Follow us on telegram

News

Magazine

Currencies

AML

For users

​Experts discover a $500 million vulnerability in the TRON blockchain

The threat discovered in February has now been eliminated

​Experts discover a $500 million vulnerability in the TRON blockchain

30.05.2023 - 15:55

601

2 min

A research team at dWallet Labs has discovered a zero-day vulnerability in Tron multisig accounts, allowing an attacker to bypass the multisignature mechanism and sign transactions with a single signature.

In a technical breakdown post, the research team said the vulnerability could have impacted $500 million in assets held in Tron multisig accounts. This is because it allows any signer to “completely overcome the multisig security offered by TRON.”

As its name suggests, multisignature wallets require multiple signers defined in an account to approve transactions and move funds, allowing the creation of joint accounts in crypto. Each account signer holds their own keys and the account requires a certain threshold for approving transactions.

According to the research team, the vulnerability with Tron’s multisig allows for generating many valid signatures. They wrote:

“We can bypass the multisig verification process by signing the same message with non-deterministic nonces of our choice. By doing so, we will be able to generate many valid different signatures for the same message by the same private key.”

According to the cybersecurity team, Tron ensures the signatures are unique instead of checking if the signers are unique. Because of this, signers can potentially “double vote” or sign twice. Omer Sadika, the CEO of dWallet Labs, said the fix was simple: verify the address instead of the number of signatures.

Sadika discussed the vulnerability in a thread. Source: Twitter

The researchers noted that the vulnerability was reported to Tron in February and fixed days after.

Cointelegraph reached out to Tron for comments but did not receive a response.

In other news, another decentralized finance protocol recently suffered a $7.5 million exploit. On May 28, blockchain security firm PeckShield reported that Arbitrum-based Jimbos Protocol was hacked, resulting in the loss of 4,000 Ether ETH $1,901.

This material is taken from the website https://cointelegraph.com.

Author:

Editorial GetBlock Magazine Editorial GetBlock Magazine

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy

Telegram Newsletter Twitter

Incidents
El Salvador’s authorities have stripped bitcoin of its legal tender status

This status has been maintained for the first cryptocurrency since September 2021 but was canceled due to pressure from the IMF

Feb 3, 2025

Market
Tether will deploy USDT on the Bitcoin and Lightning Networks

The Taproot Assets network will be used for the integration

Jan 31, 2025

Market
GMCI launches index to track US-created cryptocurrencies

The index has grown by more than 535% over the entire period

Jan 30, 2025

Trends
CoinGecko aggregator launches a page to track the capitalization of cryptocurrencies created in the United States

As of January 21, the capitalization of this sector of the crypto market exceeds $519 billion

Jan 21, 2025

Market
Hyperliquid exchange reports reaching a record daily trading volume of $21 billion

The platform generated $9,5 million in revenue during the same time

Jan 20, 2025

Market
Grayscale has opened an XRP-based trust for accredited investors

Shares of the Trust are designed to track the market price of XRP with fewer fees and expenses

Jan 17, 2025

Cryptocurrency rates

  • Bitcoin

    Bitcoin

    $98 921

    BTC

    -0.96%

  • Ethereum

    Ethereum

    $2 811.06

    ETH

    -0.46%

  • Ripple

    Ripple

    $2.54

    XRP

    -4.29%

  • BNB Smart Chain

    BNB Smart Chain

    $579.4

    BSC

    +1.23%

  • Dogecoin

    Dogecoin

    $0.267115

    DOGE

    -1.87%

  • Cardano

    Cardano

    $0.773849

    ADA

    +0.69%

  • Stellar XLM

    Stellar XLM

    $0.343106

    XLM

    -2.97%

  • Litecoin

    Litecoin

    $107.75

    LTC

    +3.11%

  • Polkadot

    Polkadot

    $4.85

    DOT

    -0.31%

  • Bitcoin Cash

    Bitcoin Cash

    $337.43

    BCH

    +0.02%

News

Feb 5, 2025

Crypto task force within the SEC will develop new rules for the industry

Feb 5, 2025

Shiba Inu team announces a partnership with the UAE Ministry of Energy

Feb 4, 2025

WazirX has called on creditors to approve a restructuring plan to receive payouts in April

Feb 4, 2025

SkyBridge CEO predicts the development of a crypto regulation law in the United States by November

Feb 4, 2025

CFTC will verify the legality of sports betting on the crypto exchange Crypto. com

Feb 4, 2025

TD Cowen: US banks will continue to restrict cryptocurrency activity without clear AML rules

Feb 3, 2025

Binance Pay announces expansion in Europe through integration with xMoney

New in the knowledge base

Basics

Monero: Behind the scenes of anonymity. How does the new generation cryptocurrency work?

Dec 18, 2024

Basics

PancakeSwap: How it works, features and ways to make money on the popular DEX exchange

Dec 12, 2024

Basics

Sei: the fastest Layer 1 blockchain ever

Nov 26, 2024

Basics

What is DePIN in cryptocurrencies?

Nov 6, 2024

Basics

What is Celestia? The first modular blockchain in the crypto industry

Oct 17, 2024

GetBlock.net — your guide in the world of crypto

For all questions, please contact [email protected]