New Delhi: dWallet Labs, a cybersecurity platform, recently made a significant discovery regarding Tron, a popular cryptocurrency. According to reports, the research group found a zero-day vulnerability in Tron’s multisig accounts. This vulnerability allowed an attacker to exploit the multisignature mechanism, enabling them to sign transactions using only a single signature.
dWallet Labs took to Twitter to announce the discovery, stating that their cybersecurity research team, known as “0d,” had identified the vulnerability. They emphasized that over $500 million worth of digital assets were at risk due to this flaw. However, they also assured users that the vulnerability had been disclosed and promptly addressed, mitigating any immediate risks to user assets.
Multisignature wallets are designed to require multiple signers to approve transactions and transfer funds. This functionality enables the creation of joint accounts in the cryptocurrency space. Each signer possesses their own unique set of keys, and specific approval entries are necessary for transaction authorization.
The research team at dWallet Labs elaborated on the exploit, explaining that they were able to bypass the multisig verification process by signing the same message with non-deterministic nonces of their choosing. This method allowed them to generate multiple valid signatures for the same message using the same private key.
Although dWallet Labs shed light on this vulnerability, TRON, the company behind the Tron blockchain, has yet to provide any further comments on the matter, according to media reports.
In conclusion, dWallet Labs discovered a zero-day vulnerability in Tron’s multisig accounts, which posed a significant risk to over $500 million worth of digital assets. The vulnerability allowed attackers to exploit the multisignature mechanism and sign transactions with a single signature. However, dWallet Labs promptly disclosed the issue and assured users that the vulnerability had been fixed, mitigating any immediate risks. TRON has yet to comment on the matter.
