- Binance CEO CZ highlights the importance of knowledge in self-custody wallets after concerns about vulnerabilities in Libbitcoin’s Bitcoin Explorer.
- Fireblocks uncovers BitForge vulnerabilities in major wallet providers, prompting proactive disclosure and action.
- CZ acknowledges the presence of a vulnerability in Binance’s TSS Library.
In a recent Twitter exchange, Binance CEO Changpeng Zhao, popularly known as CZ, weighed in on the security risks associated with self-custody wallets while reiterating his support for the concept under one crucial condition: users need to understand what they are doing.
CZ’s tweet was prompted by concerns raised by technical writer David A. Harding, who warned users about potential vulnerabilities in wallets generated using Libbitcoin’s Bitcoin Explorer, particularly as described in the appendix to the book “Mastering Bitcoin.”
CZ’s response showcases his stance on self-custody, emphasizing the importance of knowledge and preparedness. While self-custody can offer users greater control over their assets, it’s essential to acknowledge the associated risks.
In another response to Fireblocks’ report exposing vulnerabilities in the security of 15 major wallet providers, CZ has acknowledged the issue, particularly highlighting that the vulnerability was present in the TSS (Threshold Signature Scheme) Library that Binance had previously open-sourced.
CZ expressed gratitude to Fireblocks for bringing the matter to light and reassured Binance users that their funds remained unaffected. This incident underscores the ongoing importance of maintaining strong security measures, even in widely adopted custody solutions.
Fireblocks, renowned for its research in the crypto security space, revealed the discovery of a set of vulnerabilities named “BitForge.” These vulnerabilities, found in certain MPC (Multi-Party Computation) protocols, could potentially allow an attacker to access a private key from a single device, posing a significant security risk to digital asset wallet providers.
In a proactive and responsible move, Fireblocks conducted a responsible disclosure process, informing more than 15 digital asset wallet providers and projects about the discovered vulnerabilities.
While Binance’s TSS Library vulnerability has been fixed, the incident serves as a reminder that even sophisticated custody solutions can face vulnerabilities.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
