator of future results.


The Trust Project is a worldwide group of news organizations working to establish transparency standards.

Valeria is a reporter for Metaverse Post. She focuses on fundraises, AI, metaverse, digital fashion, NFTs, and everything web3-related.Valeria has a Master’s degree in Public Communications and is getting her second Major in International Business Management. She dedicates her free time to photography and fashion styling. At the age of 13, Valeria created her first fashion-focused blog, which developed her passion for journalism and style. She is based in northern Italy and often works remotely from different European cities.You can contact her at [email protected]

More articles
Valeria Goncharenko
Valeria Goncharenko

Valeria is a reporter for Metaverse Post. She focuses on fundraises, AI, metaverse, digital fashion, NFTs, and everything web3-related.Valeria has a Master’s degree in Public Communications and is getting her second Major in International Business Management. She dedicates her free time to photography and fashion styling. At the age of 13, Valeria created her first fashion-focused blog, which developed her passion for journalism and style. She is based in northern Italy and often works remotely from different European cities.You can contact her at [email protected]

Hot Stories
Join Our Newsletter.
Latest News

20 Most Underrated AI Startups in 2023: Ranked by Funding

AI remains a constant focal point for investors and entrepreneurs alike. While the spotlight often falls on ...

Know More

Ranked: Top 10 Countries by Estimated AI Contribution to Economy by 2030

AI stands at the cusp of a transformative era, poised to reshape virtually every sector and ignite ...

Know More
Join Our Innovative Tech Community

Read More

Read more
Farmville Creator Raises $33M Funding to Develop Blockchain Games
Business News Report
Farmville Creator Raises $33M Funding to Develop Blockchain Games
September 21, 2023
Chainlink Integrates with Arbitrum for Web3 Interoperability and Cross-Chain DApp Development
Business News Report
Chainlink Integrates with Arbitrum for Web3 Interoperability and Cross-Chain DApp Development
September 21, 2023
Microsoft to Launch 365 Copilot AI in November, Adds DALL-E 3 to Bing Chat
News Report Technology
Microsoft to Launch 365 Copilot AI in November, Adds DALL-E 3 to Bing Chat
September 21, 2023
Mesh Raises $22M in Series A to Bolster its Embedded Crypto Platform
Business News Report
Mesh Raises $22M in Series A to Bolster its Embedded Crypto Platform
September 21, 2023
What You
Need to Know

Subscribe To Our Newsletter.
Daily search marketing tidbits for savvy pros.