SlowMist has identified a critical security flaw in a widely-used encryption library, which could allow hackers to reverse engineer private keys in applications that depend on it.
Blockchain security firm SlowMist has flagged a critical security vulnerability in the JavaScript elliptic encryption library, commonly utilized in crypto wallets (including MetaMask, Trust Wallet, Ledger, and Trezor), identity authentication systems, and Web3 applications. Specifically, flagged vulnerability allows attackers to extract private keys by manipulating specific inputs during a single signature operation, which could give them full control over a victim’s digital assets or identity credentials.
The typical Elliptic Curve Digital Signature Algorithm process requires several parameters to generate a digital signature: the message, the private key, and a unique random number (k). The message is hashed and then signed using the private key. As for the random value k, it’s needed to make sure that even if the same message is signed multiple times, each signature is different—similar to how a stamp requires fresh ink for each use. The specific vulnerability identified by SlowMist occurs when k is mistakenly reused for different messages. If k is reused, attackers can exploit this vulnerability, which can allow them to reverse engineer the private key.
Similar vulnerabilities in ECDSA have led to security breaches in the past. For example, in July 2021, the Anyswap protocol was compromised when attackers took advantage of weak ECDSA signatures. They used the vulnerability to forge signatures, allowing them to withdraw funds from the Anyswap protocol, resulting in a loss of around $8 million.
