Cypher
News

Flaw Threatening Bitcoin Privacy Patched by Wasabi Wallet

If Wasabi Wallet users want to continue using the CoinJoin feature that can maintain the privacy of their Bitcoin transaction histories, then they need to upgrade to the latest version. This is due to the fact that this feature is no longer available to users running older iterations of the wallet and they cannot mix their coins with people who are using the new version. The wallet was hard-forked by the Wasabi Wallet Team on Thursday for addressing a vulnerability that was discovered by a team leader at a leading maker of hardware wallets, Trezor. A hard fork refers to a code change that causes older versions of software to be incompatible with new ones.

The discovery of this flaw is another example of the cooperation and camaraderie of the open-source community. Developers are constantly trying to help their peers in improving their software and they have responsibly disclosed a number of vulnerabilities during these processes for patching flaws before any bad actors can exploit them. However, there are times when such disclosures are less than cordial, something made evident by the long-running tensions between Wasabi and Samourai Wallet, it’s rival.

According to a blog post by Wasabi Wallet, Ondřej Vejpustek, a hardware wallet developer at Trezor, had disclosed the potential denial-of-service (DoS) responsibly to their team on May 10. Wasabi Wallet’s marketing strategist and contributor, Riccardo Masutti said that Vejpustek had been cooperating from the very beginning and had given them complete freedom over managing the disclosure, both in terms of communication and time. He said that this was a great display of the importance of communication between developer teams and security researchers and how it should be done. Wasabi Wallet has assumed that the DoS attack has never been carried out and is hypothetical.

📰 Also read:  SEC Preserving Arguments in Existing Legal Actions to Deny Spot Ethereum ETFs

Had it happened, it would have interfered with CoinJoin’s implementation. This is a privacy feature that enables Wasabi Wallet users to mix their Bitcoin with others for obscuring their transaction histories. As per this implementation, every Wasabi Wallet can only take out as much as they contribute. Mixing can make it difficult for nosy parkers and blockchain snoops to trace bitcoin transactions to known addresses and the identities of their owners. This mixing process would have been halted by the disclosed DoS vulnerability. The attacker would have been able to register bitcoin for a mix without it being verified by the mix’s coordinator.

Cypher

Simultaneously, they would have submitted a verified, real transaction to the mix. The result would be a difference between the total value of inputs and outputs made to the CoinJoin. Hence, an invalid transaction would be built as a result. The CoinJoin would be foiled if the attack was carried out, though it wouldn’t have allowed the attackers to make away with any coins or reveal the identity of any people in the mix. The fix was patched by Wasabi Wallet with the hard fork they made on Thursday. This patch was applied to the version of the wallet that was released on August 5th.

📰 Also read:  Sam Fried Pleads for Softer Sentence, Hints Recovering FTX Funds

Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at info@tokenhell.com if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.

📰 Also read:  IcomTech Former Promoters Convicted for Wire Fraud

Cypher

Bentley Kapoor (India)

Bentley is a cryptocurrency enthusiast and trader, his articles are news and platform review based. His writings are brought to you through his 10 years of experience in the cryptocurrency markets.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Skip to content