What are the BitForge vulnerabilities?

BitForge vulnerabilities are critical security flaws in widely used cryptographic protocols, such as GG-18, GG-20, and Lindell 17, which impact multi-party computation (MPC) wallets. These vulnerabilities could potentially allow hackers to steal digital assets from affected cryptocurrency wallet providers.

How do the BitForge vulnerabilities work?

The BitForge vulnerabilities target the implementation of cryptographic protocols, enabling attackers to extract private key shards or the entire private key. For example, the CVE-2023-33241 vulnerability affects GG18 and GG20 threshold signature schemes, allowing attackers to obtain private key shards and the master secret key.

Which cryptocurrency wallet providers are affected by BitForge?

Popular cryptocurrency wallet providers, including Coinbase, ZenGo, and Binance, have been impacted by the BitForge vulnerabilities. While some providers have fixed the issues, others remain vulnerable.

What actions have been taken to address BitForge vulnerabilities?

Coinbase and ZenGo swiftly addressed the vulnerabilities after their disclosure. However, other providers, including Binance, are still vulnerable. Researchers have provided proof-of-concept exploits and recommend implementing necessary security measures.

What are the potential consequences of BitForge vulnerabilities?

The severity of the vulnerabilities depends on implementation parameters and attacker resources. With proof-of-concept exploits available, there is a higher risk of exploitation. Hackers could reverse engineer the exploits to carry out malicious attacks.

Advisory

Cryptocurrency flaws called 'BitForge' expose crypto wallets to theft

published: Aug. 9, 2023

Take action: Knowing that your wallet is at risk of theft is not great news. While the vulnerabilities are still not exploited in the wild, it's wise to start checking for an update of the software for your wallet. Or distribute the risk by transferring some of the files to another patched wallet.

Learn More

A series of critical security vulnerabilities in widely used cryptographic protocols, collectively named 'BitForge,' have been discovered by cryptography researchers. The BitForge vulnerabilities specifically target the implementation of cryptographic protocols such as GG-18, GG-20, and Lindell 17. These protocols are fundamental to the concept of multi-party computation (MPC) wallets, which allow multiple parties to generate keys and co-sign transactions collaboratively.

These vulnerabilities have impacted several popular cryptocurrency wallet providers, including Coinbase, ZenGo, Binance, and others. These security flaws could potentially allow hackers to steal digital assets from these wallets with remarkable ease, without requiring any user or vendor interaction.

Researchers unveiled the BitForge vulnerabilities on a presentation at the BlackHat conference. Coinbase and ZenGo acted swiftly to address and rectify the issues within their systems. However, other major wallet providers, notably Binance, and numerous smaller projects remain susceptible to BitForge attacks.

One of the key vulnerabilities identified in the BitForge series is tracked as CVE-2023-33241. This vulnerability affects the GG18 and GG20 threshold signature schemes (TSS), which are crucial for secure MPC wallet implementations. The vulnerability stems from a lack of proper checking on the attacker's Paillier modulus (N) and the encryption status based on factors or biprimes. Exploiting this flaw could allow an attacker to obtain private key shards and eventually the master secret key.
The Lindell17 2PC protocol vulnerability (CVE-2023-33242) follows a similar pattern. This vulnerability enables attackers to extract the entire private key through a mishandling of aborts in the wallet's signing operations. This can occur in either an asymmetric attack by corrupting the client or server. In both scenarios, a series of specially crafted messages or commands can expose parts of the private key, which can then be used to reconstruct the entire secret key.

The severity of these vulnerabilities depends on multiple factors, such as the specific implementation parameters and the resources available to the attacker. Researchers have provided detailed proof-of-concept (PoC) exploits for each of the vulnerabilities. With the vulnerabilities having a PoC, it becomes much more probable that they will be exploited since an attacker can reverse engineer it and work out a malicious implementation.

Cryptocurrency flaws called 'BitForge' expose crypto wallets to theft