CDS Crypto News Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved
Crypto News

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

A team of researchers from dWallet Labs recently discovered a zero-day vulnerability within Tron's multisig accounts, which enabled attackers to bypass the multisignature mechanism and sign transactions with just a single signature.

807
Researchers Discover Zero-Day Vulnerability In Tron Multisig Accounts, Promptly Resolved

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

A team of researchers from dWallet Labs recently discovered a zero-day vulnerability within Tron’s multisig accounts, which enabled attackers to bypass the multisignature mechanism and sign transactions with just a single signature.

In a detailed technical breakdown, the research team emphasized the potential impact of this vulnerability on Tron multisig accounts, which hold approximately $500 million worth of assets. The vulnerability effectively allowed any signer to completely circumvent the security measures provided by Tron’s multisig feature.

Researchers Discover Zero-Day Vulnerability In Tron Multisig Accounts, Promptly Resolved

Multisignature wallets, as the name suggests, require multiple authorized signers to approve transactions and facilitate fund transfers, enabling the establishment of joint accounts in the crypto space. Each account signer possesses their own unique keys, and a specific threshold of signatures is necessary for transaction approval.

According to the research team, the vulnerability in Tron’s multisig system enables the generation of multiple valid signatures. They explained that Tron’s security mechanism verifies the uniqueness of signatures rather than ensuring the uniqueness of signers. As a result, signers have the potential to “double vote” or sign twice. Omer Sadika, CEO of dWallet Labs, stated that the solution was straightforward: verifying the address instead of relying solely on the number of signatures.

Researchers Discover Zero-Day Vulnerability In Tron Multisig Accounts, Promptly Resolved

The researchers promptly reported the vulnerability to Tron in February, and the issue was swiftly addressed and resolved within a matter of days.

Cointelegraph reached out to Tron for comments but did not receive a response.

In unrelated news, another decentralized finance (DeFi) protocol recently fell victim to an exploit, resulting in a loss of $7.5 million. Blockchain security firm PeckShield reported on May 28 that Jimbos Protocol, which operates on the Arbitrum network, experienced a hack that led to the theft of 4,000 Ether.

Researchers Discover Zero-Day Vulnerability In Tron Multisig Accounts, Promptly Resolved

Related Articles

Sui Blockchain Faces First Major Outage: What Happened and What’s Next

Sui blockchain faces its first major outage—learn what happened, the impact on...

MicroStrategy Stock Reaches New High as Bitcoin Surges Above $98,000

MicroStrategy’s stock surged to a new all-time high as Bitcoin reached $98,000,...

Mysten Labs Resolves Sui Blockchain Outage, dApps Resume Functioning

Mysten Labs Resolves Sui Blockchain Outage, dApps Resume Functioning

Top 3 Cryptos on November 21: Qubetics Soars as Ethereum and Solana Face Resistance

Top 3 Cryptos on November 21: Qubetics Soars as Ethereum and Solana...