Digital asset custodian BitGo plans to file a lawsuit against infrastructure provider Fireblocks for improperly disclosing a bug in BitGo’s Ethereum wallet.
Fireblocks said it has patched a bug in BitGo’s Ethereum wallet that would allow a hacker to access a user’s private key via a signature.
BitGo says Fireblocks violated disclosure agreement
The bug was created in BitGo’s Threshold Signature Scheme protocol due to missing zero-knowledge proofs.
BitGo, a digital asset custodian, said Fireblocks’ reporting constituted a publicity stunt and went against a joint-disclosure agreement.
The firm said that Fireblocks released the findings for a rather early production version of the multiparty computation wallet, which BitGo rolled out to a limited number of developers.
It criticized Fireblocks for contacting journalists, customers and regulators regarding testing an early-release product on the Ethereum mainnet. According to BitGo, Fireblocks falsely claimed that the pre-release version was a production version. They reportedy did this after using a wallet on the mainnet against the advice of BitGo.
In response, the station in-charge will take legal action. The remedies include damages, injunctive relief, and legal fees against the infrastructure provider that also supported Signature Bank’s Signet network.
How infrastructure providers manage risk
Recent failures of crypto exchanges have revived interest in self-custody wallets to reduce counterparty risks. An exchange hack could mean customers losing access to their digital assets. Depending on the extent to which the exchange is responsible, capital may be required to make the users whole.
Infrastructure providers such as Fireblocks claim to offer zero counterparty risk by using multiparty computation, which requires keys from multiple parties to sign transactions. Crypto firms using its technology are required to sign a strict service level agreement with daily support and engineering monitoring.
Tassat, a builder of private networks, mitigates risk through instant B2B settlement that must be approved by at least two authorities.
Coinbase offers limited crime insurance that protects certain assets from theft. However, this does not insure against exposed logins that allow criminals to access user accounts.
be for[In]Crypto’s Latest Bitcoin (BTC) Analysis, Click Here.
disclaimer
BeInCrypto has reached out to the company or individual involved in the story for an official statement regarding the recent developments, but has not yet received a response.