Since October 2022, Verichains has been conducting extensive research on threshold ECDSA security. Our research has led us to discover new key extraction attacks that affect nearly all implementations of the Threshold Signature Scheme (TSS), including popular open-source TSS libraries, despite having undergone multiple security audits. Verichains plans to release advisories for all the vulnerabilities after they are addressed by vendors. Stay tuned for more updates.
[VSA-2022-120] Multichain: Key Extraction Vulnerability in fastMPC's Secure Multi-Party Client (smpc)
[VSA-2022-120] Multichain: Key Extraction…
[VSA-2022-120] Multichain: Key Extraction Vulnerability in fastMPC's Secure Multi-Party Client (smpc)
Since October 2022, Verichains has been conducting extensive research on threshold ECDSA security. Our research has led us to discover new key extraction attacks that affect nearly all implementations of the Threshold Signature Scheme (TSS), including popular open-source TSS libraries, despite having undergone multiple security audits. Verichains plans to release advisories for all the vulnerabilities after they are addressed by vendors. Stay tuned for more updates.