Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Note status of vulnerabilities regarding Threshold Signature Scheme, TSSHOCK and CVE-2023-33241 #4155

Open
pad01g opened this issue Dec 15, 2023 · 0 comments
Open

Note status of vulnerabilities regarding Threshold Signature Scheme, TSSHOCK and CVE-2023-33241 #4155

pad01g opened this issue Dec 15, 2023 · 0 comments

Comments

@pad01g
Copy link

pad01g commented Dec 15, 2023

Feature Description

To evaluate security of this library (sdk-lib-mpc), I'd like to know official announcement of dev team regarding two disclosed vulnerabilities TSSHOCK[1] and CVE-2023-33241[2]. While I looked for fix status of two vulnerabilities reported, I could not confirm the status.
The statement can be expressed in any of followings.

  • README
  • blog
  • (this) GitHub issue
  • source code comment

Motivation

Our team is looking for reliable tss software, and others should also be interested in knowing the status of vulnerabilities that have far-reaching effects.

[1] https://www.verichains.io/tsshock/
[2] https://www.fireblocks.com/blog/gg18-and-gg20-paillier-key-vulnerability-technical-report/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pad01g