BlockNews
FOLLOW ON X
  • BITCOIN
  • CRYPTO
    • ETHEREUM
    • RIPPLE XRP
    • SOLANA
    • CARDANO
    • BINANCE BNB
    • DOGECOIN
    • TRON
    • SUI
    • CHAINLINK
    • LITECOIN
  • FINANCE
  • POLITICS
  • MEMECOINS
  • NFT
  • OPINION
No Result
View All Result
BlockNews
  • BITCOIN
  • CRYPTO
    • ETHEREUM
    • RIPPLE XRP
    • SOLANA
    • CARDANO
    • BINANCE BNB
    • DOGECOIN
    • TRON
    • SUI
    • CHAINLINK
    • LITECOIN
  • FINANCE
  • POLITICS
  • MEMECOINS
  • NFT
  • OPINION
No Result
View All Result
BlockNews
Home BUSINESS

Research Team Discovers a Zero-Day $500 Million Vulnerability in Tron Multisig Accounts

BlockNews Team by BlockNews Team
June 1, 2023
in BUSINESS, CRYPTO, MEDIA, TECHNOLOGY
Reading Time: 3 mins read
1
SHARES
20
VIEWS
Share on XShare in TelegramShare on Reddit
  • The researchers at dWallet Labs reported that Tron verifies signatures instead of signers.
  • They revealed that the vulnerability could have affected the $500 million assets stored in Tron multisig accounts
  • 0d had once made a report about the vulnerability to Tron in February, and Tron had it fixed after a few days.

In an age where scammers and cybercriminals are roaming around in the Web3 space and looking for an easy score, researchers, investigators, and security firms have made it their job to discover vulnerabilities (ranging from critical to minimal harm) within the Web3 ecosystem.

On May 30, the research team at dWallet Labs—a blockchain cybersecurity company—announced that it had discovered a vulnerability in Tron Multisig, which could put the digital assets worth $500 million and stored on accounts on Tron at risk.

According to 0d—the research team—there was a discovery of a critical zero-day vulnerability on the Tron network. This vulnerability could enable any signer with a Multisig account to overcome the multi-sig security provided by Tron, irrespective of the number of signers stated in the account.

“Verifiers cannot distinguish between randomly chosen nonces and deterministic ones,” 0d said.

How Does This Work?

Multisignature wallets allow for joint custody of accounts, providing users with different keys, which would all be required whenever they needed access to approve transactions.

According to dWallet Labs, Tron checks for the uniqueness of signatures and does not verify the signer of the accounts. Therefore, each signature created through a nonce would be regarded as a credible vote and permit anyone possessing the signatures a double vote.

This could have been a chance for anyone wandering upon Tron’s vulnerability to jeopardize the security of the $500 million of assets stored on the platform since the verifier could not identify whether the deterministic process created the random signature or was utterly unexpected.

“We can bypass the multisig verification process by signing the same message with non-deterministic nonces of our choice,” 0d said.

Doing so would have granted the research team permission to create various valid signatures for the same message by the same private key.

Thus, anyone with malicious intentions could conduct several transactions in all multi-sig wallets, which they are privy to, despite the thresholds in place.

0d stated that it had reported this vulnerability issue to Tron in February through the bounty program, and the company had responded swiftly, providing a fix a few days later. As a result of this report, 0d was given a bounty reward for discovering a high-severity vulnerability through Tron’s bounty program.

Tron’s solution in fixing the vulnerability was commended as simple and efficient. Rather than compare the signatures against the list of signatures, the verifiers now compare the signed address against the list of addresses.

Conclusion

Tron Multisig was saved from what would have been a catastrophic incident should any attacker have discovered 0d; the dWallet Labs’ research team reported the high-severity vulnerability within the network. Tron Multisig has since fixed the vulnerability and launched an updated version.

Disclaimer: BlockNews provides independent reporting on crypto, blockchain, and digital finance. All content is for informational purposes only and does not constitute financial advice. Readers should do their own research before making investment decisions. Some articles may use AI tools to assist in drafting, but every piece is reviewed and edited by our editorial team of experienced crypto writers and analysts before publication.
Tags: cryptoMultisigTechnologyTron
TweetShareShare
BlockNews Team

BlockNews Team

DON'T MISS THESE! HOT OFF THE PRESS

Bitwise Files for Avalanche ETF: Here is What This Means for AVAX Holders
CRYPTO

Bitwise Files for Avalanche ETF: Here is What This Means for AVAX Holders

September 15, 2025
Dogecoin Price Prediction – Here is Why Analysts See $0.45 as the Next Target
CRYPTO

Dogecoin Price Prediction – Here is Why Analysts See $0.45 as the Next Target

September 15, 2025
Altseason Is Waking Up: Here are the Top Crypto Tokens to Buy Before You Miss Out
BITCOIN

Altseason Is Waking Up: Here are the Top Crypto Tokens to Buy Before You Miss Out

September 15, 2025
How to Trade Solana Memecoins Like the Top 1%: Fix Your Trading Strategy
CRYPTO

How to Trade Solana Memecoins Like the Top 1%: Fix Your Trading Strategy

September 15, 2025
Alex Becker Crashes PumpFun with STRSZN Token Launch: Here is What Happened
CRYPTO

Alex Becker Crashes PumpFun with STRSZN Token Launch: Here is What Happened

September 15, 2025
BNB Overtakes UBS in Market Value – Here is What’s Next for Binance Coin
BINANCE BNB

BNB Overtakes UBS in Market Value – Here is What’s Next for Binance Coin

September 15, 2025
Load More

Related News

Bitwise Files for Avalanche ETF: Here is What This Means for AVAX Holders

Bitwise Files for Avalanche ETF: Here is What This Means for AVAX Holders

September 15, 2025
Dogecoin Price Prediction – Here is Why Analysts See $0.45 as the Next Target

Dogecoin Price Prediction – Here is Why Analysts See $0.45 as the Next Target

September 15, 2025
REX-Osprey Dogecoin and XRP ETFs Set to Launch This Week – Here’s What You Need to Know

REX-Osprey Dogecoin and XRP ETFs Set to Launch This Week – Here’s What You Need to Know

September 15, 2025
Altseason Is Waking Up: Here are the Top Crypto Tokens to Buy Before You Miss Out

Altseason Is Waking Up: Here are the Top Crypto Tokens to Buy Before You Miss Out

September 15, 2025
How to Trade Solana Memecoins Like the Top 1%: Fix Your Trading Strategy

How to Trade Solana Memecoins Like the Top 1%: Fix Your Trading Strategy

September 15, 2025
Twitter Telegram Threads

BLOCKNEWS.COM

BlockNews is your premier source for real-time cryptocurrency, blockchain, political and financial market news.

Stay ahead of the herd with BlockNews

RESOURCES

  • About Us
  • Contact Us
  • Editorial Policies
  • Terms and Conditions
  • Privacy Policy
  • Sitemap

DISCLOSURES AND POLICIES

BlockNews provides independent reporting on crypto, blockchain, and digital finance. Content is for informational purposes only and does not constitute financial advice. Sponsored material is always disclosed. By using this site, you agree to our Terms and Conditions and Privacy Policy.

© 2025 BlockNews

No Result
View All Result
  • HOME
  • BITCOIN
  • CRYPTO
    • ETHEREUM
    • RIPPLE XRP
    • SOLANA
    • CARDANO
    • BINANCE BNB
    • DOGECOIN
    • TRON
    • LITECOIN
    • CHAINLINK
    • SUI
  • MEMECOINS
  • POLITICS
  • FINANCE
  • NFT
  • DEFI
  • GUIDES

© 2025 BlockNews