A flaw in this popular crypto wallet could put your stash at serious risk

(Image credit: Shutterstock / Diego Ioppolo)

A serious security flaw has been identified in crypto wallet Electrum SV, which has caused some users to lose their Bitcoin SV (BSV) funds.

Bitcoin SV is a fork of Bitcoin Cash, designed to improve the speed at which transactions are processed. However, to optimize for speed, BSV watered down some of the technical features in place to ensure coins remain secure in transit.

Namely, BSV did away with the pay-to-script hash (P2SH) feature, used to verify transactions that need to be greenlit by multiple parties (also called multi-signature transactions).

Here's our list of the best bitcoin wallets (opens in new tab) available
Check out our list of the best cloud mining (opens in new tab) services out there
We've built a list of the best crypto mining rigs (opens in new tab) on the market

In its stead, developers of the ElectrumSV wallet (and likely others) introduced a feature called accumulator multi-signature, which is now understood to be highly insecure.

Crypto wallet vulnerability

The threat posed by the accumulator multi-signature system has been acknowledged by ElectrumSV, which is taking steps to prevent users from falling victim to transaction hijacking.

“Please do not change the script type of your wallet, and especially do not change it to accumulator multi-signature,” warned ElectrumSV in a tweet (opens in new tab). “As one of our users unfortunately found out, it is broken and using it will result in the loss of coins.”

The user in question is said to have lost 600 BSV - worth almost $100,000 dollars at current market rates - as a result of an attack that targeted weaknesses linked with accumulator multi-signature.

According to certain knowledgeable parties, the problem would never have reared its head had proper testing procedures been implemented in advance of public release. Others claim Bitcoin SV should not have adopted an alternative system in the first place.

“This situation would have been avoided entirely had BSV not ripped out the competent, time-tested and highly peer-reviewed mechanisms for multisig by Bitcoin in favor of far less efficient home-brew crypto,” wrote (opens in new tab) Gregory Maxwell, a developer at Bitcoin Core.

“Kinda makes you wonder what amazing bugs are lurking in their node software or wallets. I can say for sure: I’m not going to run any of it and risk finding out.”

Here's our list of the best bitcoin exchanges (opens in new tab) around

Via CoinDesk (opens in new tab)

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

See more Computing news

Latest

Hisense’s super-bright 85-inch QLED TV is ready to take on OLED TVs

See more latest ►

Crypto wallet vulnerability

Are you a pro? Subscribe to our newsletter

Most Popular