Paper 2023/1234

Practical Key-Extraction Attacks in Leading MPC Wallets

Nikolaos Makriyannis, Fireblocks
Oren Yomtov, Fireblocks
Arik Galansky, Fireblocks

Multi-Party Computation (MPC) has become a major tool for protecting hundreds of billions of dollars in cryptocurrency wallets. MPC protocols are currently powering the wallets of Coinbase, Binance, Zengo, BitGo, Fireblocks and many other fintech companies servicing thousands of financial institutions and hundreds of millions of end-user consumers. We present four novel key-extraction attacks on popular MPC signing protocols showing how a single corrupted party may extract the secret in full during the MPC signing process. Our attacks are highly practical (the practicality of the attack depends on the number of signature-generation ceremonies the attacker participates in before extracting the key). Namely, we show key-extraction attacks against different threshold-ECDSA protocols/implementations requiring $10^6$, $256$, $16$, and *one signature*, respectively. In addition, we provide proof-of-concept code that implements our attacks.

Note: New sections on Detection & Mitigation and Responsible Disclosure + Minor edits

Available format(s)
Attacks and cryptanalysis
Publication info
ECDSAMPCThreshold CryptographyDigital SignaturesAttacksKey-Extraction
Contact author(s)
n makriyannis @ gmail com
2024-01-29: revised
2023-08-15: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nikolaos Makriyannis and Oren Yomtov and Arik Galansky},
      title = {Practical Key-Extraction Attacks in Leading MPC Wallets},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1234},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.