The bug in Tron's multisig accounts has been since been patched and user assets are no longer at risk.
Security researchers at dWallet Labs, a cybersecurity company specializing in blockchain technology, recently uncovered a critical security flaw in Tron multisig accounts, revealing a zero-day vulnerability that enables an attacker to bypass the multi-signature mechanism and authorize transactions using just a single signature. “This vulnerability impacts over $500M in digital assets that are held in Tron multi-sig accounts,” dWallet Labs’ 0d Team reported on Tuesday.
Tron's Multisignature Wallets
Multisignature wallets, as the name implies, are designed to require multiple signers to authorize transactions and transfer funds. They enable the creation of joint accounts in the cryptocurrency space. In a multisig setup, each signer possesses their own set of cryptographic keys, and transactions can only be approved if a predetermined threshold of signers provides their authorization. This mechanism adds an extra layer of security and reduces the risk of unauthorized access or fraudulent transactions, as it requires the consensus of multiple parties to execute transactions successfully.
According to dWallet Labs’ 0d research team, apparent oversights in TRON's approach to multisignature verification resulted in the verification process failing to verify all the necessary information. Exploiting this vulnerability would have allowed an attacker to “completely overcome” TRON's multisig security entirely, enabling the generation of multiple valid signatures.
The Vulnerability
In a technical breakdown post, the 0d team explained that the vulnerability was rooted in the verification process of multisig transactions in the Tron network. The network relies on the uniqueness of signatures for identical messages from a single entity.
However, due to the deterministic nature of the signature generation process outlined in RFC 6979, an untrustworthy signer can exploit different nonces (random numbers) to produce multiple valid signatures for the same message using the same private key. This flaw effectively allows for the generation of multiple valid signatures, regardless of the designated threshold and number of signers.
“We can bypass the multisig verification process by signing the same message with non-deterministic nonces of our choice. By doing so, we will be able to generate many valid different signatures for the same message by the same private key.” - 0d Team, Wallet Labs
Addressing the critical vulnerability in Tron's multisig system was relatively straightforward, according to researchers. Instead of solely relying on a list of signatures, the system now verifies signatures against a list of addresses. This simple fix was highlighted by Omer Sadika, the CEO of dWallet Labs who also explained that with the deployment of the fix, $500 million is now “secured.”
The 0d research team responsibly disclosed the discovered vulnerability in Tron's multisig system through TRON's bug bounty program on February 19. They reported that TRON swiftly patched the vulnerability within days, and the majority of TRON validators have also implemented the necessary fixes. The researchers emphasized on Twitter that the vulnerability has been resolved, ensuring that no user assets are currently at risk.
TRON, however, has not released an official public statement regarding the matter at this time.