Paper 2023/1234
Practical Key-Extraction Attacks in Leading MPC Wallets
Abstract
Multi-Party Computation (MPC) has become a major tool for protecting hundreds of billions of dollars in cryptocurrency wallets. MPC protocols are currently powering the wallets of Coinbase, Binance, Zengo, BitGo, Fireblocks and many other fintech companies servicing thousands of financial institutions and hundreds of millions of end-user consumers. We present four novel key-extraction attacks on popular MPC signing protocols showing how a single corrupted party may extract the secret in full during the MPC signing process. Our attacks are highly practical (the practicality of the attack depends on the number of signature-generation ceremonies the attacker participates in before extracting the key). Namely, we show key-extraction attacks against different threshold-ECDSA protocols/implementations requiring $10^6$, $256$, $16$, and *one signature*, respectively. In addition, we provide proof-of-concept code that implements our attacks.
Note: Revised Feb.~26, 2025. Minor Revision.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. Minor revision. ACM CCS 2024
- DOI
- 10.1145/3658644.3670359
- Keywords
- ECDSAMPCThreshold CryptographyDigital SignaturesAttacksKey-Extraction
- Contact author(s)
- n makriyannis @ gmail com
- History
- 2025-02-26: last of 2 revisions
- 2023-08-15: received
- See all versions
- Short URL
- https://ia.cr/2023/1234
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1234,
author = {Nikolaos Makriyannis and Oren Yomtov and Arik Galansky},
title = {Practical Key-Extraction Attacks in Leading {MPC} Wallets},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/1234},
year = {2023},
doi = {10.1145/3658644.3670359},
url = {https://eprint.iacr.org/2023/1234}
}
