Researchers found that Tron checks signatures rather than verifying the uniqueness of the signers. The oversight creates the possibility for signers to sign twice, leading to potential security issues.
As its name suggests, multisignature wallets require multiple signers defined in an account to approve transactions and move funds, allowing the creation of joint accounts in crypto. Each signer of the account holds their own keys and the account requires a certain threshold for approving transactions.
According to the research team, the vulnerability with Tron’s multisig allows generating many valid signatures. They wrote: “We can bypass the multisig verification process by signing the same message with non-deterministic nonces of our choice. By doing so, we will be able to generate many valid different signatures for the same message by the same private key.”
According to the cybersecurity team, Tron makes sure that the signatures are unique instead of checking if the signers are unique. Because of this, signers can potentially"double vote" or sign twice. Omer Sadika, who works with dWallets, said that the fix was simple — verify the address instead of the number of signatures.The researchers noted that the vulnerability was reported to Tron back in February and was already fixed days after being reported.
Brasil Últimas Notícias, Brasil Manchetes
Similar News:Você também pode ler notícias semelhantes a esta que coletamos de outras fontes de notícias.
‘Fast X’ Vrooms Past $500M Global, ‘Guardians 3’ Gets $730M+ WW Love – International Box OfficeRefresh for latest…: Apart from big new opener The Little Mermaid, which we detailed here, this weekend was notable for propelling Universal’s Fast X past the $500M mark globally, and Disney/…
Consulte Mais informação »
Selena Gomez yells at security guard during Beyoncé’s ‘Renaissance’ tourMany Twitter users believe that the actress “defended her fans” from her security detail, with others claiming she was just angry about “running late.”
Consulte Mais informação »
Oman's Sultan in Iran for talks on diplomatic, security issuesOman’s Sultan Haitham bin Tariq al-Said arrived in Tehran on Sunday for a two-day visit expected to focus on regional diplomatic and security issues, Iranian state media reported, two days after Muscat mediated a prisoner swap between Iran and Belgium.
Consulte Mais informação »
Social Security COLA increase: How much can recipients expect in 2024?In 2023, Social Security beneficiaries saw a record 8.7% boost, the highest increase in four decades. That same level of increase likely won’t be seen in 2024, however.
Consulte Mais informação »
Bitcoin can bring 'cause and consequence into cyberspace', boost security — Michael SaylorSaylor, who has over 3 million Twitter followers, receives about 2,000 fake followers a day. In his opinion, decentralized IDs are the answer to digital trust issues.
Consulte Mais informação »