CDS Crypto News Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved
Crypto News

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

A team of researchers from dWallet Labs recently discovered a zero-day vulnerability within Tron's multisig accounts, which enabled attackers to bypass the multisignature mechanism and sign transactions with just a single signature.

799
Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

A team of researchers from dWallet Labs recently discovered a zero-day vulnerability within Tron’s multisig accounts, which enabled attackers to bypass the multisignature mechanism and sign transactions with just a single signature.

In a detailed technical breakdown, the research team emphasized the potential impact of this vulnerability on Tron multisig accounts, which hold approximately $500 million worth of assets. The vulnerability effectively allowed any signer to completely circumvent the security measures provided by Tron’s multisig feature.

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

Multisignature wallets, as the name suggests, require multiple authorized signers to approve transactions and facilitate fund transfers, enabling the establishment of joint accounts in the crypto space. Each account signer possesses their own unique keys, and a specific threshold of signatures is necessary for transaction approval.

According to the research team, the vulnerability in Tron’s multisig system enables the generation of multiple valid signatures. They explained that Tron’s security mechanism verifies the uniqueness of signatures rather than ensuring the uniqueness of signers. As a result, signers have the potential to “double vote” or sign twice. Omer Sadika, CEO of dWallet Labs, stated that the solution was straightforward: verifying the address instead of relying solely on the number of signatures.

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

The researchers promptly reported the vulnerability to Tron in February, and the issue was swiftly addressed and resolved within a matter of days.

Cointelegraph reached out to Tron for comments but did not receive a response.

In unrelated news, another decentralized finance (DeFi) protocol recently fell victim to an exploit, resulting in a loss of $7.5 million. Blockchain security firm PeckShield reported on May 28 that Jimbos Protocol, which operates on the Arbitrum network, experienced a hack that led to the theft of 4,000 Ether.

Researchers Discover Zero-Day Vulnerability in Tron Multisig Accounts, Promptly Resolved

Related Articles

A Guide to Technical Analysis for Turkish Investors

For Turkish investors seeking success in the financial markets, technical analysis is...

Bitcoin Price Swings as Mt. Gox Moves $2.2B in BTC

Mt. Gox moves $2.2B in Bitcoin, sparking market volatility as Bitcoin fluctuates...

The Most Popular Cryptocurrencies in Türkiye

Most Popular Cryptocurrencies in Türkiye: Cryptocurrencies have become a rapidly growing investment...