A series of critical BitForge vulnerabilities, collectively known as ‘BitForge,’ has been uncovered in widely used cryptographic protocols including GG-18, GG-20, and Lindell 17. These vulnerabilities have a significant impact on popular cryptocurrency wallet providers such as Coinbase, ZenGo, and Binance.
The discovery of these vulnerabilities was made by the Fireblocks Cryptography Research Team in May 2023. The BitForge vulnerabilities enable potential hackers to swiftly steal digital assets from affected wallets without requiring any interaction from users or vendors.
Fireblocks introduced BitForge in their presentation titled “Small Leaks, Billions Of Dollars: Practical Cryptographic Exploits That Undermine Leading Crypto Wallets” at the BlackHat conference. While Coinbase and ZenGo have successfully implemented necessary fixes to address the vulnerabilities, Binance and other similar services remain vulnerable. In response, Fireblocks has developed a status checker tool that can be used to assess the potential risk.
Cryptocurrency security is a major concern, as recent findings shed light on weaknesses in popular protocols. CVE-2023-33241 and CVE-2023-33242, collectively as BitForge vulnerabilities, emerged as particular threats. In this article, we will take a closer look at these shortcomings and their possible consequences.
Exploitable flaw in GG18 and GG20 gateway signature processes (CVE-2023-33241)
The first vulnerability targets the GG18 and GG20 threshold signature systems, labeled CVE-2023-33241. This flaw reveals a surprising vulnerability – extract private keyshards in 16-bit blocks. The root cause is the inability to prove the attacker’s Paillier modulus (N) and the state of the encryption. This lapse allows attackers to steal private blocks as well as the master secret key.
Lindell17 2PC protocol vulnerability (CVE-2023-33242)
CVE-2023-33242 relates to the Lindell17 2PC protocol, which exposes another important vulnerability. Attackers can use malware from wallets to extract private keys. The attack scenario manifests itself in two variations: in the first case, the attacker manipulates the client to encrypt the server’s private key bits by executing commands and in the second case in which the attacker compromises the server and carefully crafts messages to extract the client’s private key. Both methods require about 256 attempts, highlighting the complexity of the attack.
Evidence of discretion and responsibility
To highlight the severity of these vulnerabilities, Fireblocks released a proof of concept (PoC) implementation on GitHub. Vulnerabilities in the affected protocols have now been exposed, underscoring the urgency of the task. Notably, Coinbase has taken the lead in addressing these vulnerabilities. The vulnerabilities underscore the necessity of robust cryptographic measures to ensure the integrity of digital assets.