Editor's note: This story has been updated to include comments from BitGo.
The cryptography research team at blockchain infrastructure provider Fireblocks today released the details of a vulnerability in BitGo’s Ethereum wallets that use the firm’s Threshold Signature Scheme (TSS).
The vulnerability first came to light in early December, just over a month after the service was made public.
After confirming the technical details of the vulnerability, BitGo suspended the service on December 10, releasing a patch update in February. The Palo Alto-based firm also required its clients to update to the latest version by March 17.
According to Fireblocks, the vulnerability could have enabled an attacker to extract a full private key using a single signature and a few seconds of computation, bypassing all of BitGo's security features.
Although Fireblocks claimed that it had followed a “coordinated disclosure” process between its research team and BitGo’s security team, BitGo strongly refuted Fireblocks' characterization of events. In a statement provided to Decrypt, BitGo accused Fireblocks of "turning a known gap into a publicity stunt," adding that, "This is not how coordinated disclosures are supposed to work."
BitGo stated that "The specific MPC wallet type in question is in early access and remains in early access, only unlocked for 20 developers." BitGo added that the wallet in question was a "pre-release product" and that Fireblocks had mischaracterized it as being in production, "because they tested it on mainnet using the BitGo website (ignoring all warnings about it being early-release)."
Digital asset custodian and security company BitGo, whose customers include some of the crypto industry's big names, such as Bitstamp, Pantera Capital, and eToro, among others, first introduced TSS wallets in June 2022, with support for Ethereum wallets added in October.
The vulnerability—dubbed BitGo Zero Proof Vulnerability—stemmed from a missing implementation of mandatory Zero-Knowledge Proofs in the BitGo TSS wallet protocol, which uses the Elliptic Curve Digital Signature Algorithm (ECDSA).
The Zero Proof vulnerability was initially discovered in BitGoJS, the SDK that BitGo clients use to interact with the BitGo API. BitGoJS is used for performing signatures on the client side.
Exploiting the vulnerability on the SDK allows an attacker to steal the private key share used by the client, regardless of their key storage methods and security measures.
“Any patch introduced into the library should protect wallets that implement it," Fireblocks head of technology, research and innovation Arik Galansky told Decrypt. "However, it still leaves the concern if anyone has already exploited the vulnerability in the past and extracted the key while it was using a vulnerable library."
“As attacks on the crypto industry continue to accelerate, licensed custodians are entrusted with securing billions of dollars in user funds,” Fireblocks co-founder and CTO Idan Ofrat said in a statement shared with Decrypt. “The vulnerability is a result of the wallet provider failing to follow a well-reviewed cryptographic standard.”
Although wallets generated following the patch should be safe, according to Fireblocks, the keys of any BitGo Ethereum TSS wallet generated prior to the update should be considered potentially exposed. Any funds in those wallets should therefore be considered at risk and immediately moved to a secure wallet.
In a statement, BitGo accused Fireblocks of "a litany of false claims intended to damage BitGo’s reputation, as well as BitGo’s actual and potential commercial relationships," adding that the company is "pursuing all legal remedies, including but not limited to damages, injunctive relief, court costs and attorneys fees."