Bitcoin SV multisig mechanism gets hacked, user loses nearly $100,000
- A BSV user reports that he has lost nearly $100,000 due to a multisig script bug.
- BSV/USD shows little reaction to the news, continues moving inside the $150-$180 range.
The hackers exploited Bitcoin SV network vulnerability to steal the assets of a user. The Chinese media outlets report that at least one user lost 600 BSV, $97,000, due to the hack attack.
How the assets were stolen
The cryptocurrency user, aka aaron67, wrote in his blog post that the multisig solution implemented by Electrum SV contained a critical mistake that cost him 600 BSV.
The incident happened at around 2.00 am on November 6, when the user withdrew 6 UTXO (Unspent Transaction Output) with multisig, worth 100 BSV each. Later on the same day, he attempted another withdrawal of an extra 6 UTXO and an hour later, the hacker used the exploit to transfer all the money to the address 1LcKTzSzpMAwH4bzymGSkbhY2EBpmT7n5J.
BSV transactions
The co-founder of Blockstream, Gregory Maxwell, explained that Bitcoin SV developers ripped out the existing multisig mechanism P2SH and had to progress their own scheme. Thus, they came up with the idea of Electrum SV, also known as accumulator multisig.
This script looks similar to a P2PKH (Pay to Pubkey Hash) algorithm that adds up the number of passes and compares them to a threshold. In fact, the script used the 'less than or equal' parameter instead of 'greater than or equal' number of signatures in a multisig.
The result is that these scripts had no security at all and could just be spent by a scriptsig that pushes a couple of zeros. Because the only sane usage is when you provide exactly the threshold number of signatures (why would you waste fees providing too many signatures?!?) they presumably only ever tested the 'orequals' path and didn't notice that it didn't work with too many signatures as intended but did work with too few signatures (such as none at all).
A famous cryptographer, Adam Back, believes that this bug affects only BSV as the standard P2SH multisig was removed and replaced by a buggy home-brew solution after the fork.
https://www.fxstreet.com/cryptocurrencies/news/bitcoin-sv-multisig-mechanism-gets-hacked-a-user-loses-nearly-100-000-202011091044
