Research Pulse Issue #44 12/20/21

Research Pulse #44 is out!

In Alpha-Rays: Key Extraction Attacks on Threshold ECDSA Implementations, the authors present two novel attacks on Multi-Party Computation (MPC) custody schemes based on Threshold ECDSA. For context, Threshold ECDSA enables multisigs to be implemented off-chain and is now a leading method to structure custody schemes by certain user archetypes such as exchanges and funds. According to the paper, the PoC presented would have enabled attackers to compromise the funds of an entire wallet implemented under this scheme by extracting a single MPC constituent key.

Network topology analysis continues to enable privacy attacks across crypto networks. In Practical Deanonymization Attack in Ethereum Based on P2P Network Analysis, authors present a methodology to deanonymize broadcasters of Ethereum transactions through the use of well-established Machine Learning schemes. The authors then demonstrate how an attacker could use their model to make connections with roughly 90% of mainnet nodes and potentially compromise their privacy.

Finally, in Tuxedo: Maximizing Smart Contract computation in PoW Blockchains, authors experiment with the implementation of smart contract functionality in Proof-of-Work blockchains. Most importantly, they pursue the implementation of this key functionality while maintaining and relying on the backward-compatible rules of Nakamoto consensus.

3 Likes