Blockdaemon Blog

BitForge and TSSHOCK Vulnerabilities Do Not Apply to Blockdaemon Institutional Wallet or MPC Offerings

Aug 10, 2023
By:
Frank
Wiener
&
Blockdaemon’s cryptography team has reviewed both the BitForge and TSSHOCK vulnerabilities and confirmed that neither apply to Blockdaemon’s Institutional Wallet or Advanced MPC technology implementations.

Two new vulnerabilities have been identified and publicly disclosed today about certain open source Threshold Signature Schemes used in many MPC wallets.



Blockdaemon’s cryptography and security teams have reviewed both the BitForge and TSSHOCK vulnerabilities and confirmed that neither apply to Blockdaemon’s Institutional Wallet or Advanced MPC technology implementations.

Book a call for your very own demo of Blockdaemon Institutional Wallet™, or read on to get a closer look at what’s new.

Background

The identified vulnerabilities have been associated with specific implementations of GG18, and GG20 algorithms (originating from the Gennaro and Goldfeder paper, defining a protocol that implements homomorphic encryption and zero-knowledge proofs) and the Lindell17 algorithm used in certain hosted wallet services. Blockdaemon does not use these libraries or algorithms in our Advanced MPC technology and a review of our algorithms confirms that none of these vulnerabilities apply to Blockdaemon’s MPC implementations.

About Blockdaemon’s Wallet Family and  MPC Solutions

Blockdaemon’s Institutional Wallet and Builder Vault TSM technology are based on Blockdaemon’s independently reviewed implementations of proprietary and public protocols, developed by our renowned core cryptography team. To date, none of the vulnerabilities publicly disclosed by third parties have applied to Blockdaemon’s MPC implementations.

Comprehensive Third Party Security Audits

Blockdaemon’s Advanced MPC algorithms and libraries, have been under development and refinement since 2014. These algorithms and libraries have gone through multiple exhaustive reviews by highly respected and independent third party security experts, over a period of multiple years. Blockdaemon remains committed to providing the highest quality MPC technologies for security you can trust.

In Conclusion

Blockdaemon is not affected by either of the aforementioned vulnerabilities. Blockdaemon provides non-custodial, institutional grade blockchain infrastructure. All components of our stack and development practices are externally audited and certified ensuring our software is the most secure for enterprises.

Share

Get Started with Blockdaemon Today!

Contact us to learn how we can help you power your blockchain business.
Unparalleled Security & Compliance
Seamless Integration & Scalability
Dedicated Customer Support