Vulnerability Description
Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on the Beta parameters chosen in the protocol implementation, the attack might require 16 signatures or more fully exfiltrate the other parties' private key shares.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gg18 Project | Gg18 | - |
| Gg20 Project | Gg20 | - |
Related Weaknesses (CWE)
References
- https://eprint.iacr.org/2019/114.pdfExploitThird Party Advisory
- https://eprint.iacr.org/2020/540.pdfExploitThird Party Advisory
- https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23Exploit
- https://github.com/fireblocks-labs/safeheron-gg20-exploit-pocExploit
- https://www.fireblocks.com/blog/gg18-and-gg20-paillier-key-vulnerability-technicThird Party Advisory
- https://eprint.iacr.org/2019/114.pdfExploitThird Party Advisory
- https://eprint.iacr.org/2020/540.pdfExploitThird Party Advisory
- https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23Exploit
- https://github.com/fireblocks-labs/safeheron-gg20-exploit-pocExploit
- https://www.fireblocks.com/blog/gg18-and-gg20-paillier-key-vulnerability-technicThird Party Advisory
FAQ
What is CVE-2023-33241?
CVE-2023-33241 is a vulnerability with a CVSS score of 9.6 (CRITICAL). Crypto wallets implementing the GG18 or GG20 TSS protocol might allow an attacker to extract a full ECDSA private key by injecting a malicious pallier key and cheating in the range proof. Depending on...
How severe is CVE-2023-33241?
CVE-2023-33241 has been rated CRITICAL with a CVSS base score of 9.6/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-33241?
Check the references section above for vendor advisories and patch information. Affected products include: Gg18 Project Gg18, Gg20 Project Gg20.