According to a 9th March press release by Safeheron- a multi-party computation wallet developer- most of the multi-signature wallets could be exploited by StarkEx protocol’s Web3 apps. This vulnerability could affect the MPC wallets that have been in interacting with StarkEx Apps such as dYdX.
According to the same press release obtained by Cointelegraph, the wallet developer has been working with multiple agencies in order to plug this malware. According to the protocol documentation of Safeheron, the wallets of MPC are often utilized by Web3 developers and financial institutions to secure the crypto assets that they have purchased. Quite similar to the usual multi-sig wallet, they also need a bunch of signatures for every transaction. But unlike most of the standard multi-signature wallets, they don’t really require any special smart contracts to be utilized by the blockchain.
Safeheron Has Discovered How Multisignature Wallets Can Be Compromised By StarkEx Apps
Instead, the multi-signature wallets usually work by generating pieces of a smart key- with every piece held by a single signer. As it turns out, the shards also have to be joined together when not in the chain in order to create a signature that will open the wallet. Due to the difference, most of the multi-sig wallets are quite capable of having lower gas fees and can also be blockchain agnostic- according to the documentation.
The wallets of MPC are often considered to be more secure than single-signature wallets since an attacker will not be able to hack them without jeopardizing all the wallets at the same time. But, Safeheron has discovered a new security flaw that comes into play when the multi-sig wallets start interacting with apps made from StarkEx- such as Fireblocks and dYdX.
