Gg18 · Gg18 · CVE-2023-33241
**Name of the Vulnerable Software and Affected Versions**
Crypto wallets implementing GG18 or GG20 TSS protocol (affected versions not specified)
**Description**
Crypto wallets using the GG18 or GG20 Threshold Signature Scheme (TSS) protocols are susceptible to an issue where an attacker can extract a full ECDSA private key. This is achieved by injecting a malicious Pallier key and cheating during the range proof. Depending on the `Beta` parameters used in the implementation, the attack may require 16 or more signatures to fully exfiltrate the private key shares of other parties. A real-world incident involved THORChain, which suffered a $10.7M theft due to a delayed patch deployment.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.