Conference:  Defcon 31

Authors: Nikolaos Makriyannis Cryptography Research Lead at Fireblocks, Oren Yomtov Blockchain Research Lead at Fireblocks

2023-08-01

Multi-Party Computation (MPC) has become a common cryptographic technique for protecting hundreds of billions of dollars in cryptocurrency wallets. MPC algorithms are currently powering the wallets of Coinbase, Binance, Zengo, BitGo, Fireblocks and many other fintechs/banks servicing hundreds of millions of consumers and thousands of financial institutions. This presentation examines the most common MPC protocols and implementations and shows that securing MPC remains a challenge for most companies. We show practical key-exfiltration attacks requiring no more than a couple of hundred signatures. Namely, we show three different attacks on different protocols/implementations requiring 256, 16, and *one* signature, respectively.