A flaw in this popular crypto wallet could put your stash at serious risk

News
By
published

Users of the ElectrumSV crypto wallet have seen their funds vanish

Bitcoin SV
(Image credit: Shutterstock / Diego Ioppolo)

A serious security flaw has been identified in crypto wallet Electrum SV, which has caused some users to lose their Bitcoin SV (BSV) funds.

Bitcoin SV is a fork of Bitcoin Cash, designed to improve the speed at which transactions are processed. However, to optimize for speed, BSV watered down some of the technical features in place to ensure coins remain secure in transit.

Namely, BSV did away with the pay-to-script hash (P2SH) feature, used to verify transactions that need to be greenlit by multiple parties (also called multi-signature transactions).

In its stead, developers of the ElectrumSV wallet (and likely others) introduced a feature called accumulator multi-signature, which is now understood to be highly insecure.

Crypto wallet vulnerability

The threat posed by the accumulator multi-signature system has been acknowledged by ElectrumSV, which is taking steps to prevent users from falling victim to transaction hijacking.

“Please do not change the script type of your wallet, and especially do not change it to accumulator multi-signature,” warned ElectrumSV in a tweet. “As one of our users unfortunately found out, it is broken and using it will result in the loss of coins.”

The user in question is said to have lost 600 BSV - worth almost $100,000 dollars at current market rates - as a result of an attack that targeted weaknesses linked with accumulator multi-signature.

According to certain knowledgeable parties, the problem would never have reared its head had proper testing procedures been implemented in advance of public release. Others claim Bitcoin SV should not have adopted an alternative system in the first place.

“This situation would have been avoided entirely had BSV not ripped out the competent, time-tested and highly peer-reviewed mechanisms for multisig by Bitcoin in favor of far less efficient home-brew crypto,” wrote Gregory Maxwell, a developer at Bitcoin Core.

“Kinda makes you wonder what amazing bugs are lurking in their node software or wallets. I can say for sure: I’m not going to run any of it and risk finding out.”

Via CoinDesk

Joel Khalili
Joel Khalili
News and Features Editor

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He's responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

Latest in Software & Services
Windows 11 Start menu layout choices: Grid view
Windows 11 vs Linux for business: which operating system should you embrace?
A phone sitting on a laptop keyboard with the Microsoft Outlook logo on the screen.
Gmail vs Outlook for business: which email system is right for your organization?
Windows 11 logo
Windows 11 Pro vs Windows 11 Home: which version is right for you?
Canva HubSpot
HubSpot and Canva team up to level the creative playing field
a laptop computer
Windows 11 vs ChromeOS for business: Is one better than the other for your needs?
a laptop computer
Windows 11 vs macOS for business: which side are you on?
Latest in News
CorelDraw Go homepage showing design examples
Adobe arch-rival unveils online graphic design tool for beginners - and yes, it has a subscription
Tony Hawk's Pro Skater 3+4 promo image featuring the Doom Slayer glaring at Tony
Tony Hawk's Pro Skater 3+4 is real and the Digital Deluxe Edition literally turns it into a Doom game
Ada Lovelace as a leader in Civilization 7.
Sid Meier's Civilization 7 update 1.1.0 finally stops AI leaders from flooding your territory with armies of explorers
OnePlus Watch 3
Good news for OnePlus fans as it confirms the OnePlus Watch 3 will get three years of updates, not two
Image of Radeon RX 9000 series GPUs
AMD RX 9070 could struggle to compete with Nvidia 50-series GPUs according to latest tech demo
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
More about software services
A phone sitting on a laptop keyboard with the Microsoft Outlook logo on the screen.

Gmail vs Outlook for business: which email system is right for your organization?

Windows 11 Start menu layout choices: Grid view

Windows 11 vs Linux for business: which operating system should you embrace?
An AI face in profile against a digital background.

Navigating transparency, bias, and the human imperative in the age of democratized AI
See more latest
Most Popular
Ada Lovelace as a leader in Civilization 7.
Sid Meier's Civilization 7 update 1.1.0 finally stops AI leaders from flooding your territory with armies of explorers
Image of Radeon RX 9000 series GPUs
AMD RX 9070 could struggle to compete with Nvidia 50-series GPUs according to latest tech demo
Tony Hawk's Pro Skater 3+4 promo image featuring the Doom Slayer glaring at Tony
Tony Hawk's Pro Skater 3+4 is real and the Digital Deluxe Edition literally turns it into a Doom game
CorelDraw Go homepage showing design examples
Adobe arch-rival unveils online graphic design tool for beginners - and yes, it has a subscription
Security
Broadcom releases fixes for multiple VMware security flaws
OnePlus Watch 3
Good news for OnePlus fans as it confirms the OnePlus Watch 3 will get three years of updates, not two
Google Pixel Watch 3
Google rolls out major Pixel Watch upgrade for all users – here's what's new in Wear OS 5.1
Pac-Man x PowerA promotional image.
Special edition Pac-Man Nintendo Switch and Xbox accessories from PowerA are on the way
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Major ransomware attack sees Tata Technologies hit - 1.4TB dataset with over 730,000 files allegedly stolen
Portrait of African-American teenage boy studying at home or in college dorm and using laptop, copy space
Windows 11’s Notepad gets AI-powered ‘Rewrite’ feature, but not everyone’s going to be happy about it